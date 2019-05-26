Language Selection

English French German Italian Portuguese Spanish

today's leftovers

Submitted by Roy Schestowitz on Friday 7th of June 2019 10:37:31 AM Filed under
Misc
  • With Purism Products, You Are in Control

    From its beginning, Purism’s focus has been on building products that respect and protect your privacy, security and freedom. I’ve written about how these three concepts are interdependent before. While Purism is somewhat unique in focusing on all three of these concepts at once, it isn’t the only company that builds products aimed at protecting privacy, security or even freedom. In fact, each of these areas are multibillion-dollar industries.

    Security is a huge industry today, and it continues to grow, with companies releasing new products all the time–products they claim will protect you. Privacy is also hot topic right now, with many companies making sure they include “privacy” in their marketing. There is also an entire industry around products built on free software–even Microsoft recently pivoted over to supporting software freedom in its products.

    Even with all these companies focusing on the same topics, Purism stands apart from the crowd. How? In our approach. Most other companies build products that coincidentally put them, the vendor, in control. From the beginning, Purism has designed all its products to empower the user, not the vendor. All of our products show this approach–and this post will highlight some of our user-empowerment design decisions.

  • Rugged, Kaby Lake NVR computer has eight GbE ports with PoE

    Axiomtek’s fanless, Linux-ready “eBOX671-517-FL” industrial NVR computer provides 6th or 7th Gen Core CPUs, 8x PoE-enabled GbE ports, 2x SATA slots, and 4x mini-PCIe slots.

    Axiomtek has launched a rugged industrial computer for network video recorder (NVR) applications including security surveillance, optical inspection, and edge computing. The eBOX671-517-FL can connect up to 8x IP cameras via its Power-over-Ethernet capable Gigabit Ethernet ports with 802.3af/802.3at support at up to 90W.

  • Knowage Renews Sponsorship in Support of Open Source and Open Source Initiative

    Knowage, the open source suite for modern Business Analytics, combining traditional and big data sources into valuable and meaningful information, has renewed their sponsorship of the the Open Source Initiative® (OSI).  Knowage (formerly SpagoBI) has a 14-years history of open source collaboration, where individuals and companies work together to meet the latest analytical needs, including collaboration with current OSI Affiliate Members Eclipse Foundation, OW2, and Engineering Group- one of the world's leading specialist providers of services, software development and digital platforms that support both public and private companies or organizations through digital transformation.

    Powered by a strong international open source community, and released under AGPL3, Knowage code is freely accessible on GitHub.

  • Akademy-es 2019 talks announced!

    Akademy-es 2019 will be happening this June 28-30 in Vigo.

  • Quick start: Profiling local builds of Firefox for Android and GeckoView_example

    A noteworthy item in there is "--with-java-bin-path". I've had trouble on Ubuntu with the system default Java not being the right version. This helps.

    Note that if you're profiling, you really want to be doing a release build. The behaviour of release is different from an optimized build.

    If you're debuging, you probably need --enable-debug. For details of how to debug, see GeckoView Debugging Native Code in Android Studio.

  • Next steps in privacy-preserving Telemetry with Prio

    In late 2018 Mozilla conducted an experiment to collect browser Telemetry data with Prio, a privacy-preserving data collection system developed by Stanford Professor Dan Boneh and PhD candidate Henry Corrigan-Gibbs. That experiment was a success: it allowed us to validate that our Prio data collections were correct, efficient, and integrated well with our analysis pipeline. Today, we want to let you know about our next steps in testing data collection with Prio.

    As part of Content Blocking, Firefox will soon include default protections against tracking. Our protections are built on top of a blocklist of known trackers. We expect trackers to react to our protections, and in some cases attempt to work around them. We can monitor how our blocklists are applied in Firefox to detect these workarounds.

»

More in Tux Machines

GNOME: Ubuntu MATE 19.10 Picks GNOME MPV, GTK 3 Frame Profiler, and Ubuntu's Reason for Staying Behind GNOME's Latest

  • Why Ubuntu MATE 19.10 Is Ditching VLC for GNOME MPV
    GNOME MPV (now known as Celluloid) will be the default media player in Ubuntu MATE 19.10. The app supplants the versatile VLC meda player, which the MATE-desktop-toting distro has shipped with since a community poll back in 2017. So why the change now? Better desktop integration. That’s according to Ubuntu MATE’s Martin Wimpress who revealed news of the swap in the latest Ubuntu MATE monthly update on Patreon: “We will be dropping VLC from the pre-installed applications and shipping GNOME MPV instead. GNOME MPV will soon be renamed to Celluloid. The reasons for switching to GNOME MPV are similar to swapping out Thunderbird for Evolution; better desktop integration.” Size is another factor. GNOME MPV takes up a comparatively svelte 27MB on the ISO image, whereas Qt5-based VLC requires closer to 70MB.
  • Ubuntu MATE 19.10 Is Ditching VLC for GNOME MPV
    •  
  • GTK 3 Frame Profiler
    I back-ported the GTK 4 frame-profiler by Matthias to GTK 3 today. Here is an example of a JavaScript application using GJS and GTK 3. The data contains mixed native and JS stack-traces along with compositor frame information from gnome-shell.
  • Ubuntu keeping up with GNOME stable updates
    Recently Michael blogged about epiphany being outdated in Ubuntu. While I don’t think that a blog ranting was the best way to handle the problem (several of the Ubuntu Desktop members are on #gnome-hackers for example, it would have been easy to talk to us there) he was right that the Ubuntu package for epiphany was outdated. [...] Again the reality is a bit more complex. Snaps don’t have depends like debs do, so by nature they don’t have problems like being blocked by missing depends. To limit duplication we do provide a gnome platform snap though and most of our GNOME snaps use it. That platform snap is built from our LTS archive which is on GTK 3.22 and our snaps are built on a similar infrastructure. [...] And as a conclusion, if as an upstream or user you have an issue with a component that is still outdated in Ubuntu feel free to get in touch with us (IRC/email/launchpad) and we will do out best to fix the situation.
    •  

Programming/Development: Fortran and Python

Security: Windows Back Doors, BSD's Recent Security Innovations, China, Australia and Reproducible Builds in May 2019

  • Warnings of world-wide worm attacks are the real deal, new exploit shows
     

    The video shows a module Dillon wrote for the Metasploit exploit framework remotely connecting to a Windows Server 2008 R2 computer that has yet to install a patch Microsoft released in mid May. At about 14 seconds, a Metasploit payload called Meterpreter uses the getuid command to prove that the connection has highly privileged System privileges. In the remaining six seconds, the hacker uses the open source Mimikatz application to obtain the cryptographic hashes of passwords belonging to other computers on the same network the hacked machine is connected to.

  • Baltimore’s bill for ransomware: Over $18 million, so far
     

    It has been a month since the City of Baltimore's networks were brought to a standstill by ransomware. On Tuesday, Mayor Bernard "Jack" Young and his cabinet briefed press on the status of the cleanup, which the city's director of finance has estimated will cost Baltimore $10 million—not including $8 million lost because of deferred or lost revenue while the city was unable to process payments. The recovery remains in its early stages, with less than a third of city employees issued new log-in credentials thus far and many city business functions restricted to paper-based workarounds.

  • Recent Security Innovations
     

    There have been some recent security innovations previously unreported here:  
        New flag "MAP_CONCEAL" for mmap(2) allocations
        No syscalls from pages where PROT_WRITE is still enabled  

  • China tightens South Korea visa rules 'after Huawei rebuff'
     

    China has tightened business visa rules for citizens of US ally South Korea, after Seoul chose telecommunications providers other than Huawei for its upcoming network projects.  

  • ANU breach due to the kind of data it held: security pro
     

    The Australian National University suffered a data breach because of the type of data it held, a security professional from privileged account management solution provider Thycotic claims.  

  • Reproducible Builds in May 2019
    Welcome to the May 2019 report from the Reproducible Builds project! In our reports we outline the most important things which have been up to in and around the world of reproducible builds & secure toolchains over the past month. As a quick recap, whilst anyone can inspect the source code of free software for malicious flaws, almost all software is distributed to end users pre-compiled. The motivation behind reproducible builds effort is to ensure no malicious flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing third-parties to come to a consensus on whether a build was compromised.

today's howtos

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6