Submitted by Roy Schestowitz on Sunday 1st of May 2022 09:25:53 AM
HowTos
  • How to Install and Use PHP Composer on Ubuntu 20.04

    Composer is a dependency manager tool for PHP especially designed to install and update project dependencies. It installs all required packages that are compatible with the PHP project. It allows you to specify the library that you will need for your project. It is used in all modern PHP-based applications including, Laravel, Drupal, Magento, and more.

  • How To Upgrade Ubuntu 22.04 LTS Jammy Jellyfish

    The newest Long Term Support (LTS) edition of the Ubuntu operating system, Ubuntu 20.04 (Jammy Jellyfish), was released on April 21, 2022. This tutorial will walk you through the process of upgrading an Ubuntu system running version 20.04 or later to Ubuntu 22.04.

  • Install p7Zip GUI on Ubuntu 22.04 LTS Jammy Linux

    Tutorial to install Install p7Zip on Ubuntu 22.04 Jammy JellyFish using command terminal. It is an open-source tool to highly compress files and folders on Linux and FreeBSD systems. It is the best alternative to Winrar software which is meant for Windows platforms.

  • How to Install Nginx Mainline on Ubuntu 22.04 LTS
  • Change Screen Resolution of An Ubuntu VM in Hyper-V – TecAdmin

    Recently I created a Ubuntu desktop virtual machine in the Hyper-V platform. After login to the desktop realises that the screen resolution is not correct. I tried to change VM to full-screen mode but it opens in partial screen.

  • Making sshd more secure on Sailfish OS | dt.iki.fi

    Recent versions of Sailfish OS (currently 4.4.0.58) use a socket that listens on port 22, and start sshd (to be precise, a per-connection sshd@.service) when someone knocks.

    Pretty neat, probably saves some resources when you don't need an ssh connection.

    But safer it is not. I recommend to make some changes to /etc/ssh/sshd_config to disallow most connection attempts.

»

More in Tux Machines

Sculpt OS release 22.04

Sculpt OS version 22.04 introduces the concept of service-level sandboxing and features completely new drivers for wireless, graphics, and USB. On the user-visible surface, the new version of Sculpt OS looks and feels familiar to users of the previous version. Under the hood, however, at the nitty-gritty hardware-support level, it features completely revamped device drivers for Intel wireless, Intel graphics, and USB. In a major surgery, the new drivers got transplanted from the Linux kernel version 5.14.21 using Genode's unique DDE approach. In contrast to Linux where the drivers are part of the almighty operating-system kernel, Sculpt OS hosts each of the drivers in a dedicated sandbox as plain user-level component. So Sculpt users can enjoy the broad hardware support of up-to-date Linux drivers without ultimately trusting those staggeringly complex driver stacks. Closely related, the support of hardware-accelerated graphics that we introduced with the previous version 21.10 received substantial optimization and stabilization. With the new version, Sculpt users can not only run native OpenGL applications but can even go as far as using hardware-accelerated graphics via guest operating systems hosted within VirtualBox on top of Sculpt. Read more

Challenges of Creating a Decentralized, Open Source Twitter

This is not the first time social media giant Twitter has been besieged by would-be open source competitors. As concerns grow about an undue influence that Elon Musk, who is set to buy the social media giant, might have over the world’s unofficial town square, many are now contemplating jumping to a true open source, peer-to-peer social media network such as Mastadon, or perhaps even starting a new one from scratch. But standing up a federated, open source equivalent free from corporate influence may be more difficult than one might image. Open source software developer and advocate Evan Prodromou has been down this path before. A few years after Twitter launched, Prodromou fielded an open source, decidedly non-commercial Twitter-like microblogging service, called StatusNet, which, at least for an audience of technically-inclined open source types, gave Twitter a run for its money. More than 8,000 folks (myself included) signed on within 24 hours of its launch on July 2, 2008, and accumulated more than a million notices by that November. Over time, StatusNet grew into into a commercial service called Identi.ca, and its code base was eventually rewritten, by way of Node.js, into an activity streams engine that can be used to power internal or public-facing social media services. We spoke with Prodromou, by email, to learn more about the challenges and potential benefits of creating an open source, decentralized competitor to Twitter. What were the technical, and social challenges to running a social media service, especially an open source federated one? And what can we achieve by establishing web standards in this space? Read more

Proprietary Software Leftovers

  • Ukraine war speeds up US cyber agenda [iophk: Windows TCO]

    The war in Ukraine has pushed the United States to expedite its investment in cybersecurity amid constant — though so far unrealized — warnings of Russian cyberattacks on government agencies, election systems and critical infrastructure.

    Following the invasion of Ukraine, federal agencies have invested millions in cyber technology, seized and sanctioned hacking forums, charged Russian cyber criminals, and issued almost weekly warnings on the latest threat risks.

  • This chart might explain why CNN Plus shut down early

    CNN projected that the service would have two million subscribers by the end of the year, but around two weeks later, they found they’d only managed to attract 150,000 people. At first, this doesn’t sound too bad, but considering services like Disney Plus had 10 million subscribers in its first day — and that Quibi, which was similarly shut down early in life, saw 910,000 people sign up in its first few days — this wasn’t a lot for CNN.

  • Microsoft tests a limited VPN for Microsoft Edge

    The Edge Secure Network is designed to keep your location private and prevent online tracking, but isn’t intended to fool a remote server into thinking you’re working abroad. The browser will collect a “limited” amount of data to access the service, which Cloudflare will delete at the end of each month.

    The data connection isn’t unlimited, either. Instead, Microsoft’s support page says that you’ll be able to use a single gigabyte of free data every month, unlocked by signing into your Microsoft account. Presumably Microsoft will offer users additional Edge Secure Network secured data for an additional fee, too, which would give Microsoft yet another of its beloved subscription options for customers.

  • macOS Server has been killed off at last

    Apple kicks macOS Server to the curb after 23 years

  • MemberPress Plugin Is Locking Users Out After Support License Expires [Ed: Proprietary software is dangerous and malicious. You don't know what you're getting and what may happen next.]

    The WordPress subreddit lit up this week with reports of MemberPress locking users out of the plugin’s admin if they do not renew their subscriptions. MemberPress is a popular membership plugin for WordPress. It is a commercial-only plugin starting at $179/year for one site, and there is no free version.

Security Leftovers

  • FBI: BlackCat ransomware scratched 60-plus orgs [Ed: Microsoft Windows TCO]

    The aforementioned FBI alert also includes BlackCat indicators of compromise and warned the ransomware typically leverages previously compromised user credentials to gain access to a victim's system. "Initial deployment of the malware leverages PowerShell scripts, in conjunction with Cobalt Strike, and disables security features within the victim's network," it said. After breaking in, the malware compromises Active Directory user and administrator accounts, and it uses Windows Task Scheduler to configure malicious group policy objects to deploy ransomware. But before it executes the ransomware, BlackCat steals a victim's data, including information from cloud providers.

  • Bumblebee malware loader emerges as Conti's BazarLoader fades [Ed: Microsoft Windows TCO again]

    "The threat actors have used multiple techniques to deliver Bumblebee," they wrote. "While lures, delivery techniques, and file names are typically customized to the different threat actors distributing the campaigns, Proofpoint observed several commonalities across campaigns, such as the use of ISO files containing shortcut files and DLLs and a common DLL entry point used by multiple actors within the same week."

  • Synology warns of critical Netatalk bugs in multiple products

    Netatalk is an AFP (short for Apple Filing Protocol) open-source implementation that allows systems running *NIX/*BSD to act as AppleShare file servers (AFP) for macOS clients (i.e., to access files stored on Synology NAS devices).

  • Chainguard Enforce: Software Supply Chain Security for K8s – The New Stack

    Only half a year ago, founder Kim Lewandowski, co-founder of Chainguard, the zero-trust security company, said, “Supply chain security by default is our mission and making it really easy for developers to do the right thing.” Now with the beta release of Chainguard Enforce, its first product, a native software supply chain solution for Kubernetes workloads, is here.

  • Critical Vulnerabilities Leave Some Network-Attached Storage Devices Open to Attack - DARKReading

