Feed aggregator

Security: Updates, Secure Contexts, RubyMiner, ZAP, Transmission, AMD

TuxMachines - 11 hours 50 min ago
  • Security updates for Monday
  • Secure Contexts Everywhere

    Since Let’s Encrypt launched, the Secure Contexts specification has become much more mature. We have witnessed the successful restriction of existing, as well as new features to secure contexts. The W3C TAG is about to drastically raise the bar to ship features on insecure contexts. All the building blocks are now in place to quicken the adoption of HTTPS and secure contexts, and follow through on our intent to deprecate non-secure HTTP.

  • Linux and Windows Servers Targeted with RubyMiner Malware

    Security researchers have spotted a new strain of malware being deployed online. Named RubyMiner, this malware is a cryptocurrency miner spotted going after outdated web servers.

    According to research published by Check Point and Certego, and information received by Bleeping Computer from Ixia, attacks started on January 9-10, last week.

  • Virtual currency miners target web servers with malware
  • ZAP provides automated security tests in continuous integration pipelines

    Commonly, a mixture of open source and expensive proprietary tools are shoehorned into a pipeline to perform tests on nightly as well as ad hoc builds. However, anyone who has used such tests soon realizes that the maturity of a smaller number of time-honored tests is sometimes much more valuable than the extra detail you get by shoehorning too many tests into the pipe then waiting three hours for a nightly build to complete. The maturity of your battle-hardened tests is key.

  • BitTorrent users beware: Flaw lets hackers control your computer

    There's a critical weakness in the widely used Transmission BitTorrent app that allows websites to execute malicious code on some users' computers. That's according to a researcher with Google's Project Zero vulnerability reporting team, who also warns that other BitTorrent clients are likely similarly susceptible.

    [...]

    Among the things an attacker can do is change the Torrent download directory to the user's home directory. The attacker could then command Transmission to download a Torrent called ".bashrc" which would automatically be executed the next time the user opened a bash shell. Attackers could also remotely reconfigure Transmission to run any command of their choosing after a download has completed. Ormandy said the exploit is of "relatively low complexity, which is why I'm eager to make sure everyone is patched."

  • AMD Releases Linux and Windows Patches for Two Variants of Spectre Vulnerability

    AMD has published a press announcement on Thursday to inform its customers that it released patches for two variants of the Spectre security vulnerability disclosed to the public earlier this month.

  • 'Shift Left': Codifying Intuition into Secure DevOps

    Continuous delivery (CD) is becoming the cornerstone of modern software development, enabling organizations to ship — in small increments — new features and functionality to customers faster to meet market demands. CD is achieved by applying DevOps practices and principles (continuous integration and continuous deployment) from development to operations. There is no continuous delivery without implementing DevOps practices and principles. By that, I mean strong communication and collaboration across teams, and automation across testing, build, and deployment pipelines. But often achieving continuous delivery to meet market demands presents numerous challenges for security.

read more

Applications: GIMP, Partclone, Samba, Tidal

TuxMachines - 11 hours 53 min ago
  • 6 Cheap Alternatives to Adobe Photoshop

    Adobe Photoshop is easily the industry standard when it comes to graphic and photo editing. We don’t just edit a photo these days, but we ‘photoshop’ it—but ‘shopping things with the real deal isn’t cheap.

    Working on a subscription plan basis, it’ll cost you from $9.99 a month, depending on the package you select. Crucially, you’re renting the product—you’ll never actually own a Photoshop license.

    [...]

    For many years, GIMP has been touted as the ideal free alternative to Photoshop. There’s a good reason for that—it offers very similar functionality to Adobe’s behemoth.

    Providing many professional level features, it includes layers, customizable brushes, filters, and automatic image enhancement tools for those short on time. It further expands its potential through a huge number of plugins, thanks to its very active community. Effectively, it’s in constant development. New features are commonplace, while bugs are few and far between.

    The downside? There’s no native support for RAW files—a key component in photo editing—you have to install an additional plugin straight away for such functionality. Also, GIMP’s highly customizable interface can be intimidating for novice users. While Photoshop is instantly accessible, GIMP requires a little tweaking and manipulation to get things how you like them to look, although recent updates have made it look more like its main competition.

    It’s worth sticking with, of course, given it’s entirely free to use, but for the novice user, it might take a little time to gel.

  • Partclone – A Versatile Free Software for Partition Imaging and Cloning

    Partclone is a free and open-source tool for creating and cloning partition images brought to you by the developers of Clonezilla. In fact, Partclone is one of the tools that Clonezilla is based on.

    It provides users with the tools required to backup and restores used partition blocks along with high compatibility with several file systems thanks to its ability to use existing libraries like e2fslibs to read and write partitions e.g. ext2.

  • Samba 4.8 RC1 Released, Samba 4.9 In Development On Git

    The first release candidate of Samba 4.8 is now available for this popular open-source project implementing the SMB/CIFS protocols.

  • Listen to Tidal Music from the Command Line

    Tidal subscribers have a new way to listen to the high-fidelity music streaming service while using the Linux desktop. The Spotify rival touts better sound quality and bigger royalty cheques for artists, but it doesn’t provide a desktop Tidal music app for Linux.

read more

Need some help, should be very quick.

Reddit - 12 hours 31 min ago

So I uninstalled Ubuntu on a separate HDD that I had on my computer, but had a grub alongside with it in order to manage booting into my windows installation as well as Ubuntu on my other HDD installed as well. After removing Ubuntu by unallocating the space in that drive through Windows Disk Managment, I now reboot expecting to go to Windows, but am met by the grub menu. Any way to fix/remove?

submitted by /u/lilquezzi
[link] [comments]

Ansible Tutorial: Intorduction to simple Ansible commands

LinuxToday - 13 hours 3 min ago

LinuxTechLab: Ansible is an open source configuration tool; that is used to deploy, configure & manage servers.

2 scientific calculators for the Linux desktop

LXer - 13 hours 9 min ago
Every Linux desktop environment comes with at least a simple desktop calculator, but most of those simple calculators are just that: a simple tool for simple calculations.Fortunately, there are exceptions; programs that go far beyond square roots and a couple of trigonometric functions, yet are still easy to use. Here are two powerful calculator tools for Linux, plus a couple of bonus options.read more

Security: Patching of GNU/Linux Distros

TuxMachines - 13 hours 17 min ago

read more

Presenting SMB storage via HTTP

Reddit - 13 hours 50 min ago

Enterprise admin here in need of some inspiration. I have a group of very loud, very active users that repeatedly copy multi-hundred megabit files to a SMB share on the other side of my WAN. Despite my protests, the users will not change their behavior and keep complaining about slow file copy performance. Does anyone have any ideas on a way to present SMB storage via any other method, like HTTP, for example?

submitted by /u/ardweebno
[link] [comments]

Wi-Fi Alliance announces WPA3 to secure modern networks

LXer - 15 hours 3 min ago
The alliance announced the Wi-Fi Protected Access 3 (WPA3), a new standard of Wi-Fi security that greatly increases the security capabilities of the wireless standard. WPA2, which is the current standard in wireless security, has been around for 14 years, so this is way overdue.

Red Hat Developer Manages Full Clock-Gating For Kepler With Nouveau

Phoronix - 15 hours 19 min ago
In improving the power-savings of NVIDIA GeForce 600/700 "Kepler" GPUs running on the open-source NVIDIA "Nouveau" driver, Red Hat developer Lyude Paul has published a set of patches allowing for full clock-gating with these older graphics cards...

16-Way GPU Comparison With NVIDIA GPUs Going Back To Kepler

TuxMachines - Mon, 2018-01-15 23:47

Last week I provided a fresh look at the NVIDIA GeForce vs. AMD Radeon Linux gaming performance using the latest drivers at the start of 2018. That testing included the latest NVIDIA and AMD GPUs, but for those curious how these numbers compare for older NVIDIA GPUs, here's a look with the Kepler and Maxwell graphics cards added to the comparison.

read more

Ubuntu 18.04 LTS Wallpaper Contest Welcomes Talented Photographers and Artists

TuxMachines - Mon, 2018-01-15 23:43

Announced today by Ubuntu member Nathan Haines, Ubuntu Free Culture Showcase for Ubuntu 18.04 LTS is now officially open for submissions, and since Ubuntu 18.04 it's an LTS (Long-Term Support) version, which Canonical will support for the next five years with software and security updates, it's more than a wallpaper contest.

Well, of course, it's not a contest, because you won't win any prize besides the fact that your work will be showcased to millions of Ubuntu users worldwide. This time, besides wallpapers, Ubuntu Free Culture Showcase also looks for new video and music files that will be available in the Examples folder of Ubuntu 18.04 LTS' live installation medium.

read more

KDE Plasma 5.12 LTS Enters Beta, Brings Unified Look and Phone Integration

TuxMachines - Mon, 2018-01-15 23:42

Designed as the next long-term support (LTS) version of the popular desktop environment, replacing the KDE Plasma 5.8 LTS on users' computers when it will be out early next month, KDE Plasma 5.12 is an important milestone that introduces numerous stability and reliability improvements, along with a bunch of new and long-anticipated features.

One of the most important changes in KDE Plasma 5.12 LTS is the greatly improved support for the next-generation Wayland display server, with a long-term support promise as the KDE Project will continue to patch bugs and other issues until the end of life of the desktop environment next year.

Also: KDE Plasma 5.12 Reaches Beta With Faster Start-Up Time, Better Wayland Support

read more

Creating an Internet Radio Station with Icecast and Liquidsoap

LXer - Mon, 2018-01-15 23:05
Ever wanted to stream prerecorded music or a live event, such as a lecture orconcert for an internet audience? With Icecast and Liquidsoap, you can set up afull-featured, flexible internet radio station using free software and openstandards.

Linux system manufacturer System76 introduces PopOS

LinuxToday - Mon, 2018-01-15 23:00

itsFOSS: is Pop OS worth an install?

Video lectures about computers and linux

Reddit - Mon, 2018-01-15 22:56

Hi reddit, I'm starting to teach stuff about computers. Tell me what you think : https://www.patreon.com/justumen

submitted by /u/justumen
[link] [comments]

Pages

Subscribe to LinuxInsight aggregator