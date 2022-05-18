Language Selection

Submitted by Roy Schestowitz on Wednesday 8th of June 2022 06:49:55 AM
HowTos
  • RFC 9099 — Operational security considerations for IPv6 networks

    As I’ve written and presented on previously, IPv6 security is inherently hard. But just because something is hard doesn’t mean it should be ignored or used as an excuse to not do it. It’s why I and other IPv6 and security proponents spent the best part of eight years working on the recently published RFC 9099, which analyses the operational security issues associated with several types of networks and proposes technical and procedural mitigation techniques.

  • Using sudoedit to sudo… edit

    From the manpage(8), the tool creates a temporary copy of the file, then invokes whichever editor you have defined in SUDO_EDITOR, VISUAL, or EDITOR. When you’re done editing, the temporary modified file is copied back to the original location.

  • What SRE could be

    When I see work like those two examples above, I see work that explores a relationship between things. A relationship is an equation, an area for exploration, and an invitation to examine exciting edge-cases. A number of these relationships, integrated with a strong theoretical vision — underpinned by empiricism — could provide a lot of insight into how we should do systems and software management. It would be the beginning of a kind of biology of systems development and management, or a special case of systems science in the production domain.

  • Ten years of Ansible

    It gives me a warm, fuzzy feeling that you might in some part of the world be using some small portion of Ansible in which I muddled, back in the time. Enjoy it. And what really gives me warm feelings is that along the way I’ve met a number of people (in real life) whom I enjoy encountering when I can.

    And why did I even glance at something as unfinished as Ansible was at the time, those ten years ago? I worked in a project in which I wanted to automate deployment of a number of DNS servers, and I disliked the tool I had to use so intensely, that I grasped at any straw I could find. That’s my story, and I’ve no regrets.

  • How You Can Change the Cursor Theme on Your Ubuntu Desktop | Linux Journal

    Are you finding an alternative for your default Yaru cursor themes on Ubuntu? This article is where you’ll get to know about the procedure of changing and installing cursor themes on Ubuntu. So, read on and find out.

  • How to install Firealpaca on a Chromebook in 2022

    Today we are looking at how to install Firealpaca on a Chromebook in 2022. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

Security Leftovers

  • CISA Provides Criteria and Process for Updates to the KEV Catalog | CISA [Ed: Microsoft dominates this list because it barely patches holes that are already known to be widely exploited]

    CISA has updated the Known Exploited Vulnerabilities (KEV) catalog webpage as well as the FAQs for Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities, which established the KEV catalog. The updates provide information on the criteria and process used to add known exploited vulnerabilities to the KEV catalog.

  • Linux version of Black Basta ransomware targets VMware ESXi servers [Ed: This isn't an issue with Linux itself; these are Microsoft operatives in the media trying to change the subject and shift attention/blame, as usual]
  • Using SSH tunneling for good and evil

    Secure Shell is an indispensable tool for anyone who needs to open a terminal session on a remote host. SSH does more than enable remote login sessions, however, especially for security professionals and network engineers. SSH can secure pipelines using public key cryptography to enable any kind of network traffic -- but SSH is also an important cybersecurity tool, used both by security professionals and hackers. SSH tunneling, also known as SSH port forwarding, is how SSH tunnels network traffic through application ports from the localhost -- the computer physically present -- to a remote system or vice versa. SSH port forwarding enables two communicating systems to exchange data securely across the internet and through firewalls. If hackers gain access to a host running SSH on an organization's internal network, they can use SSH on that host as a secure pipeline for exploiting private network services, so it is vital to understand how SSH access can be used for good -- and for evil.

  • People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices [Ed: So China does exactly what the NSA and CIA do]

    CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA) to provide information on ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure across public and private sector organizations. The advisory details PRC state-sponsored targeting and compromise of major telecommunications companies and network service providers. It also provides information on the top vulnerabilities associated with network devices routinely exploited by PRC cyber actors since 2020.

    • x

Android Leftovers

today's leftovers

  • KDE e.V. Board Meeting 2022

    Over the “pinksterweekend” (Wikipedia informs me that’s Pentecost) the board of KDE e.V. met in real life for the first time in over two years. The board of directors meets weekly online, and we have regular – two or three times a year – weekend-long sprints to hammer out bigger issues and do administrative backlog. Since COVID, we have done these weekend sprints online as well, but we felt that at this point, the benefits of an offline, real life meeting outweighed the risks. The meeting was hybrid, with four people in the room and one virtual participant.

  • 383 – Ubuntu is out-fedoring Fedora – mintCast

    First up in the news: Ubuntu is out-fedoring Fedora; Linux 5.18 brings new optimizations; the Budgie has landed; Debian 12 has a projected birthday, and Asahi has its first Alpha; In security and privacy, a new Spectre has arisen; Then in our Wanderings, Bill gets “Jitsi with it”, Moss goes down the “pi-hole”, and Norbert hops onto the Fedora bandwagon

  • deepin 20.6 overview | Beautiful and Wonderful - Invidious

    In this video, I am going to show an overview of deepin 20.6 and some of the applications pre-installed.

  • TI Sitara AM623 & AM625 Cortex-A53 SoCs offer low-power AI for HMI and IoT applications - CNX Software

    Texas Instruments has just launched the new Sitara AM62 family with AM623 and AM625 single to quad-core Cortex-A53 processors designed to provide IoT gateways and HMI applications with AI processing at low power, in some cases with up to 50% reduction in power consumption. The AM623 processor specifically targets Internet of Things (IoT) applications and gateways that may benefit from object and gesture recognition, while the AM625, equipped with a 3D GPU, should power HMI applications with edge AI and up to two full-HD displays.

  • Ready to transform the enterprise world? We are! | Arduino Blog

    If you ever wished you could bring the accessibility, simplicity and power of the Arduino ecosystem into your work environment, you’re not alone. Whether you’re a Gen Z or a Millennial engineer, developer or entrepreneur, and whether you’re beginning your first job, founding a startup or progressing in your career, you’re bringing to the table a wide range of skills previous generations were never taught or encouraged to explore. What’s more, you likely have a whole different approach to work, change and innovation. At Arduino, we like to think we might have had a little something to do with that. As you probably know, Arduino was born in Italy at the Interaction Design Institute Ivrea, as an easy-to-use tool for fast prototyping, aimed at students with no background in electronics or programming. The platform was meant to enable creatives through technology. Little did we know we’d fire up the maker movement, and soon expand to offer tools for education and professionals as well.

Free Software Leftovers

  • Municipalities using Free Software

    In 2020, the city of Bühl in Germany launched "Palim! Palim!", a video conferencing platform based on the Free Software "Jitsi Meet". The city offered the platform to citizens who needed it, and the initiative was well received. Two years later clubs, citizens, and the city itself use "Palim! Palim!" daily. Interview with German administrations which use Free Software. May 2022. Other municipalities have also shown interest in the solution. An association of nine administrations that use 'Palim! Palim!' have jointly modernised the administration, based on Free Software. Re@di – regional.digital is an inter-communal cooperation of nine southern German cities. Their common needs are met through synergy effects in collaborative development. In an interview, Alexander Gabriel and Eduard Itrich shared that the administrations could use their resources cost-efficiently thanks to cooperation and sharing Free Software.

  • Kiwi TCMS: Zaklina, welcome to the Kiwi TCMS team

    She holds an engineering degree in computer science and has been working as a test engineer for more than 10 years. In the last couple of years her main focus is automation in testing, finding ways to improve testing process and tools that will support testing activities. Zaklina will be the primary contact for our History of Testing project where we are compiling a database of people who influenced or made important contributions to our professional field.

  • Hacks.Mozilla.Org: Training efficient neural network models for Firefox Translations

    Machine Translation is an important tool for expanding the accessibility of web content. Usually, people use cloud providers to translate web pages. State-of-the-art Neural Machine Translation (NMT) models are large and often require specialized hardware like GPUs to run inference in real-time. If people were able to run a compact Machine Translation (MT) model on their local machine CPU without sacrificing translation accuracy it would help to preserve privacy and reduce costs. The Bergamot project is a collaboration between Mozilla, the University of Edinburgh, Charles University in Prague, the University of Sheffield, and the University of Tartu with funding from the European Union’s Horizon 2020 research and innovation programme. It brings MT to the local environment, providing small, high-quality, CPU optimized NMT models. The Firefox Translations web extension utilizes proceedings of project Bergamot and brings local translations to Firefox. In this article, we will discuss the components used to train our efficient NMT models. The project is open-source, so you can give it a try and train your model too!

  • Mozilla Thunderbird: Welcome To The Thunderbird 102 Beta! Resources, Links, And Guides

    The wait for this year’s major new Thunderbird release is almost over! But you can test-drive many of the new features like the brand new Address Book, Matrix Chat support, import/export wizard, and refreshed visuals right now with the Thunderbird 102 Beta. Better still, you might be directly responsible for improving the final product via your feedback and bug reports. Below, you’ll find all the resources you need for testing the Thunderbird 102 Beta. From technical guides to a community feedback forum to running the beta side-by-side with your existing stable version, we’ve got you covered.

  • Juju and Charmed Operators Accelerating FINOS Open Source Projects Adoption

    Goldman Sachs open sourced the code and contributed its internally developed Legend data management platform into FINOS in October 2020. Legend provides an end-to-end data platform experience covering the full data lifecycle. It encompasses a suite of data management and governance components known as the Legend Platform. Legend enables breaking down silos and building a critical bridge over the historical divide between business and engineering, allowing companies to build data-driven applications and insightful business intelligence dashboards.

  • NocoDB is the no-code database application platform you've been looking for | TechRepublic

    Is your business looking for an easy way to create database applications, without having to worry about writing complicated code? If that sounds like you, you might want to invest a bit of time with a new platform called NocoDB. NocoDB claims to be an Airtable alternative, and it can be deployed to your network via a Docker container. What’s special about NocoDB is that it offers a very user-friendly means of creating database-driven applications with point-and-click simplicity. I’m going to show you how to deploy NocoDB with the help of Docker so you can get started building your first database application.

  • The Apache News Round-up: week ending 3 June 2022 : The Apache Software Foundation Blog

    Welcome, June --we're opening the month with another great week. Here's what the Apache community has been up to...

  • Why OSI? Featured sponsor, Open Weaver

