Language Selection

English French German Italian Portuguese Spanish

Google FOSS Releases

Filed under
Google
OSS

More in Tux Machines

Introducing Red Hat Quay

Embracing container orchestration has many implications for an enterprises’ technology stack. An image registry becomes a critical component of the deployment pipeline. Red Hat Quay is a mature enterprise-centric container image registry which has a rich history of meeting the needs of cloud native technologists. When Red Hat acquired CoreOS earlier this year, we were looking to amplify our leadership in enterprise container-based solutions. CoreOS at the time had two primary products, Tectonic and Quay. Quay was added directly into Red Hat’s portfolio of products and renamed Red Hat Quay. Read more Also: FPgM report: 2018–38

Security: Windows/NSA Back Doors and Exploits (EternalBlue), Rust Flaw, Roughtime, DDOS Hype and "The Lucy Gang"

  • Leaked NSA Exploits Shifting From Ransomware To Cryptocurrency Mining
    This report, from Zack Whittaker at TechCrunch, says there's really no endpoint in sight for the unintended consequences of exploit hoarding. But at this point, it's really no longer the NSA or Microsoft to blame for the continued rampage. Stats from Shodan show more than 300,000 unpatched machines in the United States alone. EternalBlue-based malware still runs rampant, but the focus has shifted from ransom to cryptocurrency. An unnamed company recently watched the NSA's exploit turn its computers into CPU ATMs. [...] There will never be a full accounting of the damage done. Yes, the NSA never thought its secret stash would go public, but that doesn't excuse its informal policy of never disclosing massive vulnerabilities until it's able to wring every last piece of intel from their deployment. And there's a chance this will happen again in the future if the agency isn't more proactive on the disclosure front. It was foolhardy to believe its tools would remain secret indefinitely. It's especially insane to believe this now.
  • The Rust Programming Language Blog: Security advisory for the standard library
    The Rust team was recently notified of a security vulnerability affecting the standard library’s str::repeat function. When passed a large number this function has an integer overflow which can lead to an out of bounds write. If you are not using str::repeat, you are not affected. We’re in the process of applying for a CVE number for this vulnerability. Fixes for this issue have landed in the Rust repository for the stable/beta/master branches. Nightlies and betas with the fix will be produced tonight, and 1.29.1 will be released on 2018-09-25 with the fix for stable Rust.
  • Cloudflare Secures Time With Roughtime Protocol Service
    If time is money, then how important is it to secure the integrity of time itself? Time across many computing devices is often synchronized via the Network Time Protocol (NTP), which isn't a secure approach, but there is another option. On Sept. 21, Cloudflare announced that it is deploying a new authenticated time service called Roughtime, in an effort to secure certain timekeeping efforts. The publicly available service is based on an open-source project of the same name that was started by Google. "NTP is the dominant protocol used for time synchronisation and, although recent versions provide for the possibility of authentication, in practice that‘s not used," Google's project page for Roughtime states. " Most computers will trust an unauthenticated NTP reply to set the system clock meaning that a MITM [man-in-the-middle] attacker can control a victim’s clock and, probably, violate the security properties of some of the protocols listed above."
  • DDoS Vulnerability Can Disrupt The Whole Bitcoin Infrastructure [Ed: Latest FUD about Bitcoin. A DDOS attack can disrupt anything at sufficient capacity levels, including Wall Street and ANY financial market.]
  • Crippling DDoS vulnerability put the entire Bitcoin market at risk
  • This Russian botnet mimics your click to prevent Android device factory resets
    According to researchers from Check Point, the botnet has been developed by a group of Russian-speaking hackers known as "The Lucy Gang," and demos have already been provided to potential subscribers to the system looking for Malware-as-a-Service (MaaS) solutions. Botnets are a thorn in the side for cybersecurity firms, hosting providers, and everyday businesses alike. The systems are made up of enslaved devices including mobile devices, Internet of Things (IoT) gadgets, and PCs.

Games: The Gardens Between and More to Come From Feral Interactive

  • The beautiful puzzle adventure 'The Gardens Between' is now out with native Linux support
    The Gardens Between from The Voxel Agents looks like a fantastic puzzle adventure and it's now available with native Linux support.
  • Feral Interactive are teasing ANOTHER new Linux port
    As a reminder, Feral Interactive have only recently release Life is Strange: Before the Storm and Total War: Warhammer II is confirmed to be coming this autumn. On top of that, last month they also put up another teaser that we're still guessing. I wouldn't be surprised if they do try to get more ports out earlier now, especially with Steam Play which would eat into their Linux port sales. Anyway…looks like 2018 really will be another great year for Linux gaming! The amount of Linux games Feral has ported now is kind of ridiculous: XCOM, XCOM 2, Tomb Raider, Rise of the Tomb Raider, Mad Max, Shadow of Mordor, HITMAN, F1 2017, Life is Strange, Life is Strange: Before the Storm, Dawn of War II, Dawn of War III, DiRT Rally and the list goes on.

FOSS Project Spotlight: Nitrux, a Linux Distribution with a Focus on AppImages and Atomic Upgrades

Nitrux is a Linux distribution with a focus on portable, application formats like AppImages. Nitrux uses KDE Plasma 5 and KDE Applications, and it also uses our in-house software suite Nomad Desktop. Read more