Language Selection

English French German Italian Portuguese Spanish

Software: bzip2, curl, Chrome and KDE/Cantor

Filed under
Software
  • Federico Mena-Quintero: Maintaining bzip2

    Today I had a very pleasant conversation with Julian Seward, of bzip2 and Valgrind fame. Julian has kindly agreed to cede the maintainership of bzip2 to me.

    Bzip2 has not had a release since 2010. In the meantime, Linux distros have accumulated a number of bug/security fixes for it. Seemingly every distributor of bzip2 patches its build system. The documentation generation step is a bit creaky. There is no source control repository, nor bug tracker. I hope to fix these things gradually.

  • Daniel Stenberg: curl user survey 2019 analysis

    The annual curl user survey 2019 ran for 14 days and ended a while ago. I’ve spent a good deal of time summing up the data, making graphs, tables and creating a document out of what I’ve learned.

  • Stable Channel Update for Desktop

    The Chrome team is delighted to announce the promotion of Chrome 75 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.

    Chrome 75.0.3770.80 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 75.

  • Google Releases Chrome 75 With Experimental Reader Mode, More WebAssembly Work

    Google today rolled out the stable release of their Chrome 75 web-browser with the newest feature additions and improvements for your summer enjoyment.

    One of the big additions to Chrome 75 is the addition of an experimental Reader Mode that's akin to the feature offered within Firefox. Reader Mode isn't readily accessible in Chrome 75 but can be enabled via Chrome's flags/experiments area.

  • Google Chrome 75 Released for Linux, Windows, and Mac with 42 Security Fixes

    Google has released today the Google Chrome 75 web browser for all supported platforms, including Linux, Windows, and Mac, a release that fixes security issues and adds various improvements.
    Google Chrome 75 has been promoted today to the stable channel as version 75.0.3770.80, a minor release that introduces several new features and enhancements for desktop users and web developers. Among these, we can mention a new option in "Privacy and security" setting to manage security keys, as well as support for Scroll Snap Stop to improve gesture navigation.

    The Web Share API has been updated to support file sharing in Web Apps, which now can invoke the same native share dialog box like normal apps. Numeric literals were made more readable by adding support for underscores (_, U+005F), and there's now a low-latency alternative to the deprecated NaCl/PPAPI solution. Web RTC and animation improvements are also present.

  • Chrome 75 for Mac, Windows, Linux rolling out w/ security key manager, ‘Scroll Snap’ support

    Service workers are increasingly used by today’s websites to create powerful experiences that feature push notifications, background syncing, and offline capabilities. Given that they run in the background with no corresponding web page or user interaction, Chrome 75 will now list service workers in the Task Manager (Settings > More Tools).

  • Chromebook Pixel 2015, 8 more Chrome OS devices to get Linux apps support soon

    Late last year, we uncovered a list of devices that would never be able to support Chrome OS’s Linux apps (Crostini). At the time, we noted that the second-generation Chromebook Pixel from 2015 was not on this list, and that it in fact stood a chance of getting the necessary upgrades to support Linux apps. It seems that eight more devices are following suit to allow their owners to run Linux apps.

    The ability to run Linux apps has opened the door for Chromebooks to become more than just a glorified web browser, but an actual workstation. Many older devices, however, were unable to get Linux apps support, due to not having the necessary hardware. Other Chromebooks were held back because their underlying Linux kernel for Chrome OS was much older and thus didn’t have everything necessary to integrate Linux apps properly.

  • Sirgienko Nikita (sirgienko)

    Hello everyone! I'm participating in Google Summer of Code 2019, I am working on KDE Cantor project. The GSoC project is mentored by Alexander Semke - one of the core developers of LabPlot, Knights and Cantor.

    [...]

    Actually, it's not my first contribution to Cantor. I am contributing to this project for roughly one year already. As a developer interested in C++, Qt and applications relevant for scientific purposes, I started to contribute to Cantor last year by working on smaller bug fixes first. With time and with more understanding about the overall architecture of Cantor I could work on bigger topics like new features, more complicated bug fixes and refactorings in the code and this year I'm happy to contribute yet another big and very important functionality to Cantor as part of GSoC.

More in Tux Machines

Android Leftovers

Security, Fear, Uncertainty, and Doubt

  • Security updates for Thursday

    Security updates have been issued by Debian (netty and netty-3.9), Fedora (ceph, dovecot, poppler, and webkit2gtk3), openSUSE (inn and rmt-server), Oracle (openjpeg2), Red Hat (rabbitmq-server), Scientific Linux (openjpeg2), SUSE (dnsmasq, rsyslog, and slurm), and Ubuntu (php7.0).

  • 30 The Most Common Hacking Techniques and How to Deal with Them [Ed: Cracking, not hacking. Not the same thing.]
  • A guide to developing a holistic IT security strategy

    In assessing how prevalent cyberattacks are for companies, 18 percent of respondents rated the security risk as very high. Half (50 percent) even stated that their company had suffered financial losses due to security incidents. Opinions differed as to whether the incidents were handled optimally: Almost half (49 percent) say that everything worked well, while the other half (49 percent) believe there is a lot of potential for improvement.

  • Linux and malware: Should you worry? [Ed: All those headlines with question marks mean that the answer is "No."]

    Gone are the days when the idea of viruses or other malware hitting Linux was almost universally greeted with quizzical glances, if not outright rejection. Long thought of as the perfect marriage of open-source goodness and strong, Unix-like security, Linux-based operating systems are now increasingly seen as another valuable – and viable – target. This shift in thinking is partly the result of a growing realization among both Linux hobbyists and system administrators that a compromised Linux system such as a web server provides attackers an excellent ‘return on investment’. Just as importantly, malware research in recent years has brought better visibility into threats facing Linux systems.

Devices: Raspberry Pi, Industrial/Panel PCs and RISC-V

         
  • How to play sound and make noise with your Raspberry Pi
           
             

    If your amazing project is a little too quiet, add high-fidelity sound with Raspberry Pi and the help of this handy guide from HackSpace magazine, written by PJ Evans.

  •       
  • Raspberry Pi 4 UEFI+ACPI Firmware Aims to Make the Board SBBR-Compliant

    As Arm wanted to enter the server market, they realized they had to provide systems that could boot standard operating system images without modifications or hacks – just as they do on x86 server -, so in 2014 the company introduced the Server Base System Architecture Specification (SBSA) so that all a single OS image can run on all ARMv8-A servers.

  • Linux-ready Apollo Lake panel PC has IP65 protection

    WinSystems’ IP65-protected, 12-inch “PPC12-427” capacitive panel PC runs on an Apollo Lake SoC with up to 8GB DDR3L ECC RAM, 2x GbE, 2x 4K DP, 4x USB, and -30 to 85°C support. Grand Prairie, Texas based WinSystems has announced a fanless, 12.1-inch, panel PC designed for signage, kiosk, food service, and industrial IoT HMI applications.

  • Modular Coffee Lake system has SUMIT and optional PCIe expansion

    Ibase’s “MAF800” industrial AI PC runs Ubuntu or Win 10 on an 8th Gen Coffee Lake CPU with 3x GbE, 2x SATA, 6x USB 3.0, and 2x SUMIT slots for an optional 4x PoE module. Other models offer PCIe x16, x8, and x4 slots. Last week, Taiwan-based Ibase announced it was pulling out of next week’s Embedded World show in Nuremberg due to concerns about the coronavirus. Other announced no-shows include Arm, Bridgetek, Digi-Key, FTDI, Kontron, and Rohm. Yet, Ibase and others appear to be pushing forward with their usual late February embedded product announcements.

  • Antmicro GEM ASIC Leverages zGlue Technology to Quickly Bring Custom Arm/RISC-V SoC’s to Market

    Introduced in 2018, ZiP (zGlue Integration Platform) chip-stacking technology aims to produce chips similar to Systems-in-Package (SiP) but at much lower costs and lead times.

  • Aldec and Codasip at Embedded World: Showcasing an Integrated UVM Simulation Environment for Verifying Custom Instructions with RISC-V Cores

    “Variability of the RISC-V ISA-based processor family brings new challenges to design flow. In particular, IP and SoC verification needs productivity boost tools and seamless integration into our design environment,” said Karel Masařík, CEO of Codasip. “Our generic UVM methodology combined with Aldec's simulation and code coverage efficiency analysis helps us add the desired RISC-V core extensions and provide core customization faster than our competition.”

Malicious Proprietary Software

  • Discord Is Not An Acceptable Choice For Free Software Projects

    Discord’s communication is not end to end (e2e) encrypted. It is encrypted only between the individual user and the servers operated by Discord Inc. Their spying extends to every single message sent and received by anyone, including direct messages betweeen users. The service can and does log every message sent, both in-channel and DMs. It is impossible to have a private conversation on Discord, as there will always be an unencrypted log of it stored by Discord. Discord can, at their option, provide those stored messages to any third party they wish, including cops or government snoops, for any reason, even without a legal order, without any obligation to tell you that they have done so.

  • [Attackers] Were Inside Citrix for Five Months

    Networking software giant Citrix Systems says malicious [attackers] were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords.

  • [Vulnerable] firmware lurks inside Dell, HP and Lenovo computers amid supply chain security efforts

    “Firmware is meant to be invisible to the user, and so it’s not surprising that most people don’t pay attention to it,” said Eclypsium CEO Yuriy Bulgin. “However, these components make up the foundation upon which every device, operating system, and application depends.”

    Researchers used unsigned firmware to show how an attacker could compromise an operating system remotely in order to steal network data. The highlighted flaws could also enable “direct-memory access” attacks which exploit a computer’s core operating system.

  • Aera Launches Cognitive ‘Business Brain’ Operating System [Ed: This is NOT an 'operating system". Terms misused these days.]

    Infor labels one of its core brands Infor OS and quite unashamedly uses the term operating system to explain the function of its industry-specific Enterprise Resource Planning (ERP) and Supply Chain Management (SCM) cloud software. Mountain View headquartered Aera Technology has used a similar naming convention within its branding and called its automation-centric cloud platform the Aera Cognitive Operating System.

  • Microsoft Defender ATP for Linux Now In Public Preview

    Microsoft Defender ATP for Linux is now available in a public preview that allows administrators and security professionals to test the product in six different Linux distributions.

  • Keen to check for 'abnormal' user behaviours? Microsoft talks insider risk, AWS imports and compliance at infosec shindig RSA [Ed: “Microsoft talks insider risk”; but Microsoft is the risk]

    As well as widening the preview of Microsoft Threat Protection, a system aimed at a more automated response to threats, the gang has also extended the cross-platform support for Microsoft Defender Advanced Threat Protection (ATP) to include a whole bunch of Linux distributions.

  • Microsoft plans to add Linux support for Chromium-based Edge

    Microsoft fought long and hard to maintain and push its own proprietary browser, even launching Edge, hoping to get away from the stigma against Internet Explorer. However, the dominating market share of Chromium-based browsers finally got to Microsoft, and the company announced it would rebuild Edge with the Chromium source code. Last month, we reported that Microsoft’s Chromium-based Edge was out of development and ready for public deployment.