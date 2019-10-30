Language Selection

Fedora and IBM/Red Hat

Submitted by Roy Schestowitz on Wednesday 21st of July 2021 02:41:12 PM Filed under
Red Hat
  • A framebuffer hidden in plain sight

    Soon after I set up my Rockpro64 board, Peter Robinson told me about an annoying bug that happened on machines with a Rockchip SoC.

    The problem was that the framebuffer console just went away after GRUB booted the Linux kernel.

  • Kushal Das: Trouble of zoom and participant name [Ed: Planet Fedora becomes inherently satirical, pushing Microsoft's proprietary software and anti-Linux things; "Tips on how journalists can avoid getting snooped" over at... yes, proprietary software with surveillance and backdoors]
  • Run GitHub Actions on Fedora CoreOS [Ed: This has got to be a joke. Fedora Magazine is promoting Microsoft's proprietary software monopoly and GPL violations.]
  • Encrypting and decrypting archives with 7-Zip

    7-Zip is a free, open source, cross-platform compression and encryption utility that neither requires registration or any kind of payment to use, even in a commercial environment. It's licensed under the GNU LPGL and other licenses. It's likely that you've at least heard of 7-Zip somewhere in your travels because it's been around since 1999. I think you'll like its many features, and I'm happy to bring this little gem to light, especially if you've never used it and you're looking for an encryption solution for your backups.

  • 5 IT leadership mistakes to avoid: Alabama CIO of the Year winners share

    One of the most rewarding roles CIOs play is nurturing the next generation of IT leadership. It’s an opportunity to pass along the wisdom and, importantly, lessons learned from a career navigating the complexities and constantly evolving priorities of IT.

    We caught up with CIOs who recently won the 2021 Alabama CIO of the Year ORBIE Awards to learn more about what it takes to be a strong IT leader today. The awards were presented by the Alabama CIO Leadership Association, a professional community that annually recognizes CIOs for their excellence in technology leadership.

    Your people are essential to your success as a leader.

    One theme each of these award-winning CIOs could agree on: Your people are essential to your success as a leader. How you empower, support, include, and invest in them can make the difference between good and great leadership. Read on for five mistakes rising IT leaders and seasoned CIOs alike should avoid.

  • Bootstrap GitOps with Red Hat OpenShift Pipelines and kam CLI | Red Hat Developer

    See for yourself how deploying applications with the kam command-line interface simplifies GitOps adoption and streamlines application delivery.

  • 5 more CI/CD misconceptions, explained

    A successful DevOps transformation requires an efficient and effective continuous integration and continuous delivery/continuous deployment (CI/CD) pipeline. One step toward establishing effective CI/CD is to rule out common misconceptions that can delay progress or cause toil. Part one of this two-part series featured the top CI/CD misconceptions from the perspective of DevOps Institute ambassadors. Part two continues to explore these misperceptions.

    Any organization moving toward DevOps maturity should consider whether it is being misled by some of these common assumptions. A misconception that I frequently encounter is the view that CI/CD is a potential replacement for the need for skilled humans. However, the purpose of CI/CD automation is to perform consistent, redundant tasks so that humans can be free to do work that requires unique skills and critical thinking.

  • IBM's 3% sales growth may not seem like much but it's the biggest it's had in three years [Ed: For IBM to take 'growth' it needed to compare performance to a disastrous pandemic years and not count expenses like takeovers]

    IBM on Monday reported better than anticipated revenue for Q2 2021, sending its shares up in after-hours trading.

    Big Blue, evidently unfazed by a multi-week email disruption that's still not entirely resolved, delivered sales totaling $18.7bn for the quarter, an increase of three per cent year over year. It's the strongest revenue growth for the biz in three years. Net income, however, fell by three per cent to $1.3bn for the quarter.

Sigstore: An open answer to software supply chain trust...

Submitted by Roy Schestowitz on Wednesday 21st of July 2021 03:27:40 PM.
  • Sigstore: An open answer to software supply chain trust and security [Ed: IBM and Google uses the so-called 'Linux' Foundation to centralise control over what you can and cannot install on your own system]

    Everything starts from somewhere, and software is no different - just as physical goods have a point of origin and an associated supply chain, so does code. In today’s world, the origin story for most software applications starts, at least partially if not entirely, in an open source community. So how do you secure a supply chain for a product that has no physical form, no box to lock and is created in an environment where anyone can contribute to it?

Submitted by Roy Schestowitz on Wednesday 21st of July 2021 03:39:59 PM.
  • Kasten K10 Certified Red Hat OpenShift Operator Now Available Through Red Hat Marketplace

    Kasten by Veeam announced that the Kasten K10 data management platform is now available through Red Hat Marketplace. Enterprises will now be able to more seamlessly try the fully featured, free edition of Kasten K10 built and tested to exacting standards directly through the OpenShift environment.

    The Kasten K10 data management platform is purpose-built for Kubernetes. The platform’s application-centric approach and deep integrations with relational and NoSQL databases, storage systems, and Kubernetes distributions provide backup/restore and mobility of Kubernetes applications.

More in Tux Machines

Programming Leftovers

Proprietary Games and Proprietary Software

  • Steam Next Fest returns on October 1 with developers able to submit now | GamingOnLinux

    Another big Steam event is coming up with the Steam Next Fest due to be live once again on October 1. This is the event where for a limited time, developers put up fresh demos of their upcoming games. Not only that, you're able to watch various livestreams of talks directly from developers and watch them play their games directly on Steam pages. For developers, they have until August 15 to submit their game for review, along with a demo.

  • RimWorld 1.3 and the Ideology DLC are officially out now | GamingOnLinux

    A big new expansion and a big free update for everyone, RimWorld has expanded once again and so it might be time to dive back in to build just one more colony. Calling Ideology a DLC probably isn't doing it justice. It's a pretty deep expansion, opening up tons of new ways on how you build your colony and manage your people. With a full customizable belief system based on "memes" which are the core ideas the belief is based upon including the likes of giving animals the same rights as humans, nudism that speak for itself, cannibalism, transhumanism and many more than can be combined together. These memes can have different rules, people can be converted to different beliefs and more. Sounds awesome.

  • Spam Kingpin Peter Levashov Gets Time Served

    A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Instead, he will go free under three years of supervised release and a possible fine.

  • Cyber attackers ‘weaponising’ Operational Technology to harm, kill humans: study

    According to Gartner’s research on operational technology, security incidents in OT and other cyber-physical systems (CPS) have three main motivations - actual harm, commercial vandalism (reduced output) and reputational vandalism (making a manufacturer untrusted or unreliable).

    Gartner predicts that the financial impact of CPS attacks resulting in fatal casualties will reach over $50 billion by 2023, and even without taking the value of human life into account, the costs for organisations in terms of compensation, litigation, insurance, regulatory fines and reputation loss will be significant.

Databases: Firebird 4.0 and PostgreSQL

Security Leftovers

  • Authorization Basics

    In this article, we explained what authorization is and how it differs from authentication. We gave examples for authorization processes and explained the two different access control models: capability-based access control and access control lists. The Linux/UNIX file permissions were used to show an example of how ACLs could be used. Note that, although Linux/UNIX file permissions are a type of ACL, they are not to be confused with the POSIX ACL, which are also available on Linux platforms. S acl(5) in the man pages for more information. We learned that authorization is used to determine what actions a subject is allowed to perform on an object. Besides the examples from this article, other methods can be used to implement access control, including Discretionary Access Control (DAC), Mandatory Access Control (MAC) or Role-Based Access Control (RBAC), to name the most common ones.

  • Security updates for Wednesday

    Security updates have been issued by Arch Linux (ant, code, dino, firefox-ublock-origin, go, libuv, nextcloud-app-mail, nodejs-lts-erbium, nodejs-lts-fermium, openvswitch, putty, racket, telegram-desktop, and wireshark-cli), Debian (kernel, linux-4.19, and systemd), Fedora (kernel, kernel-headers, kernel-tools, and krb5), Gentoo (systemd), Mageia (perl-Convert-ASN1 and wireshark), openSUSE (caribou, containerd, crmsh, fossil, icinga2, kernel, nextcloud, and systemd), Red Hat (389-ds:1.4, glibc, java-1.8.0-openjdk, java-11-openjdk, kernel, kernel-rt, kpatch-patch, libldb, perl, RHV-H, rpm, shim and fwupd, and systemd), Slackware (kernel), SUSE (caribou, containerd, crmsh, curl, dbus-1, kernel, qemu, and systemd), and Ubuntu (binutils, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp, linux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8, linux-raspi, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.3, linux-hwe, linux-lts-xenial, linux-kvm, linux-oracle, linux-raspi, linux-raspi2-5.3, linux-oem-5.10, nvidia-graphics-drivers-390, nvidia-graphics-drivers-418-server, nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-460, nvidia-graphics-drivers-460-server, nvidia-graphics-drivers-470, and systemd).

  • NVIDIA announce new security issues, make sure you have updated drivers

    Here we are again. NVIDIA has today sent out a security bulletin to inform users on Linux and Windows to ensure your GPU drivers are up to date to do freshly revealed security problems. The issues can result in information disclosure, data tampering, and denial of service. As always, even if you think you're not vulnerable for whatever reason, upgrading is highly recommended now.

  • Defending Against Spyware Like Pegasus

    This has been a busy week for security news, but perhaps the most significant security and privacy story to break this week (if not this year), is about how NSO Group’s Pegasus spyware has been used by a number of governments to infect and spy on journalists and activists and even heads of state by sending an invisible, silent attack to their iPhone that requires no user interaction. This attack works even on new, fully-patched phones, and once the phone is compromised, the attacker has full remote control over the phone including access to the file system, location, and microphone and cameras. What’s particularly scary about spyware in general, and is true for Pegasus as well, is that victims have no indication they’ve been compromised. Due to how locked down the iPhone is from the end user, detecting Pegasus in particular requires expert forensics techniques. This has left many at-risk iPhone users wondering whether they too are compromised and if so, what do they do?

