Language Selection

English French German Italian Portuguese Spanish

today's leftovers

Filed under
Misc
  • Another Million Learn About GNU/Linux

    Ordinarily, I would not notice or even recommend a brief article in a magazine but this is Popular Science, the Bible of DIY types especially the young and restless who might actually take the plunge into FLOSS (Free/Libre Open Source Software). It’s a general magazine with a million subscribers.

  • Chromium 62 ready for download

    chromium_iconEarlier this week, Google released a security update for its chrome/chromium browser. The new version 62.0.3202.62 plugs the holes of 35 more or less serious issues, several of them have a CVE rating.

    When the topic of Chromium 62 came up in the comments section of a previous post, I mentioned that I was unable to compile it on Slackware 14.2. Errors like “error: static assertion failed: Bound argument |i| of type |Arg| cannot be converted and bound as |Storage|” yield some results when looked up on the Internet, and they indicate that Slackware’s own gcc-5.3.0 package is too old to compile chromium 62.

  • Playing with the pine64

     

    So I went for OpenBSD because I know the stuff and who to har^Wkindly ask for help. Spoiler alert, it's boring because it just works.

  • PrismTech Moves Market-Leading Proven DDS Solution to Open Source as Eclipse Cyclone
  • Nana Oforiatta Ayim’s Open-Source Encyclopedia of African History Starts With Ghana

    It is a rare kind of woman who enjoys a project so vast that it’s practically unfinishable, but Nana Oforiatta Ayim, a Ghanaian gallerist, writer, and historian, never quits what she has started. She’s discussing her work on the "Cultural Encyclopaedia", an attempt to “facilitate the re/ordering of knowledge, narratives, and representations from and about the African continent” through an online resource that includes an A-to-Z index and vertices of clickable images for entries. Eventually, a 54-volume book series—one for each country on the continent—will be published with selections from the encyclopedia's long, long list. Oforiatta Ayim is working with a small team of editors, and, starting with her native country, she has taken on the task of documenting all significant cultural touchstones in the thousands of years of African history. Plus, it will be open source to prevent it from having a top-down logic. “I’m a little bit crazy to take it on,” she says. “But if I’m not going to do it, who is going to be as crazy as me?”

  • The Only Person I’ll Pair Program with is my Cat

     

    I could argue (to varying degrees of success) that pair programming isn’t productive. Productivity of a practice is an easy thing to attack because, in our capitalist dystopia, it’s the end-all-be-all metric. But I hate pair programming, and it’s not just because I don’t feel productive. It’s a lot more than that.

  • Reaper: IoT botnet 'worse than Mirai' infects one million organisations worldwide

     

    Check Point first unearthed the botnet, codenamed 'IoT_reaper', at the beginning of September and claims that, since, it's already enslaved millions of IoT devices including routers and IP cameras from firms including GoAhead, D-Link, TP-Link, Avtech, Netgear, MikroTik, Linksys and Synology.

  • Google will pay out bounties for bad Android app flaws

     

    "Google Play is working with the independent bug bounty platform, HackerOne, and the developers of popular Android apps to implement the Google Play Security Reward Program. Developers of popular Android apps are invited to opt-in to the program, which will incentivize security research in a bug bounty model," says HackerOne.

More in Tux Machines

Raspberry Pi lookalike offers HDMI 2.0 and optional M.2

Geniatech’s “XPI-S905X” is a new Raspberry Pi pseudo clone with a quad -A53 Amlogic S905X plus 2GB RAM, up to 16GB eMMC, 4K-ready HDMI 2.0, LAN, 4x USB, touch-enabled LVDS, and optional M.2. Geniatech, which is known for Qualcomm based SBCs such as the Snapdragon 410 based, 96Boards-like Development Board IV and Snapdragon 820E based Development Board 8, has posted specs for a Raspberry Pi form factor board with a quad -A53, Amlogic S905X with 1/6GHz to 2GHz performance. No pricing is available for the XPI-S905X, which appears to be aimed at the OEM market. Read more

​Linus Torvalds talks about coming back to work on Linux

"'I'm starting the usual merge window activity now," said Torvalds. But it's not going to be kernel development as usual. "We did talk about the fact that now Greg [Kroah-Hartman] has write rights to my kernel tree, and if will be easier to just share the load if we want to, and maybe we'll add another maintainer after further discussion." So, Kroah-Hartman, who runs the stable kernel, will have a say on Linus' cutting-edge kernel. Will someone else get write permission to Torvalds' kernel code tree to help lighten the load? Stay tuned. Read more Also: Linux Foundation Technical Advisory Board election call for nominations

Mozilla: Firefox 65 Plans and Firefox 63 Analysis

  • Firefox 65 Will Block Tracking Cookies By Default
    Mozilla today released Firefox 63, which includes an experimental option to block third-party tracking cookies, protecting against cross-site tracking. You can test this out today, but Mozilla wants to enable it for everyone by default in Firefox 65.
  • The Path to Enhanced Tracking Protection
    As a leader of Firefox’s product management team, I am often asked how Mozilla decides on which privacy features we will build and launch in Firefox. In this post I’d like to tell you about some key aspects of our process, using our recent Enhanced Tracking Protection functionality as an example.
  • Firefox 63 Lets Users Block Tracking Cookies
    As announced in August, Firefox is changing its approach to addressing tracking on the web. As part of that plan, we signaled our intent to prevent cross-site tracking for all Firefox users and made our initial prototype available for testing. Starting with Firefox 63, all desktop versions of Firefox include an experimental cookie policy that blocks cookies and other site data from third-party tracking resources. This new policy provides protection against cross-site tracking while minimizing site breakage associated with traditional cookie blocking.
  • Firefox 63 – Tricks and Treats!
  • Firefox 63 Released, Red Hat Collaborating with NVIDIA, Virtual Box 6.0 Beta Now Available, ODROID Launching a New Intel-Powered SBC and Richard Stallman Announces the GNU Kind Communication Guidelines
    Firefox 63.0 was released this morning. With this new version, "users can opt to block third-party tracking cookies or block all trackers and create exceptions for trusted sites that don't work correctly with content blocking enabled". In addition, WebExtensions now run in their own process on Linux, and Firefox also now warns if you have multiple windows and tabs open when you quit via the main menu. You can download it from here.
  • Changes to how Mozilla Readability extracts article metadata in Firefox 63
    Mozilla Readability will now extract document metadata from Dublin Core and Open Graph Protocol meta tags instead of trying to guess article titles. Earlier this year, I documented how reader mode in web browsers extract metadata about articles. After learning about the messy state of metadata extraction for reader mode, I sought to improve the extraction logic used in Mozilla Readability. Mozilla Readability was one of the first reader mode parsers and it’s used in Firefox as well as other web browsers.

Security: Cross-Hyperthread Spectre V2 Mitigation Ready For Linux, Targeted vs General-Purpose Security and More

  • Cross-Hyperthread Spectre V2 Mitigation Ready For Linux With STIBP
    On the Spectre front for the recently-started Linux 4.20~5.0 kernel is STIBP support for cross-hyperthread Spectre Variant Two mitigation. Going back to the end of the summer was the patch work for this cross-hyperthread Spectre V2 mitigation with STIBP while now it's being merged to mainline.
  • Targeted vs General purpose security
    There seems to be a lot of questions going around lately about how to best give out simple security advice that is actionable. Goodness knows I’ve talked about this more than I can even remember at this point. The security industry is really bad at giving out actionable advice. It’s common someone will ask what’s good advice. They’ll get a few morsels, them someone will point out whatever corner case makes that advice bad and the conversation will spiral into nonsense where we find ourselves trying to defend someone mostly concerned about cat pictures from being kidnapped by a foreign nation. Eventually whoever asked for help quit listening a long time ago and decided to just keep their passwords written on a sticky note under the keyboard. I’m pretty sure the fundamental flaw in all this thinking is we never differentiate between a targeted attack and general purpose security. They are not the same thing. They’re incredibly different in fact. General purpose advice can be reasonable, simple, and good. If you are a target you’ve already lost, most advice won’t help you. General purpose security is just basic hygiene. These are the really easy concepts. Ideas like using a password manager, multi-factor-auth, install updates on your system. These are the activities anyone and everyone should be doing. One could argue these should be the default settings for any given computer or service (that’s a post for another day though). You don’t need to be a security genius to take these steps. You just have to restrain yourself from acting like a crazy person so whoever asked for help can actually get the advice they need.
  • Oracle Moves to Gen 2 Cloud, Promising More Automation and Security [Ed: Ellison wants people to blindly trust proprietary blobs for security (a bad thing to do, never mind the CIA past of Oracle and severe flaws in its DBs)].
    A primary message from Ellison is that the Gen 2 Oracle cloud is more secure, with autonomous capabilities to help protect against attacks. Ellison also emphasized the segmentation and isolation of workloads on the Gen 2 Oracle cloud, providing improved security.
  • Reproducible Builds: Weekly report #182
    Here’s what happened in the Reproducible Builds effort between Sunday October 14 and Saturday October 20 2018...