Reconnaissance or Information Gathering is the first step in any penetration test. It is an essential part of the process. Starting a penetration test without a decent recon is like going to a war without knowing where and who you are fighting. As always, there is a world of amazing recon tools apart from the ones above. All thanks to an amazing open-source and cybersecurity community!

It is seconded by the release of AWS UI, which the company describes as “a collection of React components that help create intuitive, responsive, and accessible user experiences for web applications."

While AWS doesn’t create client applications, its embrace of React and this move towards what it describes as a “new open source design system” is perhaps done with the purpose of easing access to its services.

It’s argued that switching to a new open source, platform-agnostic design methodology will surely make AWS services easier to consume and increase their adoption.

Packed with more than 300 changes that includes numerous bug fixes and improvements, Krita 4.4.2 is here to make your digital painting experience more enjoyable by also introducing some key new features, such as support for SVG-based Mesh gradients that’s also compatibility with the popular Inkscape SVG editor.

In addition to Mesh gradients, which can be used on vector objects, Krita 4.4.2 also introduces support for Mesh transforms, which supports complex transformations to give a speed boost to your concept. The Mesh transform feature can also be used to create precise transforms and it appears to be very useful for rounded objects.

Wine is an open-source application that acts as a compatibility layer to run Windows programs in Unix-like operating systems such as Linux, FreeBSD, etc. It is capable of converting the Windows system calls to POSIX calls used by Linux systems. This guide explains how to install Wine 6.0 on the Ubuntu 20.04 LTS focal fossa.

[Tel-Aviv, Israel, January 19, 2021] Variscite is pleased to announce the broad market launch of VAR-SOM-MX8M-PLUS and DART-MX8M-PLUS with the latest i.MX 8M Plus production silicon from NXP.

• 10 Best Hacking Apps for Android

• 3 Ways to Make GIFs from Video & Screen Recording on Android & iOS

• 8 Best VPNs for Android TV (Free and Paid)

• How to Run GeForce Now on Android TV

• How To Share Files Instantly to Any Android Phone Via Nearby Share, Android's AirDrop Rival

• TCL 10L finally receives Android 11 OS update

• Huawei P50 Pro may run on EMUI with Android 11, not HarmonyOS

• Samsung kicks off its Android 11 updates for the Galaxy Tab S7 family with a nice twist

• Galaxy S10 and Note 10 are not the only Samsung phones getting Android 11 this month

• Android 12 could let you hibernate apps, and we now know more about the feature

• OnePlus Nord N10 5G Gets January 2021 Security Patch With OxygenOS 10.5.9 Update

• [Working] 7 Fixes For Delayed Notifications on Your Android Phone

• Apple May Finally Bring Fingerprint Scanner Back On iPhones That Android Has Been Using For Years

• Nokia 5.4, Nokia 6.2, Nokia 7.2 Start Receiving Android Security Patch: Report

• Review: vivo Y70 faces a fight in a crowded Android field

If you’re a fan of terminal emulators, Terminology is one of the most appealing and functional out there. With version 1.9, the app received various under-the-hood improvements to work better with the Debian GNU/Linux operating system and any distribution based on it.

Terminology 1.9 also introduces the `ability to search fonts in the fonts panel in case you’re not satisfied with the default one, as well as a bunch of new color schemes, including Belafonte Day, Belafonte Night, Cobalt2, Dracula, Fahrenheit, Material, One Dark, PaleNight, Soft Era, Tango Dark, Tango Light, and Tomorrow Night Burns.

The login shell is the first process that is executed with your user ID when you log into an interactive session.

This may seem simple at the surface but if you dig deep, it could get confusing a bit. To understand, let's see revisit the login process in Linux systems.

Linux is a multi-user system where multiple users can log in and use the system at the same time.

The first process in a Linux system, be it init or systemd, starts a getty program. This getty, short for 'get tty' (tty denotes physical or virtual terminals), is responsible for protecting the system from unauthorized access.

Text editors can be used for writing code, editing text files such as configuration files, creating user instruction files, and many more. In Linux, text editors are of two kinds that is the graphical user interface (GUI) and command-line text editors (console or terminal).

In this article, I am taking a look at some of the best 21 open-source commonly used text editors in Linux on both servers and desktops.

This is for Trisquel users who have Android or Apple phones. This tutorial explains how to share files between your desktop and your phone via wireless or cable without using KDE Connect. This 'magic' is called Syncthing -- a cross platform app. It is an easy and quick app to transfer your photos and everything between devices just like the proprietary software SHAREit but with privacy and security for you. I have made similar guide before (see here) but for Trisquel 9 it is a little different so this is for you. Now let's start sharing!

Ventoy is a top-rated free and open-source utility to create a multiboot USB stick from ISO files. I use it regularly, and highly recommend you to use.

Recently I covered on how you can create a bootable USB stick using Baleno Etcher. This time I will guide you how easily you can create a multiboot USB stick by just doing copy-paste ISO file to your USB device.

• Google is pushing Android TV hardware-makers to adopt the AV1 codec in 2021

• Google may require AV1 codec support on all new Android TV devices

• Samsung SmartThings is now available on Android Auto [Update]

• 15 Samsung smartphones will soon get OneUI 3.1 based on Android 11

• Samsung Galaxy Z Fold2 is now receiving Android 11 in the US

• TCL 10L starts receiving the promised Android 11 update

• Sony Xperia 1 and Xperia 5 Owners Get Android 11 Upgrade Early

• Ongoing Android 11 issue seems to ignore game controller input

• Android's upcoming Hibernation feature will reduce the size of apps you are not using

• How to Flip an Image on Android

• WordPress for Android Previews New Story Posts Feature, Now in Public Beta

• Links 18/1/2021: GNU Radio 3.9, Wikipedia at 20
• InteLeaks – Part XIX: Intel's Web 'Experts' Seen as Microsoft Champions Dealing With the Platform Microsoft is Looking to Destroy
• Adding Images as Characters to the Daily Bulletins of Techrights
• Links 18/1/2021: Weekly Summaries and Linux 5.11 RC4
• IRC Proceedings: Sunday, January 17, 2021
• The Oligarchs' Parties Will Never Choose the Side of Software Freedom Because Free Software Cannot Bribe Officials

• Meetup Will Discuss Survey Results, Project Improvements

  The openSUSE Project welcomes our followers to participate in two planned meetups to discuss results from the End of the Year Community Survey on Jan. 23 and Jan. 30.

  Both sessions will start at 13:00 UTC on openSUSE’s Jitsi instance and go for 1:30 hours.

  Members of the “let’s improve the openSUSE learning experience” initiative will share results and analysis from the survey.

• LF‌ ‌Edge‌ ‌Adds‌ ‌New‌ ‌Members‌

  LF Edge has announced the addition of four new general members (FII, HCL, OpenNebula, and Robin.io) and one new Associate member (Shanghai Open Source Information Technology Association).

  Additionally, Home Edge has released its third platform update with new Data Storage and Mult-NAT Edge Device Communications (MNDEC) features.

• Text Encoding Menu in 2021

  In mid-January 2021, the Text Encoding menu in Firefox looks like this:
  Automatic
  Unicode
  Western
  Arabic (Windows)
  Arabic (ISO)
  Baltic (Windows)
  Baltic (ISO)
  Central European (Windows)
  Central European (ISO)
  Chinese, Simplified
  Chinese, Traditional
  Cyrillic (Windows)
  Cyrillic (KOI8-U)
  Cyrillic (KOI8-R)
  Cyrillic (ISO)
  Cyrillic (DOS)
  Greek (Windows)
  Greek (ISO)
  Hebrew, Visual
  Hebrew
  Japanese
  Korean
  Thai
  Turkish
  Vietnamese

  [...]

  For users who have telemetry enabled, we collect data about whether the item “Automatic” was used at least once in given Firefox subsession, whether an item other than “Automatic” was used at least once in a given Firefox subsession, and a characterization of how the encoding that is being overridden was determined (from HTTP, from meta, from chardetng running without the user triggering it, from chardetng as triggered by the user by having chosen “Automatic” previously, etc.). If things go well, the telemetry can be analyzed when Firefox 87 is released (i.e. when 86 has spent its time on the release channel). The current expectation for this is 2021-03-23.

• Wikipedia is twenty. It’s time to start covering it better. - Columbia Journalism Review

• Jimmy Wales: “Wikipedia is from a different era”

  As the online encyclopedia turns 20-years-old, its founder reflects on the internet’s halcyon days.

• Fact check: As Wikipedia turns 20, how credible is it?

  Wikipedia, which has been referred to as a world treasure, turns 20 on Friday. According to research conducted over the years — including a scientific study published by the journal Nature in 2005 and a report commissioned by the site's Wikimedia Foundation in 2012 — Wikipedia's entries are comparable in quality to those in prestigious encyclopedias such as Britannica. However, it is difficult to measure the consistency of information that can be altered at any time.

• Odin is finally pleased so the open-world survival game Valheim releases on February 2 | GamingOnLinux

  Odin has finally had enough sacrifices and shall be releasing Valheim from Iron Gate AB will enter Early Access with Linux and Windows support on February 2.

  What is it? A brutal multiplayer exploration and survival game set in a procedurally-generated purgatory inspired by viking culture. Battle, build, and conquer your way to a saga worthy of Odin’s patronage! With low-poly artwork and a very flexible building system it looks absolutely brilliant. The early builds they had available were seriously promising back in 2018 so I'm personally excited to see how far they've progress with it in that time.

• Ravgeet Dhillon: Offline Toast notification in Nuxt/Vue app

  We have often seen apps telling us that “You are offline. Check your network status.”. It is not only convenient to do so but adds to a great UX. In this blog, we will look at how can we display a toast notification in a Nuxt/Vue app whenever the user goes offline or online. This will also help us to understand how to use computed and watch properties together.

  [...]

  Hurray! Our toast notifications are working perfectly fine. So using the combined magic of computed and watch properties, we can create outstanding workflows and take our Nuxt/Vue app to next level. If you any doubts or appreciation for our team, let us know in the comments below. We would be happy to assist you.

• Stephen Michael Kellat: Leveraging LaTeX In This Time

  From time to time I like to bring up fun adventures in LaTeX. In these stranges times in the United States it is important to look at somewhat practical applications beyond the normal reports and formal papers most people think of. With a Minimum Working Example we can mostly look at an idea.

  The Comprehensive TeX Archive Network has a package known as newspaper which is effectively subject to nominative determinism. You can make things with it that look like newspapers out of the 1940s-1960s in terms of layout. The page on CTAN shows nice examples of its use and provides a nice story as to why the package was created.

  The example source file on CTAN has a bug in it, though. We're going to make a new one based on it. I am also going to add but not yet utilize the markdown package to the example.

• 2021.03 Course Topped – Rakudo Weekly News

  The course of the Raku Programming Language by Andrew Shitov made it to the top 20 of Hacker News and spurred quite a few comments. The first associated Grant Report was also published.

• GCC 11 Is On The Final Stage Of Development With 60+ High Priority Regressions - Phoronix

  GCC 11 entered its final stage of development today as it works towards releasing around the end of Q1 / early Q2 if their past cadence holds up. Before GCC 11.1 can debut as the first stable version, there are some 60+ "P1" high priority regressions that need to be resolved or otherwise demoted to lesser priority regressions.

  GCC 11 release manager Richard Biener this morning announced GCC 11 is now in stage four development meaning only regression fixes and documentation fixes are allowed. As of this morning the code-base is at 62 P1 regressions, another 334 P2 regressions, 35 P3 regressions, and more than 200 regressions of the lower P4/P5 status.

• Xtra-PC Reviews – Best Linux USB-Stick? - Product Review by Rick Finn

  The Xtra-PC Linux USB-Stick might be your solution if you have problems with your old and slow PC. It's a small flash drive stick and it's using Linux OS to boost you PC's operations. Check out now.

• Arduino Blog » Old keyboard turned into a new children’s learning toy

  Peter Turczak’s toddler son loves “technical stuff,” especially things like keyboards and computers that adults use. After discussing this with other likeminded technical parents, the idea of giving new life to an old (PS/2 or AT) keyboard as a teaching tool was hatched.

• SiFive Helping To Teach Kids Programming With RISC-V HiFive Inventor Coding Kit

  SiFive in cooperation with Tynker and BBC Learning have launched a Doctor Who themed HiFive Inventor Coding Kit. This Initial HiFive Inventor Coding Kit is intended to help kids as young as seven years of age get involved with computer programming through a variety of fun exercises and challenges involving the RISC-V powered mini computer and related peripherals like LED lighting and speaker control.

  [...]

  So for those looking to get their kids involved with computer programming and looking for an IoT-type device with some fun sensors and various themed exercises to get them experimenting, the HiFive Inventor Coding Kit is worth looking into further. More details on the programming platform can be found via Tynker.com and on the hardware at HiFiveInventor.com. The HiFive Inventor Kit is available from Amazon.com and other Internet retailers for $75 USD.

• Security updates for Monday

  Security updates have been issued by Arch Linux (atftp, coturn, gitlab, mdbook, mediawiki, nodejs, nodejs-lts-dubnium, nodejs-lts-erbium, nodejs-lts-fermium, nvidia-utils, opensmtpd, php, python-cairosvg, python-pillow, thunderbird, vivaldi, and wavpack), CentOS (firefox and thunderbird), Debian (chromium and snapd), Fedora (chromium, flatpak, glibc, kernel, kernel-headers, nodejs, php, and python-cairosvg), Mageia (bind, caribou, chromium-browser-stable, dom4j, edk2, opensc, p11-kit, policycoreutils, python-lxml, resteasy, sudo, synergy, and unzip), openSUSE (ceph, crmsh, dovecot23, hawk2, kernel, nodejs10, open-iscsi, openldap2, php7, python-jupyter_notebook, slurm_18_08, tcmu-runner, thunderbird, tomcat, viewvc, and vlc), Oracle (dotnet3.1 and thunderbird), Red Hat (postgresql:10, postgresql:12, postgresql:9.6, and xstream), SUSE (ImageMagick, openldap2, slurm, and tcmu-runner), and Ubuntu (icoutils).

• About CVE-2020-27348

  Well this is a doozey. Made public a while back was a security vulnerability in many Snap Packages and the Snapcraft tool used to create them. Specifically, this is the vulnerability identified as CVE-2020-27348. It unfortunately affects many many snap packages…

  [...]

  The problem arises when the LD_LIBRARY_PATH includes an empty element in its list. When the Dynamic Linker sees an empty element it will look in the current working directory of the process. So if we construct our search paths with an accidental empty element the application inside our Snap Package could be caused to load a shared library from outside the Snap Package’s shipped files. This can lead to an arbitrary code execution.

  It has been common to put a definition of the LD_LIBRARY_PATH variable into a Snap Package’s snapcraft.yaml that references a predefined $LD_LIBRARY_PATH as if to extend it. Unfortunately, despite this being common, it was poorly understood that SnapD ensures that the $LD_LIBRARY_PATH is unset when starting a Snap Package’s applications. What that means is that where the author tried to extend the variable they have inadvertantly inserted the bad empty element. The empty element appears because $LD_LIBRARY_PATH is unset so the shell will expand it to an empty string.

• Wait, What? Kids Found A Security Flaw in Linux Mint By Mashing Keys!

  Security flaws can be incredibly stupid and dangerous. Of course, I’m not judging anyone, we are humans after all. But this little incident is quite funny.

• Ubuntu Unity Remix 20.10 overview | UNITY7 MODERNIZED.

  In this video, I am going to show an overview of Ubuntu Unity Remix 20.10 and some of the applications pre-installed.

• How to install Blender 2.91 on Linux Mint 20.1

  In this video, we are looking at how to install Blender 2.91 on Linux Mint 20.1.

• Basic Security For Every Linux Server

  Different use cases will have different security requirements but there's a certain base line that every Linux server should be at before you even think of deploying anything further like disabling certain ways to connect to the server and adding some ssh keys.

• Linux in the Ham Shack/LHS Episode #387: Compiling Software Deep Dive

  Hello and welcome to the 387th episode of Linux in the Ham Shack. In this episode, the hosts discuss concepts related to building software from source code. Topics include proper build environments, packages to install for easy building of software, how to get source, commands for building software and much more. We hope you find this talk interesting and informative and we hope you come back for Episode 388.

• How to steal free software (and do it badly)

• Davie Street Enterprises: A case study in digital transformation

  We would like to introduce you to Davie Street Enterprises (DSE). DSE is a fictitious 100-year-old multinational corporation that is beginning its digital transformation journey. In this post we will lay the groundwork for a series following DSE as an illustration of how some Red Hat customers are preparing for and succeeding at digital transformation to save money, become more efficient, and compete more effectively.

  The company isn't real, but its struggle is very real for many organizations. Throughout this series, we will explore the business problems any number of organizations are challenged with and how DSE, with the help of Red Hat and its partners, plan to solve those problems. To start, let’s learn more about DSE, its business, and some of the associates involved in its digital transformation journey.

• Farewell 2020: A year of togetherness with our EMEA partners

  When reflecting on 2020, I do what many people do and think about what things were like prior to this year. For me, I immediately go back to a spring day three years ago. Red Hat was hosting our EMEA Partner Conference; a mix of distributors, independent software vendors (ISVs), system integrators and solution providers from across the region. Alongside the usual product updates and market insight sessions you might expect, we decided to do a little drumming. A lot of drumming, in fact — 900 people banging bongos and clashing cymbals. Other than the noise, what I remember was the genuine sense of togetherness; embarrassment and egos put to the side in the pursuit of the perfect tempo.

  It seems drumming is a good signal of solidarity. Even in a large group, it’s easy to notice someone beating to a different rhythm. Trainers and coaches use this drumming technique frequently to promote unity and coordination. Our coach that day later congratulated me on "having such a tight knit group of employees." When I told him they weren’t our employees but partners from 550 different companies, he couldn’t believe it.

• Visualizing system performance with RHEL 8 using Performance Co-Pilot (PCP) and Grafana (Part 1)

  When it comes to performance metrics data collection and visualization on Linux, PCP metrics collection and visualization are key. Red Hat Enterprise Linux (RHEL) 8 provides an excellent framework for collecting performance metrics and visualizing them! The days of poring over command line output to try and figure out what is happening on a system are gone. In this series, I’d like to introduce the power of using Performance Co-Pilot (PCP) and Grafana to visualize system performance data in RHEL.

  By default, Performance Co-Pilot is not installed on RHEL 8. We believe in giving users choices and as such, you have to opt-in to using Performance Co-Pilot.

Newer wireless Logitech keyboard/mice supporting "unified battery" reporting will be supported beginning with Linux 5.12 as a newer interface compared to the existing battery reporting support.

While Logitech doesn't engage much with seeing good Linux support by their consumer devices (there has been only a handful of commits from Logitech developers over the past decade - in most cases providing just some basic bits), the open-source community through reverse engineering and widespread testing have filled in the voids. Wireless Logitech devices on Linux have generally enjoyed working battery reporting under Linux while now support for an interface found with newer devices is forthcoming.

Also: Itanium IA-64 Was Busted In The Upstream, Default Linux Kernel Build The Past Month