The latest Aura laptops from German Linux PC maker Tuxedo Computers feature Intel Core i5-1235U processors, 49 Wh batteries, support for up to 64GB of RAM, and support for WiFi 6E and Bluetooth 5.3.
Available with a choice of screen sizes, the Tuxedo Aura 14 Gen 3 and Tuxedo Aura 15 Gen 3 are both available for pre-order with prices starting at 839 Euros. And while two laptops are similar in most respects, it’s not just a larger screen that the 15 inch model offers: customers can also configure that version with an optional 4G LTE modem.
The next release of the Linux kernel, 6.6, has hit release candidate status. As usual, it contains a number of new features, but we think one has more potential ramifications than all the others put together.
Linus Torvalds announced kernel 6.6-rc1 last night, and it includes the KSMBD in-kernel server for the SMB networking protocol, developed by Samsung's Namjae Jeon. We've covered his work a few times on The Reg, including as a possible stand-in maintainer for NTFS3 as well as maintaining support for Microsoft's exFAT disk format.
Embarking on a journey as a Linux system administrator (sysadmin) can be a challenging yet rewarding endeavor. With a multitude of tutorials and advice available, it’s crucial to find a structured path to kickstart your Linux sysadmin journey. In this guide, we will provide you with a clear roadmap to begin your adventure.
Unity joins Unreal Engine with a per-install fee.
Recently, I decided to join the Software Heritage (SwH) Ambassador program. This is an effort to build a group of volunteers that supports both the SwH organization and its community in different areas like awareness, communication, community growth, ecosystem development, technical excellence, etc.
This is a video demonstration of a new feature in Qt 6.6 to handle clients surviving a compositor restart.
Checkpoint restore allows you to safe the state of an application to disk at any given pooint during its execution, and then recover it at that exact point.
Another month, another Plasma 6 update. I’ve been pretty busy during the past weeks, mostly further improving the Wayland session, fractional scaling, and dealing with Qt bugs. Working under the hood like this is tremendously important albeit somewhat ungrateful when there aren’t any pretty pictures to show.
A key reason for being able to work so efficiently on kwin_wayland nowadays is that our apps can survive a restart of the Wayland compositor. I can just recompile KWin and restart it like I could on X11. Check out David’s blog post to learn more, including some spectacular video demos, and things we could do with that capability in the future!
This release contains bug fixes to improve robustness.
The next major update in the LMDE series (LMDE stands for ‘Linux Mint Debian Edition’) is based on Debian 12 Bookworm, which offers a significantly fresher stack of software than available to users of LMDE 5 (meaning as upgrades go this is a compelling one).
LMDE endeavours to offer an experience that’s as close to Linux Mint as possible but without relying on Ubuntu infrastructure. Maintaining LMDE also enables Mint to ensure its homegrown software is compatible with Linux distros outside of the Ubuntusphere.
The next version of Linux Mint's alternative flavor, its Debian 12-based edition, is looming, and it's reassuringly unexciting.
Specifically, Linux Mint Debian Edition (LMDE) 6, codenamed Faye – or LMDE 6 for short – is nearly ready for release: the beta version is now available for download. This version is based on Debian 12 Bookworm, and unlike the more mainstream Linux Mint itself, the only available desktop environment in LMDE is Mint's own Cinnamon. One of the only visible differences between Mint and LMDE is that LMDE still has a 32-bit edition, whereas Mint is 64-bit only.
For those of you who want a stable Linux distribution with the Cinnamon desktop, Linux Mint Debian Edition seems like a nice choice and the latest release is now in Beta. It should be much the same as the normal Linux Mint distribution, but directly based on Debian instead of Ubuntu.
Their goal with it is to ensure Linux Mint could carry on, in the event of something problematic happening with Ubuntu, they say it's "also one of our development targets, to guarantee the software we develop is compatible outside of Ubuntu".
Today marks the highly anticipated Beta release of Linux Mint Debian Edition 6. Codenamed "Faye," LMDE 6 derives its lineage from Debian 12 Bookworm. Linux enthusiasts are always eager for fresh Mint releases, and this one promises a host of new features and fixes. Keep in mind, as with most beta release, there are several known issues.
For heightened security, LMDE has opted to lock the root account by default. Those needing to access the recovery console or wish to log in as root will need to set a new password for root using the sudo passwd root command.
Many people know TPM modules as the main requirement for Windows 11, which was also one of the main reasons why several older computers were not supported (at least officially) by Microsoft's new operating system. But TPM is actually a hugely useful security feature in our computers. It's a module that basically enhances the security and the privacy of your PC, something hugely useful given how online security seems to be more important than ever these days. If you use Ubuntu, though, you're about to get another perk if you actually care about TPM — enhanced full-disk encryption.
Full-disk encryption has been present on Ubuntu for a long time, but up until this point it relied on passphrases for authenticated users. Those on Ubuntu Core, however, take a slightly different approach to full-disk encryption, with keys used to decrypt the encrypted data being protected by the TPM, thus not needing to rely on these passphrases. Since this approach has actually been fairly solid for Ubuntu Core, Canonical has been working towards bringing TPM-backed full disk encryption to regular Ubuntu Desktop systems as well. Now, this change is finally soon to land on customers — starting on Ubuntu 23.10, TPM-backed full disk encryption will be available as an experimental feature for those who want to try out, with the aim of bringing it to everyone sooner or later.
Ubuntu 23.04’s new installer is written in Google’s Flutter SDK and it’s based on Ubuntu’s Subiquity server installer, which, unfortunately, does not have ZFS support yet. Those who wanted to install Ubuntu 23.04 on an encrypted ZFS root would have to use the Legacy ISO images.
But the good news is that the upcoming Ubuntu 23.10 (Mantic Minotaur) release, due out on October 12th, 2023, will bring back ZFS support in the main ISO image that uses the new Flutter-based installer.
Orange Pi has launched its second-generation alternative to the popular Raspberry Pi Zero family, offering boosted performance and up to eight times the memory of its competition: the Orange Pi Zero 2W.
"[The] Orange Pi Zero 2W is powered by [an] Allwinner H618 high-performance quad-core Cortex-A53 processor," the company writes of its latest board design. "[The] Orange Pi Zero 2W adheres to the compact and exquisite design concept of the Zero series, with a PCB size of 30Ãâ65Ãâ1.2mm [around 1.18Ãâ2.56Ãâ0.05"], and can be widely used in TV boxes, smart screen casting devices, smart home, smart gateway, IoT [Internet of Things], and other fields."
Purism is a well-known name among open-source enthusiasts, producing Librem computing devices focusing on software freedom, computer security, and Internet privacy.
At the same time, the demand for versatile and Linux-powered tablets continues to rise, so the company steps onto the stage with its new offering, the Librem 11 tablet powered by PureOS – a Debian-based Linux distribution developed and maintained by Purism.
It’s back to school! Whether you are a student or not, Arduino’s Project Hub is a great place to never stop learning, thanks to the wealth of knowledge, experiments, and plain cool ideas our community so generously shares.
When playing a short game of basketball, few people enjoy having to consciously track their number of successful throws. Yet when it comes to automation, nearly all systems rely on infrared or visual proximity detection as a way to determine when a shot has gone through the basket versus missed.
A well-maintained garden is a beautiful thing. The envy of your friends and neighbors, and a lifelong project you can truly take pride in, especially in the summer months. Gardening itself, though, can be a chore.
Antananarivo, Madagascar - September 8th, 2023
Ora2Pg
Version 24.1 of Ora2Pg, a free and reliable tool used to migrate an Oracle database to PostgreSQL, has been officially released and is publicly available for download.
This release fix several issues reported since last release and adds some new features and improvements.
We're pleased to announce that the latest edition of Datasentinel for PostgreSQL is now available
Refreshed Documentation for Effortless Navigation and Search
Our documentation has been completely rewritten. The new structure not only allows for easier navigation but also integrates an AI-powered search engine to help you find answers to your questions more efficiently than ever. Experience Our Enhanced Documentation
The pg_hint_plan development team is pleased to announce pg_hint_plan 1.6.0. This release of pg_hint_plan adds compatibility with PostgreSQL 16, and includes various improvements and bug fixes. For more details, see the release notes.
pg_hint_plan is a PostgreSQL extension that offers the possibility to tweak PostgreSQL execution plans using so-called "hints" in SQL comments. For more information, see the project page.
The documentation of the project is now published at this page, and is synced up automatically from the source repository.
Trusted Language Extensions for PostgreSQL (pg_tle) is an open source project that lets developers extend and deploy new PostgreSQL functionality with lower administrative and technical overhead. Developers can use pg_tle to create and install extensions without filesystem access and work with PostgreSQL internals through a SQL API.
The pg_tle development team is proud to announce the release of version 1.1.1 !
The still very new package RcppInt64 (announced a week ago in this post) arrived on CRAN earlier today in its first update, now at 0.0.2. RcppInt64 in R and C++, and regroups them in a single package by providing a single header. It offers two interfaces: both a more standard
as<>()converter from R values along with its companionswrap()to return to R, as well as more dedicated functions ‘from’ and ‘to’.
Intel has just announced Thunderbolt 5 and demonstrated it with a prototype laptop and dock (see the video embedded at the end of this post) with up to 120 Gbps bandwidth when using “Bandwidth Boost”. Thunderbolt 5 will deliver 80 gigabits per second (Gbps) of bi-directional bandwidth and the top 120 Gbps bandwidth is achieved through “Bandwidth Boost” to support multiple 8K monitors, which means three times the bandwidth of Thunderbolt 4 topping at 40 Gbps.
European regulators passed a rule requiring USB-C charging across electronic devices, forcing the change in Apple’s newest iPhones.
Unlicensed tutoring services in China could face penalties of up to 100,000 yuan (S$18,683).
French regulators on Tuesday ordered Apple to halt sales of the iPhone 12 for emitting too much electromagnetic radiation, and to fix existing handsets.
The flaw was discovered by the Microsoft Threat Intelligence team.
{loadposition sam08}"Exploitation of this vulnerability is not just limited to a potential target opening a malicious Word document, as simply previewing the file can cause the exploit to trigger," Narang said.
"Exploitation would allow for the disclosure of New Technology LAN Manager (NTLM) hashes.
"This is the second zero-day vulnerability in Microsoft products in 2023 that has resulted in the disclosure of NTLM hashes.
A threat actor known as W3LL developed a phishing kit that can bypass multi-factor authentication along with other tools that compromised more than 8,000 Microsoft 365 corporate accounts.
It’s been three years since the original Microsoft Surface Duo was released, giving us the first taste of a Microsoft-made foldable tablet.
Security updates have been issued by Debian (e2guardian), Fedora (libeconf), Red Hat (dmidecode, kernel, kernel-rt, keylime, kpatch-patch, libcap, librsvg2, linux-firmware, and qemu-kvm), Slackware (mozilla), SUSE (chromium and shadow), and Ubuntu (cups, dotnet6, dotnet7, file, flac, and ruby-redcloth).
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.
The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials.
Over the last few years, Linux machines have become a more and more prominent target for all sorts of threat actors. According to our telemetry, 260,000 unique Linux samples appeared in the first half of 2023. As we will demonstrate in this article, campaigns targeting Linux can operate for years without being noticed by the cybersecurity community.
Kaspersky unveiled a malicious campaign in which an installer of the Free Download Manager software had been employed to disseminate a Linux backdoor for a minimum of three years. Researchers discovered that victims were infected when they downloaded the software from the official website, indicating that this is a possible supply chain attack. Variants of the malware used in this campaign were first identified in 2013. Victims are based in various countries, including Brazil, China, Saudi Arabia, and Russia.
Ars Technica reports on a credential-stealing Trojan horse that would infect only some of those who installed the "Free Download Manager". The article is based on a Kaspersky report that details the malicious payload offered up at that site from 2020 to 2022.
The site, freedownloadmanager[.]org, offered a benign version of a Linux offering known as the Free Download Manager. Starting in 2020, the same domain at times redirected users to the domain deb.fdmpkg[.]org, which served a malicious version of the app. The version available on the malicious domain contained a script that downloaded two executable files to the /var/tmp/crond and /var/tmp/bs file paths. The script then used the cron job scheduler to cause the file at /var/tmp/crond to launch every 10 minutes. With that, devices that had installed the booby-trapped version of Free Download Manager were permanently backdoored.
Cyberattacks are a constant fact of life today. The increasing volume and sophistication of cybercrime means that managed security services providers (MSSPs) should strongly consider taking advantage of resources such as MITRE’s Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) framework.
The GCC stack-protector feature detects stack-based buffer overruns by putting a canary value on the stack and noticing if that value is changed. It turns out, though, that dynamically allocated local variables (such as variable-length arrays and space obtained with alloca()) are placed beyond the canary, so overflows of those variables will not be detected. As a result, arm64 binaries built with vulnerable versions of GCC are not as protected as they should be and need to be rebuilt.
In March, Texas Medical Liability Trust on behalf of itself and its affiliates, Texas Medical Insurance Company, Physicians Insurance Company, and Lone Star Alliance, Inc., a Risk Retention Group (collectively “TMLT”) filed a breach notification with the Maine Attorney General’s Office. That submission indicated that 625 individuals had been affected by a breach that occurred between October 2, 2022 and October 13, 2022.
Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware.
The attackers trick the targets into downloading a RAR/ZIP archive containing a downloader for an evasive Python-based stealer that grabs cookies and passwords stored in the victim’s browser.
A former family intervention officer at St Helens Borough Council has been sentenced for unlawfully accessing social services records.
Rachel Anderton was prosecuted for viewing records on the council’s case management system between 17 January 2019 and 17 October 2019 without having a business need to do so.
An internal council audit found the defendant unlawfully looked at the records of 145 people whilst employed in the social services department. Anderton resigned from the council before disciplinary proceedings commenced.
On September 7, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), in coordination with the United Kingdom, sanctioned 11 individuals who are alleged to be part of the Russia-based Trickbot cybercrime group. At the same time, the U.S. Department of Justice (DOJ) unsealed indictments against nine individuals in connection with the Trickbot malware and Conti ransomware schemes, including seven of the 11 individuals designated that day.
A cyberattack caused St. Louis County to shut down some computer systems used to look up court cases, issue charges and process people in custody at the jail, County Executive Sam Page said Tuesday.
Police officers, jail officials, the county counselor, municipal court officials and the prosecuting attorney’s office all use the Regional Justice Information System, or REJIS. The county was alerted to the problem Monday afternoon, said Doug Moore, a spokesman for Page.
British businesses could face lower fines if they proactively report data breaches, thanks to an agreement between the UK’s data protection regulator and cybersecurity agency.
The Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC) say they plan to encourage engagement with the NCSC in the event of a breach, and allow meaningful engagement with the NCSC to lead to reduced regulatory penalties.
"We already work closely with the NCSC to offer the right tools, advice and support to businesses and organisations on how to improve their cyber security and stay secure," says information commissioner John Edwards.
A cyber event last month may have affected the security of some information maintained by Butler County.
County officials say they found out August 8th that an email account related to the County jail was sending unauthorized spam emails.
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk. A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
Did CASD pay ransom?
On the advice of our counsel, in order to protect the integrity of the various ongoing investigations, we are not answering this question at this time. We assure you that, CASD is working closely with counsel and law enforcement and taking appropriate action in response to this event.
Netcraft, global leader in cybercrime detection, disruption, and takedowns, announced today the acquisition of FraudWatch, a leading Australian online brand protection provider focused on phishing, social media, brand infringement, and fake mobile apps.
Cybercrime detection company€ Netcraft Ltd.€ today announced that it has acquired Australian online brand protection provider FraudWatch International Pty. Ltd. for an undisclosed sum. Founded in 2003, FraudWatch offers an always-available security operations center or SOC that protects businesses from brand threats such as financial loss, brand damage and online abuse.
Despite GitHub’s efforts to prevent repository hijacking, cybersecurity researchers continue finding new attack methods, and thousands of code packages and millions of users could be at risk.
Adobe raises an alarm for new in-the-wild zero-day attacks hitting users of its widely deployed Adobe Acrobat and Reader product.
Symantec warns that the Redfly APT appears to be focusing exclusively on targeting critical national infrastructure organizations.
Lithuania could introduce mandatory military service for women only when it has a universal male conscription in place, according to President Gitanas Nausėda’s chief national security advisor.
When Niger overthrew its civilian government in July, it joined a growing tally of West African nations that had done so, further complicating regional economic and security cooperation at a time when it is needed most. /blockquote>
US companies investing in China need more guidance on human rights and national security, Congress told.
When she first moved to the Chinese tech hub of Shenzhen after graduating from college, Marguerite Wang imagined she would spend her career working hard in a big city. Instead, she's living with her parents in her hometown in northeastern China.
A record of more than one in five young Chinese are out of work, their career ambitions at least temporarily derailed by a depressed job market as the economy struggles to regain momentum after its long bout with COVID-19.
Meanwhile, the retail inflation in India fell to 6.83 percent in August from 7.44 percent in July.
Cryptocurrency giant Binance.US let go roughly 100 employees this week, around one-third of its workforce, marking the latest in a series of large corporate layoffs over the past year as employers continue to restructure their teams amid lingering recession fears (see Forbes’ layoff tracker from the first quarter here).
Wells Fargo expects further layoffs as it attempts to improve efficiency amid a commercial real estate slump.
The prominent U.S.-based financial institution has been cutting jobs since the third quarter of 2020. Since that time, Wells Fargo has laid off nearly 40,000 employees.
Chief Financial Officer Mike Santomassimo told Reuters on Sept. 12 that, “I do think that there’s more to do, and you’ll see that through the headcount number.”
Wells Fargo has previously made large cuts to its mortgage business. The bank’s commercial real estate business is also facing pressure, as many buildings remain empty because of the popularity of remote work.
Barclays will cut 450 employees from its domestic retail business in the U.K. this week, according to Bloomberg.
The move is part of a two-pronged plan that could also see 5% of the bank’s client-facing employees in its global trading division let go.
People familiar with the layoffs tell news outlets that the cuts are part of Barclays’ annual campaign to fire underperforming employees.
“We always continually modulate and modify that workforce,” Barclays CEO C.S. Venkatakrishnan told CNBC on Monday.
US House Speaker Kevin McCarthy announced Tuesday that he has directed House committees to open a formal impeachment inquiry into President Joe Biden. “Over the past several months, House Republicans have uncovered serious and credible allegations into President Biden’s conduct — a culture of corruption,”
Venezuelan President Nicolas Maduro arrived in Beijing on Tuesday ahead of a meeting with China’s Xi Jinping, state media reported, the final stint of a tour that began last week.
Nasser Bouchiba, president of the Africa-China Cooperation Association for Development, thanked overseas Chinese across the kingdom for extending help.
The United States and Vietnam agreed on Sunday to upgrade their diplomatic relations in a historic step for the two former foes, paving the way for business deals and possible new investment. But for every winner there is often a loser.
Speculative Tech Nonsense in California Paid for My Cat’s Surgery.
My cat had her surgery yesterday, and they removed two masses and did a dental cleaning and extracted one bad tooth while she was under a general anesthetic anyway.
Recently, I had a bunch of class action settlements come in from various ways tech companies in California violated the law, usually the Illinois Biometric Information Privacy Act, victimizing me and stealing my facial imagery data.
These settlements keep going out for years after you’ve actually used a thing, because you weren’t considering at the time how the thing used you.
Lemonade insurance had an app that required me to use a video statement during a renter’s insurance loss claim.
Amjad Amini, the father of Mahsa Amini, the female student whose death in Iranian morality-police custody nearly a year ago sparked massive protests, was summoned by intelligence officials on September 11 and interrogated for an hour, RFE/RL's Radio Farda has learned.
It was the latest legal victory for the veteran journalist and her news site, Rappler, who have faced a barrage of charges from the Philippine government.
Mainland student jailed for 6 months for possessing Tiananmen massacre posters.
Hong Kong national security police have taken away self-exiled democrat Ted Hui’s in-laws for questioning, according to several local media outlets citing sources.
Here is a selection of what the international press has published about Finland in the last week:
Workers under attack in Finland
The proposed changes to employment and welfare rights in Finland by the new right-wing government was covered in an article by Morning Star on September 10.
At the end of the day, I’m a regular girl with an internet connection and a spending problem. My algorithm bombards me with content that is designed to make me “trendier.”
If Apple's "repairable" devices still end up in landfills due to built-in obsolescence or repair restrictions, the environmental problem remains unresolved.
In a letter sent today, a broad coalition urged the Biden administration to safeguard progress being made in states and nationally to€ give€ consumers and businesses€ a “right to repair” their electronics-enabled equipment and devices,€ by€ ensuring that a digital trade agreement being negotiated as part of the Indo-Pacific Economic Framework (IPEF)€ does not include a special corporate secrecy shield that could block the right to repair. Signatories include American Economic Liberties Project, Center for Democracy & Technology, Consumer Reports, Farm Action, iFixit, National Farmers Union, The Repair Association, Public Knowledge, and U.S. PIRG.
The Biden administration’s battle against monopolies has spotlighted how consumers, farmers, and small businesses get abused by large manufacturers that unduly restrict access to necessary tools, parts, and information to repair their electronics-enabled equipment and devices. A burgeoning “Right to Repair” movement is making real progress at the state and federal level with five states passing legislation, and the Federal Trade Commission active in enforcing protections for users’ repair choice.
Are 10% of Spotify streams really ‘fake’? The latest report from the Financial Times prompts more industry conjecture in a time of AI uncertainty.
Companies choose Alphabet Inc.’s Google as the default search engine for their browsers and smartphones because it is the best one, and not because of a lack of competition, a Google lawyer said Tuesday at the start of a high-stakes antitrust trial in Washington.
Google is confronting a threat to its dominant search engine as federal regulators launch an attempt to dismantle its internet empire in the biggest U.S. antitrust trial in a quarter century. Over the next 10 weeks, federal lawyers and state attorneys general will try to prove Google rigged the market in its favor by locking its search engine in as the default choice in a plethora of places and devices. On Tuesday, prosecutors opened their case by saying it's about the future of the internet and whether Google’s search engine will ever face meaningful competition. Google is arguing that competition from Microsoft's Bing, Amazon and Yelp keep the marketplace fair.
Google will confront a threat to its dominant search engine beginning Tuesday when federal regulators launch an attempt to dismantle its internet empire in the biggest US antitrust trial in a quarter century.
Is Google using its clout to maintain a monopoly over internet search? An antitrust lawsuit has big implications for competition in the tech industry.
The latest cuts come after Google parent Alphabet in January eliminated 12,000 jobs, or about 6% of its workforce, across the company as it grappled with economic uncertainty that hit the company’s bottom line last year, especially its core advertising business.
Google parent Alphabet is laying off employees from its global recruiting team as the tech giant continues to slow hiring, it said on Wednesday.
The company's decision to let go of a few hundred employees is not part of a wide-scale layoff and will retain a significant majority of the team for hiring critical roles. It will also help the workers search for roles within the company and elsewhere.
The tech giant has sought to trim expenses to pay for artificial intelligence investments; it had earlier cut 12,000 jobs in January.
Google is laying off hundreds of workers as a U.S. inquiry has begun to probe into the business practices of the big tech company, after it moved on major mobile carriers in an effort to keep Microsoft out of their search engine results.
A work of millennial scope by a self-taught African-American historian.