The VCOM-1600 is available with Linux or Windows 10, as well as optional VHub AI Developer, VHub ROS, and VHub EtherCAT software. Two Atom x6000 SKUs are featured. The first is the quad-core Atom x6425RE, which is required to use the VCOM-1600’s touted Intel TCC and TSN network synchronization support. The RE SoCs also provide functional safety (FuSa) features, which are not listed by Vecow. A mainstream, dual-core Atom x6211E is also available.
The system clipboard is a buffer background system service that offers a short-term storage for text and data transfer between running programs.
The clipboard manager app is a software to extends the system clipboard service functionalities.
Linux was created by Linus Torvalds. He made this operating system available for free.
Are you looking for a simple file manager, a file manager so simple you might call it sfm or the simple file manager well you're in luck and as you may guess from that name it's also a suckless inspired application
In today's short video, I simply wanted to address a common new-to-Linux question regarding the execution of scripts. That question is: why do we need the dot-slash (./) before the script name?
A Quick overview of Linux Lite 5.8.
This week’s episode of Destination Linux, we’re going to be discussing the phrase of “Free As In Freedom, Not Free As In Beer”. Is it okay for developers to charge for their work? Then we’re going to take a look at a new partnership Canonical has with Vodafone. Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you.
It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.
Hello and welcome to the 455th installment of Linux in the Ham Shack. In this short-topics episode, the hosts discuss the inevitable topic of the invasion of Ukraine and how amateur radio is related. Also discussed are the upcoming YOTA camp for 2022, the Steam Deck, the Github Advisory Database, a new release of FreeDV and much more. Thank you for listening and have a great week. Our thoughts are with the people of Ukraine. Stay safe out there and stay strong.
Hello and welcome to the 454th episode of Linux in the Ham Shack. In this episode, the hosts discuss a project called Bottles, born of a concept from CrossOver Linux, which creates a quasi virtualization and containerization platform for running Windows applications under Linux. The discussion ranges from theory to installation and implementation and configuration. We hope you enjoy this episode and that it's informational as well. Have a great week.
It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.
Hello and welcome to the 452nd installment of Linux in the Ham Shack. In this short topics episode, the hosts discuss ARRL grants, FreeDV Activity Day, the demise of TenTec, new WINE, new Ubuntu, IMs via ham radio and much more. Thank you for listening and have a great week.
If you’re a fan of Linux, you might have seen “Tux,” the friendly penguin mascot for the operating system. But why a penguin, and why Tux? We’ll explore the history behind the semi-aquatic bird mascot with a little help from Linus Torvalds, the creator of Linux himself.
Linus Torvalds Loves Penguins
Unlike commercial operating systems backed by many million-dollar marketing campaigns, early versions of Linux didn’t have any formal branding. Linux started as a hobbyist project by Finnish university student Linus Torvalds in 1991, and a group of volunteers around the world developed and maintained it in its early years. So when developing Linux’s public image, its developers went about it in a very informal way: by discussing it on the Linux-Kernel group email list.
Linus has released 5.17-rc7, which is hopefully the final prepatch in this development series: "as things stand, I expect that final 5.17 will be next weekend unless something surprising comes up".
VLC 3.0.17 is here about nine months after VLC 3.0.16 to introduce several new features, including support for the DTS-HD LBR (Low Bit Rate) decoder, support for the new FOURCC for the AV1, E-AC3, and GeoVision decoders, support for DAV video files, WebP image mapping, as well as support for uncompressed audio in MP4 files (ISO/IEC 23003-5).
This release also brings numerous improvements, such as better hardware decoding for some AMD GPU drivers, improved playback of live AV1 streams, improved support for VP9 streams, improved AudioCD support (audio/data mixed mode, MusicBrainz), improved support for subtitles using the tx3g codec in MP4 tracks, improved HTTP2 memory usage, as well as improved AVCapture and SRT modules.
 As a student, it can be hard for you to buy proprietary apps for your study needs. On Linux, you can download several educational apps for free.
It can be difficult to afford costly educational software as a student. And that’s where Linux excels—its open-source concept is of great help to students, offering many helpful yet free-of-cost educational apps to aid in their learning.
So, let’s look at some of the most useful educational apps for students available on Linux for free.
Since the Linux users feel more comfortable while working with the command line interfaces, that is why the Amazon Web Services have introduced the AWS CLI to manage all these services via a single platform. This tool enables you to manage multiple services at a time with all the more ease and convenience. In this guide, we will teach you the installation procedure of the AWS CLI on a Linux Mint 20 system.
Typically, we use arrow keys to control shell behaviors like moving the cursor from one point to another point. Also, it’s quite common to make mistakes while writing commands and to correct these you may use arrow keys + backspace, which is not optimal at all.
In the bash terminal, you can use several keystrokes to control the shell features that you are going to see.
C language is one of the earliest programming languages. It is simple and easy to learn. Formerly C programming was performed on Turbo C, a discontinued integrated development environment. But nowadays it can be easily executed on different operating systems.
In this guide, you will learn how to write your first C program using the Linux operating system which requires a GNU C compiler instead of an integrated environment. The following steps will show to install a GNU C compiler on Linux, how to write the source code, compile and execute the C program.
Spring Boot is a Java-based open-source framework for creating microservices, which allows developers to deploy and develop services independently. Each service running has its process, thereby achieving the lightweight model that supports business applications. Microservices have several advantages: simple scalability, minimum configuration, lesser production time, container compatibility, and easy development.
Spring boot provides a good platform for developers to build stand-alone and production-ready spring applications that you can just run; thus, one can get started with minimum configurations without needing an entire spring configuration setup.
For instance, handling dependency management is complex for big projects; Spring Boot thus resolves this difficulty by providing a set of dependencies for the developer’s convenience. The Spring Boot application scans all the beans and package declarations when the application initializes; Besides, the Spring Boot application annotation includes component scan, Auto-Configuration, and Spring Boot Configuration.
Linux container virtualization (LXD) is similar to Virtual machines (e.g. KVM) but with more speed, efficiency and much lighter compared to virtual machines. LXD containers for OS like Ubuntu, Centos, Arch Linux, etc are easy to create. LXD uses the same Linux kernel which reduces the overhead of the addition of such kernels.
In this article, we will show the installation and configuration process of LXD on Ubuntu 20.04 server. Also, we will explain how to start an LXD container and how to run commands inside the container.
Debian 11 provides so many options for choosing a desktop environment. One of the many great desktop options is Xfce which is light, simple, fast, and a very resource-friendly DE that works very well in almost any system.
Whether you have already installed the default GNOME desktop that comes with Debian and would like to experience Xfce while keeping the GNOME DE or install Debian 11 along with Xfce, we will show you both the methods in this article today.
There are so many use cases for installing Xfce DE on Debian 11. You can do a fair bit of customization to your liking and run so many utilities. The desktop is intuitive and highly resource-friendly. You can run it quite well on old hardware, and due to that reason, you can utilize any old PC lying around and set it up and running with the help of this desktop.
Wireshark is a free and well-known network communication link analyzer formerly known as Ethereal. It presents captured packet data in as much detail as possible. You can contemplate a network packet analyzer as a measuring gadget for cross-examining what is happening inside a network cable, just like an electrician utilizes a voltmeter to check what is inside an electric cable.
Sometime back, Wireshark and look-alike tools were either expensive, proprietary, or both. Nevertheless, the dawn of Wireshark has enormously changed to the point that it is now available for free, open-source, and it has proven to be one of the best packet analyzers available in the market today.
One option for automating a container with data is to store the data within the container image. However, this requires a copy of the data to be in each container you run, which can lead to wasted resources if the containers are scaled up. A better option is to store one copy of the data in a Docker volume and then share that volume between containers.
You can think of a Docker volume as a folder that exists outside of the container filesystem but is still accessible by the containers running on the same host. When you create a new container, you can either mount an existing volume or create a new one. If you create a new volume, Docker will automatically create a new storage layer on the underlying host filesystem and initialize it with the data you specify.
Once you have created a volume, you can use it to store any type of data, including static files, application data, or logs. You can also use volumes to share data between containers.
In this tutorial, we will show you how to install Etherpad on Debian 11. For those of you who didn’t know, Etherpad is written in Node.js and supports thousands of simultaneous real-time users. Etherpad is a highly customizable editor with the support of various plugins. And also supports modern document formats such as doc, pdf, and many more.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Etherpad on a Debian 11 (Bullseye).
This tutorial will be helpful for beginners to download and install KODI 19.4 in Ubuntu 20.04 LTS, Ubuntu 21.10, Ubuntu 18.04, and LinuxMint 20.3.
KODI formerly known as XBMC Media center is a free and open-source cross-platform software media player. It is managed by a non-profit XBMC foundation and developed by volunteers around the world.
It is now officially available for Android, BSD, Linux,macOS, and Windows operating systems. The latest version of KODI is 19.4 and comes with bug fixes and new features.
There are many utilities, such as fdisk, cdisk, exists to partition the hard drive in Linux and Unix-like systems. In this article, we will focus on how to use the parted utility to create a partition and manage disk partitions (resizing, deleting partitions) in Linux.
MySQL is a relational database management system based on SQL (Structured Query Language). It is one of the most widely used database software for several well-known applications. MySQL is used for data warehousing, e-commerce, and logging applications, but its more commonly used feature is web database storage and management.
In the following tutorial, you will learn how to install MySQL 8.0 Community edition on CentOS 9 Stream using the command line terminal with instructions on how to secure the MySQL service, update, and, if necessary remove.
Brave is a free and open-source web browser developed by Brave Software, Inc. based on the Chromium web browser. Brave is a privacy-focused internet browser that sets itself apart from other browsers by automatically blocking online advertisements and website trackers in its default settings.
Brave claims that its browser puts less strain on your computer’s performance than Google Chrome. Even with multiple tabs open at once, the new Brave Software uses 66% less memory and has 50 million more active users than before – a growth of 2X in 5 years!
In the following tutorial, you will learn how to install Brave Browser on CentOS 9 Stream by importing the official GPG keys and repository with step-by-step instructions on installing, updating, and removing the browser, including disabling/enabling the DNF repository. As a bonus, the beta and nightly optional installation methods are included, installed alongside stable.
Using/watching YouTube is part and parcel of whoever uses any smartphone or PC. We all tend to listen/watch to our favorite content on YouTube, but how many of us create a playlist of our favorite YouTube content? Maybe a few of us have our YouTube playlist, but if I say how many of us create a YouTube playlist using Google sheets? Well, I’m guessing what could be a possible answer. Yes, the answer would be NO!
Though Google sheets and YouTube are two different kinds of applications, making a YouTube playlist using Google sheets is possible. You just need to know some basic Google sheets formulas to make this happen. To the entire article, you’ll be walked through the process. You might be wondering why didn’t you know or try this before?
John Carmack's generosity in releasing his older source code resulted in a proliferation of free first person shooters in the 2000s with almost all of them based on some variation of the Quake engine. This proved to be a boon to Linux gamers, but Dutch programmer Wouter van Oortmerssen rejected this path to forge Cube based in the same "just for fun" spirit with which Linus Torvalds first began work on the Linux kernel.
Unlike Torvalds though Cube was helped by Oortmerssen's deliberate rejection of the open source model, which often clashes with the auteur nature of independent game development. The source code is available under the zlib License for anyone to modify, but the distributed game itself is his own curated creation, with his singular vision proving to be what happens when you mix Doom, Quake, and Serious Sam in a blender.
In the end I had to use the oldest binaries still available from SourceForge, those contained in the cube_2002_10_20.zip archive, as every later packaged version of the game was built against libstdc++5 which is too new for my Red Hat Linux 7.3 installation. This places me in the curious position of being on the opposite end of the glibc 2.3 compatibility problem, as this is the main library which causes issues when running certain Loki Software games on newer systems.
I did try building the final Cube source code myself on Dianoga, but was not able to provide the ENet development libraries that Cube requires. The last released binaries do still run on my modern Arch Linux computer, although I had to modify the launch script or it would complain "Your processor does not have a supported Cube client" upon discovering I was starting the game under x86_64. Overriding the check resolved this, but it still suffers from a video memory leak.
In short: I'm responsible for making sure that new versions of games are performant and reliable, and this means passing many of these versions through certification programs. A new Steam Machine directly from Valve was an exciting prospect, but it hasn't come without its problems. Today we're going to talk about just one of them:
ProtonUp-Qt is a very helpful application that can help you install extra compatibility layers on Linux and Steam Deck. It just had small new release, so it's time to take a better look. New in version 2.6.0 are translations for: german, finnish and spanish plus there's a new game list dialog.
It enables you at a few button clicks to download and automatically install Proton-GE, Luxtorpeda, Boxtron or Roberta for Steam. On top of that you can do Wine-GE, Lutris-Wine or Kron4ek's Vanilla Wine-Builds for Lutris. Need more? It will also handle installing Wine-GE or Proton-GE for the Heroic Games Launcher.
If you need another MMO fix in your life, Albion Online is pretty good and has a lot of players. It's available as a direct standalone download and on Steam. Looks like it might end up quite good on the Steam Deck.
Coming along with their latest patch that also started Season 15 plenty of other tweaks were done including automatic silver pickup, tweaks to randomized dungeons, combat balance changes and various other adjustments. The big one is of course the new gamepad support, which isn't quite finished yet.
Do you own a lot of games on itch.io? I do, and a huge amount more from past charity bundles I've yet to go and claim so maybe the Steam Deck will help me and you get through them all.
Since the itch team provide a launcher app, I wanted to see how well it would work on the Steam Deck and there were a few requests to check it out. Thankfully, their native Linux build runs just fine in desktop mode.
I had honestly never heard of Super Bunny Man until a reader emailed it in but it seems quite popular, one of those games to have a proper laugh with a friend as you fail together.
Currently in Early Access, a Linux version was added up on Steam back in September 2021! Somehow entirely missed here. There's a Very Positive user rating on Steam from over 2,000 people so the developer clearly has something a little bit special here.
Even though Valve thinks you shouldn't open up your Steam Deck, and they would prefer a professional do it, they will still offer parts through iFixit.
The team at iFixit recently did a video teardown, showing off things Valve suggest not to do as part of their announcement on teaming up with Valve for this. The good news is the wait won't be too long, as they told The Verge that parts will become available to order "this Summer".
If you want to be notified of when they become available, you can sign up to be notified.
Personally, I don't think I'll be opening up my Deck to fiddle around with its insides. I plan to mostly use mine as an actual gaming device, without any hardware adjustments. Will you be opening up yours though? Let us know in the comments.
In that blog what was introduced was the new user interface to be able to see digital signatures in the mobile interface (i.e. the one that uses Kirigami instead of QWidgets).
You can use the Okular mobile interface anywhere you want, it's not really mobile-only, it's really mobile-optimized, so you can try it (though you'll have to build it manually since most distributions don't build it by default) on desktop Linux too.
Anyway, in that previous blog I talked about introducing the new user interface to be able to see digital signatures, and that worked out of the box in places that provide NSS like desktop Linux or Plasma Phone distributions (Aleix tried on the PinePhone and confirmed it works), but for Android it still did not work.
[...]
The workaround to make androiddeployqt work for plugins is basically linking the plugins to your binary, this way the plugin is a clear dependency and gets packaged, but did I say things are never simple enough?
In KDE we have binary-factory continuous integration for Android and we also have gitlab continuous integration for Android, unfortunately they use different ways of building, the first uses Craft, the second does not. This means that in gitlab CI the NSS library is not available, so I can't link to it, but i need to link to it so that Craft on the binary-factory CI creates the APK files correctly.
After I wrote my review of Ksnip, a handy screenshot tool, someone commented that they would like to be able to associate this program with their shortcut for capturing screenshots. In particular, they also said they would like to be able to take rectangular areas rather than fullscreen or windowed area. This got me thinking, and I figured, perhaps there is some tutorial material here?
The answer is, yes. Now, my mission today is twofold. One, show you how you can assign custom shortcuts to custom actions in Plasma. Two, showcase yet again the amazing and neverending flexibility of the Plasma desktop environment, because nothing else does it half as good as Plasma. In fact, the whole thing reminds me of that catchy, cheesy song The Spy Who Loved Me, the theme sequence from the namesake 007 Bond movie. And it opens with the following lyrics: Nobody does it better, I feel sad for the rest ... Indeed, let is commence this tutorial.
In these past two weeks I’ve been learning how to fetch APIs with Qt and I finally got something working! In this blog post we’re going to create a little application to fetch data from a specific github user.
Automation can help increase efficiency, save time, and improve consistency, which is why Red Hat Enterprise Linux (RHEL) includes features that help automate many tasks. RHEL System Roles is a collection of Ansible content included in RHEL to help provide consistent workflows and streamline the execution of many manual tasks.
RHEL contains a storage system role that can automate the configuration of logical volume manager (LVM) volume groups, logical volumes, and filesystems. The storage role supports creating filesystems on unpartitioned disks without the use of LVM as well. In addition, the storage role can automate advanced storage functionality such as encryption, deduplication, compression, and RAID.
The "Managing local storage using RHEL System Roles" documentation includes information and example playbooks covering how to use the storage system role in many different scenarios.
Red Hat Summit 2022 dates have been announced (spoiler alert, it’s happening on May 10-11, 2022), and while registration isn’t open quite yet, stay tuned for news about that coming very soon.
[...]
The full Red Hat Summit 2021 catalog contains over 275 sessions that are available on demand. Helpfully, these have also been organized into six different channels so it’s easier for you to find the stuff you’re really interested in.
Here’s what each of those channels has to offer.
A big majority (89%) of IT chiefs believe open-source software is as secure as proprietary software, according to a survey by IBM-owned Red Hat, the maintainer of Red Hat Enterprise Linux (RHEL).
 The 8nm-fabricated RK3588 has 4x up to 2.4GHz Cortex-A76 and 4x up to 1.8GHz -A55 cores. There is also a powerful Mali G610MC4 GPU and a 6-TOPS NPU (up from 3 TOPs on Rockchip’s RK3399Pro and RK1808). The RK3588 delivers about 3x time faster performance than the RK3399 using Geekbench 4 CPU benchmarks and delivers even faster GPU performance.
The ITX-3588J offers a choice of Android 12, Ubuntu Desktop and Server, Debian 11, Buildroot, RTLinux, Kylin Linux, and UOS. The board, which we saw on Tom’s Hardware, also supports UEFI Boot.
The Core module housing the RK3588 is equipped with 4GB to 16GB LPDDR4, LPDDR4x, or LPDDR5, with 32GB RAM available as an option. The module also incorporates 16GB to 128GB eMMC.
It’s not that long since Arduino IDE 2 came out of beta, and already we’re on release candidate 4. And it’s well worth the update, as there are some excellent new features that you won’t want to miss out on.
One could aptly name this February State of IoT as the State of Silicon. With the much-anticipated partnership between ARM and NVIDIA halting to a grind, Intel grabbed this month’s headlines by investing in the open RISC-V architecture and announcing a new fund promoting disruptive startups. Let’s dive straight in!
Adafruit ESP32 Feather V2 (aka Huzzah32 Feather V2) is an upgrade to the company’s HUZZAH32 ESP32 Feather, still based on ESP32 WiFi & Bluetooth processor, and designed with the initial goal of replacing the obsolete CP2104 with the CP2012N USB to TLL chip.
But Adafruit ended up doing a complete redesign with extra storage (8MB flash in total), 2MB PSRAM, a USB-C port replacing the Micro USB port, an extra tactile switch, an RGB LED, lower power consumption, and more.
In this article, we’re looking at the most secure browsers for Linux that also protect your privacy.
When it comes to a web browser or browsing apps on Linux, there are many choices. Most people don’t worry much about what kind of browser they’re using. However, because your browser is the interface through which you will interact with the majority of the internet, it is responsible for a large amount of sensitive personal data.
You will probably be surprised to learn that your browser still reveals your location and device to third-party sites, trackers, and advertisers, even if you’re using “private” or “incognito” mode.
As you know, we live in a world where our personal information is passed back and forth between companies. Advertisers, ISPs, governments, and corporations can track your internet actions click by click if you aren’t vigilant. What is the most effective strategy to avoid this?
Everyday, billions of people around the world turn to Chrome to get things done quickly on their devices, whether shopping for a new pair of headphones or pulling together a sales report for work. Nothing is more frustrating than having a slow experience while browsing the web. That’s why Chrome has always been focused on building the fastest possible browser since its launch in 2008, without compromising on feature functionality or security. In our first The Fast and the Curious post of 2022, we are thrilled to celebrate how in the M99 release of Chrome we were able to substantially increase the speed of Chrome across all major platforms.
We go deep on every platform where Chrome runs to provide the fastest possible experience. We’re excited to announce that in M99, Chrome on Mac has achieved the highest score to date of any browser – 300 – in Apple’s Speedometer browser responsiveness benchmark.
 While Mozilla sticks to its monthly release cycle for new Firefox releases, it would appear that Firefox 98 is a minor update that only brings a few changes. One of the biggest changes is a new optimized download flow where files are downloaded automatically without prompting the user to choose between opening the file with a certain application or saving it.
In previous Firefox releases, the user was prompted by a dialog when attempting to download a file. That dialog contained an option that let you do just that, setting one of the available actions (open or save), but only for certain types of files. Now, this is done automatically in Firefox 98 for all downloadable files.
Mozilla Firefox 98 has arrived on schedule to serve as the latest update to the revered open source web browser.
If you found the last few Firefox releases a little lite on changes you will be frustrated to hear that that trend doesn’t end here. Still: while there aren’t very many “shiny new things” to gawk at or poke in Firefox 98 will find, as always, an attentive array of smaller improvements, performance tweaks, and security enhancements.
Firefox 98 touts an ‘optimised download flow’ that changes some of the browser’s long-standing behaviours.
For instance, Firefox 98 no-longer asks you what to do when a download is initiated. In older versions of the browser a prompt appears asking you to pick an app to open the file in, or save it to disk instead. Firefox 98 automatically downloads items to the specified download location, no end-user input needed.
Mozilla has released security updatesââ¬Â¯to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system.ââ¬Â¯Ã¢â¬Â¯
CISA encourages users and administrators to review Mozilla security advisory MFSA 2022-09 and apply the necessary updates.
This tutorial will be helpful for beginners to download and install Firefox 98.0 on Ubuntu 20.04 LTS, Ubuntu 22.04, Ubuntu 21.10, LinuxMint 20.3, Rocky Linux 8, Almalinux 8, and Fedora 35.
Firefox or Mozilla Firefox is a free and open-source web browser developed by the Mozilla foundation and generally utilized by thousands and thousands of individuals in their daily actions.
It is a Cross-platform web browser available for Android, Windows, macOS, iOS, and Linux systems.
Firefox 98.0 is scheduled to be released on March 8, 2022, but the source file is available for users to download ahead of tomorrow’s official launch.
As part of the requirements for the final application during the contribution period for the Outreachy internship, I needed to provide a timeline to achieve our goal on my outreachy task which is transitioning of dependencies in node16 and webpack5.
I try to avoid to allow politics or current events to seep into my blog. The topic is the 100 year language and as such wont be history. Sadly, the head-oligarch has publicly given obvious bullshit-reasons to invade a neighbouring country. I would like to use the powers of … to shed some light into the current darkness.
The official numbers (read: favouringly rounded up) for the population of Russia is 145805947 people. If only they could get themselves a decent government, that could have been quite a few hugs. But hugging they ain’t do enough, resulting in a birthrate of 1.82 children per woman. Let’s write that down.
kapitaali_com wondered whether Raku is mature enough to build a university level computer science course around it. And a positive discussion followed. Looking forward to the first result of anybody picking up on this!
Last month when Russia started invading Ukraine, several European countries responded against the invasion by imposing sanctions on Russia, affecting several Russian industries including Oil processing. But it was not over yet, soon tech giants including Twitter, Google, and Facebook paused advertisements and other services till the conflict ends.
Last week Reddit quarantined r/Russia and r/RussiaPolitics for spreading misinformation in the subreddit. After quarantining the subreddit, Reddit suggestion system stopped suggesting it resulting in lowering the particular subreddit’s discovery across the Reddit platform.
Twitter also halted its advertisement system in Russia and Ukraine to prevent misinformation from spreading. As a result, Twitter and Facebook, both were restricted across Russia.
Security updates have been issued by Debian (chromium, containerd, cyrus-sasl2, expat, firefox-esr, freecad, kernel, and tiff), Fedora (seamonkey, swtpm, and webkit2gtk3), Mageia (docker-containerd, firefox, flac, libtiff, libxml2, and mc), openSUSE (containerd, expat, flatpak, gnutls, go1.16, go1.17, libeconf, shadow and util-linux, mariadb, nodejs14, perl-App-cpanminus, vim, wireshark, wpa_supplicant, and zsh), SUSE (containerd, expat, flatpak, gnutls, go1.16, go1.17, java-11-openjdk, kernel-firmware, libeconf, shadow and util-linux, libxml2, mariadb, nodejs14, python-Twisted, vim, wireshark, wpa_supplicant, and zsh), and Ubuntu (firefox, openjdk-lts, openjdk-17, and php8.0).
Max Kellermann has disclosed a disconcerting kernel vulnerability...
It all started a year ago with a support ticket about corrupt files. A customer complained that the access logs they downloaded could not be decompressed. And indeed, there was a corrupt log file on one of the log servers; it could be decompressed, but gzip reported a CRC error. I could not explain why it was corrupt, but I assumed the nightly split process had crashed and left a corrupt file behind. I fixed the file’s CRC manually, closed the ticket, and soon forgot about the problem.
Months later, this happened again and yet again. Every time, the file’s contents looked correct, only the CRC at the end of the file was wrong. Now, with several corrupt files, I was able to dig deeper and found a surprising kind of corruption. A pattern emerged.
It has been estimated that Free and Open Source Software (FOSS) constitutes 70-90% of any given piece of modern software solutions. FOSS is an increasingly vital resource in nearly all industries, public and private sectors, among tech and non-tech companies alike. Therefore, ensuring the health and security of FOSS is critical to the future of nearly all industries in the modern economy.
In March of 2022, The Linux Foundation, in partnership with the Laboratory for Innovation Science at Harvard (LISH), released the final results of an ongoing study, “Census II of Free and Open Source Software – Application Libraries.” This follows the preliminary release, “Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software” in February 2020 and now identifies more than one thousand of the most widely deployed open source application libraries found from scans of commercial and enterprise applications. This study informs what open source projects are commonly used in applications warrant proactive analysis of operations and security support.
 We need a well-configured Firewall, which is a key component of network security when we are about to expose our internal network to the outside world. Although our operating systems come with some kind of firewall software, however, they are not enough to protect each device of a network. Hence, we need a dedicated Firewall. The advantage of open-source firewalls is that it is completely free and there are no verifiable backdoors because the open-source firewall code is known and has a good reputation. It usually takes a little longer to install and configure this, but this technology is worth a closer look and is worthwhile.
One of the other benefits of using open source firewalls is they are not restricted to some particular hardware type. The user can install them on the existing hardware and connect them to the Internet. In this way, they work quickly and do not compromise the security of the network. On the contrary, especially for administrators who have less experience, open-source firewalls bring great advantages, because they are quicker and easier to set up. Of course, one cannot expect a free, open-source firewall variant to have the same functions and support services as a paid commercial firewall. However, this is not absolutely necessary as long as you have a stable internet connection.
CISA has added eleven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow on the of the "Date Added to Catalog" column, which will sort by descending dates.
The primary goal of firewall penetration testing is to prevent unauthorized internet access to your organization's internal network, or check to make sure your security policy is doing what you think it's doing. In order to successfully test your organization's firewall, you must think like the adversary. Collecting intelligence on the network, such as operating system and firewall type, are important to know in order to proceed with the penetration test.
IT security affects many different areas of a company. Trying to identify possible attack vectors for each area in advance and protect the IT infrastructure with effective countermeasures can be a Sisyphean task, especially for companies without a Security Operation Center (SOC). When it comes to implementing security measures, knowledge and experience are important.
MITRE, a nonprofit organization that operates various research facilities on behalf of the U.S. government, provides comprehensive information on IT security. MITRE developed the CVE system, for identifying and assigning unique identifiers to vulnerabilities, and also developed STIX and CyBox, which are used to exchange threat information and attack indicators.
The MITRE ATT&CK and D3FEND knowledge databases offer techniques that let you retrace an attacker's steps, as well as prevent attacks in the first place. Here's how to use these techniques to secure your enterprise IT.
For some time now, Ubuntu LTS has been a supported client system for SUSE Manager. We build and support binary clients for Ubuntu 1804, 2004, and soon 2204 releases. Our ongoing strategy is to allow customers to manage the Linux distributions they need with SUSE Manager.
Academic researchers have devised a new working exploit that commandeers Amazon Echo smart speakers and forces them to unlock doors, make phone calls and unauthorized purchases, and control furnaces, microwave ovens, and other smart appliances.
The attack works by using the device’s speaker to issue voice commands. As long as the speech contains the device wake word (usually “Alexa” or “Echo”) followed by a permissible command, the Echo will carry it out, researchers from Royal Holloway University in London and Italy’s University of Catania found. Even when devices require verbal confirmation before executing sensitive commands, it’s trivial to bypass the measure by adding the word “yes” about six seconds after issuing the command. Attackers can also exploit what the researchers call the "FVV," or full voice vulnerability, which allows Echos to make self-issued commands without temporarily reducing the device volume.
The Supreme Court in Anuradha Bhasin vs Union of India & Others, (2020) 3 SCC 637 directed the executive to publish internet suspension orders and to ensure the orders are lawful, necessary and proportionate. Yet, the executive continues to not comply with these directions. We regularly file right to information (‘RTI’) applications with governments seeking responses on whether the executive is complying with the directions. The State of Rajasthan has responded to our latest application where they have stated that their review committee does not meet and record findings on the legality of internet suspension orders - it only confirms them, and that too by circulation. This is despite Rule 2(6) of Temporary Suspension of Telecom Services (Public Emergency or Public Safety) Rules, 2017 (‘Telecom Suspension Rules’) which mandates the review committee to meet within five days of an internet suspension order and record their findings on its legality. We have appealed this response.
[...]
This is illegal under Rule 2(6) of Telecom Suspension Rules, which mandates the Review Committee to meet within five days of an internet shutdown order and record its findings on whether the internet shutdown order was issued in accordance with Section 5(2) of the Telegraph Act, 1885. Merely confirming the orders, without recording findings or even convening meetings shows a serious non-application of mind, and entirely vitiates the oversight mechanism instituted under the Telecom Suspension Rules.
Moreover, the suspension of internet services seriously impacts several fundamental rights of millions of affected Indians. Internet suspension must be seen as an extreme and exceptional step, only to be taken in cases of public emergency. This is why the Telecom Suspension Rules require a high-level committee of executive members to meet within five days, every time there is an internet suspension. Such meetings cannot be dispensed with simply by receiving suspension orders by circulation. This practice undermines the fundamental rights of Indians.
