Language Selection

English French German Italian Portuguese Spanish

Updating My Toolbox - Knoppix 5.0.1

Filed under
Linux
Reviews
-s

Knoppix is best known as the first really great livecd. At a time when traditional, mostly text, installers ruled the Linux world, they innovated a technology that has more or less taken over the way distributions are delivered today. Not content to rest on their laurels, they have continued to innovate and improve over the years. Today brought the announcement of the public release of Knoppix 5.0.1, the latest and greatest Knoppix to roll off the assembly line as an update to version 5. This release brings lots of bug fixes and updates - most notably: kernel 2.6.17, KDE 3.5.2 and Gnome 2.14.1.

Knoppix is accepted as the first to bring the livecd format to the average computer user. Being able to try Linux before committing your harddrive to permanent change has proliferated the use and raised public awareness of Linux itself. Knoppix is chocked full of great linux software for your everyday computing needs. The livedvd is so complete, the menus can hardly contain the virtual horn o' plenty. Never has one single distribution spawned so many off-shoots. There are at least 16 main stream and well known distros based on or derived from Knoppix. There are 8 books on the use of Knoppix at Amazon.com alone. Dating back to at least January 2003, Knoppix has always had a tradition of providing a modern graphical desktop with good performance and very conservative hardware requirements.

Minimum Requirements for the Knoppix system:

  • Intel-compatible CPU (i486 or later),

  • 32 MB of RAM for text mode, at least 96 MB for graphics mode with KDE (at least 128 MB of RAM is recommended to use the various office products),
  • bootable CD-ROM drive, or a boot floppy and standard CD-ROM (IDE/ATAPI or SCSI),
  • standard SVGA-compatible graphics card,
  • serial or PS/2 standard mouse or IMPS/2-compatible USB-mouse.

What's new this release?

  • Linux Kernel 2.6.17 (rc)

  • Debian (testing/unstable)
  • Xorg Version 7.0
  • Detection of onboard IDE-Raid Controllers and raid disk components
  • udev+hwsetup for automatic hardware detection
  • KDE 3.5.2, GNOME 2.12 from Debian/unstable
  • OpenOffice 2.0.2 (german+english)
  • transparent write access for NTFS partitions (libntfs+fuse)
  • new knoppix-installer now also with the possibility to update existing installations of Knoppix
  • Many, MANY Updates...

To the naked eye the boot process has changed very little visually over the years. Beyond updated bootloader splashscreens, they are still utilizing an unique verbose colorful text boot that has become signature. As this process progress, one can see the hardware detection spinner and progress bar, another unique feature. Hardware detection has always been one of Knoppix's strong points and, in fact, in a time when most distros' were still hit and miss, Knoppix's hardware detection, support, and auto-configuration became legendary. This is no doubt why so many developers began their pursuits with Knoppix.

        

Again as part of a tradition, the first glimpse of the desktop includes an open browser window containing a webpage with handy links to Knoppix information and help. As far as I can remember, Knoppix has always had support for the world's differing languages and that is obvious from the very start. Not only is there a locale keyboard settings applet in the SysTray, but that same html introduction has handy links right there so it can be read in your preferred language. In fact, one of the boot options is for language/locale.

In the launcher are shortcuts to some of the most popular applications today. In this release we have launchers for Konqueror, Firefox, and OpenOffice.org besides a handy KNOPPIX menu containing many of Knoppix's own system tools and utilities.

The menus are overflowing with software choices. I don't recall when I've ever seen a more abundant list of applications. Everything from Development to Utilities, the Knoppix livedvd has it all - over 10 gigs of software. I have never seen such a collection of software in any distro before.

    

Developmental Tools and Applications

    

Editors Galore

    

Tons of Math, Science, and other Educational Apps

    

Games, Games, Games and oh! - More Games

    

More Graphics Apps than You Can Shake a Stick at

        

Networking and Communications

    

Knoppix's own Configuration Apps

    

Multimedia: Sound, Video, Viewers

        

All Play and No Work Makes Jack a Broke Boy

    

System Applications

    

Utilities

And of course that's not all. Not only is there about every application in existence included, but also about every window manager/desktop environment. Knoppix comes with KDE, Fluxbox, Openbox, Enlightenment, Gnome, ratpoison, icewm, WindowMaker, xfce, e-gnome, e-kde, and several others.

        

Gnome, icewm, and xfce

    

enlightenment and fluxbox

Knoppix features tools to save your customized session to a removable device or harddrive. But if you prefer something more permanent, Knoppix comes with their much copied hard drive installer. Although I must have overlooked the menu item for it, I was able to start it with the command: knoppix-installer. It is a simplified installer only asking a minimum number of configuration questions. It performed well with no negative issues, taking about a half hour to complete. It offers to make a boot floppy at the end as well as installing grub either on the mbr or partition. That seems to be an option that's disappearing from distros these days.

        

        

Once installed you can add or remove programs as needed. Knoppix comes with a few methods for installing software, but the most popular is probably Synaptic. If you've never seen Synaptic before, one usually initially needs to set up some repositories of software from which to download, although Knoppix comes with more than a dozen already defined. All that's required is a Reload, Mark for Installation, and Apply. There is also a nice search function if needed. Synaptic is great and always performs well.

        

I found Knoppix 5.0.1 to be the same familiar Knoppix environment to which I've grown accustomed, yet it's updated with a modern kernel and recent versions of software. It features some nice customized graphics that dress up the desktop somewhat. The wallpaper didn't seem to transfer to the harddrive, and I had to use an included debian background (until I reboot the livedvd and copy the wallpaper manually). I found the menus a bit cluttered with all the entries. In fact, the large size of the menus makes them nearly unusable in enlightenment. In this area, I would like to see a little more eye candy or customizations and better menu organization. Perhaps some sub-subcategories would neaten things up some.

Hardware detection was excellent on the livedvd with most set up automagically including the net connection, but I found I had to (re)configure my net card and printer after the hard drive install. However, this did not require the use of the commandline, as Knoppix has many nice configuration tools.

The performance of Knoppix was rated as average here, as it's optimized for 486 processors (kernel 386). All developers have to make that choice between the number of architectures supported and speed, and Knoppix's choice is to support more hardware. Stability is a key feature with Knoppix. The only problem encountered was Rosegarden locked the system up so tightly that I had to hit reset. I did encounter one or two other apps that would not open. Otherwise, all other applications functioned as designed. Xine played avis and mpegs out of the box.

All in all, Knoppix is always a winner. It always performs well and is very stable as well as stands above the competition in hardware configuration. The livedvd comes with so many applications, I doubt one would have to bother with a package manager. I think the Knoppix livedvd is a wonderful (rescue and repair) tool to take on the road with you as you never know what you'll need, and with Knoppix you can bet you'll have it. In addition, it'd make a great system for newcomers with which to start so they can sample all the fantastic software found in the world of linux and open source without having to decipher the sometimes confusing names and purposes to install seperately. It could also be a wise choice for old-timers who might be getting bored (or annoyed) with their same ole favorites as a means to sample others and find replacements. Or, last but not least, Knoppix is perfect for that person who just has to have everything (you know who you are). Whatever the need, Knoppix can fill it. Everybody needs a copy of Knoppix.

Handy Links:

.



Use as source for install?

This may be a silly question, but to me it is one of the obvious questions that never seem to come up.

Is it possible to designate one linux distro installation cd or live cd / dvd (such as knoppix that includes such a variety of applications) as a source for installing some of those applications into another installed linux distro that the user prefers for everyday use?

Thanks for any comments / suggestions for where to find the answers to these kinds of questions.

I love how RPM installs.

I love how RPM installs. easy.

re: Use as source for install?

This would not work as the applications are already "installed" on Knoppix. The software comes from Debian packages (.deb) which have allready been installed (extracted if you will) to the filesystem on the CD/DVD, they are not packages any more.

With the SLAX live cd it is kind of possible as all the packages used (Slackware packages .tgz) are converted to modules which are mounted on the filesystem during boot. You can exctract SLAX modules to the filesystem of a HD installed SLAX, or Slackware for that matter, but it can render your install broken and it's easier just to install .tgz packages like normal.

If someone created a live cd which used packages deb, rpm or tgz the way SLAX uses modules I guess it could be possible, but there are no live distro which does this that I know of.

''Accelerated'' approach?

The Accelerated KNOPPIX 1.0 CD is apparently based on the Knoppix 4.0.2 CD. Does anyone know if the Knoppix 5.0.1 CD or DVD has as good or better boot times as the Accelerated KNOPPIX or if regular KNOPPIX will be using this ''Accelerated'' approach in the future?
Thanks

re: ''Accelerated'' approach?

Well, I didn't have much luck with it here. There was something about my old machine it didn't like apparently because it was slower than molasses here.

I've got a new machine now and I've been waiting to hear of a new version of Accelerated Knoppix to test.

But Knoppix 5.0.1 doesn't break any speed records itself. It's not bad or annoyingly slow, but it isn't impressively "fast booting" either. I'd say it's about average for a livecd.

----
You talk the talk, but do you waddle the waddle?

''Accelerated'' approach?

Thanks srlinuxx
Anyone have any thoughts on why the regular main KNOPPIX project hasn't adopted this ''Accelerated'' approach?
Thanks

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

OSS Leftovers

  • New Vector to scale open-source alternative to WhatsApp and Slack, where users own their data

    New Vector has announced $8.5 million in funding to scale its open-source, secure communication network, a bid to revolutionise data privacy and ownership in the messaging app space. The investments come from European VCs who specialize in enterprise tech: Notion Capital, Dawn and firstminute capital. Necessary for understanding New Vector’s business is to first understand Matrix. Matrix is an open-source project, building a global network for decentralised communication. Users can collaborate securely via end-to-end encryption, and notably, they retain all ownership and control over their data.

  • New Vector raises $8.5 million to develop an open source Slack and WhatsApp

    Tech giants like Facebook, Google, Apple, and Microsoft needn’t be gatekeepers to communication. That’s the idea upon which Matrix, an open standard and decentralized protocol for real-time communication, was formulated. It’s designed to allow users of one service provider to communicate with users of different providers via online chat, voice over IP, and videotelephony, ideally as seamlessly as SMTP (Simple Mail Transfer Protocol) facilitates email exchanges across clients and services. Implementing the Matrix protocol at scale requires infrastructure and technical expertise, however — and that’s where startups like New Vector have carved out a niche for themselves. In a little over two years, the startup has helped to grow the Matrix network 400% to 11 million users across 40,000 deployments, including French and U.S. government agencies, Wikipedia parent Wikimedia, KDE, RedHat, and more.

  • Paris uses open source to get closer to the citizen

    Around 35 per cent of Paris’ 1,000 IT applications are Lutece-driven and 15 per cent are based on other open-source software, with the remaining 50 per cent using proprietary systems. As applications are upgraded or new ones added, Lutece and open-source tools will be deployed as much as possible, Lanouar said, noting that this approach enables greater autonomy and agility for the City, as well as the ability to be more transparent and create a better user experience for the citizen.

  • After Dallas County's TechShare software failure, the future must be open source

    There has been plenty of coverage of the very expensive failures of TechShare, Dallas County's attempt to create case-tracking software that could be used in any Texas criminal court. Like many battles over operations-level issues, it is easy to miss the forest for the trees. One basic principle of good governing was flagrantly violated in this instance: Government shouldn't be involved in a for-profit operation. TechShare's leadership sought profit, rather than to merely recoup costs. I hope members of both parties can agree this is a principle we should consciously adopt. A public discussion will help avoid future misadventures that cost the county $30 million for a hot plate of nothing. The term "crony capitalism" gets tossed around a lot, and it sometimes unfairly tarnishes good models of public-private partnerships. Crony capitalism usually means the government gives preference to certain favored private firms without seeking the best price (or quality) for a service or good. That preference is odious because it denies taxpayers the best price. Crony capitalism props up firms that would otherwise fail, using taxpayer money as insurance.

  • AI Researchers' Open-Source Model Explanation Toolkit AllenNLP Interpret

    Although the techniques are generic, AllenNLP Interpret is intended for use in NLP. Inputs to NLP systems are strings of text, usually sentences or whole documents, and the text is parsed into its constituent words or tokens. AllenNLP Interpret includes saliency maps that show each token's contribution to the model prediction; a use case for this might be explaining which words in a sentence caused its sentiment to be classified as positive or negative. The toolkit also includes two adversarial methods that show how changing the tokens in the input could affect the output. The first, HotFlip, replaces the input word that has the highest gradient with other words until the model output changes. The other attack, input reduction, iteratively removes the word with the smallest gradient without changing the output; this results in input texts that are "usually nonsensical but cause high confidence predictions."

  • The best open source software of 2019
  • InfoWorld Identifies the Most Innovative Products Available to Developers, Data Analysts, and IT Organizations

    InfoWorld — the technology media brand committed to keeping IT decision-makers ahead of the technology curve — announces the winners of its 2019 Best of Open Source Software Awards, better known as the Bossies. The annual Bossie awards recognize the most important and innovative open source projects for businesses and the IT professionals who serve them. The 26 winners in this year’s Bossie Awards are the next-generation tools and technologies that are enabling digital transformation, allowing businesses to succeed and IT organizations to excel at a time when the technology is more complex than ever.

  • Open Source Rules the World

    Not too long ago I attended Linux Foundation’s Open Source Summit in San Diego, and this declaration of world dominance (tongue in cheek) was a fairly prominent refrain throughout. From best practices in OS development to emerging technologies to getting started—how to create an open source strategy, sustain it, and the right path to developing an Open Source Program Office (OSPO). All open source all the time. What became abundantly clear to me through the cacophony of voices representing developers, technologists and enthusiasts is that at the center of all that is open source are three key components critical to ultimate success (however you define it): people, processes, and technology. [...] The entire tech space is being redesigned by a digital transformation and the emergence of new open source technology platforms. It’s a revolution of sorts, led by groundbreaking innovations in machine learning, open source IoT, cyber security, virtual reality, big data analytics, blockchain and open source development tools. Additionally, there’s technology to help you know what’s in your code and automate the detection and remediation of license compliance and security issues in your DevOps life cycle.

  • Extreme Networks Transitions StackStorm to the Linux Foundation

    Extreme Networks, Inc. (EXTR) today announced it has turned governance of StackStorm™ platform, its popular open-source workflow automation platform, over to The Linux Foundation. In making this transition, Extreme expects the Foundation's open source community to accelerate development and adoption of the platform so enterprises everywhere can reap the benefits of new applications and use cases.

  • ExpressionEngine Under New Ownership, Will Remain Open Source for Now

    EllisLab founder Rick Ellis announced yesterday that ExpressionEngine has been acquired by Packet Tide, the parent company of EEHarbor, one of the most successful EE add-on providers and development agencies in the community. A year ago EllisLab, the developers of EE core, was acquired by Digital Locations but Ellis said the company ended up not being a good fit for the future of the CMS...

  • Open Source Seed, a Hoax or a Wake-Up Call?

    “Open source” is a trend in various industries. It started to take root in the software industry (Mozilla), followed by biotechnology (CAMBIA) and publishing, where the creative commons concepts have taken root. Several of these trends are based in an opposition against corporate power generated by exclusive rights provided by patents and copyright. Others have a positive goal, i.e. to enhance participation by a much wider population to generate, validate and share information (e.g. Wikipedia). The seed sector has a very good story to tell with regard to its contributions to societal goals, but in parts of society, the corporate image and the use of patents create questions, so we could expect that also our sector would be challenged. It is there now. The University of Wisconsin developed an Open Source Seed Initiative several years ago, which was followed in Germany more recently. Access to “freed” plant genetic resources is made conditional to users making them available under the same “open source” conditions – that no IP is vested. The system should thus go “viral” and “force” breeders to join and thus stop protecting their products through IP.

  • Satellite images and open-source programs for mapping during disasters

    A few weeks ago, the states of Assam and Bihar were reeling under floods. Over 200 people were reported dead, with at least 10 million (one crore) of the states’ residents estimated to have been displaced. To save more lives and prevent further infrastructural damage, search and rescue missions during such disasters need to be effective, and more importantly, need to be rapid. The answer to this may lie in space. Open-source access to satellite images and new technologies to process these images have been a significant breakthrough to help document the true extent of flooding. Getting this information in time is key to plan and conduct evacuation missions, response operations and damage assessments. The European Space Agency (ESA)’s Sentinel-1 mission and the web-based Google Earth Engine (GEE) platform are two recent developments that have helped timely capture and analysis of satellite information. A research team from the Indian Institute for Human Settlements (IIHS) used this combination (Sentinel and GEE) to come up with an illustrative example of how such mapping can be used in the future to help in rescue missions, through accurate mapping of flood extents.

Events: Fibre Optic Conference, All Things Open and HacktoberFest

  • Andile Ngcaba urges embracing open source

    Given the growth of data and the Internet of things, insofar as data is concerned, the fibre industry must adopt open source architecture in terms of designing and building networks. This is the sentiment shared by Andile Ngcaba, president of the FTTx Council Africa, at the annual Fibre Optic Conference that kicked-off at the Sandton Convention Centre yesterday. Ngcaba was speaking about the future of the industry and how to be part of it, pointing out that modern businesses are being built on open source, while modern telcos are going to be built on open source.

  • All Things Open: The ‘hidden tech gem in the Triangle’ that draws thousands

    In its seventh year, All Things Open is preparing for more than 5,000 attendees. The conference will feature more than 250 talks from some of the top technologists and decision-makers discussing open source technology during three days of programming at the Raleigh Convention Center.

  • Six reasons why you should attend All Things Open in Raleigh

    Haven’t decided whether to attend the All Things Open conference in Raleigh? Well, Open Source is growing more important in technology so you might want to keep an open mind about attending. And more than 4,500 people are already scheduled to attend. Action begins Sunday.

  • Tech Village Hosting HacktoberFest Open-Source Meetup This Weekend

    The event will be hosted in Bulawayo in the 1st floor of the NetOne Building, Corner Fife Street and L.Takawira. Opposite Central Police Station. Maintainers -the guys/girls who build source code into a binary package for distribution, commit patches, or organize code in a source repository– will be present to help out would-be contributors to help move open-source projects forward.

FOSS in SaaS/Back End/Databases

  • What to expect from Scylla Summit 2019

    Scylla (the company) takes its name directly from Scylla [pronounced: sill-la], a Greek god sea monster whose mission was to haunt and torment the rocks of a narrow strait of water opposite the Charybdis whirlpool. Outside of Greek history, Scylla is an open source essentially distributed NoSQL data store that uses a sharded design on each node, meaning each CPU core handles a different subset of data.

  • Licence to grill: A year on, MongoDB's Eliot Horowitz talks to The Reg about SSPL

    A year after its controversial switch to the Server Side Public License (SSPL), and with new products livening up the summer, MongoDB remains unrepentant. The change was aimed at making vendors selling a service using the company's code share the source of applications used to run the service as well as any tweaks. The move appeared to be aimed squarely at cloud vendors, content to "capture all the value and give nothing back to the community," as Dev Ittycheria, CEO of MongoDB, told us at the time. Elements of the open source community were less than impressed. The Open Source Initiative (OSI) rejected the company's attempts to get the licence approved and eventually MongoDB withdrew the thing from the process, although the company continued to use it for its own products. Indeed, at MongoDB's London .Local event, where we met co-founder and CTO Eliot Horowitz, the company was trumpeting the opening up of its Compass GUI for MongoDB under the SSPL.

  • From Russia with OLAP: Percona uses ClickHouse analytics

    At Percona Live Europe last week, one such example came up around the open source scene that is developing in Russia and how one of the projects that is now starting to open up to international use.

  • The love and the lament: Percona CEO details state of open source data

    Open source has changed, obviously it has. Starting from its origins among the hobbyist programmers and hackers who dared to defy the proprietary Silicon Valley behemoths, the open community-centric model for software development has now been widely adopted by the commercial software sector. In many cases, open source has become the norm for modern platforms, tools and applications. But how has this affected the nature of open development and what impact has this shift left in its wake on the data landscape that we view today?

  • GraphDB 9.0 Open Sources Its Front End and Engine Plugins to Support Knowledge Graph Solutions

    Ontotext has announced GraphDB 9.0, which is aimed at lowering the effort required for development and continuous operation of knowledge graphs by opening multiple integration extension points for its users and developers. GraphDB is a database for managing semantic information with more than 30 large production installations in big enterprises. With the growing complexity of enterprise data integration, many organizations are starting the journey of building knowledge graphs.

  • Ververica Announces Open Source Framework to Enable Lightweight, Stateful Applications at Scale

    Ververica, the original creators of Apache Flink, today announced at Flink Forward Europe the launch of Stateful Functions (statefun.io), an open source framework that reduces the complexity of building and orchestrating stateful applications at scale. Stateful Functions enables users to define loosely coupled, independent functions with a low footprint that can interact consistently and reliably in a shared pool of resources. Ververica will propose the project, licensed under Apache 2.0, to the Apache Flink community as an open source contribution.

  • DataStax offers bidirectional data dexterity for Apache Kafka

    DataStax has opened up ‘early access’ to its DataStax Change Data Capture (CDC) Connector for Apache Kafka, the open source stream-processing (where applications can use multiple computational units, similar to parallel processing) software platform. As a company, DataStax offers a commercially supported ‘enterprise-robust’ database built on open source Apache Cassandra. Stream processing is all about speed and cadence, so, the DataStax CDC Connector for Apache Kafka gives developers ‘bidirectional data movement’ between DataStax, Cassandra and Kafka clusters.

Security: WireGuard, SafeBreach and More

  • WireGuard Snapshot `0.0.20191012` Available
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    Hello,
    
    A new snapshot, `0.0.20191012`, has been tagged in the git repository.
    
    Please note that this snapshot is a snapshot rather than a final
    release that is considered secure and bug-free. WireGuard is generally
    thought to be fairly stable, and most likely will not crash your
    computer (though it may).  However, as this is a snapshot, it comes
    with no guarantees; it is not applicable for CVEs.
    
    With all that said, if you'd like to test this snapshot out, there are a
    few relevant changes.
    
    == Changes ==
    
      * qemu: bump default version
      * netns: add test for failing 5.3 FIB changes
      
      Kernels 5.3.0 - 5.3.3 crash (and are probably exploitable) via this one liner:
      
      unshare -rUn sh -c 'ip link add dummy1 type dummy && ip link set dummy1 up && ip -6 route add default dev dummy1 && ip -6 rule add table main suppress_prefixlength 0 && ping -f 1234::1'
      
      We fixed this upstream here:
      
      https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=ca7a03c4175366a92cee0ccc4fec0038c3266e26
      
      This is relevant to WireGuard because a very similar sequence of commands is
      used by wg-quick(8).
      
      So, we've now added some tests to catch this code path in the future. While
      the bug here was a random old use-after-free, the test checks the general
      policy routing setup used by wg-quick(8), so that we make sure this continues
      to work with future kernels.
      
      * noise: recompare stamps after taking write lock
      
      We now recompare counters while holding a write lock.
      
      * netlink: allow preventing creation of new peers when updating
      
      This is a small enhancement for wg-dynamic, so that we can update peers
      without readding them if they've already been removed.
      
      * wg-quick: android: use Binder for setting DNS on Android 10
      
      wg-quick(8) for Android now supports Android 10 (Q). We'll be releasing a new
      version of the app for this later today.
    
    This snapshot contains commits from: Jason A. Donenfeld and Nicolas Douma.
    
    As always, the source is available at https://git.zx2c4.com/WireGuard/ and
    information about the project is available at https://www.wireguard.com/ .
    
    This snapshot is available in compressed tarball form here:
      https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20191012.tar.xz
      SHA2-256: 93573193c9c1c22fde31eb1729ad428ca39da77a603a3d81561a9816ccecfa8e
      BLAKE2b-256: d7979c453201b9fb6b1ad12092515b27ea6899397637a34f46e74b52b36ddf56
    
    A PGP signature of that file decompressed is available here:
      https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20191012.tar.asc
      Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE
    
    If you're a snapshot package maintainer, please bump your package version. If
    you're a user, the WireGuard team welcomes any and all feedback on this latest
    snapshot.
    
    Finally, WireGuard development thrives on donations. By popular demand, we
    have a webpage for this: https://www.wireguard.com/donations/
    
    Thank you,
    Jason Donenfeld
    
  • WireGuard 0.0.20191012 Released With Latest Fixes

    WireGuard is still working on transitioning to the Linux kernel's existing crypto API as a faster approach to finally make it into the mainline kernel, but for those using the out-of-tree WireGuard secure VPN tunnel support, a new development release is available.

  • SafeBreach catches vulnerability in controversial HP Touchpoint Analytics software

    Now the feature is embroiled in another minor controversy after security researchers at SafeBreach said they uncovered a new vulnerability. HP Touchpoint Analytics comes preinstalled on many HP devices that run Windows. Every version below 4.1.4.2827 is affected by what SafeBreach found. In a blog post, SafeBreach Labs security researcher Peleg Hadar said that because the service is executed as "NT AUTHORITY\SYSTEM," it is afforded extremely powerful permissions that give it wide access. "The CVE-2019-6333 vulnerability gives attackers the ability to load and execute malicious payloads using a signed service. This ability might be abused by an attacker for different purposes such as execution and evasion, for example: Application Whitelisting Bypass Signature Validation Bypassing," Hadar wrote. [...] The company has long had to defend HP Touchpoint Analytics against critics who say it gives HP unnecessary access to users' systems. When it first became widely noticed in 2017, dozens of users complained that they had not consented to adding the system.

  • Security Tool Sprawl Reaches Tipping Point
  • How trusted digital certificates complement open source security

    Application developers incorporating open source software into their designs may only discover later that elements of this software have left them (and their customers) exposed to cyber-attacks.

  • Securing the Container Supply Chain