• How to install Signal Private Messenger on Linux | FOSS Linux

  Are you looking for an open-source messenger that respects your privacy? Here's how to install Signal Messenger on your Linux PC. We show the installation on popular Linux distros such as Ubuntu, Fedora, and Manjaro.

• UBlock Origin and custom filters - Mini tutorial

  Several months ago, I wrote a review of UBlock Origin. It's a powerful, nerdy browser extension, available across the wider range of browsers out there, with the sacred purpose of making the Internet palatable for intelligent use. It does so by being a sophisticated adblocker and content blocker.

  Since, I've received requests for additional tutorials - and also found myself tackling a few real-world issues with somewhat overzealous content blocking. For example, on Bing images, if I clicked on an image, they would show up for a second, flicker and then disappear. Not consistently - but always with UBlock Origin active. So I used this opportunity to write a little guide on how to create custom filters. Let's have a look.

• Scribus 1.5.6.1 Available to Install via PPA in Ubuntu 20.04, 20.10 | UbuntuHandbook

  For those prefer installing applications via apt method, the desktop publishing software Scribus 1.5.6 is finally made into PPA available for Ubuntu 20.04, Ubuntu 20.10, and Linux Mint 20.

  Scribus 1.5.6 was released a few months ago as the latest development release for the next major version 1.6.0. It feature

• apt-key Is Deprecated. How To Add OpenPGP Repository Signing Keys Without It On Debian, Ubuntu, Linux Mint, Pop!_OS, Etc.

  This article explains how to securely add OpenPGP keys and third-party APT repositories on Debian, Ubuntu, and Linux distributions based on these, like Linux Mint, Pop!_OS, Elementary OS and so on, to replace the deprecated apt-key.

  When you try to add an APT repository key using apt-key on Debian, Ubuntu and Linux distributions based on these, you'll see the following message: "Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8))".

  The apt-key man page mentions that the "use of apt-key is deprecated, except for the use of apt-key del in maintainer scripts to remove existing keys from the main keyring". What's more, "apt-key will last be available in Debian 11 and Ubuntu 22.04."

• How to count lines of source code in Linux

  For various reasons you may want to know in how many lines of code given open-source software is implemented. For example, you want to estimate the effort devoted to developing a particular open-source program. Or you want to gauge the size and complexity of a program before trying it. There is some controversy as to using source lines of code (SLOC) as a metric to determine the size of a software program, since existing programming languages differ greatly in terms of clarify and brevity.

  In any rate, if you would like to count the number of source code lines quickly and accurately, you can use a command-line tool called cloc (short for "Count Lines Of Code"). cloc is a Perl program that is dedicated to counting the number of lines of code. To estimate the size of codebase accurately, cloc automatically detects different types of programming/scripting languages, and discounts comment lines and blank lines based on the type appropriately.

• How to List Directory Contents on Linux - buildVirtual

  When working with the Linux file system, its important to know some of the different ways you can list directory contents on Linux.

  This article will look at some of the commands you can use to list directory contents, which will work on whichever version of Linux you are using. These commands will also work to list directory contents on VMware ESXi.

  It will cover how to do a basic directory listing, how to list specific information such as file size and permissions, and how to sort and filter the directory list output.

  Let’s start by looking at the basic usage of the ls command, before moving onto some more advanced examples of how you can use ls to list directories and their contents.

In spite of being a beloved companion to computer hobbyists the world over, the Raspberry Pi doesn’t get enough credit. In fact, single-board computers of all stripes haven’t gotten their due — I just happen to have a Raspberry Pi. It was upon casting a stray glance into the corner of my room where my Pi is, churning away on the previous task I assigned it, that I pondered all the loftier projects I have in mind for it.

It will probably be a while before I tackle those grand designs. But the next best thing to following my dreams is to share them. The ideas here are charcoal sketches, not full illustrations, but they yield a rough picture.

I should also note that these projects all contain Linux in their blueprints (shocking, I know). As this is the preliminary stage, we can leave the exact distribution blank for now. You can safely trust, though, that any services we might need our Pi to run will fasten flush onto a Linux base.

Dear SDR community most likely to travel in time to save the present,

The future is not set, there is no fate but what we make for ourselves. In this
very spirit, GNU Radio 3.9 packs a whole bunch of power when it comes to
transforming the way GNU Radio and its ecosytem can be developed in the future.

You'll find the release tags and signed tarballs now on github, and later on
https://www.gnuradio.org/releases/gnuradio/ .

Not only did we have great progressions from old dependencies that proved to be
all too problematic (SWIG, Python2), but also did we see an incredibly influx of
people actively working on how maintainable this code base is. This will nurture
the project for years to come.

All in all, the main breaking change for pure GRC users will consist in a few
changed blocks – an incredible feat, considering the amount of shift under the
hood. Mentioning large shifts, the work that went into the PyBind binding, the
CMake modernization, the C++ cleanup, the bug-fixing and the CI infrastructure
is worthy of explicit call out; I especially thank

* Josh Morman
* Thomas Habets
* Jacob Gilbert
* Andrej Rode
* Ryan Volz

here.

For developers of OOTs, I'm sure PyBind11 will pose a surprise. If you're used
to SWIG, yes, that's more code to write yourself. But in effect, it's less code
that breaks, and when it breaks, it breaks in much more understandable ways.
Josh has put a lot of effort into automating as much of that as possible.
There's certainly no shortage of demand for that! The ecosystem (remember GNU
Radio's tagline?) is in a steady upwind. We've seen more, and more stable,
contributions from OOT maintainers. That's great!

For in-tree development, newer dependencies and removal of anachronisms will
make sure things move much smoother. Our CI is getting – lately literally every
day – better, which means we not only catch bugs earlier, but also allow for
much quicker review cycles.

One central change:

If you're contributing code upstream, we no longer need you to submit a CLA;
instead, we ask you to just certify, yourself, that you're allowed to contribute
that code (and not, e.g. misappropriating someone else's code).

That's what the DCO (Developer Certificate of Origin) is: Just a quick, "hey,
this code is actually for me to contribute under the project's license"; nothing
more.

• Google bans 164 Android apps from its Play Store, now you must remove them from your phone

• Google may require AV1 codec support on all new Android TV devices: Report

• Google app experimenting with new in-app browser on Android

• Nokia C3 gets a new Android 10 Build with December Security update 2020

• Xiaomi Mi Note 10 Lite is now receiving Android 11

• Many Android 11 users are having trouble getting games to recognize their controllers

• TCL 10L mid-ranger starts receiving promised upgrade to Android 11

• Android 11 begins rolling out for Sony Xperia 1 and Xperia 5

• 5 Best Ways to Make Memes on Your Phone for Free (Android and iOS)

• Best new mobile games on iOS and Android - January 2021 round-up

• Android not sending pictures to iPhone? Know how to fix the issue

• How to Make Signal Your Default SMS Messaging App on Android

• You're using your Android and Mac's fingerprint reader all wrong

• First details emerge of Android's upcoming app hibernation feature

• Android's upcoming Hibernation feature will reduce the size of apps you are not using

Linux offers a huge array of open source music players. And many of them are high quality. I’ve reviewed the vast majority for LinuxLinks, but I’m endeavoring to explore every free music player in case there’s an undiscovered gem.

MPD is a powerful server-side application for playing music. In a home environment, you can connect an MPD server to a Hi-Fi system, and control the server using a notebook or smartphone. You can, of course, play audio files on remote clients. MPD can be started system-wide or on a per-user basis.

I’ve covered a fair few MPD clients over the past year or so including Cantata, Ymuse, mpdevil, ympd, myMPD, ampd, ncmpy, and ncmpc. My favorite of them is Cantata although Ymuse is a simple alternative. There’s lots of differences between these front-ends. For example, Cantata uses the Qt widget set, whereas Ymuse and mpdevil offer a GTK front-end. ympd, myMPD and ampd are web-based clients. And ncmpy and ncmpc are terminal-based clients. So there’s something for everyone.

ncmpcpp is a terminal-based MPD client with a user interface that seeks inspiration from ncmpc and shares a lot of similarities. But it adds some useful features. Let’s check it out. Before doing so, here’s the obligatory installation section.

I'm announcing the release of the 5.10.8 kernel.

All users of the 5.10 kernel series must upgrade.

The updated 5.10.y git tree can be found at:
	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y
and can be browsed at the normal kernel.org git web browser:
	https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

thanks,

greg k-h

Also: Linux 5.4.90

Linux 4.19.168

Linux 4.14.216

Linux 4.9.252

Linux 4.4.252

In case you’re not aware of mpv, it is a free and open-source command-line based media player. Okay, there is a minimalist GUI for MPV but at the core, it is command line.

You might also find several open-source video players that are basically the GUI front-end to mpv.

Haruna video player is one of them along with the ability to use youtube-dl. You can easily play local media files as well as YouTube content.

Let me give you an overview of the features offered with this player.

We spend a lot of time looking at retrocomputing in the form of gaming and home computers, but it’s true to say that minicomputers are less common than hardware projects. Perhaps it’s the size, cost, or even relative rarity of the original machines, but DEC minicomputers are a bit unusual around here. [Sprite_TM] hasn’t bought us a PDP11 or a VT102 terminal, but he’s done the next best thing in the form of a miniature working VT102 that also conceals a PDE11 emulator. It runs Tetris, which was originally developed on a Russian clone of the PDP11 architecture, and the 2.1BSD operating system.

Powering it all is an ESP32 module, and the PDP11 emulator is the well-known SIMH software. Porting this to the slightly limited environment of the microcontroller required a few compromises, namely the network stack and the configuration interface. In a particularly clever move [Sprite_TM] enabled BSD networking by writing an ESP32 layer that takes network packets via SIMD directly from BSD. It includes its own DHCP client and wireless network configuration tool, allowing an ancient UNIX-derived operating system from the 1970s to connect to the 21st century Internet through an emulator with its network code stripped out.

I tend to run Ubuntu on my computers as the primary operating system. Given I work for Canonical, this isn’t especially surprising. However I have run Ubuntu on pretty much everything since 2005 or so - long before I started working at Canonical (in 2011). Mostly I will upgrade as each new release comes out, only doing a clean install once in a while.

I ran GNOME 2 for all the years from 2004 through to Unity being released, then switched to that. After Ubuntu switched from Unity to GNOME Shell I went along with that in late 2017, and have mostly been running it ever since. I sometimes run other distros in VMs, or play with live environments, but I tend to stick to Ubuntu. Not for any company imposed reason - there’s a bunch of people at Canonical who run Arch, MacOS or something else. I just prefer Ubuntu.

Etcher is a free and open-source utility developed by Balena licensed under Apache License 2.0. It is used to create a bootable USB device using ISO and IMG files.

There are many tools available to create a bootable USB stick in Linux. Etcher is one of them, and we recommend using it as it is way faster to create a bootable USB stick than other utilities.

Today, we guide you on how to install Etcher and make your first bootable USB stick.

• Install Inkscape 1.0.2 In Ubuntu / LinuxMint / Debian | Tips On UNIX

  Inkscape is a free and open-source professional vector graphics editor software that runs on Linux, Mac OS X, and Windows desktop computers.

  It is suitable for illustrators and web designers and it is an alternative to Adobe Illustrator. It supports many SVG features (markers, alpha blending, clones, etc..) and easy to use.

• How to enable PowerTools on CentOS 8

  The PowerTools repository, which is available on CentOS/RHEL 8, provides developer related tools and libraries. Some EPEL packages depend on packages available from PowerTools. Thus if you have set up the EPEL repository on your CentOS, it is recommended that you enable PowerTools as well.

• Install gscan2pdf 2.11.0 in Ubuntu / Linux Mmint

  gscan2pdf a GUI tool used to produce PDF’s or DjVus from Scanned documents,gscan2pdf works on all Linux / BSD machines

  gscan2pdf team released a newer version 2.11.0 recently and yet to be updated in official Jeffrey Ratcliffe PPA for Ubuntu 20.04 and lower versions.

  This tutorial will be helpful for beginners to install gscan2pdf 2.11.0 in Ubuntu 20.10, Ubuntu 20.04, Linux Mint 20.1, and lower versions of Ubuntu and Linux Mint.

• How to set up WireGuard VPN server on Ubuntu 20.04

  Traditionally, VPN implementation has existed in two forms. In-kernel VPN implementation such as IPsec performs heavy-duty per-packet crypto processing in the kernel in a "bump-in-the-stack" fashion (i.e., between IP stack and the network drivers). This gives speed as there is no context switch between kernel and userspace during packet processing. But it comes with high management complexity in separate userspace control plane (e.g., IKE). An alternative form of VPN implementation is userspace TUN/TAP-based solutions such as OpenVPN, Tinc, n2n, where crypto processing is performed by a userspace VPN daemon. Naturally, these TUN/TAP-based VPN solutions have poor performance compared to IPsec mainly because network packets traverse the kernel and userspace boundary multiple times, resulting in frequent context switches and packet copies. Despite their performance disadvantage, userspace VPN solutions enjoy more popularty than the in-kernel counterpart due to their ease of use and configuration.

• How to create a lifecycle policy for an S3 Bucket on AWS

  We can use the Lifecycle Policy to manage the objects in S3 Bucket so that they are stored cost-effectively throughout. An S3 Lifecycle Policy is a set of rules used to define actions that Amazon S3 applies to objects in the bucket.

• How to change the hostname on Ubuntu 20.04 LTS

  In a Local Area Network (LAN) environment, computer systems need to communicate with each other based on their IP addresses. To learn and remember these IP addresses and sharing them when needed is a tricky business. In order to avoid such trouble, users tend to rename their system’s hostname for their own ease. The simpler hostnames will allow all computer users to coordinate easily without an exchange of large IP addresses. This whole scenario is quite related to the URLs and DNS server address, where the user is totally unaware of long addresses and simply use the URLs in their search engine.

  In this tutorial, I will show you two methods to change the hostname of an Ubuntu 20.04 system via the command line terminal and GUI. Users can opt either way to update the names and share them once they have finalized them.

• How To Delete Outdated Vagrant Boxes In Linux - OSTechNix

  You might have downloaded several versions of Vagrant boxes and some of them might be pretty outdated! If they are no longer required, you can safely delete outdated Vagrant boxes in Linux as described in this brief guide.

  Check for outdated Vagrant boxes

  I have been using Vagrant for the past few months for testing purposes. Since Vagrant version 1.5, boxes support versioning. The Box Versioning allows the developers who make boxes to push updates or fixes and the users to easily update the underlying box.

• LHB Digest #21.02: Uptime Monitoring, Terminal Shortcuts, Linux Commands Tips and More

• How To Install Java on Linux Mint 20 - idroot

  In this tutorial, we will show you how to install Java on Linux Mint 20. For those of you who didn’t know, Java is a very popular language when it comes to programming. It is a common language for android development and other enterprise solutions. It was first released by Sun Microsystems in 1995. Many programs and scripts require Java to run it, but usually, Java is not installed by default on a VPS or Dedicated Server.

• building a simple KVM switch for 30€ | die-welt.net

  Prompted by tweets from Lesley and Dave, I thought about KVM switches again and came up with a rather cheap solution to my individual situation (YMMY, as usual).

  As I've written last year, my desk has one monitor, keyboard and mouse and two computers. Since writing that post I got a new (bigger) monitor, but also an USB switch again (a DIGITUS USB 3.0 Sharing Switch) - this time one that doesn't freak out my dock \o/

  However, having to switch the used computer in two places (USB and monitor) is rather inconvenient, but also getting an KVM switch that can do 4K@60Hz was out of question.

  Luckily, hackers gonna hack, everything, and not only receipt printers. There is a tool called ddcutil that can talk to your monitor and change various settings. And udev can execute commands when (USB) devices connect… You see where this is going?

• An introduction to hashing and checksums in Linux | Enable Sysadmin

  Always wondered how to make use of a checksum? This introduction shows you what they mean, and how to use the proper tools to verify the integrity of a file.

• How to remove background microphone noise in Windows, Mac, Linux

  Noisetorch is an open-source Linux application that allows you to create a virtual microphone that suppresses background noise. To filter out background noise in an application, simply select the virtual microphone instead of your regular microphone, and the application will filter out background noise.

• Craig Small: Percent CPU for processes

  The ps program gives a snapshot of the processes running on your Unix-like system. On most Linux installations, this will be the ps program from the procps project.

  While you can get a lot of information from the tool, a lot of the fields need further explanation or can give “wrong” or confusing information; or putting it another way, they provide the right information that looks wrong.

  One of these confusing fields is the %CPU or pcpu field. You can see this as the third field with the ps aux command. You only really need the u option to see it, but ps aux is a pretty common invokation.

• Stadia 'State Share' to launch with HITMAN 3 | GamingOnLinux

  One of the features Google talked about early with Stadia is finally coming and that is State Share. Allowing players to share specific playable moments of captures and it's launching with HITMAN 3. This is another tick in the box, finally, of nearly all the features promised by Google for Stadia well over a year after launch.

• Harvest Days is an upcoming open-ended country-life RPG

  Currently in development by a father and son team, Harvest Days is another fresh 3D take on the casual farming-life RPG and it will be coming to Linux too.

  There's quite a few of these appearing in the last year or two both 2D and 3D, many like this being directly inspired by the likes of Stardew Valley, Harvest Moon and Animal Crossing, among others. Perhaps this one might catch your attention where others have not? It actually looks pretty darn charming.

• Bytten Studio say not to sleep on Linux in their postmortem for Lenna's Inception | GamingOnLinux

  Lenna's Inception is a top-down Zelda-like action-adventure game with a world that is glitching, with a style that can switch between 8-bit and 32-bit pixel art styles.

  It's now been available for a year so Tom Coxon of Bytten Studio has written up a postmortem for how it went, and it was a thoroughly interesting read. First, a refresher on who they are. Bytten Studio was initially just Tom Coxon who previously worked for Chucklefish on titles like Starbound and the multiplayer for Stardew Valley, Coxon was later joined by Jay Baylis who also worked for Chucklefish in the past on titles like Starbound and Wargroove.

  [...]

  So the Linux version sold approximately 340 copies which at their normal price of £7.19 that would be somewhere around £2,444.6 (it went on sale once previously, so likely a bit lower). For a small indie developer, that can make all the difference.

• Irena Genesis Metal Fury is an upcoming shoot 'em up for the Sega Mega Drive | GamingOnLinux

  Sega Mega Drive (Sega Genesis)? That's not a piece of Linux gaming hardware last I checked? No but Irena Genesis Metal Fury is a new game coming for the retro console and will provide the ROM file for your favourite emulators.

  Here's the thing: I'm a huge retro fan and I grew up with the Sega Mega Drive so it always holds a special place in my early gaming years and helped me really appreciate games. Irena Genesis Metal Fury looks awesome too and the developer, White Ninja Studio, aren't ignoring Linux either.

• Godot Engine gets a sixth 3.2.4 beta with a new CPU lightmapper | GamingOnLinux

  The Godot team just keep on adding in big new features to make this one of the best free and open source game engines around and the next Beta update for Godot 3.2.4 is out now.

  [...]

  In other somewhat recent Godot news, the team recently blogged about their work on a glTF 2.0 scene exporter. What is glTF? A royalty-free specification for the efficient transmission and loading of 3D scenes and models by engines and applications, overseen by The Khronos Group (the same behind OpenGL, Vulkan and so on). Godot has been able to import glTF for some time now but the option to export it from Godot enables developers to quickly put it back into something like Blender, to make any changes needed to then bring the updates back into Godot. All very useful sounding.

While in recent years there has been growing interest in enhancing Linux's Thunderbolt security with offering security levels and other functionality to authorize supported/known Thunderbolt devices, surprisingly it's taken until 2021 to see the ability for Linux's Thunderbolt software connection manage to handle de-authorizing devices.

If wanting to de-authorize a previously authorized Thunderbolt device for whatever reason or if wanting to establish policies like where on user log-out that devices would be automatically de-authorized, it's looking like Linux 5.12 will support this ability.

• Over:Board turns a Raspberry Pi Compute Module 4 into a mini-ITX motherboard (crowdfunding)

  The Over:Board is a mini-ITX motherboard designed to make it easy to use the CM4 in any mini ITX computer case. The developer is running a crowdfunding campaign for the project and says it should be ready to ship by September (although folks who want something sooner can reserve a prototype or pre-production unit).

• 7 New Raspberry Pi CM4 Boards for 2021! - YouTube

• C++ Standard Conversions

  There are two entity types in C++, the fundamental types and the compound types. The fundamental types are the scalar types. The compound types are the rest of the entity types. Conversion can take place from one entity type to another appropriate type.

  [...]

  The output is 2, 2, meaning that the program has returned the square root of 5 as 2 and the square root of 8 also as 2. So, the first two statements in the main() function have floored the answers of the square root of 5 and the square root of 8. This article does not discuss flooring or ceiling in C++. Rather, this article discusses the conversion of one C++ type to another appropriate C++ type; indicating any approximation in value made, loss of precision, or constraint added or removed. Basic knowledge of C++ is a prerequisite to understand this article.

• Project Tour: Hashistack (Terraform, Consul, Nomad on AWS)

  I've always wanted to be able to set up a full consul, nomad, vault, etc. environment (along with hosted applications) with a single "terraform apply." I've spent a few weekends on this now and wanted to give a small tour, although it's still a work in progress.

• Introspective labeling

  IRC is a good place to find answers. Often I find the questions found there to be even more enlightening.

• Cybovac S31 Review – A smart robot vacuum cleaner with visual SLAM support

• Google may require AV1 codec support on all new Android TV devices starting March 31

• Kodak TV expands its 7XPRO Android Series with the launch of 42-inch FHDX7XPRO TV

• Skyworth SUC9300 Android 4K UHD 50” TV Review – Really Impressive!

• [Opinion] Nokia's Android OS software update timeliness getting worse

• [Update: Jan. 18] Xiaomi Android 10 update tracker: All devices that have received the OS so

• Xperia 1, Xperia 5 get Android 11 update a month early

• Samsung Galaxy Note 10 receives Android 11 update

• CBORD expands mobile credential support to include Android phones

• Huawei Vs Google Just Got Real—New Update To Beat Android Confirmed

• 'Which to pick?': Android vs iOS pros and cons

• OPPO Reno 5 Pro 5G review: Samsung should be worried

• 2 Ways to Enable and Use Voice Typing on Android and iOS

• How to record calls on an Android phone

• Top 10 Best Android Gimbals 2020

• 5 best Android games like COD Mobile in 2021

• Top 10 Best Brain Games For Android 2021

Opensource.com exists to educate the world about everything open source, from new tools and frameworks to scaling communities. We aim to make open source more accessible to anyone who wants to use or contribute to it.

Getting started in open source can be hard, so we regularly share tips and advice on how you can get involved. If you want to learn Python, help fight COVID-19, or join the Kubernetes community, we've got you covered.

To help you begin, we curated the 10 most popular articles on getting started in open source we published in 2020. We hope they'll inspire you to learn something new in 2021.

JingOS was built with the idea of improving the functionality and productivity of a tablet overall. So, the team behind the new operating system took inspiration from the Cupertino based giant’s iPadOS platform to offer a simple/clean, yet productive and efficient UI design that can ensure that your tablets are a mini computer that one can work on, on the go. JingOS is not only a tablet OS but a full function Linux distro.

Thank you everyone for following 9to5Linux on social media; we’re nearing 6K followers on Twitter and that’s only possible thanks to you guys! Thank you again to everyone who donated so far to help me keep this website alive for as long as possible.

This week has been quite interesting despite the fact that no major releases were planned. We saw the launch of a new PinePhone Linux phone edition, the release of the Flatpak 1.10 and Wine 6.0 software, and much more.

• New coalition aims to combat growing wave of ransomware attacks [iophk: Windows TCO]

  The California-based nonprofit aims to produce recommendations that will help governments and the private sector tackle the scourge of ransomware attacks.

  [Attackers] have increasingly used these types of attacks -- which involve accessing and encrypting the victim’s network and demanding payment to allow access again -- to hit major targets, with city governments in Atlanta, Baltimore and New Orleans severely impaired by ransomware attacks over the past two years.

  More recently, hospitals have become a target during the COVID-19 pandemic, with cyber criminals seeing vulnerable hospitals as easy targets more likely to pay a quick ransom as health care systems struggle to keep up with coronavirus cases. In some instances, the cyberattacks have been blamed for deaths due to delayed care.

• This tiny shortcut can completely crash your Windows 10 device

  A zero-day exploit has been discovered that can crash your Windows 10 device – and, even more worrying, can be delivered inside a seemingly harmless shortcut file. The vulnerability can corrupt any NTFS-formatted hard drive and even be exploited by standard and low privilege user accounts.

  Security researcher Jonas Lykkegaard referenced the vulnerability on Twitter last week and had previously drawn attention to the issue on two previous occasions last year. Despite this, the NTFS vulnerability remains unpatched.

  There are various ways to trigger the vulnerability that involve trying to access the $i30 NTFS attribute on a folder in a particular way. One such exploit involves the creation of a Windows shortcut file that has its icon location set to C:\:$i30:$bitmap. Bleeping Computer found that this triggered the vulnerability even if users did not attempt to click on the file in question. Windows Explorer’s attempts to access the icon path in the background would be enough to corrupt the NTFS hard drive.

• This Easily-Exploitable Windows 10 NTFS Bug Can Instantly Corrupt Your Hard Drives

  Jonas says that this Windows 10 bug isn't new and has been around since the release of Windows 10 April 2018 Update, and remains exploitable on the latest versions, as well. BleepingComputer shared that the problematic command includes $i30 string, a Windows NTFS Index Attribute associated with directories.

  [...]

  After running the command, Windows 10 will start displaying prompts to restart the device and repair the corrupted drive. Apparently, the issue also impacts some Windows XP versions and similar NTFS bugs have been known for years but are yet to be addressed by the Windows maker.

• Nidhi Razdan, Phishing, And Three Hard Lessons

  Nidhi Razdan, a career journalist, became a victim of an elaborate phishing attack that made her quit her 21-year-old job and part with many of her personal details.

• Windows Finger command abused by phishing to download malware

  Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices.

  The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition to Linux, Windows includes a finger.exe command that performs the same functionality.

Malware, where aren’t thou found? Well, even our wonderful Ubuntu can be infected. So what can we do about it? Hope and pray we keep our system safe and better yet, audit our systems regularly for malwares and rootkits. There are 4 system auditors for Ubuntu that we will review - lynis, rkhunter, chkrootkit, and clamav.

[...]

Oddly enough, there aren’t many tools to scan for malware out there for Linux. Why? I’m not sure. However, these 4 tools are more than enough to detect malwares, rootkits, and viruses.

Also: Windows Finger command abused by phishing to download malware