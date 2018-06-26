Language Selection

Microsoft, the NSA, and GitHub

Submitted by Roy Schestowitz on Thursday 5th of July 2018 07:23:07 AM Filed under
Gentoo
Microsoft
Security
  • Gentoo hacker's code changes unlikely to have worked

    Linux distribution Gentoo's maintainers say attempts by attackers last week to sabotage code stored on Github is unlikely to have worked.

    Gentoo's Github account was compromised in late June.

    The attacker was able to gain administrative privileges for Gentoo's Github account, after guessing the password for it.

    Gentoo's maintainers were alerted to the attack early thanks to the attacker removing all developers from the Github account, causing them to be emailed.

  • NSA Exploit "DoublePulsar" Patched to Work on Windows IoT Systems

    An infosec researcher who uses the online pseudonym of Capt. Meelo has modified an NSA hacking tool known as DoublePulsar to work on the Windows IoT operating system (formerly known as Windows Embedded).

    The original DoublePulsar is a hacking tool that was developed by the US National Security Agency (NSA), and was stolen and then leaked online by a hacking group known as The Shadow Brokers.

    At its core, DoublePulsar is a Ring-0 kernel mode payload that acts like a backdoor into compromised systems. DoublePulsar is not meant to be used on its own, but together with other NSA tools.

  • Predictable password blamed for Gentoo GitHub organisation takeover [Ed: when Microsoft takes over the NSA gets all these passwords. (NSA PRISM)]

    Gentoo has laid out the cause and impact of an attack that saw the Linux distribution locked out of its GitHub organisation.

    The attack took place on June 28, and saw Gentoo unable to use GitHub for approximately five days.

    Due a lack of two-factor authentication, once the attacker guessed an admin's password, the organisation was in trouble.

Linux and the Linux Foundation: History, AGL, and Canonical Bigwig Joining the Linux Foundation

  • Difference Between the macOS and Linux Kernels [Explained]
    Some people might think that there are similarities between the macOS and the Linux kernel because they can handle similar commands and similar software. Some people even think that Apple’s macOS is based on Linux. The truth is that both kernels have very different histories and features. Today, we will take a look at the difference between macOS and Linux kernels.
  • AGL reveals virtualization stack for the software defined vehicle
    The Automotive Grade Linux project has unveiled plans for a virtualization framework for its Linux-based automotive distribution that provides a flexible, mixed criticality bus architecture to plug in multiple existing hypervisors and partitioners. Last August when The Linux Foundation’s Automotive Grade Linux (AGL) project released version 4.0 of its Linux-based Unified Code Base (UCB) reference distribution for automotive in-vehicle infotainment, it also launched a Virtualization Expert Group (EG-VIRT). The workgroup has now released a white paper outlining a “virtualized software defined vehicle architecture” for AGL’s UCB codebase. The framework includes a bus architecture that can encompass both critical and non-critical systems and can support a variety of open source and proprietary virtualization solutions running simultaneously.
  • Joining the Linux Foundation
    I started using open source before I even knew what it was. Perl was my first programming language, and so installing libraries from CPAN became a routine task (as well as a routine challenge on SunOS). I posted my first open source code on SourceForge soon after, still thinking of it as a way for hobbyists to share their hobby, but not as something serious developers or companies would do. I still remember the feeling I had when Netscape announced that the next version of their browser, Netscape Navigator 5, would be released as open source. As a web developer in the late 90's, Netscape was the killer app, the king of the hill, the virtual monopoly that was leaps and bounds ahead of IE4. For them to release their source code in a way that let other people see it, copy it, even improve on it, was revolutionary. And it changed forever the way I thought about open source. Of course, anybody else who lived through those turbulent times knows how that Netscape 5 story actually turned out, not because it was open source but because of business decisions and buyouts (thanks AOL!) that kept pulling the development one way and then the other. But my own journey into open source was much more straight forward. I dove in completely, releasing everything I could under an open license, using as much openly licensed software as possible. I bought (yes bought) my first copy of Linux from Best Buy in 1999, and switched my desktop permanently in 2006 when Canonical mailed me a free CD of Dapper Drake. Five years later I would join Canonical myself, and eventually land on the Community Team where I was building new communities and growing existing ones around Ubuntu and all it's upstreams and downstreams. Last year I was doing the same at Endless Computers, bringing the benefits of open technology to users in some of the most remote and disconnected parts of the world.

KDE: Kdenlive, LabPlot and KConfigXT

  • ‘Next Gen’ Kdenlive Is Almost Here — But It Needs Your Help
    A brand new beta of the ‘next-generation’ Kdenlive video editor is now available to download.
  • Kdenlive's Significantly Refactored Video Editor Is Now Ready For Testing
    Developers working hard on the Kdenlive open-source video editor are preparing to unveil their significantly refactored code-base in the upcoming KDE Applications 18.08 release. But for helping weed out the bugs, you can now test an AppImage for this big release that is nearly two years in the making. The new Kdenlive video editor now automatically separates clips having both video and audio tracks, reliable slow motion video support, timeline improvements, insert/life/overwrite should now be working reliably, KDE Purpose library support, support for generating lower-resolution video in the timeline preview for faster rendering, better keyboard layout changing support, and various other enhancements.
  • Kdenlive: test the future
    After more than 1.5 years of work, we are planning to release the refactoring version of Kdenlive in august, part of the KDE 18.08 Applications release. But taking such a decision is not easy. Most of the code was rewritten, which also means many possible regressions. So while we are very excited to have the opportunity to finally release our work to the public, it’s also a bit stressful. So what now ?
  • Support for MQTT has evolved in LabPlot
    Hey guys. It's been a while since my last post, however we haven't lazed since then. We solved the problems presented in the previous post, and also implemented the "next steps". To get in the picture you may want to read the previous post. So let's just go through the new things step by step. I'll try to explain the respective feature, and also give examples using videos or screenshots. The biggest problem was that these topics are completely INDIVIDUAL, so they may send totally different amount of data (this amount of data may differ from message to message as well, given one topic) and this hasn't made possible putting the data of these messages in the same container (spreadsheet). The idea used for the solution came from my mentor Kristóf and his former mentor Alexander Semke.
  • Use KConfigXT, but use with Care.
    Imagine that you are a happy developer living a happy life sending patches for some random terminal emulator that you know and love. Imagine also that you see a strange pattern in code and you know that you can write in a better way, and you do. Code looks fine, code looks correct, code looks pretty and it also does a massive cleanup on the number of lines of code. Now also imagine that you are pretty confident that you are actually doing something good for mankind.

GNOME: GDM and GUADEC

  • Starting sessions with systemd
    When you fire up your machine and see GDM’s friendly face smiling back at you, how did it get there? Clearly it was executed, but by what? The short answer is that GDM asked gnome-session to start its UI up for you.
  • See you at GUADEC!
    I’m currently writing this at Minneapolis airport. Having ramen and sushi, before boarding my flight to CDG and ultimately to Malaga and Almeria. GUADEC is always the most special time being able to meet absent friends, and of course the scheming, the plotting and rabble rousing and that’s just the things I’m doing! :-)
  • I’m going to GUADEC (with Ubuntu Desktop team)!
    I’m writing these lines while I’m in the flight to Almeria where this year’s GNOME Users And Developers European Conference will take place, typing with my Thinkpad Bluetooth keyboard on my mobile phone (I’ve to admit that the Android physical keyboard usage is getting awesome, allowing proper WM actions) :), as the battery of my T460p was already over after the flight from Florence to Madrid during which I fixed some more shell JS errors.

