• New coalition aims to combat growing wave of ransomware attacks [iophk: Windows TCO]

  The California-based nonprofit aims to produce recommendations that will help governments and the private sector tackle the scourge of ransomware attacks.

  [Attackers] have increasingly used these types of attacks -- which involve accessing and encrypting the victim’s network and demanding payment to allow access again -- to hit major targets, with city governments in Atlanta, Baltimore and New Orleans severely impaired by ransomware attacks over the past two years.

  More recently, hospitals have become a target during the COVID-19 pandemic, with cyber criminals seeing vulnerable hospitals as easy targets more likely to pay a quick ransom as health care systems struggle to keep up with coronavirus cases. In some instances, the cyberattacks have been blamed for deaths due to delayed care.

• This tiny shortcut can completely crash your Windows 10 device

  A zero-day exploit has been discovered that can crash your Windows 10 device – and, even more worrying, can be delivered inside a seemingly harmless shortcut file. The vulnerability can corrupt any NTFS-formatted hard drive and even be exploited by standard and low privilege user accounts.

  Security researcher Jonas Lykkegaard referenced the vulnerability on Twitter last week and had previously drawn attention to the issue on two previous occasions last year. Despite this, the NTFS vulnerability remains unpatched.

  There are various ways to trigger the vulnerability that involve trying to access the $i30 NTFS attribute on a folder in a particular way. One such exploit involves the creation of a Windows shortcut file that has its icon location set to C:\:$i30:$bitmap. Bleeping Computer found that this triggered the vulnerability even if users did not attempt to click on the file in question. Windows Explorer’s attempts to access the icon path in the background would be enough to corrupt the NTFS hard drive.

• This Easily-Exploitable Windows 10 NTFS Bug Can Instantly Corrupt Your Hard Drives

  Jonas says that this Windows 10 bug isn't new and has been around since the release of Windows 10 April 2018 Update, and remains exploitable on the latest versions, as well. BleepingComputer shared that the problematic command includes $i30 string, a Windows NTFS Index Attribute associated with directories.

  [...]

  After running the command, Windows 10 will start displaying prompts to restart the device and repair the corrupted drive. Apparently, the issue also impacts some Windows XP versions and similar NTFS bugs have been known for years but are yet to be addressed by the Windows maker.

• Nidhi Razdan, Phishing, And Three Hard Lessons

  Nidhi Razdan, a career journalist, became a victim of an elaborate phishing attack that made her quit her 21-year-old job and part with many of her personal details.

• Windows Finger command abused by phishing to download malware

  Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices.

  The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition to Linux, Windows includes a finger.exe command that performs the same functionality.

Malware, where aren’t thou found? Well, even our wonderful Ubuntu can be infected. So what can we do about it? Hope and pray we keep our system safe and better yet, audit our systems regularly for malwares and rootkits. There are 4 system auditors for Ubuntu that we will review - lynis, rkhunter, chkrootkit, and clamav.

[...]

Oddly enough, there aren’t many tools to scan for malware out there for Linux. Why? I’m not sure. However, these 4 tools are more than enough to detect malwares, rootkits, and viruses.

Also: Windows Finger command abused by phishing to download malware

• Easily rename your Git default branch from master to main

  You might say, "I'm all for not using master in master-slave technical relationships, but this is clearly an instance of master-copy, not master-slave."

• How to get IP Address in Linux using Command terminal - Linux Shout

  To connect some local running server application via browser, access FTP server, and many other times we require to know our system Ip address. Thus, if you are running some Linux operating system then here is the way to check out your current IP Address using the command terminal.

• How To Use NMAP

  Nmap (or Nmapper) is a free and open-source network scanner used for analysis, security audits, and network exploration. You use it to discover hosts and services on a computer network by sending packets and analyzing the responses all in an easy-to-use manner. Let us take a look at how to use Nmap.

• How to get the best Arch Linux servers to update your system | Arcolinux.com

  You may have seen me struggle with the Arch Linux servers in one of my videos.

  Time to dive into the application reflector. Read all about it on your own computer.

  Type reflector –help in the terminal and read more.

  Servers speed and service all depend on your own network, your isp, your country’s policy (port blocking) and the servers around you.

  As a result we have now several aliases to get the best servers out there.

• How to Install Terraform on Ubuntu 20.04

  Terraform is an infrastructure as a code platform developed by HashiCorp. You can simply write code in the human-readable format following HashiCorp Configuration Language (HCL) and deploy it to get the infrastructure in the cloud. Terraform is supported in many cloud providers like Google, Amazon, Alibaba, etc.

  Here in this article, we are going to install the latest version of terraform on Ubuntu. We are performing terraform installation on Ubuntu 20.04 however you can do the same procedure on all Linux platforms.

  Also, learn how to use terraform with simple example by launch an ec2 instance and create s3 bucket.

• Operator integration testing for Operator Lifecycle Manager - Red Hat Developer

  Operators are one of the ways to package, deploy, and manage application distribution on Red Hat OpenShift. After a developer creates an Operator, the next step is to get the Operator published on OperatorHub.io. Doing this allows users to install and deploy the Operator in their OpenShift clusters. The Operator is installed, updated, and the management lifecycle is handled by the Operator Lifecycle Manager (OLM).

• Deploy your own Matrix server on Fedora CoreOS - Fedora Magazine

  Today it is very common for open source projects to distribute their software via container images. But how can these containers be run securely in production? This article explains how to deploy a Matrix server on Fedora CoreOS.

• Set up a minimal server on a Raspberry Pi | Opensource.com

  Recently, the microSD (secure digital) card in my Raspberry Pi stopped working. It had been in constant use as a server for almost two years, and this provided a good opportunity to start fresh and correct a few problems. After its initial installation, it began experiencing disk problems and the official Raspberry Pi operating system (OS) received a significant update (and was renamed from Raspbian to Raspberry Pi OS). So I acquired a new microSD card and preceded to rebuild.

  Although this Raspberry Pi 3 Model B isn't the latest hardware, it is still adequate for running a minimal server for various services. I think my original installation used the full operating system image that includes the graphical user interface and a lot of other software packages unnecessary for my needs.

  This step-by-step guide shows how I set up my Raspberry Pi with the most minimal configuration to conserve precious system resources.

Here’s another one from the terminal graphics extravaganza dept: Chafa 1.6.0 brings fullwidth character support, so in addition to the usual block elements and ASCII art, you now get some mean CJK art too. Or grab as many fonts as you can and combine all of the Unicode into one big glorious mess. Chafa can efficiently distinguish between thousands of symbols, so it also runs fast enough for animations — up to a point.

Since some users want this in environments where it’s not practical to build from source or even to have nice things like GLib, I’ve started adding statically linked builds. These are pretty bare-bones (fewer image loaders, no man page), so look to your steadfast distribution first.

Speaking of distributions, a big thank you to the packagers. Special thanks go to Florian Viehweger for getting in touch re. adding it to OpenBSD ports, and Mo Zhou (Debian), Michael Vetter (openSUSE), Herby Gillot (MacPorts), @chenrui and Carlo Cabrera (Homebrew) for getting 1.6 out there before I could even finish this post.

Raspberry Pi cluster boards / solutions pop-up from time to time. But so far, I think we’ve seen only one based on Raspberry Pi CM4 modules with the upcoming Turing Pi 2 mini-ITX cluster board supporting four of those.

TECHBASE has now unveiled a different kind of Raspberry Pi CM4 cluster with ClusBerry 9500-CM4 integrating up to eight Raspberry Pi Computer Module 4 in a DIN-Rail housing for industrial applications.

If you feel nostalgic and misses the days of the rotary dial phone, Sky’s Edge “Rotary Un-Smartphone” is an open-source hardware rotary dial phone controlled by an Arduino board and equipped with a multi-mode 4G/3G/2G module.

It’s a bit more advanced that you old rotary phone with recent cellular technology, ePaper & OLED displays, quick dialing buttons, and the rotary dial can both be used to dial full phone number or quickly access your contact list.

Also: 42Gears SureMDM Simplifies Setting up Kiosk Mode on Linux Devices

• How to kill all user sessions on Linux using shell script

  There are multiple ways to automate the system administrator task on Linux.

  It drastically reduces human efforts and saves reasonable time.

  shell script is one of the methods to automate frequent jobs.

  For a scenario, you want to run a weekly job or EOD job to populate some data for reporting purposes.

  To do so, you need to kill all ssh sessions that are currently accessing the application on the system before beginning the job.

• How to install GSnap in Audacity on a Chromebook - VST Plugins

  Today we are looking at how to install GSnap, a free VST plugin, in Audacity on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

• How to Install GitLab on Debian 10 (Buster)

  GitLab is a free and opensource front-end Git repository that features a Wiki and an issue tracking feature. It allows you to host Git repositories on your own server and setup DevOps platform. In this guide, we are going to install GitLab CE (Community Edition) on Debian 10 (Buster) system.

• Unix Tutorial - Annual Digest - 2020

  Wow, 2020 just flew by! With one lockdown after another, most of the year was spent working from home and checking local government websites for guidance around when schools and after-schools would re-open.

  I didn’t blog as much as I hoped but stayed sane and otherwise productive - so can’t complain much about 2020.

While there is the prior "ESYNC" and "FSYNC" work pursued by Wine for the Linux kernel, it appears Wine developers are back to the drawing board in coming up with a Linux kernel implementation for Wine synchronization primitives that will address all their needs and match the Windows behavior well.

CodeWeavers developer Zebediah Figura sent out a lengthy mailing list post on Sunday night outlining the current state and objectives of coming up with kernel-based Wine synchronization primitives. While the ESYNC/FSYNC patches were successful in improving the performance of many Windows games running on Linux, they are still working towards a more all encompassing solution and to match the behavior well for Windows and with optimal speed.

Here’s this week’s (ending Jan 17, 2021) roundup series, curated for you from the Linux and the open-source world on application updates, new releases, distribution updates, major news, and upcoming highlights. Have a look.

Things continue to look fairly normal for this release: 5.11-rc4 is
solidly average in size, and nothing particularly scary stands out.

In the diff itself, the new ampere modesetting support shows up fairly
clearly - it's one of those hardware enablement things that should be
entirely invisible to people who don't have that hardware, but it does
end up being about a fifth of the whole rc4 patch.

If you ignore that oddity, the rest looks pretty normal, with random
patches all over, and a lot of it being quite small. All the usual
suspects: drivers (gpu, sound, rdma, md, networking..) arch updates
(arm64, risc-v, x86), fiesystems (ext4, nfs, btrfs), core networking,
documentation and tooling. And just random fixes.

The appended shortlog gives the details as usual..

            Linus

Also: Linux 5.11-rc4 Released With NVIDIA RTX 30 Mode-Setting, Haswell GT1 Graphics Restored

Coming into the new year I decided I wanted to simplify things a bit and explore a distribution that didn't have as many features and distractions. I decided to kick off my week with CRUX, an independent distribution with a keep it simple (KIS) approach. CRUX runs on x86_64 computers exclusively and the latest version, 3.6, appears to be focused almost entirely on package upgrades rather than new features.

CRUX runs the classic SysV init software on top of version 5.4 of the Linux kernel. Shortly after CRUX 3.6 was released the project published a minor update to fix a package issue. According to the documentation it is recommended that people do not attempt to upgrade to CRUX 3.6.1 from an earlier version...

PinePhone Mobian Community Edition is powered by Mobian Linux, which offers a pure Debian GNU/Linux experience on the Linux phone, and uses the Phosh (Phone Shell) user interface by default, which is based on the GNOME Stack and developed by Purism for their privacy-focused Librem 5 Linux smartphone.

PinePhone Mobian Community Edition is built from plastic and features the Debian logo on the back. It features a generous 5.95-inch HD IPS capacitive display with 16M colors, 1440×720 pixels resolution, and 18:9 ratio.

• COVID-19 Has Actually Helped Software Freedom Due to Financial and 'Spare Time' Factors
• Future Plans and Using Videos to Complement Text
• InteLeaks – Part XVIII: Intel Does Not Know How to Properly Do Research and It Seems Apparent Unscientific Methods Are Used to Justify Poor Documentation
• Suppressed Facts of the Free Software Movement and Its Community of Volunteers – Part III: The Free Software Foundation (FSF) Seems More Like a Victim of Destabilisation Campaigns
• Links 17/1/2021: EasyOS on Raspberry Pi and GNU libsigsegv 2.13
• InteLeaks – Part XVII: The High Cost of Microsoft Windows Users in GNU/Linux Development Teams
• IRC Proceedings: Saturday, January 16, 2021
• Suppressed Facts of the Free Software Movement and Its Community of Volunteers – Part II: Why Bradley Kuhn Left the Free Software Foundation (FSF)
• Links 16/1/2021: LibreOffice 7.1 Release Candidate, Zeroshell 3.9.5, FreeBSD Report, and GhostBSD 21.01.15
• Free Speech on the Web Not Respected by Companies That Used to Support Software Freedom
• Suppressed Facts of the Free Software Movement and Its Community of Volunteers – Part I: We Are Under Attack by Corporations and Their Salaried Facilitators

• KDE Roadmap for 2021, Nvidia now loves Wayland, and Epic Games Store on Linux - Linux News

  This time we have the KDE roadmap for the year, Nvidia preparing to better support Wayland and ray tracing on Linux, the death of Flash Player, and an open source epic games store client for Linux.

• How to install ONLYOFFICE on Linux Mint 20.1

  In this video, we are looking at how to install ONLYOFFICE on Linux Mint 20.1.

• LibreWolf Is A Web Browser For Privacy and Freedom

  LibreWolf is a fork of Firefox, focused on privacy, security and freedom. Librewolf strips out all of the telemetry from Firefox and enables a bunch extra security settings out of the box. It has uBlock installed by default and it supports privacy conscious search engines.

• AwesomeWM: So Long BSPWM, It's Been Fun

  I've been running BSPWM for the past year and it's a great window manager but I wanted a change so I've been convinced to try out AwesomeWM and I'm genuinely impressed, it's very different to what I've become used to but this is a really solid window manager experience.

Linux 5.10.8 is out today as the latest stable release for the Linux 5.10 LTS series. Making this point release notable is that it finally addresses the 5.10 Btrfs performance regression.

As noted back on Christmas, Linux 5.10 was seeing significant slowdowns on Btrfs. For simply unpacking a Linux kernel source .tar.zst file it could easily take multiple times longer on this stable kernel version.

While patches for addressing this poor Btrfs behavior on Linux 5.10 were floating around since before the end of the year, it's taken until now to get them tested and queued up for mainline integration. Linux 5.11 meanwhile has a plethora of Btrfs improvements.

Also: Better Microsoft Surface Support Is On The Way With Linux 5.12

Youtubedl-gui is a simple new graphical interface for the popular command-line YouTube downloader youtube-dl.

The tool is quite simple to use, just paste the video URL, select audio quality and format, video resolution and format, and click download! And of course, there’s an option to change the destination folder of your downloads.

Once you click download, a small dialog will pop up with the process bar.

• PUBG Mobile Lite 0.20.1 global version update for Season 20: APK download link for worldwide Android users

• Google Testing in App Browser Redesign with the Bottom Bar in the Google Apps for Android

• This Android app shows you everything you need to know about your smartphone's battery

• 5 new Android apps for January 21, 2021 that are eligible to download

• 5 of the best messaging apps for Android and iPhone

• 11 new (and 2 WTF) Android games from the last week: The best, worst, and everything in between (1/11/21 - 1/17/21)

• Top 10 Brain Games to Play on Android and iOS (2021)

• Samsung SmartThings starts rolling out Android Auto support (APK Download)

• [Opinion] Xiaomi Mi premium series should be on 3 Android OS updates

• Android 11 on the Xiaomi Mi A1 via POSP: Not perfect, but good enough

• How to install ShellCheck on FreeBSD to analysis scripts - nixCraft

  ShellCheck is easy to use, free, and open-source static analysis tool that automatically finds bugs in your shell scripts. If you write shell scripts for automation or containers, you need this tool. Let us see how to install and use ShellCheck on the FreeBSD development Unix server.The post How to install ShellCheck on FreeBSD to analysis scripts appeared first on nixCraft.

• How to Install and Configure Squid Proxy on Linux System

  Squid proxy server is an open-source proxy server for Linux distributions. You can install the Squid proxy server on your network to pass all your bandwidth through the proxy server. Now, you may ask why you would use the Squid proxy server? Here is the answer, the Squid allows you to connect your computers without an active internet connection through the proxy server.

  You can also enable the DNS cache, web cache, memory cache, and other internet caching to faster load the web pages. You can see that the Squid proxy server can enable caching, increase your server’s efficiency, improve the network performance, reduce bandwidth usages, and make your server secure.

• Save a copy of all debian packages in the form in which they are installed and configured on your system

• Install Kubernetes Dashboard

  Dashboard is a web-based Kubernetes user interface.

• Pulling changes from GitHub to Git - The Linux Juggernaut [Ed: Careful not to conflate Microsoft proprietary software with Git, which is Free software. Git is not GitHub.]

  In our previous article, we demonstrated how we would push our git repositories from our local system out to GitHub. In this article, we will demonstrate how we would actually make changes in a file within a repository on GitHub and then pull the changes/updates to our local machine.

• Fixing git/github merge conflicts - The Linux Juggernaut

  In our previous article on the git version control system, we explained how we could modify our files in repositories in our GitHub account and then pull the changes from GitHub to the git repositories on our local system and keep the files in synchronization. Now, what if we modified the same piece of information in a file on GitHub as well as within our local git repository? In this article, we will demonstrate how we would proceed if we modified the same information in a file on GitHub as well as locally within our git repository.

• How To Install Ubuntu Mate On The Raspberry PI 400

  In this guide I will show you how to install Ubuntu Mate on the Raspberry PI 400.

  [...]

  Raspberry PI Imager is available for Windows, MacOS, Ubuntu and Raspberry PI OS.

  If you are using Windows open Windows Explorer and double click on the downloaded file (called something like imager_n where n is the verson number).

  When the installer pops up click “Install” and then click “Finish”. Raspberry PI Imager should start automatically but if it doesn’t you can find it by clicking on the Windows start menu and searching for “Imager”.

  If you are using Ubuntu, the downloaded file can be found in the “Downloads” folder. Open the file manager and click on the downloaded Raspberry PI imager file and you will be able to install the application as you would any other .deb file.

• List of Commands to get Linux system info using terminal - Linux Shout

  In Linux, we can use the command terminal to check various system hardware configurations and information such as CPU, Memory, hard disk, etc., and here are those to use…

  Although there are tools that can display Linux system info graphically, however, here we are going to use the inbuilt commands.

  The question of how a system is equipped and how it performs in harsh everyday life is not only of theoretical interest. Lot’s of time to solve a problem we need to know hardware and its utilization to remove some bottleneck. Thus, if you are new to Linux systems or running any cloud server where you want to know about the system load, the network interface, and type of processor and chipset, or what hardware is actually in the system? Then here some top commands to follow…

• How to Install and Use Yarn on Ubuntu 20.04 - LinuxBuz

  Yarn is an open-source dependency manager for javascript developed by Facebook. It is an alternative to the popular npm package manager. Yarn provides an easier way to automate the process of installing, updating, configuring, and removing packages from the system. Yarn is faster because it caches every package it downloads. So you don't need to download it again.

• How to Install Cockpit in Debian 10 – Linux Hint

  Cockpit is an open-source and free remote server management software that is sponsored by Red Hat. This software has a simple, web-based interface for managing the administrative tasks of a Linux-based server through a web browser. Cockpit can run on several Linux-based operating distributions, including Ubuntu, Debian, Fedora, CentOS, and more.

  Cockpit gives you a real-time report of the CPU, RAM, and disk utilization of your system. Using this application, you can perform server tasks management remotely, such as creating user accounts, configuring the network, managing services, monitoring the system, managing the firewall, configuring OpenVPN, and more. Cockpit supports the Openshift cluster and Kubernetes. You can also measure your system performance and update your system using the Cockpit tool.

• How to Check Version and Update Fedora Linux Kernel – Linux Hint

  For any operating system, the kernel is at the core. Linux is the kernel, rather than the entire operating system, of any Linux distribution. The kernel is responsible for interacting between the hardware of the computer and the software.

  The Linux kernel is regularly updated to offer the best possible experience. This guide shows you how to check the version and update the kernel of Fedora.

• How to Run Google Chrome OS from a USB Drive – Linux Hint

  Google Chrome OS is based on the open-source Chromium OS. It is a browser-based operating system. You will only have the Google Chrome web browser installed on it. You can install Chrome web apps or extensions from the Chrome Web Store and add more functionality to the operating system.
  Sadly, the Google Chrome OS is not publicly available for download, and only the source code of Chromium OS is publicly available. So, you can’t run the Google Chrome OS or Chromium OS directly on your computer.

  Luckily, a few Chromium OS-based operating systems are available that you can download and install on your computer. The most popular one is Neverware’s CloudReady OS.

  This article will show you how to make a Live bootable USB thumb drive of Neverware’s CloudReady OS and run it from the USB thumb drive. So, let’s get started.

Here is my review of Trisquel 9.0 Etiona the newly released computer operating system. It is the successor of Flidas and now based on Ubuntu 18.04. It brings the latest improvements by excellently keeping its user friendliness from the family of most secure operating systems on earth. As always, I choose the Regular Edition, with MATE Desktop choice, to report this to you. We will see what’s new in this release and why I call it Software Freedom Vehicle now continuing Successful Freedom in the past. With Etiona, everyone can see that Free Software as well as copyleft are already practical and now we can see that even clearer than before. Let's go!

PostgreSQL is a free and open-source, community-driven, standard-compliant, and most popular object-relational database management system. It is used by popular IT companies like Uber, Netflix, Instagram, Spotify, etc.

Recently I installed PostgreSQL and getting an error while running daemon. This is mainly because PostgreSQL not getting sufficient permission to create the folder required to store database information.