Language Selection

English French German Italian Portuguese Spanish

November 2019

Proprietary Software and Digital Jails

Filed under
Hardware
Software
  • checkra1n on Linux nearing release, Apple TV DFU helper coming too

    Despite being a closed ecosystem, iDevice users enjoy an advanced level of control over the OS through jailbreaking. But, not many opt for it because the Cupertino tech giant denies warranty claims for jailbroken gadgets.

    Moreover, one has to choose the jailbreaking tool so carefully that an incompatible selection will make your iPhone/iPad a fiasco. Owing to the frequent vulnerability fixes released by Apple, we can’t use a single tool for every iOS iteration.

  •                    

  • Jony Ive is no longer on Apple's leadership page

                         

                           

    His new firm is called LoveForm, which sounds an awful lot like LoveFilm - right down to the fact that both will score you 16 in a Scrabble match, assuming you're competing without someone that plays fast and loose with the ‘no brand names' rule. That's where the similarities end though: it's more focused on design than posting DVDs to people.

                           

    Unlike most people starting their own business, Ive won't have to hustle for new clients right away. Apple led the press release announcing Ive's exit by saying it would be one of LoveForm's clients, which is kind of like writing a blank cheque. But, hey, if anybody can write a blank cheque and not worry about the consequences then it's Cook & Co.

  •                    

  • Security firm Prosegur hit by Windows Ryuk ransomware

                         

                           

    Well-known British security researcher Kevin Beaumont was one of the first to point to a statement on on the Spain-based company's website in which it said that there had been "a security information incident on its telecommunications platforms".

                           

    Prosegur is the largest security firm in Spain and listed on Madrid Stock Exchange in 1987.

Entrapment in Microsoft GitHub

Filed under
Microsoft
  • Alibaba Cloud makes available its self-developed algorithm via open source on Github [Ed: Outsourcing one's code to a proprietary spying and censorship platform of a foreign firm and foreign regime]

    Launched in 2009 and headquartered in Singapore, the cloud subsidiary of Alibaba Group offers cloud computing services to enterprises.

  • Alibaba Publishes AI Algorithms on Github [Ed: Alibaba gives its code to Microsoft to further facilitate surveillance]
  • GitHub Seeks Security Dominance With Developers [Ed: GitHub is proprietary software in NSA PRISM, so assume back doors. Ignore these Forbes puff pieces of Microsoft (lots of them).]
  • Rav1e Picks Up More Speed Optimizations For Rust-Written AV1 Encoding [Ed: Still stuck inside GitHub]

    The Rust-based "rav1e" AV1 video encoder continues picking up performance optimizations. 

    During the month of November we've seen SSE4.1 and various x86 Assembly optimizations, other CPU performance optimizations, and also happening recently was the initial tagged release of rav1e (v0.1). 

  • Daniel Stenberg: curl: 25000 commits [Ed: Unhealthy dependence on GitHub]

    The first ever public release of curl was uploaded on March 20, 1998. 7924 days ago.

    3.15 commits per day on average since inception.

    These 25000 commits have been authored by 751 different persons.

    Through the years, 47 of these 751 authors have ever authored 10 commits or more within a single year. In fact, the largest number of people that did 10 commits or more within a single year is 13 that happened in both 2014 and 2017.

    19 of the 751 authors did ten or more changes in more than one calendar year. 5 of the authors have done ten or more changes during ten or more years.

Openwashing by Microsoft and the US Air Force

Filed under
Microsoft
  • Microsoft Teams spurs open source in Aussie channel [Ed: Gross case of openwashing. How on Earth did Microsoft manage to have proprietary software that's mass surveillance inside businesses framed as "open source"?

    Qbot is the brainchild of UNSW senior lecturer David Kellermann. Antares helped bring Qbot to life and, as it is the bot's primary developer, supports the code.

  • US Air Force says they are developing an Open Source Jet Engine

    The Responsive Open Source Engine (ROSE) is designed to be cheap enough that it can be disposable, which has obvious military applications for the Air Force such as small jet-powered drones or even missiles. But even for the pacifists in the audience, it’s hard not to get excited about the idea of a low-cost open source turbine. Obviously an engine this small would have limited use to commercial aviation, but hackers and makers have always been obsessed with small jet engines, and getting one fired up and self-sustaining has traditionally been something of a badge of honor.

    The economies of scale generally dictate that anything produced in large enough numbers will eventually become cheap. But despite the fact that a few thousand of them are tearing across the sky above our heads at any given moment, turbine jet engines are still expensive to produce compared to other forms of propulsion. The United States Air Force Research Laboratory is hoping to change that by developing their own in-house, open source turbine engine that they believe could reduce costs by as much as 75%.

Red Hat, IBM and SUSE

Filed under
Red Hat
SUSE
  • Raytheon Leans on Red Hat to Advance DevSecOps

    Jon Check, senior director for cyber protection solutions for Raytheon Intelligence, Information and Services, said Raytheon has developed a set of DevSecOps practices for organizations building applications deployed in highly secure environments, involving government contracts.

    Raytheon and these customers have been challenged by a chronic shortage of IT professionals with the appropriate level of clearance to work on these classified projects. To overcome that issue, Check said Raytheon developed what it describes as a “code low, deploy high” approach to DevSecOps. Developers who lack security clearances can still build applications; however, those applications can only be deployed by IT professionals having the appropriate security clearance.

    In addition, Check said Raytheon has developed integrations between its DevSecOps framework and various IT tools based on the ITIL framework, which so many IT operations teams depend on to foster collaboration across the application development and deployment process. For example, he said, whenever code gets checked into a repository, an alert can be sent to an IT service management application from ServiceNow.

  •                    

  • [Older] IBM: ‘Mac users are happier and more productive’ [iophk: duh]

                         

                           

    IBM CIO Fletcher Previn talked up fresh IBM findings that show those of its employees who use Macs are more likely to stay with IBM and exceed performance expectations compared to [Windows] users.

  •                    

  • [Older] IBM: Mac users perform better at work and close larger high-value sales compared to [Windows] users

                         

                           

    Today, IBM announced some major news showing the benefits of using a Mac over a [Windows machine] at work. According to IBM research, there are 22% more macOS users who exceed expectations in performance reviews compared to Windows users. High-value sales deals also tend to be 16% higher for Mac users compared to [Windows] users.

  •                    

  • [Older] IBM: Our Mac-Using Employees Outperform Windows Users in Every Way

                         

                           

    According to IBM, one staff member can support 5,400 Mac users, while the company needed one staff member per 242 [Windows] users. Only 5 percent of Mac users called the help desk for assistance, compared with 40 percent of [Windows] users. This Mac-IBM love affair has been ongoing for a few years, and the same IBM PR points out that in 2016, IBM CIO Fletcher Previn declared that IBM saves anywhere from $273 to $543 when its end users choose Mac over [Windows].

  • Centiq receives highest SUSE Solution Partner certification to bolster best-in-class enterprise cloud application migration and implementation expertise for SAP projects
  • Noop now named none

    Lately more and more people approached me with saptune warnings regarding ‘noop’ being an invalid scheduler.
    With new Servie Packs we see a transition from non-multiqueue schedulers (noop, cfq, deadline) to multiqueue schedulers (none, mq-deadline, bfq, kyber).
    This transition will be finished with kernel 5.x (SLES 15 SP2). Only multiqueue schedulers will remain.
    Even if you do not have upgraded lately, new hardware like NVMe’s can come with multiqueue support only.

Games and Programming: Epic Games, Godot, Haskell and Python

Filed under
Development
Gaming
  • Epic Games have awarded the FOSS game manager Lutris with an Epic MegaGrant

    The Lutris team announced yesterday that Epic Games have now awarded them a sum of money from the Epic MegaGrants pot.

    In the Patreon post, the Lutris team announced they've been awarded $25,000. While this might be quite a surprise to some, Tim Sweeney the CEO of Epic Games, did actually suggest they apply for it which we covered here back in April. To see it actually happen though, that's seriously awesome for the team building this free and open source game manager.

  • Play-ing with Godot

    I’ve finally come to a point where I have a project that is useful, and at a good enough quality (anyone with graphics skills who wants to help?) to be shared with the broader world: Mattemonster. What I’m trying to say is that I just went through the process of publishing a Godot app to the Google Play store.

    There is already good documentation for how you export a Godot app for Android, and detailed guides how to publish to Google Play. This blog is not a step by step tutorial, but instead mentioning some of the things I learned or noticed.

    First of all, when setting up the Android tooling, you usually have an android-tools package for your distro. This way, you don’t have to install Android Studio provided by Google.

    The configuration settings that you use to export your app goes into the export_presets.cfg file. Once you put the details for your release key in, you should avoid storing this file in a public git, as it contains sensitive data. But even before then, it contains paths that are local to your machine, so I would recommend not storing it in a public git anyway, as it makes merging with others painful.

  •      

  • Haskell
  • Python 3.7.5 : Script install and import python packages.

    This script will try to import Python packages from a list.
    If these packages are not installed then will be installed on system.

Security: Updates, Ken Thompson's Chess Secret, Healthcare Breaches Spike in October, "Private Internet Access Sold Out!" and Undercover Mode for the Fedora Security Lab

Filed under
Security
  • Security updates for Friday

    Security updates have been issued by Debian (libvpx and vino), Fedora (grub2 and nss), and SUSE (cloud-init, libarchive, libtomcrypt, ncurses, and ucode-intel).

  • Friday Fluff: Chess password cracked after four decades

    A good password paired with strong encryption protects data against unexpected loss. No password is unbreakable, but some can last for quote a long time. After 39 years, recently a few old Unix passwords were cracked. Computer pioneer Ken Thompson had hidden his access behind a chess opening.

  • ThreatList: Healthcare Breaches Spike in October

    October experienced a 44.44 percent month-over-month increase in healthcare data breaches, resulting in 661,830 healthcare records exposed or stolen during the month.

    That’s according to the Health and Human Services (HHS) Office for Civil Rights’ monthly report reported via HIPAA Journal. The department said that hospitals and other healthcare organizations reported 52 breaches to HHS during the month. Year-to-date, the total number of breached healthcare records stands at 38 million, affecting 11.64 percent of the population of the United States.

  • Private Internet Access Sold Out! | Choosing A New VPN

    This video goes over the purchase of Private Internet Access and Choosing a new VPN. I also layout the 3 points you NEED when choosing a new VPN.

  • Undercover mode for the Fedora Security Lab

    Every time when there is a new release of Kali Linux it doesn’t take long till people start to ask when a feature or tool will be added to the Fedora Security Lab.

    This time the most asked feature is the “undercover mode”.

    To make it short: Never.

    The reason is that the Fedora Security Lab live media doesn’t need this. We are running Xfce (in the meantime for several years now) with the default Fedora wallpaper and a default theme. It pretty hard to tell (reading impossible if you don’t have the menu open) for a person who only get a quick look at your desktop that you have a lot of specialized tools at your disposal.

    You are even stealthier if you only add the Fedora Security Lab toolset to your default Fedora installation. This make the Fedora Security Lab the perfect tool to perform security-related tasks in an office environment at customer’s sites.

Debian and Canonical/Ubuntu: Debian's Outreachy Interns, Debian LTS and Mir/Ubuntu Core Promotion

Filed under
Debian
Ubuntu
  • Debian welcomes its new Outreachy interns

    Debian continues participating in Outreachy, and we'd like to welcome our new Outreachy interns for this round, lasting from December 2019 to March 2020.

    Anisa Kuci will work on Improving the DebConf fundraising processes, mentored by Karina Ture and Daniel Lange.

    Sakshi Sangwan will work on Packaging GitLab's JS Modules, mentored by Utkarsh Gupta, Sruthi Chandran and Pirate Praveen.

    Congratulations, Anisa and Sakshi! Welcome!

  • Mike Gabriel: My Work on Debian LTS/ELTS (November 2019)

    In November 2019, I have worked on the Debian LTS project for 15 hours (of 15 hours planned) and on the Debian ELTS project for 5 hours (of 5 hours planned) as a paid contributor.

    For LTS, I, in fact, pulled over 1.7 hours from October, so I realy only did 13.3 hours for LTS in November.

    (This is only half-true, I worked a considerable amount of hours on this libvncserver code bundle audit, but I am just not invoicing all of it).

  • Build smart display devices with Mir: fast to production, secure, open-source

    Mir is a library for writing graphical shells for Linux and similar operating systems. Compared to traditional display servers, it offers numerous benefits that are important for IoT devices: efficiency, speed of development, security, performance, and flexibility. All are required by the devices of today, and even more so for the devices of tomorrow. In this whitepaper we’ll explain how Mir, alongside Ubuntu Core and Snapcraft, lets developers build devices that are ready for the future of IoT, while offering stable, secure and performant solutions to the problems the industry faces today.

More in Tux Machines

Open Hardware: Crowbits, Raspberry Pi, and RISC-V

  • Crowbits Master Kit Tutorial - Part 2: ESP32 intrusion scanner and visual programming - CNX Software - Embedded Systems News

    I started Crowbits Master Kit review last month by checking out the content, user manual, and some of the possible projects for the ESP32 educational kit including a 2G phone and a portable game console. For the second part of the review, I’ll go through one of the lessons in detail, namely the intrusion scanner to show the whole process and how well (or not) it works. Let’s go to Lesson 5 directly, although I’d recommend going through the first lessons that provide details about the hardware and visual programming basics using Letscode program, which is basically a custom version of Scratch for Crowbits

  • RP2040-PICO-PC small computer made with the Raspberry Pi RP2040-PICO module first prototypes are ready

    It’s small base board for RP2040-PICO the $4 module with the Cortex-M0+ processor made by Raspberry Pi foundation.

    We were ready with the prototype for a long time but the RP2040-PICO modules were tricky to source

  • ESP32-C6 WiFI 6 and Bluetooth 5 LE RISC-V SoC for IoT devices coming soon - CNX Software - Embedded Systems News

    Espressif Systems introduced their first RISC-V wireless SoC last year with ESP32-C3 single-core 32-bit RISC-V SoC offering both 2.4GHz WiFi 4 and Bluetooth 5.0 LE connectivity, and while the company sent some engineering samples of ESP32-C3 boards months ago, general availability of ESP32-C3-DevKitM-1 and modules is expected shortly. But the company did not stop here, and just announced their second RISC-V processor with ESP32-C6 single-core 32-bit RISC-V microcontroller clocked at up to 160 MHz with both 2.4 GHz WiFi 6 (802.11ax) and Bluetooth 5 LE connectivity.

Linux, NetBSD, and OpenBSD

  • EXT4 With Linux 5.13 Looks Like It Will Support Casefolding With Encryption Enabled - Phoronix

    While EXT4 supports both case-folding for optional case insensitive filenames and does support file-system encryption, at the moment those features are mutually exclusive. But it looks like the upcoming Linux 5.13 kernel will allow casefolding and encryption to be active at the same time. Queued this week into the EXT4 file-system's "dev" tree was ext4: handle casefolding with encryption.

  • SiFive FU740 PCIe Support Queued Ahead Of Linux 5.13 - Phoronix

    Arguably the most interesting RISC-V board announced to date is SiFive's HiFive Unmatched with the FU740 RISC-V SoC that features four U74-MC cores and one S7 embedded core. The HiFive Unmatched also has 16GB of RAM, USB 3.2 Gen 1, one PCI Express x16 slot (operating at x8 speeds), an NVMe slot, and Gigabit Ethernet. The upstream kernel support for the HiFive Unmatched and the FU740 SoC continues. With the Linux 5.12 cycle there was the start of mainlining SiFive FU740 SoC support and that work is continuing for the upcoming Linux 5.13 cycle.

  •                  
  • The state of toolchains in NetBSD
                     
                       

    While FreeBSD and OpenBSD both switched to using LLVM/Clang as their base system compiler, NetBSD picked a different path and remained with GCC and binutils regardless of the license change to GPLv3. However, it doesn't mean that the NetBSD project endorses this license, and the NetBSD Foundation's has issued a statement about its position on the subject.

                       

    Realistically, NetBSD is more or less tied to GCC, as it supports more architectures than the other BSDs, some of which will likely never be supported in LLVM.

                       

    As of NetBSD 9.1, the latest released version, all supported platforms have recent versions of GCC (7.5.0) and binutils (2.31.1) in the base system. Newer (and older!) versions of GCC can be installed via Pkgsrc, and the following packages are available, going all the way back to GCC 3.3.6: [...]

  •                
  • Review: OpenBSD 6.8 on 8th Gen Lenovo ThinkPad X1 Carbon 13.3"
                     
                       

    10 days ago, I bought this X1 Carbon. I immediately installed OpenBSD on it. It took me a few days to settle in and make myself at home, but here are my impressions.

                       

    This was the smoothest experience I've had getting OpenBSD set up the way I like it. The Toshiba NB305 in 2011 was a close second, but the Acer I used between these two laptops required a lot more tweaking of both hardware and kernel to get it to feel like home.

Audio/Video and Games: This Week in Linux, MineTest, OpenTTD, and Portal Stories: Mel

  • This Week in Linux 146: Linux on M1 Mac, Google vs Oracle, PipeWire, Bottom Panel for GNOME Shell - TuxDigital

    On this episode of This Week in Linux, we’ve got an update for Linux support on Apple’s M1 Mac hardware. KDE Announces a new patch-set for Qt 5. IBM Announced COBOL Compiler For Linux. Then later in the show we’re bringing back everyone’s favorite Legal News segment with Google v. Oracle reaching U.S. Supreme Court. We’ve also got new releases to talk about such as PipeWire 0.3.25 and JingOS v0.8 plus GNOME Designers are exploring the possibility of having a bottom panel. Then we’ll round out the show with some Humble Bundles about programming in Python. All that and much more on Your Weekly Source for Linux GNews!

  • MineTest: I Am A Dwarf And I'm Digging A Hole

    People have been asking me to play MineTest for ages so I thought I should finally get around to it, if you've never heard of it MineTest is an open source Minecraft clone that surprisingly has a lot of community support

  • OpenTTD Went to Steam to Solve a Hard Problem - Boiling Steam

    OpenTTD, the free and open-source software recreation of Transport Tycoon Deluxe, has been a popular game for a long time, but recently something unusual happened. The team behind the project decided to release the game on Steam (still free as always) and this has changed everything. Let me explain why this matters. If you have ever played OpenTTD on Linux, let me venture that you have probably relied on your distro’s package manager to keep your game up-to-date. In theory, this is the BEST way to keep your packages up to date. Rely on maintainers. In practice however, it’s far from being something you can rely on, beyond security updates. Debian stable tends to have really old packages, sometimes years behind their latest versions. So on Debian stable you end up with OpenTTD 1.08 as the most recent version. That’s what shipped in April 2018. Just about 3 years old.

  • Portal Stories: Mel gets Vulkan support on Linux in a new Beta | GamingOnLinux

    Portal Stories: Mel, an extremely popular and highly rated mod for Portal 2 just had a new Beta pushed out which adds in Vulkan support for Linux. Much like the update for Portal 2 that recently added Vulkan support, it's using a special native build of DXVK, the Vulkan-based translation layer for Direct3D 9/10/11. Compared with the Portal 2 update, in some of my own testing today it seems that Portal Stories: Mel seems to benefit from the Vulkan upgrade quite a bit more in some places. At times giving a full 100FPS increase! So for those on weaker cards, this will probably be an ideal upgrade. Another game to test with Vulkan is always great too.

today's howtos

  • How to Install TeamSpeak Client on Ubuntu 20.04 Linux - Linux Shout

    TeamSpeak is a free voice conferencing software available to install on Linux, Windows, macOS, FreeBSD, and Android. It is the pioneer in its areas of other platforms such as Discord. TeamSpeak allows free of cost access to around 1000 public TeamSpeak servers or even your own private one. In parallel to online games, you can use the current TeamSpeak to communicate with friends via speech and text.

  • How To Install Robo 3T on Ubuntu 20.04 LTS - idroot

    In this tutorial, we will show you how to install Robo 3T on Ubuntu 20.04 LTS. For those of you who didn’t know, Robo3T formerly known as RobMongo is one of the best GUI tools for managing and querying MongoDB database. It provides GUI tools for managing & querying the MongoDB database. It embeds the actual mongo shell that allows for CLI as well as GUI access to the database. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Robo 3T RobMongo on an Ubuntu 20.04 (Focal Fossa) server. You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

  • How to Install Java on Ubuntu Step by Step Guide for Beginners

    Some programs/tools/utility on Ubuntu required java/JVM, without java these programs are not working. Are you facing the same problem? Don’t worry! Today I am going to cover in this article how to install Java on Ubuntu. This article will cover the complete tutorial step by step. You can get java on Ubuntu via three packages JRE, OpenJDK and Oracle JDK. Java and Java’s Virtual Machine (JVM) are widely used and required to run much software.

  • "apt-get command not found" error in Ubuntu by Easy Way

    apt-get command is used to manage package in Ubuntu and other Debian based distribution. You can install, remove software in Ubuntu, You can update upgrade ubuntu and other operating systems with help of this command. If you want to install new software on the Linux operating system by apt-get command but you get the error “apt-get command not found“. This is really the biggest problem for the new user. Neither you can install new packages nor you can update and upgrade ubuntu. apt-get is not working, how will you install a new package? If the problem only of installing new packages then it can be solved. You can use dpkg command to install deb files in ubuntu and derivatives.

  • How to upgrade Linux Mint 19.3 (Tricia) to Mint 20.1 (Ulyssa) - Linux Shout

    Are you planning to upgrade your existing Linux Mint 19.3 (Tricia) PC or Laptop to Linux Mint 20.1 Ulyssa, then following the simple steps given in the tutorial… Linux Mint is one of the popular distros among users who want a Windows-like operating system but with the benefits of Linux and a user-friendly interface. As Mint is an Ubuntu derivative, thus not only we have the access to a large number of packages to install but also stability. The process of upgrading Mint is very easy, we can use GUI or command to do that. However, in this article, we will show you how to upgrade from Tricia (19.3) to Ulyssa (20.1) using CLI, thus first you have to make sure that your existing Mint 19.3 is on 64-bit because 20.1 doesn’t support 32-bit.

  • How to Install Node js in Ubuntu Step by Step Explanation for Beginners

    Node.js is an open source cross-platform JavaScript run-time environment that allows server-side execution of JavaScript code. In simple words you can run JavaScript code on your machine (server) as a standalone application, and access form any web browser. When you create a server side application you need Node.js, it is also help to create front-end and full-stack. npm (Node Package Manager) is a package manager for the JavaScript programming language, and default package manager for Node.js. This tutorial will cover step by step methods “how to install node js in ubuntu 19.04″. in case you need the latest Node.js and npm versions. If you are using Node.js for development purposes then your best option is to install Node.js using the NVM script. Although this tutorial is written for Ubuntu the same instructions apply for any Ubuntu-based distribution, including Kubuntu, Linux Mint and Elementary OS.

  • How to play Geometry Dash on Linux

    Geometry Dash is a music platformer game developed by Robert Topala. The game is available to play on iOS, Android, as well as Microsoft Windows via Steam. In the game, players control a character’s movement and navigate through a series of music-based levels while avoiding obstacles and hazards.

  • How To Set Up a Firewall with UFW in Ubuntu \ Debian

    The Linux kernel includes the Netfilter subsystem, which is used to manipulate or decide the fate of network traffic headed into or through your server. All modern Linux firewall solutions use this system for packet filtering. [...] The default behavior of the UFW Firewall is to block all incoming and forwarding traffic and allow all outbound traffic. This means that anyone trying to access your server will not be able to connect unless you specifically open the port. Applications and services running on your server will be able to access the outside world.