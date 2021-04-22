Language Selection

KDE Plasma 5.22 Beta Released with Stability and Usability Improvements

KDE Plasma 5.22 brings big changes like the new Plasma System Monitor app introduced in the KDE Plasma 5.21 release as a replacement for KSysguard as the default system monitoring app, a new adaptive panel transparency feature to help you make both the panel and the panel widgets more transparent, support for activities on Wayland, as well as support for searching through menu items from the Global Menu applet on Wayland.

Task Manager’s “Highlight Windows” feature has been improved as well to only highlight windows when hovering over their thumbnail in the tooltip by default, it’s now possible to change the text size in sticky note widgets, accessibility and keyboard navigability has been greatly improved in System Settings, as well as overall Wayland support.

today's leftovers

  • What do you really need in a laptop?

    You’ve probably heard of Linux, but it’s rare to find in the wild. It’s the only open source operating system of the bunch, and it allows you to tweak your OS from the kernel up. Taking full advantage of Linux’s flexibility requires a lot of technical knowledge, but there are also Linux versions that come ready to use after installation.

    Brilliant developers have also made beautiful, thoughtful versions of Linux that are as intuitive as MacOS and ChromeOS. If you want to prolong the lifespan of your beloved laptop that may be older than your children, then Linux Mint runs well on ancient hardware, and it’s very easy to install.

    If you are concerned about privacy, Linux is by far the best OS. Linux is not owned by anybody, and its open-source nature means that any data tracking built into the OS will be spotted quickly by the community. Most distributions of Linux will not collect your data, sell your data, or otherwise track your data, keeping you more secure from data leaks than with ChromeOS, MacOS, or Windows 10. All three of these collect your data, leaving you vulnerable to [attacks] or leaks even if you otherwise use best security practices.

  • Pyzo – The Interactive Editor for Scientific Python

    Pyzo is a free, open-source, and cross-platform Python IDE that is focused on introspection and interactivity, that is why it is well suited for scientific computing. Its feasible design is aimed at simplicity and efficiency, consisting of two components: shell and editor. It uses a collection of pluggable tools to help programmers in many ways. Some of these pluggable tools are project manager, workspace, source structure, and interactive help. Besides, Pyzo is purely written in Python 3 and uses the Qt GUI toolkit.

  • Vaccine Production and Open Source Technology

Security Patches and Proprietary Software Catastrophes

  • Security updates for Thursday

    Security updates have been issued by Debian (graphviz and redmine), Fedora (dom4j, kernel, kernel-headers, kernel-tools, mariadb, php, php-phpmailer6, and redis), openSUSE (kernel and nagios), and Ubuntu (mysql-5.7, mysql-8.0 and python-django).

  • FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect Federal Government Networks [iophk: Windows TCO]

    Remove Barriers to Threat Information Sharing Between Government and the Private Sector. The Executive Order ensures that IT Service Providers are able to share information with the government and requires them to share certain breach information. IT providers are often hesitant or unable to voluntarily share information about a compromise. Sometimes this can be due to contractual obligations; in other cases, providers simply may be hesitant to share information about their own security breaches. Removing any contractual barriers and requiring providers to share breach information that could impact Government networks is necessary to enable more effective defenses of Federal departments, and to improve the Nation’s cybersecurity as a whole.

  • ‘Arm Waving’ Response to Hackers Makes Oil Industry Easy Prey [iophk: Windows TCO]

    Colonial Pipeline became aware of the attack about May 7, after attackers had stolen nearly 100 gigabytes of data and encrypted at least a portion of the company’s IT network -- the portion of its network most of its employees use to check their email, review contracts or write and distribute invoices. However the company also took much of its operational systems offline – the side of the network where machines talk to machines to actually push gas up and down the pipeline. There is no evidence Colonial’s operational technology systems -- which isn’t connected to its IT system -- were compromised by the attack, the company said.

  • F.B.I. Identifies Group Behind Pipeline [Attack] [iophk: Windows TCO]

    So far, intelligence officials said, all of the indications are that it was simply an act of extortion by the group, which first began to deploy such ransomware last August and is believed to operate from Eastern Europe, possibly Russia. There was some evidence, even in the group’s own statements on Monday, that suggested the group had intended simply to extort money from the company, and was surprised that it ended up cutting off the main gasoline and jet fuel supplies for the Eastern Seaboard.

  • Here’s what we know about DarkSide ransomware [iophk: Windows TCO]

    The popularity and increasing maturity of the ransomware-as-a-service model combined with the aging systems that control energy systems is a compounding problem. As threat actors continue to observe ransomware’s operational success, more cybercriminals likely will want to get in on the action due to its thriving sub-industries (i.e. access brokers, credential shops, and bulletproof hosting) and higher returns when compared other crimes (i.e. targeting bank accounts). It’s imperative that companies responsible for critical infrastructure understand that insecure systems present a juicy ransomware target to the cybercriminal underground, and proactive defenses will go a long way in preventing future incidents like what happened with Colonial Pipeline.

  • AK: US ransomware attack aftermath food for thought in Estonia too [iophk: Windows TCO]

    In the current situation where remote work is common, simple security holes are also prevalent and being exploited by cyber criminals, the Information System Authority (RIA) says.

    Ransomware involves trojan malware systems finding their way into the victim's IT system, for instance via a phishing email or a vuln in a network service. Often an app then restricts or locks the system, demanding payment to unlock it.

    RIA's recommendation when asked about such attacks is that in no circumstances should ransoms be paid, pour encourager les autres as much as anything.

    RIA senior analyst Lauri Tankler told AK that: "Since money has been paid to such groups for years, they have been coming up with better and better cyber ransomware products, and are able to do more and more harm to society as a result.

  • VMware names India-born Raghu Raghuram as CEO from June

    Since joining VMware in 2003, Raghuram has helped steer the company’s strategic direction and its technology evolution.

  • VMware Appoints Raghu Raghuram As New CEO
  • VMware heads to court over GPL violations

    Unlike commercial litigants, the Conservancy neither seeks profit from litigation nor uses it early. The organization's FAQ explains:

    Neither Conservancy nor [Hellwig] takes this action lightly nor without exhausting every other possible alternative first. This lawsuit is the outgrowth of years of effort to convince VMware to comply with GPL.

  • Biden signs executive order aiming to prevent future cybersecurity disasters

    The executive order outlines a number of initiatives, including reducing barriers to information sharing between the government and the private sector, mandating the deployment of multi-factor authentication in the federal government, establishing a Cybersecurity Safety Review Board modeled after the National Transportation Safety Board, and creating a standardized playbook for responding to “cyber incidents.” You can read more about all of the initiatives in the White House’s fact sheet here.

Videos/Shows: Ubuntu, Bad Voltage, BSDNow, Full Circle Weekly News, and TLLTS

today's howtos

  • How to Install and Configure VNC Server on Ubuntu 20.04 LTS

    VNC or Virtual Network Computing is a graphical desktop sharing tool that allows you to remotely control a computer (server or desktop) from another computer (client). A VNC server transmits all keyboard and mouse events from the client computer to the server computer. If you are not yet familiar with CLI commands such as the terminal, etc., you can use VNC to help you manage files, software, and system settings on remote computers. In this tutorial, we will guide you step-by-step through setting up the VNC server on Ubuntu 20.04. We will install a Linux desktop XFCE on the server, then install and configure the VNC server using TightVNC.

  • How to Install the Latest VLC Player in Ubuntu 20.04 LTS

    There are many open-source media players available to Linux users. A preference for the selection comes from features, the ease of installation, and the availability of a stable version. The stable version of VLC 3.0 is out and ready to use. In this article we will show you several ways to install the VLC media player, depending on whether you choose the graphical interface or the command line of your Ubuntu system. We have run the commands and procedures mentioned in this article on an Ubuntu 20.04 LTS system.

  • How to install PHP Mcrypt extension on Ubuntu 20.04 or Debian

    PHP Mcrypt extension provides encryption facilities to web applications that need the functionality of modern algorithms such as AES. This extension works as an interface to the Mcrypt’s libmcrypt library which implements all the algorithms and modes found in it such as DES, TripleDES, Blowfish (default), SAFER-SK128, LOKI97, GOST, RC2, RC6, MARS, IDEA, RIJNDAEL-128 (AES), RIJNDAEL-192, TWOFISH, TEA, RC2, and more. However, PHP developers have removed it from the PHP package bundle since the launch of php7.2 because of no further development in Mcrypt, thus the extension also gets decrypted. Sodium (available as of PHP 7.2.0) and OpenSSL are now some alternatives to it.

  • 1 Click Install Mosh Mobile Shell On Linux

    Mosh is a remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes. Mosh is a replacement for interactive SSH terminals. It’s more robust and responsive, especially over Wi-Fi, cellular, and long-distance links. It’s is free software, available for GNU/Linux, BSD, macOS, Solaris, Android, Chrome, and iOS.

  • 5 ways to check if your Linux OS is 64-bit or 32-bit

    If you're a Linux newbie, you should know that there will be times - such as when installing packages - when you'll be looking for a way to see if your operating system is 32-bit or 64-bit. The information is not hard to find, but there is more than one way to access it. In this tutorial, I'll discuss some of those ways. But before we start the discussion, it's worth sharing that all the instructions and commands mentioned in this article have been tested on Ubuntu 20.04 LTS and Debian 10, and CentOS 8

  • Search a file in Linux using Find & Locate command - LinuxTechLab

    One of the most annoying things according to me while managing servers is trying to search for a file in Linux servers. At one point or another, we are required to find a file’s location in a Linux server where you need to make changes or have to locate a file with logs, backup, etc.

  • How to troubleshoot application issues and crashes with snapd gdbserver | Ubuntu

    Sometimes, applications may not run well, or they could even crash. When such issues occur, it is useful to have a consistent, reproducible method of triggering the problem, so that developers can have a reliable way and sufficient data to troubleshoot the issues and produce a fix. In the software world, the GNU Debugger (gdb) is a powerful tool that allows developers to do just that. With snaps, things are slightly more complicated. Snaps run as isolated, self-contained applications, with strong security confinement. They are managed and launched by the snapd service. This means that if you were to invoke gdb to troubleshoot snaps exhibiting startup or runtime issues, the actual application execution will be masked by the snapd processes that wrap it. To work around this phenomenon, and give developers the right tools for the job, the snap daemon also includes gdbserver, which allows users to inspect their applications in a manner that is very similar to the classic Linux system.

  • Bash scripting: Moving from backtick operator to $ parentheses

    There are certain commands or tricks that you start using as a sysadmin, which you simply incorporate into your arsenal and never really stop to analyze in-depth all the options or alternatives to them. For me, one of those tricks is the backtick operator. I used it rather frequently when I programmed in Perl (which I don't use nowadays, but it seems to still have a loyal fan club - check this poll). In my Perl scripts, I would use the backtick operator to run a command in the operating system and return the output to continue the logic in the script.

