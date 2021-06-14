Language Selection

  • LFCA: Learn the Basic Concepts of Using Containers – Part 22

    Over time, as demand for rapid testing and deployment of applications grew coupled with faster business cycles, organizations were compelled to innovate in order to keep up with the fast-paced business environment.

    The quest to modernize applications and build new ones to create agile workflows led to the concept of using containers. Containerization technology is nearly as old as virtualization. However, containers didn’t ignite much excitement until Docker exploded into the scene in 2013 and evoked a frenzied interest among developers and other IT professionals.

  • Kubernetes Operators 101, Part 2: How operators work

    Kubernetes Operators might seem complex at first, but if you understand Kubernetes, you can easily extend that knowledge to Kubernetes Operators. Part 1 of this series provided an overview of Kubernetes Operators and what they do. This article explains aspects of how a Kubernetes cluster works, including the structure of a cluster, how workloads are managed, and the reconciliation process.

  • Introduction to the Node.js reference architecture, Part 4: GraphQL in Node.js | Red Hat Developer

    In this part of our ongoing introduction to the Node.js reference architecture, we dig into some of the discussions the team had when developing the GraphQL section of the reference architecture. Learn about the principles we considered and gain additional insight into how we developed the current recommendations for using GraphQL in your Node.js applications.

  • Using a compressed diff instead of lines of code | Bryan Quigley

    Lines of code (LOC) has some known flaws, but one of its advantages is that it lets humans visualize it for a small enough number. For bigger numbers like 100,000 vs 200,000 lines of code it really doesn't help us humans picture it.

    For big enough changes, you could switch to just compressing the diff and measuring that. That also nicely tracks what developers would have to actually download to get the new changes. It also helps with understanding the bandwidth requirements of contributing to a project.

  • Linux / BSD command line: process monitoring and control with top, htop & Co.

    Users and admins regularly need more detailed information about the processes running on a GNU / Linux or Free / Net / OpenBSD system. You have to identify which processes are particularly demanding on the CPU and locate crashed and frozen programs in order to be able to terminate them in a targeted manner.

    For system monitoring and process management, there are many tools (including graphical ones) that help you sift through and clear the process list. But these are not always available on servers or appliances such as firewalls / routers or NAS. Classic tools such as ps and kill. In the area of ​​system management, more extensive command line programs such as top and its numerous further developments, however, significantly more. top and some derivatives of this we present in this article and explain the basic operation using small practical examples.

  • How I automatically run things after waking up my computer | Hund

    Some time ago, Gentoo deprecated pm-utils, which didn’t come as a surprise considering it hasn’t been updated upstreams for 11 years now.

    pm-utils was a small collection of scripts that handles suspend and resume on behalf of HAL. One of the things that pm-utils allowed me to do, was to automatically run any scripts when I woke up the computer.

    With the deprecation of pm-utils, I was left with two alternatives; 1) elogind (the systemd project’s logind, extracted to a standalone package) and 2) s2ram. Considering the fact that I’m not a big fan of systemd, I really only had one choice.

  • How to Disable ‘Recommended by Pocket’ Articles Suggestion in Firefox New Tab [Ed: Mozilla should just disable this by default, but Firefox isn't about the users anymore]

    Now, I don’t like an algorithm to tell me which articles I should be reading. I use feed readers and read articles from the sources I choose to follow.

    If you don’t like these article recommendations and you prefer not to see it in your new tab area, there is an easy way to disable it. Let me show it to you.

  • How to Install Ubuntu 21.04 Hirsute Hippo [Step by Step]

    Ubuntu 21.04 Hirsute Hippo is the first short-term release of 2021 which brings moderate changes and updates. In case you missed it, here’s a quick recap of the new features of Ubuntu 21.04.

  • How to Install, Remove, Manage Flatpak Apps in Ubuntu Command Line | UbuntuHandbook

    This simple tutorial shows how to search for, install, remove, and manager Flatpak apps in Ubuntu Linux.

    Flatpak is an universal Linux package format developed by an independent community. Like snap, it runs in sandbox and bundles most runtime libraries.

    Flatpak is supported out-of-the-box in many Linux Distros, e.g., CentOS, Fedora, Linux Mint. And it’s available in the most Linux repositories. Since many software developers publish binary packages via flatpak, it’s a good choice to install external apps in Ubuntu Linux.

  • How to install Oracle Linux 8.4

    In this video, I am going to show how to install Oracle Linux 8.4.

  • How to compress images on Linux with Curtail

    If you’ve got large image files on your Linux PC and need to compress them, the easiest way to do it is with Curtail. What is Curtail? It’s a super user-friendly, easy-to-use application that Linux users can use to compress image files. Here’s how it works.

  • How to play Tetris on the Ubuntu command line

    Tetris is our childhood favorite falling blocks game. The 90s generation has literally grown up playing this game and the best thing about it is that even today, it is as popular as it was years ago. Many of the Computer Science students are asked to build this game in different programming languages as a part of their different course projects. On a commercial level also, this game has undergone several revisions and today, many different variations of Tetris are available out there.
    If we talk about the rules of this game, then there is a rectangular boundary defined inside which you are supposed to play. Once your selected level of the game starts, the blocks of different shapes start falling and you have to move them and adjust them in a way that they fall perfectly on the block that has already fallen on the ground. The blocks continue to fall until the upper limit of the defined boundary has reached. After that, the game terminates and your score is presented to you on the screen.
    While playing Tetris, your goal should be to align as many blocks in symmetry as possible. That is the exact factor on which the score of your game depends. As a Linux user, you might also like to have this amazing game installed on your system. Therefore, today, I will show you how to install theTetris clone 'Tint' on a Ubuntu 20.04 system. Apart from that, we will also learn how we can actually play this game once it is installed on our system. Finally, we will share with you an additional tip about Tetris.

  • How to read Wikipedia from the Linux desktop

    Have you ever wanted to read Wikipedia from the comfort of your favorite Linux desktop environment rather than relying on Firefox or Chrome? As it turns out, thanks to the Wike app, it is possible.

  • Fix Linux Server Server Issues With These 5 Troubleshooting Steps

    If your Linux server isn't performing to its full potential, it's likely there is an underlying issue that needs resolving.

    Follow these five simple yet practical steps to troubleshoot a Linux server and reduce the downtime to an absolute minimal.

  • Gitlab setup tutorial - Things to do after installation - LinuxTechLab

    Earlier we have discussed the detailed installation of the Gitlab server on CentOS & Ubuntu systems. Once we have our Gitlab server ready, we must be able to perform common operations, some post-installation Gitlab setup like the ones mentioned below,

    Add SSH keys
    Create/Remove User
    Create/Remove Groups
    Create Project

    In this Gitlab tutorial, we are going to discuss just that. We will learn how we can perform all these things step by step with the help of some screenshots.

Nvidia Jetson Security Risks

  • Nvidia Jetson chips make IoT devices vulnerable to attack | IT PRO

    Nvidia has patched several vulnerabilities in its Jetson system-on-module (SOM) series chips that hackers could have exploited to escalate privileges and mount denial-of-service (DoS) attacks. The products affected by the vulnerabilities include the Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano, and Nano 2GB running Jetson Linux versions before 32.5.1. The product line comprises embedded Linux AI and computer vision compute modules and developer kits for AI-based computer vision applications and autonomous systems, such as mobile robots and drones.

  • NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws

    U.S. graphics chip specialist NVIDIA has released software updates to address a total of 26 vulnerabilities impacting its Jetson system-on-module (SOM) series that could be abused by adversaries to escalate privileges and even lead to denial-of-service and information disclosure. Tracked from CVE‑2021‑34372 through CVE‑2021‑34397, the flaws affect products Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, and Nano and Nano 2GB running all Jetson Linux versions prior to 32.5.1. The company credited Frédéric Perriot of Apple Media Products for reporting all the issues.

  • Bugs in NVIDIA’s Jetson Chipset Opens Door to DoS Attacks, Data Theft | Threatpost

    Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms. Flaws impacting millions of internet of things (IoT) devices running NVIDIA’s Jetson chips open the door for a variety of hacks, including denial-of-service (DoS) attacks or the siphoning of data. NVIDIA released patches addressing nine high-severity vulnerabilities including eight additional bugs of less severity. The patches fix a wide swath of NVIDIA’s chipsets typically used for embedded computing systems, machine-learning applications and autonomous devices such as robots and drones.

KDE Plasma 5.22.2 Released with Better Flatpak and Wayland Support

Coming just one week after KDE Plasma 5.22.1, the KDE Plasma 5.22.2 point release is here to further improve the Plasma Wayland session by fixing an issue with the mouse cursor being invisible for a short period of time after the screen comes back from sleep, as well as to implement activities window rule. It also improves the Plasma Discover package manager by addressing a regression that made the graphical package manager to notify users all the time about Flatpak app updates even when there weren’t any. Read more

Security Leftovers

  • 8 Great Static Application Security Testing Tools

    No matter how good an app is made and how talented and experienced the team behind it is, you can never render it safe without adequate testing. Testing apps is done in a number of different ways, from deliberately trying to compromise the security of an app to analyze every line of the code for potential vulnerabilities. Static Application Security Testing (SAST), or static analysis, is a set of technologies designed to scan and analyze source code to find security vulnerabilities, which helps developers fix security issues.

  • Wormable DarkRadiation Ransomware Targets Linux and Docker Instances [Ed: Microsoft has NSA back doors, but let's focus on what can be done on "Linux" provided it is already compromised, somehow...]

    DarkRadiation's infection chain involves a multi-stage attack process and is noteworthy for its extensive reliance on Bash scripts to retrieve the malware and encrypt the files as well as Telegram API to communicate with the C2 server via hardcoded API keys.

  • Do you want speed or security as expected? Spectre CPU defenses can cripple performance on Linux in tests [Ed: Let's talk not about Microsoft back doors but about how hardware defects (nothing to do with Linux) can cause Linux to slow down a bit]

    The mitigations applied to exorcise Spectre, the family of data-leaking processor vulnerabilities, from computers hinders performance enough that disabling protection for the sake of speed may be preferable for some. Disclosed in 2018 and affecting designs by Intel, Arm, AMD and others to varying degrees, these speculative execution flaws encompass multiple variants. They can be potentially exploited by malware via various techniques to extract sensitive information, such as cryptographic keys and authentication tokens, from operating system and application memory that should be off limits. Though a lot of research has gone into the Spectre flaws, and work done to prevent their exploitation, basically no miscreants are abusing the weaknesses in the real world to steal information, to the best of our knowledge. There in lies the rub; does one keep the protections on and take whatever performance hit arises (it does depend enormously on the type of workload running) or switch them off because the risk is low? Or, from another point of view, put speed promised by chip manufacturers over security that was supposed to be present.

  • Software bills of materials (SBOM) could help improve cybersecurity - CNX Software

    There have been some widely publicized hacks in recent months including the SolarWinds hack and the Colonial pipeline cyber attack. Those two were particularly costly and disruptive, and the US government issued an executive order that lists some of the requirements to stretch cybersecurity.

  • Security updates for Tuesday

    Security updates have been issued by Fedora (audacity), openSUSE (chromium), Oracle (glib2), SUSE (Salt and salt), and Ubuntu (apache2 and openexr).

Games: Heroic Games Launcher, Peachleaf Valley, Residual

  • Heroic Games Launcher for Epic Games sees a small bug fix release ahead of the big 1.8 | GamingOnLinux

    Heroic Games Launcher is an application built on top of the a command-line client called Legendary, and Heroic has a fresh bug fix release out to help ahead of a major release. The application itself is built for Linux upon tech like Electron, and it does work very nicely. Why the need for it? Well, Epic Games don't support Linux with their official client or with the games on the service even if they have a Linux build elsewhere. With that in mind, games downloaded will run in a compatibility layer like Wine and Proton.

  • Peachleaf Valley is an upcoming farming-sim inspired otome visual novel | GamingOnLinux

    Peachleaf Valley, currently having a big success on Kickstarter is a visual novel inspired by farming life sims like Harvest Moon and Stardew Valley. It's an "otome" visual novel, which if I do have my lingo correct means it's primary target is towards women.

  • Residual aims to give us a 'new breed' of survival platformer in Q3 2021 | GamingOnLinux

    Residual, a "new breed" of survival platformer from OrangePixel and revived publisher Apogee Entertainment is set to release in "Q3 2021" and there's a new trailer. What makes it different? Well there's no traditional combat, and there's no focus on shooting or anything like that at all. It's a survive the elements kind of experience, across worlds generated new each time with their fancy sounding "Nature Engine" (not based on Unity or Unreal). "When designing Residual, my goal was to offer players something brand new every time they sat down to play," said Pascal Bestebroer of one-man studio OrangePixel. "Every world tells its own story, shaped by your personal journey through it. The experience will always be challenging, but never unfair, and a rich story awaits for those who choose to seek it."

