System76 is one of the most popular Linux PC makers, and also serves as the developer of the Pop!_OS Linux distribution. Now the company is testing a new AMD-powered Linux laptop, the Pangolin.
System76 has begun teasing a new model of the Pangolin laptop, and it’s packed to the brim with improvements and new features. The Pangolin laptop is powered by the new AMD Ryzen 7 6800U CPU, which uses the chipmaker’s Zen 3+ architecture — not quite the Zen 4 architecture you will soon be able to find on laptops, but it’s pretty good nonetheless. The screen is also getting an upgrade from its previous, bog-standard 60Hz refresh rate up to a more impressive 144Hz.
HPE and Oracle have settled their long-running legal case over alleged copyright infringement regarding Solaris software updates for HPE customers, but it looks like the nature of the settlement is going to remain under wraps.
The pair this week informed [PDF] the judge overseeing the case that they'd reached a mutual settlement and asked for the case to be dismissed "with prejudice" – ie, permanently. The settlement agreement is confidential, and its terms won't be made public.
The case goes back to at least 2016, when Oracle filed a lawsuit against HPE over the rights to support the Solaris operating system. HPE and a third company, software support outfit Terix, were accused of offering Solaris support for customers while the latter was not an authorised Oracle partner.
The flexibility of public cloud infrastructure allows for little to no upfront expense, and is great when starting a venture or testing an idea. But once a dataset grows and becomes predictable, it can become a significant base cost, compounded further by additional costs depending on how you are consuming that data.
Public clouds were initially popularised under the premise that workloads are dynamic, and that you could easily match available compute resources to the peaks and troughs in your consumption, rather than having to maintain mostly idle buffer capacity to meet peak user demands. Essentially shifting sunk capital into variable operational expense.
Viscosity North America, Inc. ("Viscosity") is excited to announce the recently published book about containers as an effective Oracle database storage and design tool. "Oracle on Docker: Running Oracle Databases in Linux Containers," written by Sean Scott, Viscosity's Managing Principal Consultant and Oracle ACE Pro, debuted in the No.1 position among the Amazon Hot New Releases in the Linux Networking & System Administration category during its first month.
For a very long time Chromium has been known to scroll slowly on Linux but no one really knew why and now that bug has been addressed and you won't believe why it existed.
A high-profile Linux kernel network flaw, we put JFS on a death watch, and break down the controversial Firefox update this week.
In this video I discuss the recent wave of Google search ads serving people links to viruses pretending to be other programs like OBS VLC or CCleaner (Trojan horse malware) and how you can protect yourself from these kind of attacks.
Today we talk about the things to consider when you switch to Linux cold turkey. Not everyone should do this, but some may want to. This video gives you tips on how to do that without getting too frustrated.
This week’s episode of Destination Linux, we’re going to discuss open source hardware and the important part it plays in our future. Then we discuss the dangers of using VS Code. Plus, we have our tips/tricks and software picks. All this and more coming up right now on Destination Linux to keep those penguins marching!
By using clever infrastructure engineering strategies to increase reliability, you can minimize disruption and downtime for your organization. Another technique to consider is the concept of Digital Twin - having a full system clone/mirror you can use to test enhancements, perform a root-cause analysis, or more.
In this video, I am going to show how to install MX Linux 21.3 KDE
Following on the Using Kcli to prepare for OCM testing, we’re going to prepare KMM testing in Hub-Spoke approach.
First we need to prepare our .docker/config.json with the contents of our OpenShift pull secret used with Kcli.
The kernel's memory-management developers have been busy before and during the holidays; the result is a number of patch sets making significant changes to that subsystem. It is time for a quick look at three of those projects. Two of them aim to increase the sharing of page tables between processes, while the third takes advantage of the multi-generational LRU to create a better picture of what a process's working set actually is.
Most developers probably do not see the generation of random numbers as being a performance bottleneck for their programs, but there are seemingly exceptions. Over the last few years, Jason Donenfeld has brought a new level of energy to the development of the kernel's random-number generator; he is now directing his efforts toward improving performance for user space with this patch series that provides an implementation of the getrandom() system call in the kernel's "virtual dynamic shared object" (vDSO) area. The result is, indeed, better performance, but not all developers see this benefit as being worth the additional complexity required to achieve it.
Traditionally, user-space processes on Linux systems have obtained random data by opening /dev/urandom (or /dev/random) and reading data from it. More recently, the addition of getrandom() simplified access to random data; a call to getrandom() will fill a user-space buffer with random data from the kernel without the need to open any files. This random data is provided with all of the guarantees that the kernel can make, including doing its best to ensure that the data is actually random and preventing repeated data sequences when, for example, a virtual machine forks.
It's worth noting that, in the BSD world, it is more common to call the arc4random() library function. The 2.36 release of the GNU C Library included an implementation of arc4random() that, in its pre-release form, included a fair amount of its own logic for the generation and management of random data. In July 2022, Donenfeld questioned the need for this function, noting that "getrandom() and /dev/urandom are extremely fast". Supporting arc4random() makes code more portable, though, so that function stayed in the library. The version that was eventually released was significantly simplified by Donenfeld, to the point that it essentially a wrapper around getrandom() when that system call is available. As a result, the performance of getrandom() also determines how fast arc4random() will be.
The kernel's fscrypt subsystem enables filesystems to store files and directories in encrypted form, protecting them against offline attacks. A few filesystems support encryption with fscrypt currently, but Btrfs is an exception, despite a number of attempts to add this feature. The problem is that, as so often seems to be the case, Btrfs works differently and does not fit well with one of the key assumptions in the design of fscrypt. With this patch series, Sweet Tea Dorminy is working to enhance fscrypt to be a better fit for filesystems like Btrfs.
Fscrypt got its start in 2015 as an ext4-specific encryption feature, but it was later generalized to be able to support other filesystems as well, with the second user being F2FS. To enable encryption, an administrator must start with an empty directory (which can be the root directory ) on a filesystem and set a "master key" for that directory, after which all files and subdirectories created below the top-level directory will be encrypted. To be able to access the contents of that directory, the master key must be stored in the kernel's keyring. One master key can be used with multiple directory hierarchies, or different keys can be used with different hierarchies as needed.
Earlier this month, NVIDIA released the NVIDIA 525.78.01 graphics driver, but it looks like some important improvements needed to be made, so they released a small update, NVIDIA 525.85.05, to improve the reliability of suspend and resume on UEFI systems when using certain display panels.
NVIDIA 525.85.05 also disables the Fixed Rate Link (FRL) when using passive DisplayPort to HDMI dongles, which are incompatible with FRL, and fixes a bug that prevented some controls in the nvidia-settings control panel from working when running an X server as an unprivileged user.
Nvidia has made its latest Linux driver available for download, the version number is 525.85.05 and comes in at 395.9 MB in size; the driver is available for x64 and aarch64 systems. The release notes contain four items and the most notable one is that the reliability of suspend and resume on UEFI systems on certain display panels has been improved. If you have an Nvidia GPU and you have any display issues following a system suspend, this driver could address those issues.
Fortunately, the days of Emacs vs vi flame wars fizzled out decades ago. But there remains lots of friction when it comes to text editors.
Vim is an enhanced version of the vi editor, with development dating back to 1976.
Vim is a highly configurable, powerful, console-based, open source text editor. It’s efficient, letting users edit files with a minimum of keystrokes. Vim offers word completion, undo, shortcuts, abbreviations, keyboard customization, macros, and scripts. You can turn this into your editor for your environment.
In this video, we are looking at how to install ONLYOFFICE on KDE Neon.
Updating the cluster to match with the latest CKAD exam version.
Today we are looking at how to install Vita3K on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
How can you install Docker desktop on Linux? In this tutorial, you will learn how to install Docker desktop on Ubuntu 22.04/Ubuntu 20.04.
USB memory sticks can be used to steal data from your Linux computer. USBGuard lets you set rules governing the use of USB memory sticks, like a firewall for USB storage devices. Here’s how it works and how you can set it up.
Recently, I outlined how to deploy Portainer to a MicroK8s Kubernetes cluster. The process is surprisingly easy and goes a long way to strip the complications from Kubernetes. That Kubernetes environment makes for a robust development process, but what if you also need to work with Docker? Thankfully, Portainer has many convenient Docker features that make deploying those containers a breeze.
GNOME has been my desktop of choice for some time now.
And to anyone who might think adding or sharing a printer across a network on Linux is challenging, I've got news for you… it's not.
Case in point, I had to replace my aging Brother monochrome laser printer that I've been using for maybe five years.
I opted to go with a similar model, but one without the wireless option that I never used.
I pulled the printer out of the box, plugged it in, and clicked Add Printer in the Settings apps.
Today we are looking at how to install Geographical Adventures on a Chromebook.
Deleting a group in Linux can be a simple task when done through the command line interface (CLI). In this article, we will go through the process of deleting a group in Linux using the CLI, with examples to help you understand the process.
Before we begin, it’s important to note that deleting a group will also delete all the users associated with that group. So, it’s important to make sure that you no longer need the group or users associated with it before proceeding with the deletion process.
The Virtual Network Computing (VNC) protocol is one of the bedrock of remote desktop management. It allows you to seamlessly operate a server remotely along with its entire graphical desktop. Here we show you how to install a VNC server in Ubuntu. We will also show how you can connect to a VNC server and make it work for your specific needs.
Deleting a user from a group in Linux command line interface (CLI) is a simple process that can be accomplished using the command line tool usermod. This tool can be used to modify a user’s account information, including their group membership. In this article, we will go over the steps and examples of how to delete a user from a group in Linux CLI.
Before we begin, it’s important to note that you will need to have root or superuser access to perform these actions. This means that you will need to log in as the root user or use the sudo command to run the commands with superuser privileges.
Adding users to a group in Linux command line interface (CLI) is a simple task that can be accomplished with a few commands. This process is important for managing users and their permissions within a Linux system, as it allows for better control over who has access to certain resources and functionality.
Before diving into the process of adding a user to a group, it’s important to understand the basics of user and group management in Linux. In Linux, users are assigned a unique user ID (UID) and belong to one or more groups, which are identified by a group ID (GID). Groups are used to assign permissions to specific users or groups of users, allowing them to access certain resources or perform certain actions on the system.
Now that we have a basic understanding of how users and groups work in Linux, let’s dive into the process of adding a user to a group.
Creating a group in Linux command line interface (CLI) can be a bit tricky if you’re not familiar with the process. But once you know how to do it, it’s a breeze. In this article, we’ll walk you through the steps of creating a group in Linux CLI, and provide some examples to help you understand the process better.
Deleting a user in Linux Command Line Interface (CLI) is a simple process that can be done in just a few steps. However, before you delete a user, it’s important to consider the consequences and make sure that it’s the right decision for your system. In this article, we’ll go over the steps to delete a user in Linux CLI, as well as some important considerations to keep in mind.
Creating a user in Linux Command Line Interface (CLI) is a simple task that can be accomplished using the “useradd” command. In this article, we will take a look at how to create a new user in Linux CLI, and also discuss some of the options that can be used with the “useradd” command. Before we begin, it is important to note that in order to create a new user in Linux, you must have root or superuser privileges. This means that you will need to log in as the root user or use the “sudo” command to execute the “useradd” command.
I’ve recently upgraded a few laptops and have some NVMe drives and spare RAM on hand. Rather than letting them gather dust or try to sell them online, I’d like to match them with inexpensive mini PCs for use in my home lab.
The Steam Deck is my favorite gadget of 2022. I have no hesitation in recommending it anymore. The kind of person who would buy one should buy one. My only question: are you that kind of person?
[...]
I should know. I’ve now spent 435 hours playing Steam games across three different Decks, averaging well over an hour per day since launch. I’ve torn through all 150 hours of Elden Ring and beat Stray, Cult of the Lamb, Signalis, The Forgotten City, Into the Breach, and Vampire Survivors* on the Deck alone. I’m in the middle of dozens more. Plus, those 435 hours don’t count all the time I’ve spent futzing around with alternative games stores, emulators, streaming games from PS5 to the handheld, or cracking open the case to install a better fan and a larger SSD.
Valve’s Steam Deck is a new handheld gaming device that can play PC games. First of all, my official product review: it is very cool. With that established, let’s talk about the really interesting stuff: copyright doctrine.
The long-running and bitter fight between Oracle and Google concluded in 2021, when the Supreme Court ruled 6-2 (in a decision written by Stephen Breyer, with Justices Thomas and Alito dissenting) that re-implementing Application Software Interfaces (APIs) – a form of software library – was a fair use. Google had written its own code that was functionally identical to existing Java software to make it easier for developers to write for the then-new Android platform. A developer’s code might ask the system for particular information, or to perform some kind of calculation. By re-implementing Java APIs on Android, Google made it so that a developer’s code can ask the system for the same things, in the same way, and get an answer back it understands. While the “functional” code in a re-implemented API might be totally new and different from the original, the new code still has to essentially call things by the same names.
The Supreme Court rightly found that this is pro-competitive and legal. Copyright law is not intended to lock software developers to proprietary platforms or prevent the emergence of new compatible platforms.
The latest version of KDE Plasma, landing on Valentine's Day 2023, features enhanced multiple monitor support and plenty of other new features.
[...]
"Today we are bringing you the preview version of KDE's Plasma 5.27 release," an official KDE blog post said. "Plasma 5.27 Beta is aimed at testers, developers, and bug-hunters."
The KDE Community also took to Twitter to announce the beta version:
Among the new features included are a new welcome screen, a Hebrew calendar option, a revamped ability to work across multiple monitors, an enhanced Bigscreen TV interface that debuted in earlier versions, and a new keyboard shortcut for tiling windows.
Another significant new feature is a new permission settings menu for Flatpak packages. These packages by default lack access to the underlying system for security, but there may be times when users may need to turn it on, such as when an application needs to access the file system. The new menu is in the system settings.
Although the creator of OS/2 now owns Red Hat and has other fish to try, OS/2 lives on. The Reg spoke with Arca Noae's Lewis Rosenthal about the issues of updating OS/2 Warp for modern PCs in 2023 – and beyond.
OS/2 has had a long and sometimes troubled history, which The Register looked at in depth when the OS turned 25. IBM stopped selling OS/2 Warp back in the early part of this century, but that wasn't the end of the line for this indomitable OS.
After IBM stopped selling even the server version, eComStation continued support, and later offered their own updated version, and had plans for further modernization.
After that, Arca Noae picked up the baton with what was originally codenamed Blue Lion. It went on to offer it for sale as Arca OS 5.
The current version, Arca OS 5.0.7, can boot directly and install from a USB key, which is a first for the OS/2 family – and a significant help.
Lakka 4.3 retro gaming console emulator now featuring Orange Pi 4 LTS support, updated Mesa to 22.1.7 and RetroArch to 1.14.
If you’re unfamiliar with Lakka, let me give you a brief overview. It is a Linux-based retro video game emulator that allows you to play classic Atari, Nintendo, Sega, PlayStation, and so on games. Built on top of RetroArch, Lakka is widely used on Raspberry Pi devices, turning these single-board computers into retro gaming consoles.
It is designed to operate out of the box and comes only with cores that work with whatever architecture you choose to download. But what are Lakka’s cores? You can think of them as plugins. They contain the code necessary to emulate a specific system, for example, Sega or PlayStation.
The January 14th, 2023 release of DietPi v8.13 comes with a new image for the NanoPi R5C and a couple of improvements and bug fixes.
It looks like Slackware 14.2 is starting to show its age when it comes to supporting Chromium. The packages that I uploaded earlier this week for Chromium (also -ungoogled) version 109.0.5414.74 failed to run on Slackware 14.2 despite the fact that they were successfully compiled on Slackware 14.2. The packages ran without complaint on Slackware 15.0 and -current however. The cause was a run-time dependency on libdrm for which the minimum version requirement was increased in Chromium 109 and Slackware 14.2 contains a libdrm library that is now too old. After finding that root cause, I have rebuilt the chromium (also -ungoogled) packages, this time using an internal copy of libdrm instead of relying on the system libraries. The BUILD=2 version of these packages is now available for download from my repository and its mirrors, they are working correctly on Slackware 14.2 again.
Ubuntu comes with numerous accessibility features for people with special needs. Here we discuss some of the best ones for visually impaired users.
Ubuntu is one of the most widely used Linux distros and is ideal for both beginners and experienced users. Ubuntu Desktop is also packed with lots of accessibility features to make it usable to as many people as possible.
Computers are an essential part of society and must be accessible to everyone. Here are some of the best accessibility features in Ubuntu for people with visual impairments, such as low vision or blindness.
The next point release in the Ubuntu 22.04 series will now be released later than originally intended.
Ubuntu 22.04.2 LTS was due for release on Thursday, February 9. However, the release has had to be delayed by two weeks, and is now scheduled to arrive on Thursday, February 23.
Why the delay?
As there were some unexpected complications during the preparation of our HWE 5.19 kernels for jammy, and with shim 15.7 making its way to the archive, we decided that more time is necessary to get everything ready. We decided to move the 22.04.2 release date to February 23.
Arduino Day, the annual celebration of the Arduino ecosystem of hardware and software, has been announced for March 25, 2023.
Most modern digital cameras are perfectly capable of capturing photos of the stars. But many of them have trouble collecting the small amount of light available in a short amount of time, which means that you need to leave the shutter open for 30 seconds or more to get a decent exposure. That presents a problem, because the Earth rotates. As it does, the light from the stars leaves trails in your long-exposure photo. To overcome that issue, Ondra Gejdos designed this 3D-printable star tracker.
The purpose of a star tracker like this one is to move the camera in the opposite direction of the Earth’s spin in order to keep the stars still in the frame. That lets astrophotographers keep the shutter open as long as they need to to get proper exposure without star trails. The “OG-star-tracker” mounts to a standard tripod and the camera attaches to it. A single stepper provides rotation, and it is up to the user to set the angle properly for their position on the planet.
Download files and build them with your 3D printer, laser cutter, or CNC. Thingiverse is a universe of things.
Scamp is a self-contained Forth computer that you can use as the computing engine for your projects. It’s easy to interface, and easy and quick to program using Forth, the world’s best embedded programming language.
Flying machines: humans have always dreamed about flight, but with our puny arms and lack of feathers it’s something we’ve struggled with. No more! Join us as we explore the best, cleverest and most innovative home-made flying machines. Icarus would have been proud!
I built a wifi-equipped water gun to shoot the pigeons on my balcony, controlled over the internet by a python script running openCV reading the camera image of my old iPhone.
The brains of the operation is a Python script using OpenCV. It compares the current image to the normal background. If the average amount of change of all pixels is above some threshold, it fires the water gun.
India's Supreme Court has delivered Google a slap in the face, ruling that it would not make any changes to an anti-trust order that seeks changes in the Android mobile operating system.
The company had appealed to the country's highest court, hoping that a ruling by the Competition Commission of India, the nation's competition regulator, would be watered down.
The only concession by the court on Thursday was that it gave the CCI one more week to enforce its ruling, according to a report in TechCrunch.
The ruling was made last year, with the CCI alleging that Google had abused the dominant position held by its Play Store by requiring users in India to install the entire Google Mobile Suite.
Today I noticed bounces in my mail box. They were from ikiwiki trying to send registration confirmation email to users who probably never asked for it.
I'm getting truly fed up with spam in my wiki. At this point, all comments are manually approved and I still get trouble: now it's scammers spamming the registration form with dummy accounts, which bounce back to me when I make new posts, or just generate backscatter spam for the confirmation email. It's really bad. I have hundreds of users registered on my blog, and I don't know which are spammy, which aren't. So. I'm considering ditching ikiwiki comments altogether.
I am testing Mastodon as a commenting platforms. Others (e.g. JAK) have implemented this as a server but a simpler approach is toload them dynamically from Mastodon, which is what Carl Shwan has done. They are using Hugo, however, so they can easily embed page metadata in the template to load the right server with the right comment ID.
The dev channel has been updated to 111.0.5545.3 for Windows and Mac, Linux coming soon.
Hi everyone! We've just released Chrome Dev 111 (111.0.5544.3) for Android. It's now available on Google Play.
The team at CAPUF Embedded is building web tools that will help embedded engineers build products faster and more easily.
One of our first tools is a web serial terminal.
It is a serial terminal that you can access via Chrome Browser. You can use it on your Laptop or desktop. Not on mobile devices yet.
The team at CAPUF Embedded is building web tools that will help embedded engineers build products faster and more easily.
One of our first tools is a web serial terminal.
It is a serial terminal that you can access via Chrome Browser. You can use it on your Laptop or desktop. Not on mobile devices yet.
Last month at State of the Word, WordPress Executive Director Josepha Haden Chomphosy shared some opening thoughts on “Why WordPress” and the Four Freedoms of open source.
The FSF opened its new community-engaged nomination process today, seeking new directors to help drive its worldwide mission to promote computer user freedom. Nominations will be sought until Friday, March 3, 2023, 10:00 EST (15:00 UTC).
"We're excited to give associate members this opportunity to attract new talent, energy, and perspectives to the Foundation's leadership," said FSF president Geoffrey Knauth. "As a pioneer in the free software movement, FSF has consistently advocated, celebrated and defended user freedom and autonomy. Community engagement in the nomination and evaluation process will be critical to seating the leaders who can meet the challenges and seize the opportunities that lie ahead."
Associate members of the Free Software Foundation (FSF) now have the chance to nominate candidates to serve on the board of directors. This news comes after an original announcement of the process by the FSF Board of Directors on January 18, 2022. The board and staff have worked for a year to design, develop, and prepare for the new community engagement process and the discussion structure to support it. The aim is a transparent and participatory selection process that ensures a consistent, long-term alignment with the FSF's values and principles.
The FSF has opened its new nomination process today, and is seeking new directors in support of its mission to promote computer user freedom.
Dortmund is opening a new chapter in Free Software Governance and inspiring municipalities all over Germany. The recording of our event on 11 January 2023 is now online. Are you interested in Free Software and working in a municipal administration or in politics? Join our new mailing list to exchange information on Free Software in municipalities!
Python's formatted strings, or "f-strings", came relatively late to the language, but have become a popular feature. F-strings allow a compact representation for the common task of interpolating program data into strings, often in order to output them in some fashion. Some restrictions were placed on f-strings to simplify the implementation of them, but those restrictions are not really needed anymore and, in fact, are complicating the CPython parser. That has led to a Python Enhancement Proposal (PEP) to formalize the syntax of f-strings for the benefit of Python users while simplifying the maintenance of the interpreter itself.
The PyTorch compromise that happened right at the end of 2022 was rather ugly, but its impact was not widespread—seemingly, at least. The incident does highlight some of the perils of relying on an external "supply chain" for the components that are used to build one's software. It also would appear to be another case of "security researchers" run amok, though perhaps that part of the story is only meant to cover the tracks—or ass—of the perpetrator.
Beyond that, the incident shows that the Python Package Index (PyPI) and the pip package installer act in ways that arguably assisted the compromise. That clearly comes as a surprise to many, though those behaviors are well-known and well-established in the Python Package Authority (PyPA) community. There is, at minimum, a need for education on that topic.
We’ve all seen photos of the Eiffel Tower in Paris, watched movies of the ancient Colosseum in Rome, & stared at the brush strokes in a poster of Vincent van Gogh’s “Starry Night”. But what do they sound like? Daric Gill introduces “The Memory Machine: Sound“, a motion-activated sound sculpture that plays a collection of recordings, taken during travels to some of the world’s most interesting places.
Unless your computer is pretty old, it probably uses UEFI (Unified Extensible Firmware Interface) to boot. The idea is that a bootloader picks up files from an EFI partition and uses them to start your operating system. If you use Windows, you get Windows. If you use Linux, there’s a good chance you’ll use Grub which may or may not show you a menu. The problem with Grub is you have to do a lot of configuration to get it to do different things. Granted, distros like Ubuntu have tools that go through and do much of the work for you and if you are satisfied with that, there’s no harm in using Grub to boot and manage multiple operating systems.
An alternative would be rEFInd, which is a nice modern UEFI boot manager. If you are still booting through normal (legacy) BIOS, the installation might be a hassle. But, in general, rEFInd, once installed, just automatically picks up most things, including Windows, Mac, and Linux operating systems and kernels. The biggest reasons you might change the configuration is if you want to hide some things you don’t care about or change the visual theme.
The same instance of ConfigOS addresses CISCO network devices, Apache, Red Hat 5/6/7/8, SUSE, CENTOS, Ubuntu, and Oracle Linux.
We are excited to announce a major update for the PlayCanvas Editor: glTF 2.0 import. This new feature allows users to easily import and use 3D models created in other applications such as Blender and SketchUp, as well as from digital asset stores like Sketchfab, directly into the PlayCanvas Editor.
The Google Project Zero page shows how to compromise the kernel by using a NULL pointer to repeatedly force an oops and overflow a reference count.
For a fair amount of time, null-deref bugs were a highly exploitable kernel bug class. Back when the kernel was able to access userland memory without restriction, and userland programs were still able to map the zero page, there were many easy techniques for exploiting null-deref bugs. However with the introduction of modern exploit mitigations such as SMEP and SMAP, as well as mmap_min_addr preventing unprivileged programs from mmap’ing low addresses, null-deref bugs are generally not considered a security issue in modern kernel versions. This blog post provides an exploit technique demonstrating that treating these bugs as universally innocuous often leads to faulty evaluations of their relevance to security.
Data analyzed by the Atlas VPN team, based on malware threat statistics from AV-ATLAS, shows new Linux malware threats hit record numbers in 2022, increasing by 50 percent to 1.9 million.
Security updates have been issued by Debian (firefox-esr, libitext5-java, sudo, and webkit2gtk), Fedora (firefox and qemu), Red Hat (java-11-openjdk and java-17-openjdk), Slackware (sudo), SUSE (sudo), and Ubuntu (python-urllib3 and sudo).
CISA released one Industrial Control Systems (ICS) advisory on January 19, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
In this article, we will learn how symmetric-key encryption works from a practical perspective.
In the “Introduction to encryption for embedded Linux developers” article, we learned the basic concepts, including an introduction to security, confidentiality and encryption, the main motivations and how encryption works, types of encryption (symmetric-key and asymmetric-key encryption), the most commonly used ciphers and the trade-offs between them.
In this article, we will use OpenSSL to put into practice some concepts about symmetric-key encryption.
To follow along with this article and run the commands on your machine, you just need a terminal with a recent version of OpenSSL.
Have fun! :-)
Deep Instinct researchers discovered that the StrRAT payload has been deployed in a campaign leveraging both JAR and MSI file formats, indicating potential execution via Windows and Java Runtime Environments.
This is not the first time such malware-laced polyglots have been detected in the wild. In November 2022, Berlin-based DCSO CyTec unearthed an information stealer dubbed StrelaStealer that's spread as a DLL/HTML polyglot.
“So one big promise of globalization was that countries, as they became more integrated in the global economy, would also modernize on a political dimension,” said Freakonomics Radio host, Stephen Dubner in the introduction to his recent podcast Has Globalization Failed?
Globalization was supposed to boost prosperity and democracy at the same time. The 1990s ushered a golden age of globalization, when the world seemed to be coming together. Nations were becoming more economically interdependent. The internet fostered worldwide communications. The ideological contest between communism and capitalism appeared to be over. Democracy was spreading a set of universal values - freedom, equality, human rights.
“I’m curious how successful or unsuccessful you think that’s been?,” Dubner asked his podcast guest Anthea Roberts, professor at the Australia National University and co-author of the 2021 book Six Faces of Globalization: Who Wins, Who Loses, and Why It Matters.
“One of the things that I think has clearly come out from both Russia and China is that that has not borne fruit in quite the way the United States may have hoped,” answered Roberts. “But part of it may also be that the U.S. may be retelling that story a little bit. It may have been that they wanted to say that it was about democracy, but actually a lot of it was also just about their own economic interests, and now their understanding of their economic interests have changed.”
Welp, it’s official: 3rd-party Twitter clients are no longer allowed to exist.
As per Engadget, the social networking site has updated its developer agreement to state that devs can not “use or access the Licensed Materials to create or attempt to create a substitute or similar service or product to the Twitter Applications.”
Not an awful lot of ambiguity to find in that, is there? The “similar product to the Twitter applications” phrase basically describes every unofficial Twitter app in existence.
Last week the web winced when Twitter blocked a bunch of popular third-party Twitter apps from accessing its service.
Access Now is alarmed by Indian authorities’ attempts to further tighten their control of the internet via proposed new content governance rules.
As part of revisions to the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, India’s Ministry of Electronics and Information Technology (MeitY) has extended its deadline for feedback on draft amendments for online gaming. At the same time, it has proposed an amendment requiring intermediaries to remove content that the central government’s Press Information Bureau or other authorised agencies deem to be “fake or false.” Including such content governance provisions at the last minute undermines the consultative process, and demonstrates the ongoing lack of transparency and open deliberation in MeitY’s rulemaking processes.
“The Central Government is designating its press relations office — the Press Information Bureau — as the online arbiter of what is true and what is false,” said Raman Jit Singh Chima, Asia Pacific Policy Director and Senior International Counsel at Access Now. “This will give them the power to decide what content stays up and what is taken down, without any parliamentary authorisation or legal authority whatsoever.”
The proposed provision will jeopardise press freedoms by making it almost impossible for media outlets to question or contradict the government’s version of events in their reports.
The Information Controls Fellowship Program (ICFP) from the Open Technology Fund (OTF) fosters research, outputs, and creative collaboration on repressive Internet censorship and surveillance issues. The program supports examination into how governments in countries, regions, or areas of OTF’s core focus are restricting the free flow of information, cutting access to the open Internet, and implementing censorship mechanisms, threatening global citizens’ ability to exercise basic human rights and democracy; work focused on mitigating such threats is also encouraged.
Marc Andreessen famously said that software is eating the world. But the latest and greatest software trend–generative AI–is in danger of being swallowed up by copyright law. Like a cruise ship heading for a scary iceberg, AI is in trouble, and the problems are mostly below the surface.
[...]
The Stable Diffusion suit alleges copyright infringement, stating that, “The resulting image is necessarily a derivative work, because it is generated exclusively from a combination of the conditioning data and the latent images, all of which are copies of copyrighted images. It is, in short, a 21st-century collage tool.” That characterization is the essence and conclusion of the lawsuit, and one with which many AI designers would disagree.
So, all neural network developers, get ready for the lawyers, because they are coming to get you.
Many of the best works of fiction, like Groundhog Day, use a weird framework to tell compelling stories.
These stories can use the weirdness to tell stories of themes that are difficult to get at otherwise, like infinity or effervescence, or how different choices or different behavior in a situation can cause different outcomes, or the weirdness can be a metaphor for something else, or it can be just a backdrop for introducing interrelated sub-stories of compelling characters.
All those usages of weirdness are different from each other but can all be great. Pretty much all my favorite fiction is on the “weird” shelf. Love it. The human experience made hyper-clear by going beyond the real.
On Windows and macOS the finger command is already installed by default. Just fire up a terminal and you are good to go. It is also present on many (most?) Linux distros in the default setup and even when that isn't true, it's typically a simple install command away. But actually, you may not even need to install it, since it is such a basic protocol it is easily simulated with other common networking tools.
I don't use it as a "smart" TV any more. For that I use a Fire TV stick which definitely isn't better from a privacy standpoint, but it's way faster, supports more codecs, and is much friendlier towards advanced users.
I wanted to disconnect the Roku from my wifi since I have no use for it being on the network and I'd rather it not spy on everything I watch. Turns out they really don't want you doing that.
First of all, the option to clear your network settings is buried several menus deep in advanced system settings, nowhere near the rest of the network settings. Annoying, but nothing you can't figure out after an internet search.
Build scripts are super helpful. By "build scripts" I mean Makefiles, a publish.sh shell script, really anything that automates building or creating something. Usually that's a program, but I find them helpful even for things that are not strictly speaking development work.
For example, I have been porting the content from some Apple history projects to Markdown. I also am publishing them as gemtext on my capsule. This is an iterative process, so generating the gemtext is something I do as I add more content.
At work one of our new devs has been working on a problem we originally assigned a day or two worth of points to resolve. The issue itself is not that interesting, we run on top of a commonly used web framework with a shadow DOM and need an event to trigger when the page is done loading. But as the page fills in dynamically and data is pulled asynchronously all solutions for this problem are hit or miss if they work and none work 100% of the time. It is a common issue, one of those where no one has a good Stack Exchange solution in spite of the fact there are many duplicate questions posted.
What I found interesting about this problem is why it exists and why no one has a good solution. Our specific problem is that the framework doesn't really have the concept of a page load being "complete." Components are connected with properties, async calls for data will modify these properties and the page is always in a state of agitation. We can't use timers because of the drastic difference in time to load from a desktop on a 1Gbps connection compared to a super slow 3G cell connection. We can't use event handlers in the page because when component life cycle claim it exist the page may still be changing and the event fires too soon.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.