Security and FUD (Fear, Uncertainty, Doubt)
-
The study released Monday by the security firm Emsisoft said ransomware attacks -- which encrypt and disable computer systems while demanding a ransom -- affected 113 federal, state and municipal governments, 560 health facilities and 1,681 schools, colleges and universities last year.
"The attacks caused significant, and sometimes life-threatening, disruption: ambulances carrying emergency patients had to be redirected, cancer treatments were delayed, lab test results were inaccessible, hospital employees were furloughed and 911 (emergency) services were interrupted," the report said.
-
Security updates have been issued by Debian (mutt), Fedora (libntlm, mingw-python-pillow, python-pillow, and sudo), Mageia (kernel), SUSE (gdk-pixbuf, perl-Convert-ASN1, samba, and yast2-multipath), and Ubuntu (linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.4, linux-hwe-5.8, linux-oracle).
-
PDF viewers built into leading web browsers and applications for macOS and Linux were only susceptible to comparatively trivial attacks such as denial of service (DoS).
[...]
Susceptible to eight of 10 attack techniques, the worst culprits overall were PDF-Xchange Viewer and PDF-Xchange Viewer for Windows.
PDFelement and iSkysoft, prone only to DoS, were honorable exceptions to the otherwise unimpressive Windows scorecard.
'FreakOut' Botnet Targets Unpatched Linux Systems [Ed: This is FUD and not about "Linux"; it's about unpatched programs that have nothing to do with Linux, but they ascribe guilt by association (human error/negligence)]
Researchers are tracking a new botnet dubbed "FreakOut" that's targeting vulnerabilities in Linux systems. Botnet operators have been mass-scanning for vulnerable Linux devices, and the command-and-control server associated with FreakOut has now targeted several hundred vulnerable devices.
-
Yesterday, seven Dnsmasq vulnerabilities were disclosed, collectively known as DNSPooq, that attackers can use to launch DNS Cache Poisoning, denial of service, and possibly remote code execution attacks, on affected devices.
| Adobe Illustrator Alternatives for Linux and More Alternatives
-
With a wide variety of editing tools and features, Inkscape stands out to be a great open-source vector graphics software for Linux. The user interface of the application is clean and straightforward. You will not face any issues while navigating and searching for tools.
Inkscape provides support for a number of file extensions---SVG, PNG, OpenDocument Drawings, DXF, sk1, PDF, EPS, and PostScripts. It also allows you to easily import designs created with other software. For customizing the interface, you can also install add-ons to Inkscape.
Starting with the canvas dimensions is easy. Inkscape offers you many templates to choose from and you can set up your working area with just one click. You can also implement the power of layering in your projects with Inkscape.
Pencil and pen tools, calligraphy brushes, shape tools, color selector, gradient fill, etc., are some of the tools that you can use on Inkscape.
-
The year 2021 starts with a big moment of #DeleteWhatsApp. It is when millions of people leave this proprietary software and look for better alternatives. At January 20th, I made a poll in Mastodon titled What is your choice after switching from WhatsApp? which I never thought would attract so many people. I put three choices in that poll Telegram - Signal - Element and people responded with some other alternatives such as XMPP - Threema - Jami and more. Now I present you this article as an introduction to alternative messengers mentioned in the discussion with short explanations so you can try them or refer to good sources. Enjoy sharing once again!
[..]
Jami is the new challenger to all, that is, a modern messenger without server. You can try it instantly without phone number, and your account is stored in your device not in a company's server, and it can work within local area network (see, it's really unique, right?). It is under High Priority Projects of Free Software Foundation, an official part of GNU Project, and also already a built-in part of the fully free distro Trisquel 9. I already reviewed it (see here) and showed you it's voice-video calls are functional. Download Jami at jami.net.
[...]
Extensible Messaging and Presence Protocol or XMPP (also known as Jabber) is a long standing standard of internet direct communication. It is among the pioneer of our modern federation and decentralization. It existed long before Matrix, loved by many, and you can see in the Mastodon discussion most people who didn't choose presented choices chose XMPP. To communicate over XMPP, you choose an application, with choices mentioned above. For now, thanks to friend @LPS's suggestion, I can say Blabber is good as it supports mainstream features like groups and video calls.
-
There is a new application available for Sparkers: Tribler
|
today's howtos
-
Bash allows you to map whole strings of text to single variables, simplifying its use and script writing. How do they work, and how can you use them? Let’s find out. What’s a Variable? Variables are easy-to-remember names that can contain different alphanumeric values. They’re useful because they allow the same function to be applied on different values, without having to rewrite a script/piece of code. They also make writing the script/piece of code easy, since instead of dealing with individual values, you can use the same name for all of them.
-
This brief guide explains how to fix "Failed to load ring-0 module VBoxEhciR0.r0 for device usb-ehci" in Virtualbox 6.1 in Linux.
-
This article is in continuation to my existing article Getting started with GIT on Linux. If you are new to Git, I would recommend you to first go through my previous article and then continue with this.
In this article, we will cover creating a branch, tag, renaming the branch and revert the commits on Git.
-
In this tutorial, we will show you how to install KeePass Password Manager on Ubuntu 20.04 LTS. For those of you who didn’t know, KeePassX offers a little utility intended for secure password generation. The username and password generator is very customizable, quick, and easy to work with. Especially an individual who generates passwords frequently can appreciate this feature. The full database is always encrypted either using AES or Twofish encryption criteria using a 256-bit key. For that reason, the saved information can get considered quite safe. KeePassX makes use of a database format that is definitely appropriate for KeePass Password Safe. This kind of makes the application of that application perhaps more favorable.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step installation of KeePass Password Manager on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian based distribution like Linux Mint.
-
Blender is an open-source 3D creation suite and completely free for use. It is a public project and made by hundreds of people.
Blender Supports Animation, 3D modeling, Sculpting, camera tracking, video editing, rendering, composting, and much more.
It is a cross-platform software and supports Windows, Linux, and macOS.
This tutorial will be helpful for beginners to install blender 2.91.2 in Ubuntu 20.04, Ubuntu 20.10, Ubuntu 18.04, and Linux Mint 20.1.
-
Jack Wallen walks you through some of the steps you can take to check for and mitigate distributed denial of service attacks on a Linux server.
-
Graphviz is great library for visualizing connections between any network. In this notebook, I will show you how to plot Unix directory structure using Graphviz. There is a Python package python-graphviz which I will use to plot using Python.
| Mozilla: Bugs, Fuzzing, Promoted Add-ons Pilot Wrap-up, Greenwashing, and Tor Browser 10.5a7
-
Running Ubuntu with high refresh rate monitor? You may found that the Firefox web browser does not match with your monitor’s native refresh rate.
This is a simple tip shows how to change the refresh rate of Firefox, though you have to first set the system refresh rate (Settings -> Displays) to match your monitor.
-
As a member of Mozilla’s fuzzing team, our job is not only to find bugs, but to do what we can to help get those bugs fixed as quickly as possible.
[...]
Fuzzing is, in its most basic form, the process of supplying random bits of data to an application in the hopes of triggering unexpected behavior. In relation to Mozilla and those of us fuzzing Firefox, this random data often comes in the form of JavaScript, HTML, CSS, etc., and the unexpected behavior we’re looking for, often presents itself in the form of application crashes or fatal assertions.
[...]
While the information provided by Bugmon is certainly helpful in getting bugs fixed quicker, there are a number of features we’d still like to implement.
Improvements to the bisection analysis stages may allow us to identify regressions down to a single code change. In these cases, we can automatically update the relevant regression fields which can then be leveraged by other Mozilla bots such as autonag. Additionally, we can automate requests for review by the author of the previously identified code change as they may likely be the best candidate to fix it.
Finally, one often requested feature is to include support for recording bugs with rr. For those unfamiliar with rr; it is a timeless debugger which allows us to record application failures and replay them deterministically. In combination with pernosco, a web-based rr session browser, we can get these recordings into the hands of developers instantly and without any required setup on their part. Thus, reducing the overhead associated with hard to reproduce or intermittent bugs.
-
A few months ago, we launched a pilot for a new program to help developers promote their extensions on addons.mozilla.org (AMO). The main goal of this program was to increase the number of add-ons that our staff can review and verify as compliant with Mozilla policies and provide developers with options for boosting their discoverability on AMO.
For the pilot, we tested one iteration of how this type of program might work. Pilot developers would have their add-ons manually reviewed for policy compliance. After successfully passing manual review, the pilot add-ons received a Verified badge on their AMO listing page and in the Firefox Add-ons Manager (about:addons), while we removed the standard warning label about the risks of installing third party software.
Mozilla’s Climate Commitments [Ed: Mozilla now resorting to mindless greenwashing as they have no clue how to salvage themselves]
We can’t save the planet without people, and we understand that the internet is an incredibly powerful tool to help us draw the attention to what needs to happen.
The first line of order is that Mozilla assumes responsibility for its greenhouse gas emissions: We will reduce our emissions significantly and mitigate what we can’t avoid. We will share what we learn and lead transparently, supporting others on their journeys and continuously exploring ways to increase the resiliency of our communities.
-
Tor Browser 10.5a7 is now available from the Tor Browser Alpha download page and also from our distribution directory.
Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.
|
Printer-friendly version
PDF version
.svg_.png)
Content (where original) is available under CC-BY-SA, copyrighted by original author/s.
Recent comments
57 min 37 sec ago
1 hour 32 min ago
1 hour 38 min ago
1 hour 39 min ago
1 hour 52 min ago
1 hour 54 min ago
1 hour 56 min ago
2 hours 9 min ago
2 hours 21 min ago
2 hours 40 min ago