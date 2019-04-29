Language Selection

Security and Proprietary Software Issues

Tuesday 3rd of August 2021 04:44:28 AM
Security
  • Security updates for Monday

    Security updates have been issued by Arch Linux (389-ds-base, consul, containerd, geckodriver, powerdns, vivaldi, webkit2gtk, and wpewebkit), Debian (aspell, condor, libsndfile, linuxptp, and lrzip), and Fedora (bluez, buildah, java-1.8.0-openjdk, java-11-openjdk, java-latest-openjdk, kernel, kernel-tools, mbedtls, mingw-exiv2, mingw-python-pillow, mrxvt, python-pillow, python2-pillow, redis, and seamonkey).

  • Wladimir Palant: Data exfiltration in Keepa Price Tracker

    As readers of this blog might remember, shopping assistants aren’t exactly known for their respect of your privacy. They will typically use their privileged access to your browser in order to extract data. For them, this ability is a competitive advantage. You pay for a free product with a privacy hazard.

    Usually, the vendor will claim to anonymize all data, a claim that can rarely be verified. Even if the anonymization actually happens, it’s really hard to do this right. If anonymization can be reversed and the data falls into the wrong hands, this can have severe consequences for a person’s life.

    Today we will take a closer look at a browser extension called “Keepa – Amazon Price Tracker” which is used by at least two million users across different browsers. The extension is being brought out by a German company and the privacy policy is refreshingly short and concise, suggesting that no unexpected data collection is going on. The reality however is: not only will this extension extract data from your Amazon sessions, it will even use your bandwidth to load various Amazon pages in the background.

  • Cloudflare Vulnerability Enabled Compromise of 12% of All Websites

    Cloudflare recently disclosed a vulnerability that could have resulted in successful cyberattacks on the millions of websites (12.7% of ALL websites to be precise) that rely on JavaScript and CSS libraries found on cdnjs, an open-source content delivery network (CDN) hosted by the CDN service provider.

    Fortunately, there is no evidence (so far) that cybercriminals have exploited the vulnerability. But the fact that this serious vulnerability was most likely present for quite some time is in itself alarming, to say nothing of the “what-if” scenarios.

  • Google Meet PWA Launches On Windows, Mac, Chrome OS & Linux [Ed: Google acts like it just owns the Internet (it does Vint Cerf) while pushing its proprietary bits into the WWW]

    Google Meet is now available as a Progressive Web App (PWA). It’s a standalone app that offers the same features and functionality as the conventional desktop app but in a smaller package.

  • WireGuardNT, a high-performance WireGuard implementation for the Windows kernel [Ed: So basically they don't care about real security]
  • WireGuard Sees Native, High-Performance Port To The Windows Kernel - Phoronix

    The excellent WireGuard open-source secure VPN tunnel has been seeing growing adoption on Linux now that it's been in the mainline kernel for a while and also seeing continued progress on the BSDs. While there has been beta WireGuard for Windows in user-space, "WireGuardNT" was announced today as a native high-performance port to the Windows kernel.

    This WireGuard port to the Windows NT kernel started as a port of their current Linux kernel code-base but then adapted to better fit with the Windows kernel and its APIs. WireGuard founder Jason Donenfeld commented, "The end result is a deeply integrated and highly performant implementation of WireGuard for the NT kernel, that makes use of the full gamut of NT kernel and NDIS capabilities...For the Windows platform, this project is a big deal to me, as it marks the graduation of WireGuard to being a serious operating system component, meant for more serious usage. It's also a rather significant open source release, as there generally isn't so much (though there is some) open source crypto-NIC driver code already out there that does this kind of thing while pulling together various kernel capabilities in the process."

today's howtos

  • Why You Should Update Linux Package Repositories Before Installing New Software

    One of the best things about Linux distributions is that they install software from central repositories using package managers, a concept that other operating systems are just picking up on. But if you don't frequently update these repositories, your system might run into trouble while installing new packages. Here's why.

  • Jakub Steiner: 5G Backup

    When I get glimpses of the world outside of my FOSS bubble, I see all these tips and tricks articles how people can use their computers that provide something surprising or not universally known. The equivalent of this in the FOSS world is a 6 page wiki outlining how to produce a smb.conf to share files between two computers in 2021. To offset this depression, I’d like to present some cases when things work … as they should.

  • How to Install Sublime Text 4 on Ubuntu 20.04

    Sublime Text is a cross-platform and proprietary source code editor. It provides tons of features and plugins which greatly help in the development of applications. Sublime Text is written in C++ and Python. Notable features include split editing, quick shortcuts, syntax highlighting, autocompletion, selection of multiple lines or words, and much more.

  • How to Install LAMP on Rocky Linux 8 Server

    LAMP is a stack of software- Apache, MySQL, and PHP installed on Linux operating systems such as Rocky Linux 8 server, AlmaLinux, CentOS, Ubuntu, etc. To run a website on any server we need to install a web server platform such as Apache or Nginx. Whereas to save data and support PHP-based CMS; Mysql, and PHP are needed. In today’s world, where hundreds of websites are running on CMS like WordPress you will easily find LAMP setup on most of the hosting services- pre-installed. Thus, no hassle or messing with commands at all. Moreover, WHM Cpanel-like control panels make our life further easier. Nevertheless, if you are already a user of Linux and want to set up your own LAMP server from scratch on some VPS or Cloud hosting platform using Rocky Linux then here is the tutorial to assist you.

  • GNU Guix: Taming the ‘stat’ storm with a loader cache

    It was one of these days where some of us on IRC were rehashing that old problem—that application startup in Guix causes a “stat storm”—and lamenting the lack of a solution when suddenly, Ricardo proposes what, in hindsight, looks like an obvious solution: “maybe we could use a per-application ld cache?”. A moment where collective thinking exceeds the sum of our individual thoughts. The result is one of the many features that made it in the core-updates branch, slated to be merged in the coming weeks, one that reduces application startup time.

Release Announcement: Nitrux 1.5.1

Today is the day! — Nitrux 1.5.1 is available to download We are pleased to announce the launch of Nitrux 1.5.1. This new version brings together the latest software updates, bug fixes, performance improvements, and ready-to-use hardware support. Nitrux 1.5.1 is available for immediate download. Read more

Server Leftovers

Introducing the GNOME Web Canary flavor

Today I am happy to unveil GNOME Web Canary which aims to provide bleeding edge, most likely very unstable builds of Epiphany, depending on daily builds of the WebKitGTK development version. Read on to know more about this. Until recently the GNOME Web browser was available for end-users in two flavors. The primary, stable release provides the vanilla experience of the upstream Web browser. It is shipped as part of the GNOME release cycle and in distros. The second flavor, called Tech Preview, is oriented towards early testers of GNOME Web. It is available as a Flatpak, included in the GNOME nightly repo. The builds represent the current state of the GNOME Web master branch, the WebKitGTK version it links to is the one provided by the GNOME nightly runtime. Tech Preview is great for users testing the latest development of GNOME Web, but what if you want to test features that are not yet shipped in any WebKitGTK version? Or what if you are GNOME Web developer and you want to implement new features on Web that depend on API that was not released yet in WebKitGTK? Historically, the answer was simply “you can build WebKitGTK yourself“. However, this requires some knowledge and a good build machine (or a lot of patience). Even as WebKit developer builds have become easier to produce thanks to the Flatpak SDK we provide, you would still need to somehow make Epiphany detect your local build of WebKit. Other browsers offer nightly or “Canary” builds which don’t have such requirements. This is exactly what Epiphany Canary aims to do! Without building WebKit yourself! Read more

