Feed aggregator

Debian: Google Summer of Code, Debian 9.5, and Tails

TuxMachines - 5 hours 37 min ago
  • Google Summer of Code with a Debian Project

    Yes! My project proposal was selected.

    First of all I want to mention that I began my open source adventure with Debian.

    I started to participate in the open source events like Hackathons, BSP and Conferences and doing small contribution to different projects and this is how everything started.

  • Debian 9.5 Released: “Rock Solid” GNU/Linux Distro Arrives With Spectre v2 Fix

    Following the fourth point release of Debian 9 “stretch” in March, the developers of the popular GNU/Linux distro have shipped the latest update to its stable distribution. For those who don’t know, Debian 9 is an LTS version that’ll remain supported for 5 years.

    As one would expect, this point release doesn’t bring any set of new features and keeps focusing on improving an already stable experience by delivering security patches and bug fixes. In case you’re looking for an option that brings new features, you can check out the recently released Linux Mint 19.

  • Your Help Is Needed to Test VeraCrypt Support in the Tails Anonymous OS, GNOME

    The team behind the famous Tails operating system, also known as the Amnesic Incognito Live System or simply Anonymous OS, needs your help to test the integration of the VeraCrypt disk encryption software.

    In an attempt to provide Tails users with better security, the team is working hard these days on the integration of the VeraCrypt open-source and free disk encryption utility used for on-the-fly encryption of encrypted disk drives into the next-generation Tails OS as well as the GNOME desktop environment it uses by default.

    This will let Tails users easily unlock encrypted volumes on-the-fly when using the anonymous live system to stay hidden online while protecting their identity and privacy. To makes things even easier, they created the VeraCrypt Mounter utility for unlocking VeraCrypt encrypted drives.

read more

Programming: Perl, RcppClassic, Git-cinnabar, Effective Python

TuxMachines - 5 hours 41 min ago
  • Confessions of a recovering Perl hacker

    My name's MikeCamel, and I'm a Perl hacker.

    There, I've said it. That's the first step.

    My handle on IRC, Twitter and pretty much everywhere else in the world is "MikeCamel." This is because, back in the day, when there were no chat apps—no apps at all, in fact—I was in a technical "chatroom" and the name "Mike" had been taken. I looked around, and the first thing I noticed on my desk was the Camel Book, the O'Reilly Perl Bible.

    I have the second edition now, but this was the first edition. Yesterday, I happened to pick up the second edition, the really thick one, to show someone on a video conference call, and it had a thin layer of dust on it. I was a little bit ashamed, but a little bit relieved as well.

  • RcppClassic 0.9.11

    A new maintenance release, now at version 0.9.11, of the RcppClassic package arrived earlier today on CRAN. This package provides a maintained version of the otherwise deprecated initial Rcpp API which no new projects should use as the normal Rcpp API is so much better.

  • Mike Hommey: Announcing git-cinnabar 0.5.0 beta 4

    Git-cinnabar is a git remote helper to interact with mercurial repositories. It allows to clone, pull and push from/to mercurial remote repositories, using git.

  • Russ Allbery: Review: Effective Python

read more

Security: Containers, Tron, Back Doors, GandCrab, Bastille Day

TuxMachines - 5 hours 43 min ago
  • A New Method of Containment: IBM Nabla Containers

    In the previous post about Containers and Cloud Security, I noted that most of the tenants of a Cloud Service Provider (CSP) could safely not worry about the Horizontal Attack Profile (HAP) and leave the CSP to manage the risk.  However, there is a small category of jobs (mostly in the financial and allied industries) where the damage done by a Horizontal Breach of the container cannot be adequately compensated by contractual remedies.  For these cases, a team at IBM research has been looking at ways of reducing the HAP with a view to making containers more secure than hypervisors.  For the impatient, the full open source release of the Nabla Containers technology is here and here, but for the more patient, let me explain what we did and why.  We’ll have a follow on post about the measurement methodology for the HAP and how we proved better containment than even hypervisor solutions.

    [...]

    Like most sandbox models, the Nabla containers approach is an alternative to namespacing for containment, but it still requires cgroups for resource management.  The figures show that the containment HAP is actually better than that achieved with a hypervisor and the performance, while being marginally less than a namespaced container, is greater than that obtained by running a container inside a hypervisor.  Thus we conclude that for tenants who have a real need for HAP reduction, this is a viable technology.

  • Measuring the Horizontal Attack Profile of Nabla Containers
  • Tron (TRX) Gives $25,000 to 5 Developers Who Spotted Bugs in Open-Source Code

    Just a couple of days ago, Binance – a very popular digital currency trading platform – credited the Binance account of thirty-one selected Tron (TRX) traders with five million TRX tokens. Recently, the Tron Foundation has also announced it gave away $25k to five developers that are actively working to redefine the community of Tron.

  • Open Source Security Podcast: Episode 105 - More backdoors in open source
  • GandCrab v4.1 Ransomware and the Speculated SMB Exploit Spreader [Ed: Microsoft's collaboration with the NSA on back doors is a gift to keeps giving.... to crackers.]
  • Rewritten GandCrab Ransomware Targets SMB Vulnerabilities To Attack Faster

    GandCrab ransomware, which has created a hullabaloo in the cybersecurity industry by constantly evolving, has yet again caused a commotion. The latest version of the ransomware attacks system using SMB exploit spreader via compromised websites. The ransomware is adding new features every day to target different countries.

    The attackers behind the ransomware are scanning the whole internet to find the vulnerable websites to unleash the attack. The latest version features a long hard-coded list of websites that were compromised and were used to connect with it.

  • France’s cyber command marched in Paris’s Bastille Day Parade for the first time

     

    For the first time, France’s military cyber command marched in this year’s Bastille Day parade on the Champs Elysees in Paris, alongside other units in the nation’s armed forces. The military noted that it’s a recognition of the advances that the unit has made since its formation last year, and reinforces that “cyber defense remains a national priority.”
     

    French defense minister Jean-Yves Le Drian announced the formation of COMCYBER in December 2016, noting that the emergence of state actors operating in cyberspace was a new way to approach warfare. The command brought all of the nation’s soldiers focused on cyber defense under one command, with three main tasks: cyber intelligence, protection, and offense.  

  • Should I let my staff choose their own kit and, if so, how?

read more

Nouveau Gallium3D Moves Closer Towards OpenGL 4.5 Compliance

Phoronix - 6 hours 9 sec ago
While the RadeonSI and Intel i965 Mesa drivers have been at OpenGL 4.5 compliance for a while now, the Nouveau "NVC0" Gallium3D driver has been bound to OpenGL 4.3 officially...

Review: Hyperbola GNU/Linux-libre 0.2.4

TuxMachines - 6 hours 14 min ago

Hyperbola GNU/Linux-libre is a curious project that takes a number of interesting approaches which set it apart from other distributions. The Hyperbola distribution is based on snapshots of Arch Linux. While Arch Linux is a rolling release distribution, Hyperbola maintains fixed releases taken from Arch snapshots and then, according to the project's website, the Hyperbola developers mix in security updates from Debian. The idea is to create an Arch-like operating system with a fixed base and minor patch updates.

The distribution is dedicated to free software ideals and ships only libre software as defined by the Free Software Foundation. Finally, Hyperbola makes a special edition called Hypertalking which is based on TalkingArch and provides accessibility software for visually impaired users.

I downloaded the distribution's main edition which is available as a 672MB ISO. The distribution media will boot on both 32-bit and 64-bit systems with the option to select which architecture we want from the ISO's boot menu. When the disc boots we are presented with a text console where we are advised we can see documentation for getting on-line using the Lynx web browser by typing "lynx network.html".

The default, text-based interface on the disc is quite minimal, but it's enough to partition our hard drive and set up a local copy of the operating system. I don't think it's intended to do much more than that.

read more

How to enable developer mode on a Chrome OS tablet (and install Linux using Crouton)

LXer - 6 hours 16 min ago
Switching to developer channel gives you the option of using Google’s Crostini feature to install a Linux virtual machine that lets you install desktop applications like LibreOffice and GIMP and launch them from the same app launcher you use to load Android and Chrome OS apps.

Ubuntu’s Snap Apps Website Gets Much Needed Improvements

TuxMachines - 6 hours 16 min ago

Ubuntu has updated its Snap Store website making it more useful for the users by adding developer verification, categories, improved search.

read more

Get our Linux networking cheat sheet

TuxMachines - 6 hours 30 min ago

If your daily tasks include managing servers and the data center's network. The following Linux utilities and commands—from basic to advanced—will help make network management easier.

In several of these commands, you'll see , which stands for "fully qualified domain name." When you see this, substitute your website URL or your server (e.g., server-name.company.com), as the case may be.

read more

3 cool productivity apps for Fedora 28

TuxMachines - 6 hours 36 min ago

Productivity apps are especially popular on mobile devices. But when you sit down to do work, you’re often at a laptop or desktop computer. Let’s say you use a Fedora system for your platform. Can you find apps that help you get your work done? Of course! Read on for tips on apps to help you focus on your goals.

All these apps are available for free on your Fedora system. And they also respect your freedom. (Many also let you use existing services where you may have an account.)

read more

Linux news sources

Reddit - 6 hours 55 min ago

A comment on a post in r/linuxquestions made me think about other resources (besides wikis, forums, manuals, etc) that might make the migration for new users easy. One of the most relevant things might be having a podcast or something like that to play on the background while doing other things, so you can get your dose of new without taking time away from other things.

So I thought we might gather resources to be up-to-date on the latest news on the Linux world, to learn about new technologies, be aware of issues issues, know a bit more about the community, find tutorials, reviews, etc.

Of the top of my head, I'd recommend:

What would you add?

submitted by /u/penguinWhoCanFly
[link] [comments]

Where do you get your Linux news?

Reddit - 6 hours 56 min ago

A comment on a post in r/linuxquestions made me think about other resources (besides wikis, forums, manuals, etc) that might make the migration for new users easy. One of the most relevant things might be having a podcast or something like that to play on the background while doing other things, so you can get your dose of new without taking time away from other things.

So I thought we might gather resources to be up-to-date on the latest news on the Linux world, to learn about new technologies, be aware of issues issues, know a bit more about the community, find tutorials, reviews, etc.

Of the top of my head, I'd recommend:

What would you add?

submitted by /u/penguinWhoCanFly
[link] [comments]

What happen when you write a file smaller than the chunk size in a RAID ?

Reddit - 7 hours 32 min ago

Hi folks,

Quick question, I was reading some stuff on mdadm and I came accross this definition of the chunk size:

we choose some chunk- size, which we define as the smallest "atomic" mass of data that can be written to the devices

So I was wondering, what happen when you write to your RAID 0 for example, a file that is smaller than the configured chunk size?

For example, I set the chunk size to 1024K and I write a file of 16K (RAID 0 with 2 disks). What happens ?

Thank you !

submitted by /u/Okeur75
[link] [comments]

Avast is interrupting connection with Ubuntu archive

Reddit - 7 hours 36 min ago

So Avast is interrupting connection with us.archive.ubuntu.com, saying that it is infected with "ELF:Agent-RA". Googling for "ELF:Agent-RA" shows absolutely nothing. Is it even relevant or is it just a figment of Avast?

I hope I added post to good sub.

EDIT: Actually it happens when I am updating ubuntu and blocks only one of all the connections to us.archive.ubuntu.com and it's not even first one, rather middle one.

submitted by /u/Gumisiek
[link] [comments]

How to Benchmark Your Linux System

LXer - 9 hours 7 min ago
There are a bunch of reasons that you'd want to benchmark your Linux system. Most people benchmark out of pure curiosity or to measure the system's performance for games. Benchmarking can also help you identify problems with your system, though, and improve weak points for a smoother and more efficient experience. Benchmarking also helps you identify possible software issues and problematic upgrades with regressions.

Pages

Subscribe to LinuxInsight aggregator