Language Selection

English French German Italian Portuguese Spanish

Linux Never Had a Better Chance to Beat Windows

Filed under

Windows 10 is out, and everyone is talking about it. It's clear that Microsoft did something right for a change and that the latest version of the OS is better than the previous releases. This is actually a good thing.

Read more

Also: Windows 10 privacy concerns may help Linux

More in Tux Machines

LibreOffice Online with Team Editing Collaboration

Continuing the intro, now we will try LibreOffice Online with team collaboration. This allows you and friends (a team) altogether to edit a document simultaneously via the internet. It supports computer, laptop, as well as Android device users. How to do that? This simple tutorial explains it step by step for you. [...] Once a friend clicked the link, he/she will open your document on the web browser, asked for a name, asked for the password if any, and finally can edit the document together with you at the same time. The name asked will be used as identifier when a team working together. Read more

Security Leftovers

  • Feeding Frenzy as criminal groups stake their claim on Outlook Web Access servers

    This weekend, several days after the Patch Tuesday when Microsoft released fixes for the ProxyLogon vulnerability, Netcraft found more than 99,000 unpatched Outlook Web Access servers accessible on the internet — of which several thousand have clear evidence of one of more web shells installed. Outlook Web Access (OWA) provides remote access to on-premises Microsoft Exchange mailboxes. While a treasure trove of corporate email is a tempting enough target itself, it can also act as jumping-off point for deeper network access. Vulnerable versions allow unfettered remote access to the mail server. Originally attributed to the Hafnium group, the variety of different web shells and file naming conventions found by Netcraft suggest that the shells belong to multiple groups who have been spurred into action since Microsoft’s announcement by the scale of the opportunity.

  • A Basic Timeline of the Exchange Mass-Hack

    Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here’s a brief timeline of what we know leading up to last week’s mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program. When did Microsoft find out about attacks on previously unknown vulnerabilities in Exchange? Pressed for a date when it first became aware of the problem, Microsoft told KrebsOnSecurity it was initially notified “in early January.” So far the earliest known report came on Jan. 5, from a principal security researcher for security testing firm DEVCORE who goes by the handle “Orange Tsai.” DEVCORE is credited with reporting two of the four Exchange flaws that Microsoft patched on Mar. 2.

  • David Tomaschik: BSidesSF 2021 CTF: Encrypted Bin (Author Writeup)

    I thought I’d do a walk through of how I expected players to solve the challenge, so I’ll write this as if I’m playing the challenge. Visiting the web service, we find an upload page for text and not much else. When we perform an upload, we see that we’re redirected to a page to view the encrypted upload...

Proposal and Steps To Dual-License Gutenberg Under the GPL and MPL

The GPL is so embedded into WordPress that it is not just the license the platform is under but a part of the community’s culture. Friends have been gained and lost over discussions of it. Bridges burned. Battles waged. People cast out to the dark corners of the web that “we don’t talk about.” There was even a time when one could expect a fortnightly GPL dust-up in which the inner WordPress world argued the same points over and over, ad nauseam. It might be hard to imagine a world where — outside of third-party libraries — direct contributions to the software are under anything other than the GPL. However, the wheels are now in motion. The Gutenberg project, which is the foundation of WordPress going forward, may soon be under both the GNU General Public License (GPL) v2 and the Mozilla Public License (MPL) v2.0. Read more Also: People of WordPress: Olga Gleckler

Intel Contributes New "KCPUID" Utility For Linux To Reliably Report CPU Features

Intel engineers have been working on a tool called kcpuid for showing the raw CPU features/capabilities of a processor under Linux. This utility will be part of the kernel source tree and is queued up now in tip's x86/misc branch, thereby making it material for Linux 5.13 barring any issues coming up. Users/administrators can generally rely on /proc/cpuinfo for quickly finding out CPU features of a given system. But the reported CPU information can be a bit misleading as some information can get left out due to kernel boot-time / command-line options that may disable some feature flags. Meanwhile other user-space utilities exist for reading CPU features but they are not necessarily up-to-date for the latest CPUs, among other potential issues. Read more Also: Intel 14th Gen Lunar Lake CPU Platform Referenced In New Linux Patch Notes