Language Selection

English French German Italian Portuguese Spanish

December 2019

Security Leftovers

Filed under
Security
  • 36C3: Open Source Is Insufficient To Solve Trust Problems In Hardware

    With open source software, we’ve grown accustomed to a certain level of trust that whatever we are running on our computers is what we expect it to actually be. Thanks to hashing and public key signatures in various parts in the development and deployment cycle, it’s hard for a third party to modify source code or executables without us being easily able to spot it, even if it travels through untrustworthy channels.

    Unfortunately, when it comes to open source hardware, the number of steps and parties involved that are out of our control until we have a final product — production, logistics, distribution, even the customer — makes it substantially more difficult to achieve the same peace of mind. To make things worse, to actually validate the hardware on chip level, you’d ultimately have to destroy it.

    On his talk this year at the 36C3, [bunnie] showed a detailed insight of several attack vectors we could face during manufacturing. Skipping the obvious ones like adding or substituting components, he’s focusing on highly ambitious and hard to detect modifications inside an IC’s package with wirebonded or through-silicon via (TSV) implants, down to modifying the netlist or mask of the integrated circuit itself. And these aren’t any theoretical or “what if” scenarios, but actual possible options — of course, some of them come with a certain price tag, but in the end, with the right motivation, money is only a detail.

  • Election security, ransomware dominate cyber concerns for 2020 [iophk: Windows TCO]

    Senate Democrats have repeatedly tried to force Senate Majority Leader Mitch McConnell (R-Ky.) to schedule votes on a raft of various election security bills. The House has passed three major pieces of election security legislation this year that have stalled amid Republican objections in the Senate.

  • There’s Money To Be Made In Taming Open Source Software Code

    “We’re trying to create order out of chaos,” said CEO Wayne Jackson of his company, Sonatype.

    [...]

    “We are building the world’s critical infrastructure on software somebody else wrote, a stranger with unknown skills, motivations and desires, but the desire to innovate is so high, we’re willing to accept the risk of using some random person’s software invention,” Jackson said.

    Sometimes developers understand the practical use of the open source code they’re creating, and sometimes they don’t, according to Jackson. 

  • Medley India Infosolution helps Indian Railways build crew management software system

    The system design is end-to-end UNIX and Linux thereby immunising the systems against malicious threats. The solution has with immense power to control the client locations from central location by way of maintenance tasks, time synchronisation, patch updates and variety of user access requirements thus speeding up the service request handling from a remote location. Service requests can be lodged into the CMS system and are automated through SMS call lodging and reminder mechanisms. At the client side the users are authenticated via a biometric device (thumb impression reader) for logging onto the applications via a kiosk which ensures an audit trail and logging of activities for transparency and accountability.

LibreOffice Writer: Inserting Pictures

Filed under
LibO
HowTos

This tutorial explains the ways to insert pictures into document in LibreOffice Writer. This is a preparation for you to work with multiple photos, graphics, logos, etc. You will learn how to do it manually and automatically, with menubar, copy-paste, and drag-and-drop, including to resize & arrange them within text, and finally to crop them. I also include download links to beautiful pictures like above and I hope with this article you can compose good documents. Happy learning!

Read more

How to install GIMP on Linux Mint 19.3 Tricia

Filed under
GNU
Linux
HowTos

Linux Mint is a great operating system, but with the most recent version (19.3 "Tricia"), there was some shocking news -- GIMP (GNU Image Manipulation Program) was being removed! Crazy, right? I mean, of all of the great software available for Linux, GIMP is one of the best. It is an essential image editing tool that rivals Adobe Photoshop.

So, why did Linux Mint remove it as a pre-installed program? The developers thought the software was too advanced for newer Linux users. While I think that is a bit of nonsense, I can understand why the Mint developers would want to cater to beginners. Thankfully, it is totally easy to install GIMP on a new Linux Mint 19.3 installation.

Read more

Kernel: Microsoft-Controlled File Systems and AMD's Lack of Linux Support

Filed under
Linux
  • Linux's exFAT Driver Looking To Still Be Replaced By A Newer Driver From Samsung

    Introduced with Linux 5.4 was a long-awaited Microsoft exFAT file-system driver albeit within the kernel's staging area and based upon some dated Samsung file-system driver code. That exFAT staging driver was improved upon more with Linux 5.5 but ultimately there is a concurrent effort for replacing it with a driver derived from newer Samsung open-source code and to be merged outside of staging.

  • Controlling AMD Wraith Prism RGB Heatsinks On Linux Is Easy Now With CM-RGB

    With the Wraith Prism heatsink fan included with many modern AMD Ryzen processors there is configurable RGB lighting, which unfortunately AMD hadn't publicly documented or offered a Linux utility for manipulating the RGBs under Linux. Fortunately, there is now a straight-forward solution for dealing with those Wraith Prism RGB LEDs thanks to the open-source and independent CM-RGB project.

    Just like AMD doesn't offer any CPU overclocking client from the Linux desktop, they don't offer any RGB control software for Linux. But CM-RGB is a Python-written independent utility that is command-line based and allows easily controlling the heatsink's lighting under Linux. The program allows setting the lighting mode, color based upon hex code, brightness, and other factors.

Linux on Hardware: Dragino, Marvell, Kospet Prime SE

Filed under
Linux
Hardware

How Nitrux is Changing the Traditional Linux Scenario [Interview]

Filed under
Interviews

Nitrux Linux founder Uri Herrera shares how Nitrux is adding new dimension to Linux scene with innovative tools like ZNX, MAUI and more.
Read more

FSF, Free Software and GNU (PSPP)

Filed under
GNU
  • Building ethical software based on the four freedoms

    Just because a license is not the right place to enforce ethical software usage doesn't mean we don't recognize the problem, or respect the people raising it. We should encourage and participate in conversations about the ethical usage of software. With the ground rules of free software as the baseline, anyone can build systems to specifically promote ethical use.

  • Google’s Monopoly is Stifling Free Software

    If you’d like a regular certificate, you can do so by attaching your public legal name to your software and sending in a copy of your driver’s license. And that is to say nothing of the risks you take these days online by publishing your legal name.

    And even if you do all of this and start signing your executables, I still can’t find any assurance whether Google will begin to treat these executables as safe or not.

  • PSPP now supports .spv files

    I just pushed support for SPV files to the master branch of PSPP.

    [...]

    I would appreciate experience reports, positive or negative. The main known limitation is that graphs are not yet supported (this is actually a huge amount of work due to the way that SPSS implements graphs).

More in Tux Machines

Fedora 33 To Be Released Next Week

Fedora 33 will manage to ship on-time per its back-up target date of next week Tuesday. While Fedora 33 wasn't ready to ship this Tuesday per its "preferred" target date, Fedora 33 has been cleared by to ship next week on its "Final Target date #1" for this major update to the Red Hat sponsored Linux distribution. Read more

today's howtos

  • How to Use Sudo Command in Linux? – Linux Hint

    Among the different concepts of an operating system, the most crucial one is access control, which specifies the level of access that is granted to each user of that operating system. The access control policies ensure that no user is allowed to perform those activities for which he has not been granted any privileges. The two most common types of users in any operating system are the root user (has administrative level privileges) and the guest user (only has a limited set of privileges).

  • Settings to Try with Firefox

    There are various stories about Firefox not respecting user privacy. Some suggest certain settings to reduce the information Firefox sends out (such as this one from Mozilla). Over time, I have collected a lot of them into a user.js file. For those who do not know, a user.js file may be dropped into a Firefox profile directory as a convenient way to force certain settings every time Firefox starts up. This can reset changes made by the user during a previous session, but is also a convenient way to initialize desired settings in a fresh profile.

    In an IRC discussion, Martyb suggested I share the settings I have collected. Below is a sample user.js that I sometimes use as a template for disabling many potential privacy and/or security holes in Firefox. Some, like HTML pings, are probably features that most privacy-minded individuals do not want (and may not have even known about). Others, like disabling cookies and/or javascript, can break how sites work (sometimes, amusingly, they only break the advertisements). Others, like disabling tracker protection, are double-edged in that disabling them exposes you to being tracked by known trackers, while enabling them might cause Firefox to phone home to get updated lists of known trackers. The comments in the user.js point out some, but definitely not all, of the potential pitfalls. The settings are definitely not set the way everybody should use them, but having them listed out at least provides a convenient starting point. I highly recommend against dropping them directly into your main Firefox profile, as they may undo changes you have made for yourself. Instead, either try them in a fresh profile and copy over things that work for you, or research the settings and only copy over the ones you want that will not break your browser.

  • How To check LXD container BTRFS disk usage on Linux

    Find LXD container disk size and how much space they are using when storage back end set to BTRFS.

  • How to Install Perl Modules on Debian Linux? – Linux Hint

    Perl is a very popular high-level programming language. It is a scripting language, in fact, whose syntax resembles closely with C and C++. A Perl module is defined as a collection of related functions. It is very much similar to the concept of libraries is C++ and Java. This means that if you intend to run a function in Perl, you must have the respective module for that function installed on your system. That is why in this article, we will be learning the method of installing Perl modules on Debian 10.

  • How to Format a Drive in Linux – Linux Hint

    Formatting a drive is necessary whenever you are trying to erase data on a drive or partition or to create a new partition. Before formatting a partition or drive, it is strongly recommended to make sure that there is nothing important there, as formatting may erase the data for good.

  • How to Install and Configure OpenVPN Server in CentOS 8/7

    In this article, we will explain how to set up a VPN server using OpenVPN with two remote clients (a Linux box and a Windows machine) on an RHEL/CentOS 8/7 box.

  • How to set up a Kubernetes cluster in Ubuntu 20.04 > Tux-Techie

    In this tutorial, we are going to set up a Kubernetes cluster with two Ubuntu 20.04 servers. Learn how to set up for master and worker nodes.

  • How to find Linux distribution name and Version? – Linux Hint

    While you are working on new Linux distribution, you might not know which Linux version is installed on your system. Sometimes, you need to meet a few system requirements while running an application on your system. However, different ways are available to check the Version of installed Linux distribution. Linux Mint 20 is the most growing Linux distribution and has a number of available graphical user interfaces that may vary from one user to the other. Hence, each user may also have a different running procedure. For this purpose, the recommended solution is to access and open the terminal command-line application.

  • How To Safely Remove PPA Repositories in Ubuntu – Linux Hint

    PPA is popularly known as Personal Package Archives, it provide Ubuntu users to get new and updated software regularly. Some are officials and provided by Ubuntu developers.

  • How to Change or Reset Root Password in Linux – Linux Hint

    If you have not logged in as a root user for a long time and have not saved the login information anywhere, there is a chance that you may lose access to the credentials for your system. It is not an unusual occurrence, but rather, a common issue, which most Linux users have probably encountered before. If this happens, you can easily change or reset the password via the command-line or the GUI (Graphical User Interface). But what do you do if the root password must be modified or reset? This article shows you how to change the root password for your Linux Mint 20 system via three different methods.

  • Use mobile numbers for user authentication in Keycloak - Red Hat Developer

    Use Keycloak's authentication service provider interface to develop a custom MobileAuthenticator class that you can run in your JBoss EAP container.

  • How to List All Users in a Linux System – Linux Hint

    At any given time, multiple users can operate a single computer system. However, with such shared systems, a system administrator must take the proper security measures so that one user cannot breach the privacy of another by, for example, applying an access control mechanism that specifies the privileges of each user. At times, a change in user privileges might be necessary. For example, a user might need his or her privileges extended for a certain task, or a ability of a certain user to access the system may have to be revoked entirely. In such scenarios, it is important for the system administrator to have complete knowledge of all users of the system. In this article, we explore the methods used to list the users of a Linux system. Both graphical user interface (GUI)-based methods and command line interface (CLI)-based methods can be used for this task; however, this article focuses on four terminal-based methods.

  • iSH Shell app lets you locally run a Linux shell environment on iPhone and iPad - 9to5Mac

    If you always wanted to have a fully functional Terminal on your iPhone or iPad, now you can. Today the new iSH Shell app was officially released on the App Store to let iOS users locally interact with a Linux shell environment. The iSH project started a few months ago with a beta app, but now the developer was able to release it on the App Store for everyone. iSH Shell runs on usermode x86 emulation, and it uses syscall translation so it can run locally on iOS.

  • How to Merge PDF Files on the Command Line? – Linux Hint

    PDF is the most frequently used file format all over the world. This file format is not only used for personal documents but also for professional documents. At times, you might have multiple inter-related PDF files, and you wish to integrate them all as a single PDF file. Therefore, today we will be explaining to you the different methods of merging PDF files on the command line.

  • Making Docker Work in Your Computer Infrastructure | Mind Matters

    By itself, Docker makes great use of filesystem space. Because each container only holds the changes from the images, a little bit of image bloat doesn’t directly impact the server adversely. However, this doesn’t mean that we shouldn’t worry about bloat at all. Not only should we not waste space without reason, images that are too big cause other problems that you need to be aware of. The most important consideration is attack surface. Every program that you have on your image is a potential hole for a hacker to exploit. Keeping unneeded software off of your container is the easiest first step to maintaining secure containers. However, in more general terms, everything on your container will wind up needing maintenance at some point. The more software you have installed, the more maintenance you will be subject to. You might think, “If I don’t use it, how does it cause maintenance issues?” Well, most software is written by a software team, not just a single individual. I have noticed that, if something is available to use, some member of the team will eventually find an excuse to use it. So, the more software that you leave on your container, the more tools your team will eventually make use of. Additionally, those team members may not even remember to document which operating system tools they are using. Therefore, it is best to start off with the most minimal set of tools you can, and then only add when absolutely necessary. Then your team will think twice before adding something, and— more importantly—it will be added explicitly to your Dockerfile, which makes it easier to spot.

  • What is LVM (Logical Volume Management), and what are its Benefits? – Linux Hint

    Logical Volume Management or LVM is a framework of the Linux operating system that has been introduced for the easier management of physical storage devices. The concept of logical volume management is very much similar to the concept of virtualization, i.e. you can create as many virtual storage volumes on top of a single storage device as you want. The logical storage volumes thus created can be expanded or shrunk according to your growing or reducing storage needs.

  • How to Search for Files on Linux from the Command Line? – Linux Hint

    In any computer system, you have got tons of different files. Some of them are system files that are there since the very beginning, whereas some of them are user files that you create on your own as per your needs. However, when there is a large bulk of files, and you only wish to search for a particular file or set of files for any specific task, then the process of looking for that file or files manually can be extremely tedious as you have to go to each and every directory in search of that file or files that you need. And even then, it is not assured that you will be effectively able to find all those files. Thankfully, our operating systems these days are efficient enough that they present us with different ways in which we can automate this task and make it more speedy. Like other operating systems, Linux also enables us to search for files automatically via terminal commands. Therefore, today, our discussion will revolve around exploring the different methods of searching for files on Linux from the command line.

New open source project crowdsources internet security

CrowdSec is a new security project designed to protect servers, services, containers, or virtual machines exposed on the internet with a server-side agent. It was inspired by Fail2Ban and aims to be a modernized, collaborative version of that intrusion-prevention framework. CrowdSec is free and open source (under an MIT License), with the source code available on GitHub. It is currently is available for Linux, with ports to macOS and Windows on the roadmap. Read more

KDE Neon vs Kubuntu: What’s the Difference Between the Two KDE Distribution?

I know it is often confusing especially if you have never used either of them but got them as recommendations for usage. Hence, to help you make a decision, I thought of compiling a list of differences (and similarities) between KDE Neon and Kubuntu. Let’s start with getting to know the similarities and then proceed with the differences. Read more