Language Selection

English French German Italian Portuguese Spanish

Web

Tor Browser 4.0 is released

Filed under
Security
Web

This release also features an in-browser updater, and a completely reorganized bundle directory structure to make this updater possible. This means that simply extracting a 4.0 Tor Browser over a 3.6.6 Tor Browser will not work. Please also be aware that the security of the updater depends on the specific CA that issued the www.torproject.org HTTPS certificate (Digicert), and so it still must be activated manually through the Help ("?") "about browser" menu option. Very soon, we will support both strong HTTPS site-specific certificate pinning (ticket #11955) and update package signatures (ticket #13379). Until then, we do not recommend using this updater if you need stronger security and normally verify GPG signatures.

Read more

Pica8, Big Switch Look to Drive SDN on Bare-Metal Switches

Filed under
Linux
Server
Web

Pica8 kicked off a busy week in the increasingly competitive software-defined networking space, making moves that officials say will help fuel the adoption of Linux-based OSes on bare-metal switches.

[...]

ONIE has been accepted by the Open Compute Project, and enables businesses to run a range of operating systems—such as Pica8's PicOS or Cumulus Networks' operating system—on the same switch hardware. Vendors like Pica8 and Cumulus Networks are championing the use of standards-based operating systems running on low-cost bare-metal switches as an alternative in the software-defined network (SDN) space to more expensive and complex hardware from the likes of Cisco Systems and Juniper Networks.

Read more

Epiphany Web Review

Filed under
GNOME
Reviews
Web

Using the Raspberry Pi for around the past two years has generally been pretty fantastic. It took us a year or so to stop being surprised by just how much it was able to do in the various projects we saw or made ourselves. One thing that we always struggled with was web browsing though; Midori was slow and laggy and it would take up all the Raspberry Pi’s system resources as well.

It seems the Raspberry Pi Foundation has noticed this too and has been busy creating a new browser for Raspbian that’s lighter and faster while still being a useable piece of software. Epiphany, the GNOME Web browser, is the result and is now replacing Midori in the latest versions of Raspbian.

Read more

‘Tux Machines’ DDOS Attack Moves to ‘TechRights’

Filed under
Web

The DDOS attack that has rendered the popular Linux site Tux Machines virtually unreachable for nearly two weeks, now seems to be affecting sister site TechRights. Roy Schestowitz, publisher of both sites, told FOSS Force that the attack on TechRights began at about one o’clock Friday afternoon GMT.

Read more

15 years of whois

Filed under
Software
Web
Debian

Exactly 15 years ago I uploaded to Debian the first release of my whois client.

At the end of 1999 the United States Government forced Network Solutions, at the time the only registrar for the .com, .net and .org top level domains, to split their functions in a registry and a registrar and to and allow competing registrars to operate.

Since then, two whois queries are needed to access the data for a domain in a TLD operating with a thin registry model: first one to the registry to find out which registrar was used to register the domain, and then one the registrar to actually get the data.

Read more

DDOS Attack Brings Tux Machines Down

Filed under
Web

Since sometime last week the popular Linux site Tux Machines has been under an apparent distributed denial-of-service (DDOS) attack. For the last several days, those trying to visit the site have been redirected to Tech Rights, another site operated by Roy Schestowitz, the owner of Tux Machines, to a post dated Saturday by Schestowitz which reads:

Read more

Is Your Small Business Website Like a Bad First Date?

Filed under
OSS
Drupal
Web

Open source platforms like Drupal and WordPress provide a backend framework that small businesses can use to build and customize their websites while managing key functions like registration, system administration, layout and RSS. Users can also create their own modules to enable new functions or change the website's look and feel.

Smaller companies can use open source content management systems (CMS) to reduce or eliminate the need for coding while delivering rich media online, including text, graphics, video and audio. They can use open source assets to create responsive design sites that optimize content for viewing across multiple device types, including smartphones, tablets and laptops, while eliminating the need to scroll from side to side.

With open source tools available to help small businesses establish an online presence with robust front and backend functions quickly and affordably, there's never been a better time to focus on content excellence. And the best way to do that is to concentrate on the customer. Engage with your target customers and find out what they value the most. Use that information to develop your content, and speak directly to your customers' needs.

Read more

MEGA has a Linux client now, offers up to 50 GB of free space and client-side encryption!

Filed under
GNU
Linux
Server
Web

For Linux users, there are plenty of Dropbox alternatives, MEGAsync being the latest entrant. The service was the brain child of Kim Dotcom, founder of now defunct Megaupload, and it was launched on 19 January 2013 to coincide with the one-year anniversary of the seizure of his previous enterprise. MEGAsync now has a dedicated Linux client as well (unlike Google Drive).

Read more

Firefox Add-on Enables Web Development Across Browsers and Devices

Filed under
Moz/FF
Web

Developing across multiple browsers and devices is the main issue developers have when building applications. Wouldn’t it be great to debug your app across desktop, Android and iOS with one tool? We believe the Web is powerful enough to offer a Mobile Web development solution that meets these needs!

Enter an experimental Firefox add-on called the Firefox Tools Adaptor that connects the Firefox Developer Tools to other major browser engines. This add-on is taking the awesome tools we’ve built to debug Firefox OS and Firefox on Android to the other major mobile browsers starting with Chrome on Android and Safari on iOS. So far these tools include our Inspector, Debugger and Console.

Read more

Kolab creates a privacy refugee camp in Switzerland

Filed under
KDE
Security
Web

The disclosure by NSA contractor Edward Snowden has exposed the ‘out-of-control’ surveillance system of the US and the UK. The more stories we are getting from Guardian and NYTimes, the more people are losing trust in the proprietary solutions offered by the companies which operate from the US and seemingly work closely with the spy agencies.

This is a category of people who don’t yet understand the dangers of breach of privacy, but the more we are moving our lives into the digital world, the more important it is becoming to take control of our communication and privacy from the prying hands of those for whom we are the product.

Then there are those need this privacy, due to the profession they are in or for purely sensible reasons that our privacy should be respected.

Read more

Syndicate content

More in Tux Machines

Games for GNU/Linux

  • Stardew Valley is now in beta for Linux
    The Stardew Valley developer tweeted out a password for a beta, but after discussing it with them on their forum I was able to show them that we can't actually access it yet. While what I was telling them may not have been entirely correct (SteamDB is confusing), the main point I made was correct. Normal keys are not able to access the beta yet, but beta/developer keys can, as it's not currently set for Linux/Mac as a platform for us.
  • Physics-based 3D puzzler Human: Fall Flat released on Steam for Linux
    Human: Fall Flat is an open-ended physics puzzler with an optional local co-op mode, developed by No Brakes Games, and available now on Steam for Linux.
  • 7 Mages brings a touch more of traditional dungeon crawling to Linux
    Controlling a party of adventurers, exploring dungeons and fighting weird magical creatures is an RPG tradition as old as the genre. Expect all that and more in this modern iteration of the classical dungeon crawler.

Linux and Graphics

Security News

  • Security advisories for Monday
  • EU to Give Free Security Audits to Apache HTTP Server and Keepass
    The European Commission announced on Wednesday that its IT engineers would provide a free security audit for the Apache HTTP Server and KeePass projects. The EC selected the two projects following a public survey that took place between June 17 and July 8 and that received 3,282 answers. The survey and security audit are part of the EU-FOSSA (EU-Free and Open Source Software Auditing) project, a test pilot program that received funding of €1 million until the end of the year.
  • What is your browser really doing?
    While Microsoft would prefer you use its Edge browser on Windows 10 as part of its ecosystem, the most popular Windows browser is Google’s Chrome. But there is a downside to Chrome – spying and battery life. It all started when Microsoft recently announced that its Edge browser used less battery power than Google Chrome, Mozilla Firefox or Opera on Windows 10 devices. It also measured telemetry – what the Windows 10 device was doing when using different browsers. What it found was that the other browsers had a significantly higher central processing unit (CPU), and graphics processing unit (GPU) overhead when viewing the same Web pages. It also proved that using Edge resulted in 36-53% more battery life when performing the same tasks as the others. Let’s not get into semantics about which search engine — Google or Bing — is better; this was about simple Web browsing, opening new tabs and watching videos. But it started a discussion as to why CPU and GPU usage was far higher. And it relates to spying and ad serving.
  • Is Computer Security Becoming a Hardware Problem?
    In December of 1967 the Silver Bridge collapsed into the Ohio River, killing 46 people. The cause was determined to be a single 2.5 millimeter defect in a single steel bar—some credit the Mothman for the disaster, but to most it was an avoidable engineering failure and a rebuttal to the design philosophy of substituting high-strength non-redundant building materials for lower-strength albeit layered and redundant materials. A partial failure is much better than a complete failure. [...] In 1996, Kocher co-authored the SSL v3.0 protocol, which would become the basis for the TLS standard. TLS is the difference between HTTP and HTTPS and is responsible for much of the security that allows for the modern internet. He argues that, barring some abrupt and unexpected advance in quantum computing or something yet unforeseen, TLS will continue to safeguard the web and do a very good job of it. What he's worried about is hardware: untested linkages in digital bridges.
  • Your Smart Robot Is Coming in Five Years, But It Might Get Hacked and Kill You
    A new report commissioned by the Department of Homeland Security forecasts that autonomous artificially intelligent robots are just five to 10 years away from hitting the mainstream—but there’s a catch. The new breed of smart robots will be eminently hackable. To the point that they might be re-programmed to kill you. The study, published in April, attempted to assess which emerging technology trends are most likely to go mainstream, while simultaneously posing serious “cybersecurity” problems. The good news is that the near future is going to see some rapid, revolutionary changes that could dramatically enhance our lives. The bad news is that the technologies pitched to “become successful and transformative” in the next decade or so are extremely vulnerable to all sorts of back-door, front-door, and side-door compromises.
  • Trump, DNC, RNC Flunk Email Security Test
    At issue is a fairly technical proposed standard called DMARC. Short for “domain-based messaging authentication reporting and conformance,” DMARC tries to solve a problem that has plagued email since its inception: It’s surprisingly difficult for email providers and end users alike to tell whether a given email is real – i.e. that it really was sent by the person or organization identified in the “from:” portion of the missive.
  • NIST Prepares to Ban SMS-Based Two-Factor Authentication
    The US National Institute of Standards and Technology (NIST) has released the latest draft version of the Digital Authentication Guideline that contains language hinting at a future ban on SMS-based Two-Factor Authentication (2FA). The Digital Authentication Guideline (DAG) is a set of rules used by software makers to build secure services, and by governments and private agencies to assess the security of their services and software. NIST experts are constantly updating the guideline, in an effort to keep pace with the rapid change in the IT sector.
  • 1.6m Clash of Kings forum accounts 'stolen'
    Details about 1.6 million users on the Clash of Kings online forum have been hacked, claims a breach notification site. The user data from the popular mobile game's discussion forum were allegedly targeted by a hacker on 14 July. Tech site ZDNet has reported the leaked data includes email addresses, IP addresses and usernames.
  • Hacker steals 1.6 million accounts from top mobile game's forum
    [Ed: vBulletin is proprietary software -- the same crap Canonical used for Ubuntu forums]

The saga continues with Slackware 14.2

Slackware is the oldest surviving Linux distribution and has been maintained since its birth by Patrick Volkerding. Slackware has a well deserved reputation for being stable, consistent and conservative. Slackware is released when it is ready, rather than on a set schedule, and fans of the distribution praise its no-frills and no-fuss design. Slackware adheres to a "keep it simple" philosophy similar to Arch Linux, in that the operating system does not do a lot of hand holding or automatic configuration. The user is expected to know what they are doing and the operating system generally stays out of the way. The latest release of Slackware, version 14.2, mostly offers software updates and accompanying hardware support. A few new features offer improved plug-n-play support for removable devices and this release of Slackware ships with the PulseAudio software. PulseAudio has been commonly found in the audio stack of most Linux distributions for several years, but that is a signature of Slackware: adding new features when they are needed, not when they become available. In this case PulseAudio was required as a dependency for another package. Slackware 14.2 is available in 32-bit and 64-bit builds for the x86 architecture. There is also an ARM build. While the main edition of Slackware is available as an installation disc only, there is a live edition of Slackware where we can explore a Slackware-powered desktop environment without installing the distribution. The live edition can be found on the Alien Base website. Both the live edition and the main installation media are approximately 2.6GB in size. For the purposes of this review I will be focusing on the main, installation-only edition. Booting from the install media brings us to a text screen where we are invited to type in any required kernel parameters. We can press the Enter key to take the default settings or wait two minutes for the media to continue booting. A text prompt then offers to let us load an alternative keyboard layout or use the default "US" layout. We are then brought to a text console where a brief blurb offers us tips for setting up disk partitions and swap space. The helpful text says we can create partitions and then run the system installer by typing "setup". Read more