today's leftovers
[Older] Log4j attacks remain low-key compared to infosec industry hype
The Log4j vulnerability appears to have been overhyped by the infosec industry, with nothing like the scale of attacks expected materialising.
The flaw, an unauthenticated remote code exploit, allows the complete takeover of systems using versions 2.0-beta9 up to 2.14.1 of the library Log4j.
Well-known British security researcher Marcus Hutchins was one of those to throw cold water on some of the hype, pointing out that what was rumoured to be a Log4j worm did not work at all.
"I've reverse engineered this supposed Log4j worm and it doesn't work at all," he said. "There's also several bugs in the code that mean even if they did fix the core failure, it would still be completely ineffective."
500M Avira Antivirus Users Introduced to Cryptomining
Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. But Norton 360 isn’t alone in this dubious endeavor: Avira antivirus — which has built a base of 500 million users worldwide largely by making the product free — was recently bought by the same company that owns Norton 360 and is introducing its customers to a service called Avira Crypto.
This Week in Linux 180: Linux 5.16, Linux Mint, elementary OS, KDE, Ubuntu Gaming, Pinephone - TuxDigital
On this episode of This Week in Linux, Linux Kernel 5.16, Linux Mint 20.3, elementary OS 6.1, Canonical is rebuilding Snapcraft and Ubuntu might be getting serious about gaming, KDE Roadmap for 2022, PinePhone Keyboard Addon, Ubuntu Touch OTA-21, Heroic Games Launder 2.0.0, SuperTux 0.6.3, Garuda Linux 220101, and Gecko Linux. All that and much more on Your Weekly Source for Linux GNews!
FAA lists 50 airports that will have 5G buffer zones ahead of C-band expansion
The FAA notes that AT&T and Verizon have agreed to turn off their 5G transmitters at these specific buffer zones for six months, which should “minimize potential 5G interference with sensitive aircraft instruments used in low-visibility landings.” Some airports — including major hubs like Hartsfield / Jackson International and Denver International — didn’t make the list, either because they aren’t in locations where 5G C-Band deployment will take place, or they can’t permit low-visibility landings.
Productivity And Using Modern Linux Desktop Environments
I was first introduced to Linux in 2001. A colleague of mine in college handed a set of CD-R discs containing Red Hat Linux 7.2. This was before Red Hat split the distribution into Red Hat Enterprise Linux (for enterprise customers) and Fedora Linux (maintained by the open source community). The install came with with a version of GNOME 1.x and doing a bit of Google searching, it leads me to believe it was 1.4. From that point I became extremely familiar with the GNOME desktop environment, enough so where if I was not using GNOME, I was not being very productive. This was not the result of laziness. Far from it. It was solely because of my comfort level. I am not doing a Desktop Environment review here. This is merely an opinion piece based on my personal experience and computing style. Fast forward to the present and the graphical user interface of a modern desktop distribution has changed drastically. There are many reasons for these changes, one of which is adapting to modern technology. Mobile computing, touch input, etc. I look at GNOME today which is at version 40 and I am really struggling to get comfortable.
Android Leftovers
KeePass Password Safe 2.50
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). KeePass is really free, and more than that: it is open source (OSI certified). You can have a look at its full source and check whether the encryption algorithms are implemented correctly.
The 6 Best Spotify Alternatives for Linux You Should Try
Spotify is not the only music streaming app for Linux users. Here are some free-to-use Spotify alternatives you can install on your system. Using an open-source operating system such as Linux calls for using open-source entertainment apps. Even though Spotify has plenty of native versions available for desktop and mobile platforms, many users prefer using alternatives packed with exciting features. If that sounds like you, you're in for a surprise, as Linux has a ton of fine-tuned Spotify alternatives, which allow you to listen to music right from your desktop.
