• Security updates for Wednesday

• Microsoft Office Is The Most Exploited Software By Cybercriminals[Ed: Microsoft software is designed for back doors, not for security, and that still shows.]

  list of the top 10 most exploited vulnerabilities in 2018 has revealed that Microsoft Office was the favorite victim of cybercriminals. Microsoft Office vulnerabilities appear 8 times in the list with one Adobe Flash Player vulnerability and an AndroidRAT cyber vulnerability being the only mobile device flaw in the list.

• Mirai botnet returns with sights set on enterprise IoT devices

   

  Researchers from Unit 42, the threat intelligence group of Palo Alto Networks, found the new variant targeting LG Supersign TVs and WePresent WiPG-1000 Wireless Presentation system, both of which are used by businesses with networks offering larger amounts of bandwidth.

• Reproducible builds folks: Reproducible Builds: Weekly report #203

• PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted

  Venerable SSH client PuTTY has received a pile of security patches, with its lead maintainer admitting to the The Register that one fixed a "'game over' level vulnerability".

  The fixes implemented in PuTTY over the weekend include new features plugging a plethora of vulns in the Telnet and SSH client, most of which were uncovered as part of an EU-sponsored HackerOne bug bounty.

KDE neon 5.15 is a decent distro. But it's not quite as pain-free as some of its predecessors, and I've hit a bunch of highly disappointing errors and bugs that simply shouldn't be there. The network and phone experience needs to be better, smoother. There ought to be no crashes. Regressions are bad.

Then, the upgrade process is robust and tight, the system is beautiful, and it purrs like a tiger - do tigers purr actually? You get the idea. Very sleek, very slick. Fast. You have a wealth of great software and a well-designed desktop environment that blends the bleeding-edge with pro-thought and good speed, and without being utterly beta. I'm quite happy overall, but I don't like the lack of consistency between the live media and the installed system. Some of this feels rushed. A good release, but ultimately not calm enough for everyday use. Well, I guess that's what LTS is for. 7/10. That would be all for today.

Over the course of the GNOME 3.32 that is nearly complete as well as GNOME 3.30 there was a lot of measurable performance fixes and enhancements to improve the fluidity of the GNOME desktop as well as addressing various latency issues. While in some areas these performance improvements make a night and day difference, work isn't done on enhancing GNOME's performance.

One of the developers leading the charge on enhancing/fixing the performance of GNOME Shell and Mutter in particular has been Canonical's Daniel Van Vugt. While he's already made great strides in fixing issues himself, reviewing and collaborating on other patches, etc, the job isn't done. Van Vugt shared there's still some big ticket work pending.

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced DataPractices.org, the first-ever template for data best practices, will now be a hosted project under the Linux Foundation and offer open courseware for data teamwork.

Datapractices.org was initially pioneered by data.world as a “Manifesto for Data Practices,” comprised of values and principles to illustrate the most effective, modern, and ethical approach to data teamwork. As an open project under the Linux Foundation, Datapractices.org intends to maintain and further develop a collaborative approach to defining and refining data best practices. The project will also facilitate collaboration and development of open courseware to guide organizations interested in aligning their data practices with the values (inclusion, experimentation, accountability, and impact) and principles of DataPractices.org.

As a part of the Linux Foundation, DataPractices.org intends to enable a vendor-neutral community to further establish best practices and increase the level of data knowledge across the data ecosystem. The project’s new open courseware is available to anyone interested in data best practices—including novice practitioners, data managers, corporate evangelists, seasoned data scientists, and more. The project also welcomes expert practitioners to help refine and advance the courseware.

• How to Block Notifications on Android

• 3 areas worth watching in Android Q

• Do Not Disturb schedules can be customized on Android Q

• Redmi Go vs Nokia 1: Here’s How Xiaomi and Nokia Android Go Smartphones Fare Against Each Other

• Study analyzes pre-installed software on Android devices and its privacy risks for users

• Eurobites: Google to Promote Android Search Rivals to Head Off Potential EU Action

• Security firms detail Android and Google Photos vulnerabilities that exposed user data

• Galaxy A8 (2018) starts receiving the Android Pie update in Europe

Pop!_OS is, in my opinion, a seriously underappreciated Ubuntu-based operating that distinguishes itself in a couple major areas -- in addition to its utter simplicity and slick installer. It was created primarily to be the accompanying OS for the variety of custom Linux desktops and laptops produced by System76, and they've added some features I prefer not to live without regardless of what hardware I'm using.

First, Pop!_OS is one of the only distros I've tried that elegantly handles Hybrid graphics (that's Intel CPU + Nvidia GPU as seen in laptops like the ThinkPad X1 Extreme) out of the box. Moreover, System76 ships two versions of Pop!_OS: one designed for Intel/AMD, and one designed for Nvidia GPUs. The Nvidia ISO installs the proprietary driver so that users don't need to add a repository by hand and install it later.

Powered by the Linux 4.19.28 kernel, the Tails 3.13 operating system is now available with latest TOR technologies to help you stay hidden while surfing the Internet, including the Tor Browser 8.0.7 anonymous web browser and Tor 0.3.5.8 client and server for the anonymous Tor network.

However, probably the most important addition in the Tails 3.13 release is the updated Intel microcode to version 3.20180807a.2, which adds an extra security measure against more variants of the well-known Spectre, Meltdown, and L1TF (Level 1 Terminal Fault) security vulnerabilities.

NetworkManager 1.16 has been released two days after the launch of the GNOME 3.32 desktop environment and promises lots of exciting new features and improvements, starting with support for the new WireGuard protocol implemented in the Linux kernel for creating secure IPv4 and IPv6 VPNs (Virtual Private Networks).

"Unlike other VPN solutions NetworkManager supports, WireGuard tunneling will be entirely handled by the Linux kernel. This has an advantages in terms of performance, and also removes the needs of a VPN plugin," explained developer Lubomir Rintel in a recent blog article.

• What’s New in ArcoLinux 19.2

• What’s New in MakuluLinux Core

Last week NVIDIA announced the GeForce GTX 1660 as the newest RTX-less Turing GPU but costing only $219+ USD. The GTX 1660 is a further trimmed down version of the GeForce GTX 1660 Ti that launched several weeks prior. After picking up an ASUS GeForce GTX 1660 Phoenix Edition, here are Linux OpenGL/Vulkan gaming benchmarks compared to a wide assortment of AMD Radeon and NVIDIA GeForce graphics cards under Ubuntu.

The GeForce GTX 1660 features 1408 CUDA cores (compared to 1536 with the GTX 1660 Ti) while having a 1785MHz boost clock frequency and 1530MHz base clock frequency. The GeForce GTX 1660 opts for 6GB of GDDR5 unlike the 6GB GDDR6 used by the GTX 1660 Ti, which means only around 192GB/s of video memory bandwidth compared to 288GB/s with the Ti model. The other specifications are largely in common with the GeForce GTX 1660 Ti and the other Turing GPUs aside from lacking the RT/tensor cores.

Jérôme Glisse felt that the time had come for the Linux kernel to address seriously the issue of having many different types of memory installed on a single running system. There was main system memory and device-specific memory, and associated hierarchies regarding which memory to use at which time and under which circumstances. This complicated new situation, Jérôme said, was actually now the norm, and it should be treated as such.

The physical connections between the various CPUs and devices and RAM chips—that is, the bus topology—also was relevant, because it could influence the various speeds of each of those components.

Jérôme wanted to be clear that his proposal went beyond existing efforts to handle heterogeneous RAM. He wanted to take account of the wide range of hardware and its topological relationships to eek out the absolute highest performance from a given system.

From/on the Linux Foundation:

• Sysdig Joins the Linux Foundation's New Foundation to Support Continuous Delivery Collaboration

• Linux Foundation Launches Red Team Project

  The Linux Foundation has launched a new project aimed at incubating open source cybersecurity tools. The Red Team Project's main goal is to make open source software safer to use.

  The aim is to create cybersecurity tools for areas including cyber range automation, containerized pentesting utilities, binary risk quantification, and standards validation and advancement.

  [...]

  Current tooling from the project start with a Linux Exploit Mapper (LEM) that scans a Linux system for local exploits and maps them to known exploit code. When exploits are discovered using the mapper, they are curated, tested for efficacy and ease-of-use using a variant of the STRIDE scoring mechanism. An Ansible role called cyber-range-target is used to deliberately downgrade OS packages to a version vulnerable to a given CVE (Common Vulnerabilities and Exposure) for assessment purposes. The project also provides a Red Container. This offers containerized pentesting tooling, which can be launched from whole OSes or containerized environments like Kubernetes.

For about one week already Intel's rolling-release Clear Linux distribution has been shipping with GNOME 3.32. Here are some quick graphics and gaming benchmarks comparing GNOME 3.30.2 to 3.32.0.

Using a Radeon RX Vega 56 graphics card, I tested Clear Linux between its releases having GNOME Shell 3.30 and the move to GNOME Shell 3.30.2. On both builds of Clear Linux, Linux 5.0.1 was in use along with X.Org Server 1.20.4 (they aren't yet defaulting to a Wayland session), and Mesa 19.1-devel.

• LLVM 8.0.0 released

  I'm pleased to announce that LLVM 8 is now available.

  Get it here: https://llvm.org/releases/download.html#8.0.0

  This release contains the work on trunk up to Subversion revision
  r351319, plus work on the release branch. It's the result of the LLVM
  community's work over the past six months, including: speculative load
  hardening, concurrent compilation in the ORC JIT API, no longer
  experimental WebAssembly target, a Clang option to initialize
  automatic variables, improved pre-compiled header support in clang-cl,
  the /Zc:dllexportInlines- flag, RISC-V support in lld. And as usual,
  many bug fixes, optimization and diagnostics improvements, etc.

  For more details, see the release notes:
  https://llvm.org/releases/8.0.0/docs/ReleaseNotes.html
  https://llvm.org/releases/8.0.0/tools/clang/docs/ReleaseN...
  https://llvm.org/releases/8.0.0/tools/clang/tools/extra/d...
  https://llvm.org/releases/8.0.0/tools/lld/docs/ReleaseNot...
  https://llvm.org/releases/8.0.0/projects/libcxx/docs/Rele...

  Special thanks to the release testers and packagers: Amy Kwan, Bero
  Rosenkränzer, Brian Cain, Diana Picus, Dimitry Andric, Kim Gräsman,
  Lei Huang, Michał Górny, Sylvestre Ledru, Ulrich Weigand, Vedant
  Kumar, and Yvan Roux.

  For questions or comments about the release, please contact the
  community on the mailing lists. Onwards to LLVM 9!

  Thanks,
  Hans

• LLVM 8.0.0 released

  Version 8.0.0 of the LLVM compiler suite is out. "It's the result of the LLVM community's work over the past six months, including: speculative load hardening, concurrent compilation in the ORC JIT API, no longer experimental WebAssembly target, a Clang option to initialize automatic variables, improved pre-compiled header support in clang-cl, the /Zc:dllexportInlines- flag, RISC-V support in lld." For details one can see separate release notes for LLVM, Clang, Extra Clang Tools, lld, and libc++.

• LLVM 8.0 Released With Cascade Lake Support, Better Diagnostics, More OpenMP/OpenCL

  After being delayed the better part of one month, LLVM 8.0 officially set sail this morning.

• Linux, Open Source Tech, And AMD: Google Stadia’s Building Blocks

  At the 2019 Games Developer Conference, Google unveiled its much-anticipated cloud gaming streaming service called Stadia. The company will be using its vast network of high-performance server infrastructure to create a service like “Netflix for Games.”

  At launch, which will take place at some point in 2019, the players will be able to play games at 4K and 60fps in Chrome. Later, the quality will go as high as 8K and 120fps. You can read more about Stadia and its features in this dedicated post.

• Google unveils Stadia cloud gaming service, launches in 2019

  Google is launching its Stadia cloud gaming service at the Game Developers Conference (GDC) in San Francisco today. Google CEO Sundar Pichai, who says he plays FIFA 19 “quite a bit,” introduced the Stadia service during a special keynote at GDC this morning. Describing it as a platform for everyone, Pichai talked up Google’s ambitions to stream games to all types of devices. Stadia will stream games from the cloud to the Chrome browser, Chromecast, and Pixel devices, and it will launch at some point in 2019 in the US, Canada, UK, and Europe.

• New Version of PuTTY Fixes Several Vulnerabilities, Google Announces the Stadia Cloud Gaming Service, Save the Internet Day March 23, Google Fined $1.49 Billion and NVIDIA Launches the Jetson Nano

  Google announces Stadia, its new cloud gaming service. The Verge reports that "Stadia will stream games from the cloud to the Chrome browser, Chromecast, and Pixel devices, and it will launch at some point in 2019 in the US, Canada, UK, and Europe." Google also is launching the Stadia Controller, which "looks like a cross between an Xbox and PS4 controller, and it will work with the Stadia service by connecting directly through Wi-Fi to link it to a game session in the cloud."

• Nightdive Studios have released more footage of their System Shock reboot

  Two bits of System Shock updates in the same week, what a time to be alive. After the System Shock 3 news, we also now have more to show for the System Shock reboot from Nightdive Studios.

• Wizard of Legend, the excellent action game from Contingent99 just had a huge upgrade

  Wizard of Legend is one of my favourite indie games to play in local co-op and it's great fun alone too, the developer Contingent99 just released the huge Sky Palace update.

• Move your dotfiles to version control

• How to Setup Two Factor Authentication for SSH on Fedora

• How To Set Up an OpenVPN Server on Debian 9

• Getting started with Jaeger to build an Istio service mesh

• 6 Years of Docker | Hands-On Docker Training

• Quickly Go Back To A Specific Parent Directory Using bd Command In Linux

• How we protect visitors privacy

• How to edit and test application code in CodeReady Workspaces

• How to add new disk in Linux

• How to Update Kali Linux With One Single Command

• How to Delete (Remove) Users in Linux Using the userdel Command

• How To Setup Linux Media Server Using Jellyfin

• 4 Ways to Install Mozilla Firefox in Ubuntu

• Daniel Stenberg: Happy 21st, curl!

  Another year has passed. The curl project is now 21 years old.

  I think we can now say that it is a grown-up in most aspects. What have we accomplished in the project in these 21 years?

  We’ve done 179 releases. Number 180 is just a week away.

  We estimate that there are now roughly 6 billion curl installations world-wide. In phones, computers, TVs, cars, video games etc. With 4 billion internet users, that’s like 1.5 curl installation per Internet connected human on earth

  669 persons have authored patches that was merged.

• Choosing an open messenger client: Alternatives to WhatsApp

  Like many families, mine is inconveniently spread around, and I have many colleagues in North and South America. So, over the years, I've relied more and more on WhatsApp to stay in touch with people. The claimed end-to-end encryption appeals to me, as I prefer to maintain some shreds of privacy, and moreover to avoid forcing those with whom I communicate to use an insecure mechanism.

• 4 cool terminal multiplexers

  The Fedora OS is comfortable and easy for lots of users. It has a stunning desktop that makes it easy to get everyday tasks done. Under the hood is all the power of a Linux system, and the terminal is the easiest way for power users to harness it. By default terminals are simple and somewhat limited. However, a terminal multiplexer allows you to turn your terminal into an even more incredible powerhouse. This article shows off some popular terminal multiplexers and how to install them.

  Why would you want to use one? Well, for one thing, it lets you logout of your system while leaving your terminal session undisturbed. It’s incredibly useful to logout of your console, secure it, travel somewhere else, then remotely login with SSH and continue where you left off. Here are some utilities to check out.

  One of the oldest and most well-known terminal multiplexers is screen. However, because the code is no longer maintained, this article focuses on more recent apps. (“Recent” is relative — some of these have been around for years!)

• Shallot – Qt-based file manager with plugin interface

  We recently published a comprehensive roundup of the best 15 Qt file managers, finally plumping on Krusader and Dolphin as our recommended tools to manage your file system.

  A few of our readers have emailed us requesting we take a spin of Shallot. Never one to disappoint, here’s our take on this file manager. It’s Qt-based with a plugin interface. We compare Shallot with the 15 Qt file managers.

  Shallot is billed as a file manager with the maximum degree of flexibility and customizability.

• Stadia, A Gaming Platform From Google

  Google has launched much-anticipated game streaming service Stadia. The announcement was made during the company’s keynote at the GDC (Game Developers Conference) in San Francisco.

• Vulkan 1.1.105 Adds New Extensions For Google Games Platform (Stadia)

  While Vulkan 1.1.104 was just released on Sunday with new extensions ahead of this week's Game Developers Conference, today marks the availability of Vulkan 1.1.105 with new extensions for the "Google Games Platform", a.k.a. their just announced Stadia cloud game streaming platform.

  Google Games Platform is a new Vulkan platform and dubbed GGP. This Vulkan update comes immediately following Google announcing Stadia as a Linux/Vulkan-powered game streaming platform that sounds quite interesting and will be interesting to learn more over the weeks ahead. Today's Vulkan 1.1.105 update has added the VK_GGP_frame_token and VK_GGP_stream_descriptor_surface extensions.

• OpenXR from The Khronos Group and Monado from Collabora could unify VR & AR

  The Khronos Group recently announced a provisional specification of OpenXR, a royalty-free open-standard aimed at unifying access to VR and AR (collectively known as XR) devices. Also, Collabora announced Monado, a fully open source OpenXR runtime for Linux.

  [...]

  Sounds like OpenXR is already gaining pretty good industry support too with Epic Games, Microsoft, Oculus, HTC, Tobii, Unity and more giving their backing to it. Hopefully this means it really will become a standard that's actually used preventing more fragmentation. Since no one headset has truly taken over just yet, with so many already throwing their support around for OpenXR it's looking pretty good.

• The MMO Albion Online is officially going free to play next month

  Sandbox Interactive just announced that their MMO Albion Online, which currently requires an initial purchase to access it is going free to play on April 10th.

  They say their business model isn't changing, with Premium accounts that can be purchased with in-game money or real money, as well as cosmetic items. Free accounts will have full access to everything, since they don't lock any actual content behind any walls with this free to play release.

• Education and Science Giant Elsevier Left Users’ Passwords Exposed Online

  It’s not entirely clear how long the server was exposed or how many accounts were impacted, but it provided a rolling list of passwords as well as password reset links when a user requested to change their login credentials.

• Norwegian aluminium firm goes manual after Windows ransomware attack

  Norwegian aluminium maker Norsk Hydro has been under what it describes as "an extensive cyber attack" that has affected several areas of the company's operations. The malware affecting the firm is believed to the LockerGoga ransomware that attacks Windows systems.

• “Severe” ransomware attack cripples big aluminum producer

  Norsk Hydro of Norway said the malware first hit computers in the United States on Monday night. By Tuesday morning, the infection had spread to other parts of the company, which operates in 40 countries. Company officials responded by isolating plants to prevent further spreading. Some plants were temporarily stopped, while others, which had to be kept running continuously, were switched to manual mode when possible. The company’s 35,000 employees were instructed to keep computers turned off but were allowed to use phones and tablets to check email.

• GnuPG 2.2.14 released

• Kiwi TCMS: Kiwi TCMS 6.6

  We're happy to announce Kiwi TCMS version 6.6! This is a medium severity security update, improvement and bug-fix update.

• CEN and CENELEC Agreement With the EPO Shows That It’s Definitely the European Commission’s ‘Department’
• Decisions Made Inside the European Patent Organisation (EPO) Lack Credibility Because Examiners and Judges Lack Independence
• Team UPC Buries Its Credibility Deeper in the Grave