This week was a bit slow in Linux news and releases, but we got a few major ones like the Mozilla Firefox 98 web browser with new optimized download flow, a new VLC Media Player release with a bunch of goodies, as well as the Mess 22 graphics stack for better gaming.
On top of that, Blender 3.1 arrived with lots of performance improvements, Zorin OS and IPFire both received a new kernel for better hardware support, Kali Linux received file system snapshots, KDE fans got a few nice updates to their Plasma desktop and related apps, and Ubuntu users are now patched against “Dirty Pipe” flaw.
Sustain is a podcast that “brings together practitioners, sustainers, funders, researchers and maintainers of the open source ecosystem – we have conversations about the health and sustainability of the open source community.”
Mike Saunders from The Document Foundation, the non-profit entity behind LibreOffice, appeared on a recent episode of the podcast to talk about the LibreOffice community and long-term sustainable development.…
How each of us asks for features and help from free software projects, and one of our most prescient soapboxes in a while.
Linux kernel development boss Linus Torvalds's prediction that Linux 5.17 would be released this week "unless something surprising comes up" has come to pass. Not in the good way.
The surprise was CVE-2021-26341 – a flaw in some AMD processors found to have new Spectre-and-Meltdown-like speculative execution issues. AMD has described the flaw as meaning its processors "may transiently execute instructions following an unconditional direct branch that may result in detectable cache activity."
While the flaw was rated just 4.7/10 on the CVSS scale and AMD could not find any active exploitation, the chipmaker warned the problem is present in 14 client CPUs and first- and second-gen EPYC silicon for servers. The issue was detected in October 2021 and detailed by Grsecurity, which after disclosure worked to deliver a fix by February 8 but later agreed to an extended deadline of March 8.
Linux Kernel 5.17 was scheduled to release the previous day (Sunday).
Unfortunately, (or for better), Spectre V2, another variant of the Spectre vulnerability affecting the processors, was discovered.
But, what is the Spectre v2 vulnerability affecting the chips? Is it essential for the Linux Kernel 5.17 to include a fix?
AutocadAutodesk AutoCAD is computer-aided design (CAD) and drafting software. It’s used in industry, by architects, project managers, engineers, graphic designers, city planners and other professionals.
AutoCAD is proprietary software and not available for Linux. What are the best free and open source alternatives?
Personal Journaling apps are designed to aid users keep daily logs and journals in an organized manner. They are essential for all sort of users, as they help record memories, habits, and tracking personal progress.
In this article, we listed the best, free, open-source personal journaling and diary apps.
No offense, but are you still using the same old standard FTP (File Transfer Protocol) to exchange files from a remote system?
It’s been a five-decade since FTP came, now we have a more appropriate alternative with good security algorithms without compromising the speed.
SFTP synonyms (Secure File Transfer Protocol) are among the most acceptable applications in the market, providing a secure connection to exchange your file remotely. It works on top of SSH protocol, which is recognized for its security and uses the same protocol and port. Although many GUI tools and applications are available across the operating systems, today, we will demonstrate it using the classical CLI method.
Learn the easy steps to install Telegram messenger on Ubuntu 22.04 Jammy JellyFish or 20.04 Focal Fossa Linux desktop for chatting, voice call, and much more…
If you are familiar with WhatsApp, then Telegram would not require a detailed introduction because it is a similar kind of application. Similar to WhatsApp, users can install Telegram on their smartphone and get registered using the cell phone number to chat with other users of Telegram. You can share or download images, videos, documents and files very easily via it. Further, it is also possible to make video and voice calls, create polls, groups, and channels to connect with each other. Telegram is particularly popular because of the latter function.
One of the popular features that make Telegram popular is its subscription system for channels, which works similarly to YouTube: according to your interests, you can subscribe to channels in Telegram. If the channel operator posts new content, you can see it in the chat overview. Users can easily select posted content and forward it to family and friends. This makes it clear from which user or channel the content originally comes. In this way, you can quickly find new channels for your own interests. Also, it offers broadcast functions as WhatsApp has.
Those who are a fan of stickers will love Telegram. Messenger has an incredible number of animated stickers that you can download as a pack and share with others. If that’s not enough, you can also search for GIFs.
I've used the sudo command for years, and one of my favorite features is how it saves a record of everything happening in a terminal while running a command. This feature has been available for over a decade. However, sudo 1.9 introduced central session recording collection, allowing you to check all administrative access to your hosts on your network at a single location and play back sessions like a movie.
I use this feature on my Raspberry Pi, and I recommend it to other Pi users. Even if you fully trust your users, logs and session recordings can help debug what happened on a given host if it acts strangely: Oops, wrong file deleted in /etc.
In this guide you’ll learn how to set up and configure Node Exporter to collect Linux system metrics like CPU load and disk I/O and expose them as Prometheus-style metrics. You’ll then configure Prometheus to scrape Node Exporter metrics and optionally ship them to Grafana instance. Finally, you’ll set up a preconfigured and curated set of recording rules, Grafana dashboards, and alerting rules. At the end of this guide you’ll have dashboards that you can use to visualize your Linux system metrics, and set of preconfigured alerts.
hen you use the apt command to update the Raspberry Pi OS, no notification indicates whether you need to reboot the Raspberry Pi 3 or 4 for Linux kernel updates. So say you have a lab of 4 RPi4 and managing updates using ansible, then you need an automated way to find out if a reboot is required to load a new Linux kernel on your Raspberry Pi OS.
In this tutorial, we will show you how to install FrostWire on Ubuntu 20.04 LTS. For those of you who didn’t know, Frostwire is an open-source Torrent Client application and a great BitTorrent alternative application used to download content such as the internet, software, music, and more. FrostWire support a cross-platform application for Microsoft Windows, Linux, macOS, and Android.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the FrostWire torrent client on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
How to Use Cat, Tac, More, Less – Linux Commands. These basic commands are most effective when used in the correct way. These commands are used on a daily basis for every Linux DevOPS.
In this guide you are going to learn how to use these simple linux commands with examples.
Dual booting is a great way to get the best of both worlds of Windows and Linux. It’s relatively straightforward to install the two operating systems alongside each other, and it's also a great opportunity to learn more about computers and how software works.
When building your own computer, you get to choose from various hardware components that will go into your system. There are some compatibility restrictions to be aware of, but you're still left with plenty of options even if you go Team Green, Team Red, or Team Blue.
Once you put everything together and get that glorious POST beep, you're on your way to enjoying your new rig! However, before you start to game on it, word process, or just browse the internet, there is one crucial component that still needs to be installed: the operating system!
Docker is a popular platform for packaging apps as self-contained distributable artifacts. It creates images that include everything you need to run a particular software, such as its source code, third-party package dependencies, and required environment characteristics.
As Docker images can run anywhere Docker’s installed, they’re a viable format for distributing your CLI applications. The Docker ecosystem includes Docker Hub as an available-by-default public registry, giving you a complete tool chain for publishing, updating, and documenting your tools.
Here’s how you can use Docker to package CLI apps instead of traditional OS package managers and standalone binary downloads.
Branches are a core feature of Git’s version tracking and are used constantly by teams working on the same software codebase. We’ll dive into how they work under the hood, and how you can use them to improve your Git workflow.
If you are an RHEL 8.5 user and a PHP enthusiast, this article guide is the right fit for you. PHP is a globally-renowned scripting language that has helped developers and users come up with impressive web-based applications.
If you are a current user of older PHP versions like 7.2/7.4 or just need a fresh install of PHP 8 on your RHEL 8.5 system, this article is the perfect reference point.
Since the current PHP version release is at 8.x, its many new features and optimizations include improved error handling, type system, & consistency, named JIT, match expression, attributes, arguments, nullsafe operator, constructor property promotion, and union types.
Other improvements include saner string to number comparison, consistent type errors for internal functions, just-in-time compilation, syntax tweaks, system, and error handling improvements.
In the previous post, we explained how to create Apache virtualhost on CentOS 8. This time it is the turn to do the same with Nginx. So, this post is about Setup Nginx Virtualhosts on CentOS 8.
The only caution we have to make is that the term Virtualhost is used for Apache and instead as Nginx is Server Blocks. Although in theory it is the same, it is good to know this.
Communications play a fundamental role in the lives of human beings, and thanks to the internet this has improved to incredible limits. Internet communications affect all of our lives, from the professional to the less important. That is why today we are going to show you how to install TeamSpeak Server in Ubuntu 20.04 to have a voice over IP communications server.
As a brief introduction, we can say that TeamSpeak is a general purpose Voice over IP chat application, although it is widely used in gaming. It has a powerful client that can be installed on almost all current operating systems, but we can also deploy our own private server.
This tutorial will explain how you can recognize, show, find, add and remove, and use fonts on Ubuntu computer. This includes basic understanding with examples of Times New Roman, Liberation Serif, and Apple Garamond. This also includes how to install non-Latin fonts like Arabic, Japanese, and Chinese ones. Now let's practice.
Docker is considered as PaaS (platform as a service) software which makes use of OS level virtualization feature to spin up containers. In other words, we can say Docker provides container run time environment.
In this guide, we will cover to install Docker (Community Edition) on Ubuntu 22.04 (Jammy Jellyfish) and Ubuntu 20.04 (Focal Fossa) LTS. Installation steps of Docker for these Ubuntu versions are same.
This guide will provide us with a very simple way to have a personal cloud with Raspberry Pi. We’ll use a Raspberry Pi 3 Model B+, with an external USB drive that will store all our data. Our USB disk will be formatted in this procedure in order to assure that it will work. So be aware to use a free USB disk in order to avoid loss of data at format time.
This is a going to be a short one, yet somehow an interesting topic. It seems like Valve “forgot” to release the Steam Deck with a low battery indicator that would actually let the end users know about the fact that their battery is about to die while playing a game.
It’s a blessing in the modern age that we, the general people, don’t always have to be in real-time war so often. But, the young generation always has the most profound fascination with war tactics and weaponry. That’s why war game is one of the most popular gaming genres. However, some people think that there are almost no exciting 3D war games available for Linux users. But that’s not the truth. And we are going to prove it here with the list of the best five war games for Linux.
Bean and Nothingness is one we missed from February that added a Linux version and it appears like it might be a great pick if you love tile-based puzzlers.
In the game you wield a special wand that can turn beans into monsters, which varies based on what recipes are available during each puzzle. It's pretty unique sounding and it looks quite sweet too but sadly it's gone pretty unnoticed. To progress you create, manipulate, and destroy these monsters in the right places and at the right times; they can both help you and hinder you as you try to solve each puzzle.
Want to get Stardew Valley setup on the Steam Deck with mods? It's quite easy to do but there's a few steps you have to go through, here's a guide on what to do.
Unlike some games, Stardew doesn't offer up the Steam Workshop and instead uses the standalone SMAPI. The good news is that it works well on Linux too.
We are back with our usual monthly update! Boiling Steam looks at the latest data dumps from ProtonDB to give you a quick list of new games that work (pretty much?) perfectly with Proton since February 2022 – all of them work out of the box or well enough with tweaks...
The Witcher 3 got bumped up from Playable to Verified for the Steam Deck around the initial Deck release, and developer CD Projekt RED has released a statement on it now.
Conventional wisdom dictates that Windows provides a better PC gaming experience than Linux does. Conventional wisdom is wrong. Windows is such a shockingly terrible experience on the Steam Deck. That's not a surprise seeing as Valve does not official support it on their hardware.
Will you be playing Path of Exile on Steam Deck? Do you already play it on a Linux desktop? Let us know what you think in the comments.
News I'm sure many Linux fans will be happy to see — Valve sent over a Steam Deck to the developer of Lutris, the free and open source game manager.
One of the most popular applications for gaming on Linux, Lutris can help you manage games across various different sources including Humble Bundle, GOG, Steam, Epic Games, EA Origin, Ubisoft, Emulators and more. Currently though, getting it working on Steam Deck properly would involve using developer mode as it doesn't have a proper Flatpak package available from Flathub (the current one is not official and doesn't work well).
 I’ve revisited toolbox recently, and I had forgotten how much I liked the tool the last time I tried it.
Podman is a technology developed by Red Hat for managing containers, its most used commands are identical to docker’s, it’s daemonless (so you don’t have a systemd service running all the time, your containers simply run on demand and you can’t have a single service borking down all of your containers) and rootless (no root required to manage them). Docker recently got rootless support, but it’s kind of a pain to setup. Podman integrates with things like Cockpit, and one of its most famous niceties is its ability to generate systemd services for your containers.
At first glance Hos OS looked to be a simple concept: Ubuntu with the GNOME desktop swapped out in favour of a customized Openbox environment. This idea appealed to me as I like the idea of Ubuntu's LTS stability combined with the base distribution's hardware support and a lighter user interface.
While Hos OS is indeed light in memory (it used less than 300MB of RAM sitting idle in the Openbox live session) and it is gentle on the CPU, that is where the appeal stopped. Hos OS uses an unusual installer which did not work for me, it couldn't boot on UEFI-enabled hardware, and both package managers (APT and Snap) had problems with their configurations which made installing new software and updates a challenge.
Finally! I have a working package for Calibre 5.38.0, targeting Slackware 15.0 and -current.
As you surely know by now, Calibre is an e-book library management program, probably the best you can get and it surpasses its commercial rivals in terms of feature set and ease of use.
Calibre is not only a library manager, it can act as a content server to make your book library accessible online (on your phone and in web browsers for instance), and it also contains a Qt5-based e-book reader application, as well as a full-fledged e-book editor. If you have online magazine or newspaper subscriptions, Calibre can download these magazines automatically for you and add them to your library.
It is also quite the complex piece of software. It is written in Python, using several modules to enable its features. Calibre creates its graphical user interface using PyQt5 widget libraries. My calibre package for Slackware embeds all these modules, so that the package does not have any external dependencies. It does expect a full Slackware installation however, because that includes Qt5, PyQt5 and related packages. You could slim down your Slackware as long as you keep Qt5 related packages installed.
Ten years after its initial launch, Raspberry Pi is more than just a computer. It has created (and entertained) a community of professionals, inspired students, and encouraged general enthusiasts to break the boundaries of technology. Given its affordability, it's especially appealing to a younger generation and remains a top player in STEM education, but even IT managers and other tech professionals still utilize Raspberry Pi to this day.
To celebrate Pi Day (3.14), I asked our community to share the ways they're using Raspberry Pi today: whether they discovered it along with their children, use it for entertainment at home, or incorporate it into their daily hybrid work. Check out what they said they're still loving about Raspberry Pi all these years later.
By now, many people have probably grown tired of prognostications on “the new normal,” post-pandemic. Although the future remains uncertain, leaders can use this time as an opportunity to invent and practice new models of engaging their workforce in ways that allow creativity and innovation to flourish.
It’s also clear that we are collectively less tolerant of the old corporate-life nemeses: long commutes, needless and unproductive meetings, and an abundance of time spent “managing” projects compared to actually getting work done. As we’ve struggled to address these issues, there is one source of wisdom we may have been missing: adults 60-plus years old.
They’re not the only generation wrestling with these questions, but they have been first to redefine their own perspectives on how to get the most from work in an era of “unretirement.”
If your organization is adopting event-driven and serverless architectures, you're probably evaluating the Apache Kafka and Knative projects to help create your next generation of applications. Apache Kafka provides a robust, high-performance, high-availability event-streaming platform. Knative provides a platform for managing serverless workloads on Kubernetes.
Applications built as Knative services are designed to scale up in response to incoming events that are delivered via HTTP. A serverless application that scales based on incoming HTTP requests may seem like it would be incompatible with the persistent connection model that Apache Kafka uses. Knative provides a neat solution to this problem via event sources, specifically the KafkaSource for Apache Kafka.
In this article, you'll learn how to create an event-driven architecture that uses Apache Kafka and Knative. You can use the free quota provided by the Developer Sandbox for Red Hat OpenShift and Red Hat OpenShift Streams for Apache Kafka to follow along. There is no need to provision your own Kubernetes and Kafka infrastructure when using these services.
Apache Camel is the most popular open source integration framework today. Over the years, Camel has evolved to support new environments such as containers on Kubernetes while continuously improving the developer experience—so much so that it's now easy to consume by Kubernetes users with no previous Camel experience.
This article, the first in a three-part series, introduces the most important ways you can use Camel and why each came into being. We'll weigh factors such as performance, developer control, environment, and usability to help you understand and select the best flavor of Camel to implement your integration service.
Over the last year, I've been writing articles for Enable Sysadmin about some of the most-used Linux namespaces. In a previous article, I demonstrated several techniques for creating and interacting with the net namespace. This article extends that exercise by manufacturing a namespace for a single VPN connection. If you want to follow along with this article, be sure to step through the first part. It lays the groundwork that you'll need to set up to follow along with this one.
Of course, you don't have to manage namespaces by hand. Linux containers provide this functionality through user-friendly applications, including Podman, Buildah, and Kubernetes. However, I find that creating namespaces is a good way to grasp fundamental building blocks.
In a slightly curious blog post, Ubuntu recently dismissed the idea that OpenStack was no longer relevant and had been "abandoned" – making it the second outfit in the past six months to state how confident it remains in the IaaS platform.
The post, titled "OpenStack is dead?" echoed a similar statement from Docker Enterprise owners Mirantis last year, stating that users now "probably think that OpenStack has been supplanted by Kubernetes" – and talking about the growth in OpenStack adoption.
When multiple companies strenuously deny something, it tends to cause more suspicion than it allays. As The Reg pointed out when OpenStack turned 10, several big players have killed off their OpenStack products. Cisco invested heavily in it in 2014, only to then axe it a couple of years later.
In the same period, HP launched its own version, promoted it… then HP and Mirantis laid off much of the relevant teams.
 Waveshare CM4-Duino is a carrier board for Raspberry Pi Compute Module 4 (CM4) that follows Arduino UNO R3 form factor while offering HDMI output, a MIPI CSI camera interface, a USB interface, and even an M.2 M Key socket for expansion.
This allows the board to reuse most Arduino shields while offering the flexibility of a more powerful Arm Linux platform that can further be expanded with an NVMe SSD or a wireless module through the included M.2 socket.
 The possibilities for Raspberry Pi projects continue to perpetuate this Pi Day! The beloved single-board computer recently turned ten years old. To celebrate, we put together a list of recent Raspberry Pi tutorials written by members of the Opensource.com community.
The Raspberry Pi is ripe for DIY projects for the home. Why risk your data with a proprietary home automation tool when you can take full control with a $35 computer? Opensource.com authors have shared how they've built thermostats, monitored their home climate, set parental controls, and much more in the following tutorials.
Hello, everyone --let's review the Apache community's activities from over the past week...
A couple weeks ago the Fedora Community Outreach Revamp(FCOR) team announced that we will be organizing a Ambassador Call Kick-off and collected feedback about availability. Based on the results from the whenisgood, we are excited to invite you to the Ambassador Call Kick-Off, on March 31st at 3PM UTC.
Please join us at the next regular Open NeuroFedora team meeting on Monday 28 February at 1300 UTC The meeting is a public meeting, and open for everyone to attend.
Firefox 98 is released, with a new faster downloads flow (very welcome), better event debugging, and several pre-release HTML features that are now official. One thing that hasn't gotten a lot of airplay is navigator.registerProtocolHandler() now allows registration for the FTP family of protocols. I already use this for OverbiteWX and OverbiteNX to restore Gopher support in Firefox; I look forward to someone bolting back on FTP support in the future. It builds out of the box on OpenPOWER using the .mozconfigs and LTO-PGO patch from Firefox 95.
Almost every online user is aware of Slack, Rocket.Chat, Trello, Nextcloud, and a few other solutions to communicate and collaborate for work.
We also have a list of open-source Slack alternatives if you prefer FOSS for collaboration in your team.
But, as a software developer, what if you stumble upon a community of developers?
Unlike the communities on Reddit or any other social media, you get access to an open-source platform where developers meet and collaborate on important open-source projects. Wouldn’t that be exciting for social collaboration and interaction between fellow developers?
Welcome to the third installment of our blog series on digital advertising on embedded and mobile platforms with Qt. In this part, we’re looking into the main challenges associated with cross-platform digital advertising and how Qt can make them a thing of the past for you.
As a prolific maintainer of several dozen FOSS projects, I’m often asked how I can get so much done, being just one person. The answer is: I’m not just one person. I have enjoyed the help of thousands of talented people who have contributed to these works. Without them, none of the projects I work on would be successful.
I’d like to take a moment to recognize and thank all of the people who have participated in these endeavours. If you’ve enjoyed any of the projects I’ve worked on, you owe thanks to some of these wonderful people. The following is an incomplete list of authors who have contributed to one or more of the projects I have started...
A graph that doesn’t have directions is called an undirected graph. Every graph must have a path from one node to another node. A spanning tree is also an undirected connected graph where all the nodes of the graph are present with minimum edges. If a spanning tree doesn’t have all the nodes of the graph, then we cannot say that it is a spanning tree. The spanning-tree total weights will be less than the original weight of the graph as we connected it through the minimum weight edges. The spanning tree also does not have a cycle. Any graph has more than one spanning tree, but only one of those will be unique. We call it a minimal spanning tree since we’re attempting to create a full graph with all nodes while keeping the weight low.
We realize that some of you might be curious as to the large version bump. There are a couple of reasons for this: * Modules we depend on bumped their minimum Perl version to 5.12, requiring us to follow suit. * As of 2022, Dancer2 has an official deprecation policy. We are implementing this policy effective with this release, and it will help shape and guide future development. * We've officially marked a lot of outdated and unused API as being deprecated.
In Python, PySpark is a spark module used to provide a similar kind of processing like spark using DataFrame. In PySpark, sort() is used to arrange the rows in sorting or ascending order in the DataFrame. It will return the new dataframe by arranging the rows in the existing dataframe. Let’s create a PySpark DataFrame.
In Python, PySpark is a spark module used to provide a similar kind of processing like spark using DataFrame. In PySpark, orderBy() is used to arrange the rows in sorting/ascending order in the DataFrame.
It will return the new dataframe by arranging the rows in the existing dataframe.
Let’s create a PySpark DataFrame.
In Bash programming, variables play a vital part in transforming the script to a modern standard. Variables are named symbols representing a string or numeric value. Check out this in-depth guide on Bash variables for more info.
When creating a Bash variable, it must have a value. However, we can use some tricks to set a default value if the variable is not set (or null). This guide will demonstrate how to do just that.
There is one building block that all programmers share: a Hello World program. It is a simple but standard program that is specifically designed to be an introduction to a new language. In any language, the Hello World program, introduces the new users to the syntax of the language.
In this article, we will explore how to create our first Hello World program and discuss the anatomy of the Hello World program in Rust.
Java provides a LinkedList class which is nothing but an ordered collection that holds multiple objects of the same data type. It belongs to the collection framework of java.util package and it extends/inherits the AbstractList class. The LinkedList class provides numerous methods to perform different functionalities e.g. add() method, remove() method, and many more.
In any programming language, a very significant concept is used to store the data named Arrays. The arrays are static/fixed in size and suitable for fixed-length data structures. But what if someone wants to add or remove the items dynamically? Well in Java, we can utilize the concept of ArrayList which allows us to store the data dynamically and is resizable.
In java, ArrayList and LinkedList both belong to the Collection framework of java.util package and both of them inherit the List class. If we talk about the comparison of both these lists, it can be made based on different features, similarities, and differences. Sometimes LinkedList is preferred to use while in some cases, ArrayLists have dominance and are preferred to use.
Java provides an enum class that can be used to represent a group of constants and it can have class attributes, member functions, and constructors. Enum class can’t inherit some other class but it can implement different interfaces and we can’t create the object of the enum class.
In java, if we have to specify a single value as constant we can use the final keyword. However if we have to specify a group/set of constants then we can utilize the concept of enums. In java, numerous methods are available that can be used to perform various functionalities like values(), ordinal(), and many more.
BIVROST, a manufacturer of solutions in the field of image analysis and live video streaming, has just introduced the Lite5 mini-STX motherboard powered by an Intel Core Coffee Lake processor, and targeting machine vision, digital signage, security, video streaming, and other edge computing applications.
The board is fitted with Advantech SOM-5899 COM Express Basic Type 6 module that supports up to 96GB DDR4 ECC memory, while the carrier board offers two Gigabit Ethernet ports, twelve USB interfaces, dual HDMI 2.0 video output, plus five M.2 expansion sockets.
Attacks didn’t decrease after the pandemic. On the contrary, the frequency and severity of threats make application security testing a must. Agile and DevOps environments, with their fast-paced development rhythm, Agile and DevOps environments can make it challenging for security to keep up.
Malware has been around for a long time, increasing in the last years, and protecting applications against malware intrusions have become more difficult. Regardless of your software development environment, you need to bake application security testing into the development process.
Static application security testing is a critical method that identifies and mitigates security vulnerabilities in software early in the development process. This post will explore how static application security testing can have an essential role in protecting against malware attacks.
A newly disclosed security flaw in the Linux kernel could be leveraged by a local adversary to gain elevated privileges on vulnerable systems to execute arbitrary code, escape containers, or induce a kernel panic.
Tracked as CVE-2022-25636 (CVSS score: 7.8), the vulnerability impacts Linux kernel versions 5.4 through 5.6.10 and is a result of a heap out-of-bounds write in the netfilter subcomponent in the kernel. The issue was discovered by Nick Gregory, a research scientist at Capsule8.
The transparency organization Distributed Denial of Secrets has released 800GB of data from Roskomnadzor, the Russian government censorship organization.
Transparency organization Distributed Denial of Secrets has released what it says is 800GB of data from a section of Roskomnadzor, the Russian government body responsible for censorship in the country.
On Distributed Denial of Secrets’ website, the organization describes the data as coming from a hack and says that Anonymous claimed responsibility. Roskomnadzor is the agency that has in recent days announced a block of Facebook and other websites in the country as the war in Ukraine intensifies.
On 3rd February 2022, Bangladesh Telecom Regulatory Commission (‘BTRC’) published “The Regulation for Digital, Social Media and OTT Platforms, 2021” (“Bangladesh Draft Regulation”) and invited comments. We sent our comments in the form of a report to the BTRC. Our rationale behind sending the comments was that there are many similarities between the Bangladesh Draft Regulation and Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“Indian IT Rules”). Since we have extensively worked on the Indian IT Rules since their notification in 2021 (in the form of public advocacy, representations and legal support), we provided insights into India’s experience with these rules. We hope that the report is of assistance to the BTRC as they contemplate regulation of digital, social media and OTT platforms.
Today, we have some of the same thought going into things like Planet Debian, but it's a lot less interactive. Then we have things like Facebook, Twitter, and the more free alternatives. There's interactivity, but it feels like everything has to fit into the length of a single tweet.