Language Selection

English French German Italian Portuguese Spanish

Google

Google funds Linux kernel developers to work exclusively on security

Filed under
Google
Security

Hardly a week goes by without yet another major Windows security problem popping up, while Linux security problems, when looked at closely, usually turn out to be blunders made by incompetent system administration. But Linux can't rest on its laurels. There are real Linux security concerns that need addressing. That's where Google and the Linux Foundation come in with a new plan to underwrite two full-time maintainers for Linux kernel security development, Gustavo Silva and Nathan Chancellor.

Silva and Chancellor's exclusive focus will be to maintain and improve kernel security and associated initiatives to ensure Linux's security. There's certainly work to be done.

Read more

Unlock your Chromebook's hidden potential with Linux

Filed under
GNU
Linux
Google

Google Chromebooks run on Linux, but normally the Linux they run isn't particularly accessible to the user. Linux is used as a backend technology for an environment based on the open source Chromium OS, which Google then transforms into Chrome OS. The interface most users experience is a desktop that can run Chrome browser apps and the Chrome browser itself. And yet underneath all that, there's Linux to be found. If you know how, you can enable Linux on your Chromebook and turn a computer that was probably relatively cheap and basic into a serious laptop with access to hundreds of applications and all the power you need to make it an all-purpose computer.

[...]

Now that you're running in Developer Mode, you can activate the Linux Beta feature in Chrome OS. To do that, open Settings and click on Linux Beta in the left column.

Activate Linux Beta and allot some hard drive space for your Linux system and applications. Linux is pretty lightweight at the worst of times, so you don't really need much space, but it obviously depends on how much you intend to do with Linux. 4 GB is enough for Linux plus a few hundred terminal commands and two dozen graphical applications. Because my Chromebook has a 64 GB memory chip, I gave 30 GB over to Linux because most of what I do on my Chromebook is in Linux.

Once your Linux Beta environment is ready, you can launch a terminal by pressing the Search button on your keyboard and typing terminal. If you're new to Linux, you may not know what to install now that you have access. This, of course, depends on what you want to do with Linux. If you're interested in Linux for programming, then you might start with Bash (that's already installed and running in the terminal) and Python. If you're interested in Linux for all of its amazing open source applications, you might try applications like GIMP, MyPaint, LibreOffice, or Inkscape.

The Linux Beta mode of Chrome OS lacks a graphical installer for software, but applications can be installed from the terminal. Install applications with the sudo apt install command.

Read more

Also: Windows is losing to Linux... but not how you might think.

Chromebooks (Based on Gentoo GNU/Linux) on the Rise

Filed under
GNU
Linux
Google
  • Chromebooks outsold Macs worldwide in 2020, cutting into Windows market share [Ed: Even Microsoft boosters such as Microsoft Emil now admit Windows is in trouble, even on laptops]

    This is a big win for Google and a warning for both Apple and Microsoft. It also signals to app and game developers that Chrome OS can no longer be ignored. Frankly, any business that provides a product or service over the internet should be setting aside resources to ensure the Chrome OS experience is comparable to Windows and macOS.

  • Chromebooks continued to outsell Macs in 2020

    Data from both IDC and Strategy Analytics independently confirmed that trend. SA reported that Chromebooks outsold MacBooks during 2020 and especially during the fourth quarter. Research firm IDC (Disclosure: IDC and PCWorld are owned by the same parent company), which included desktops in its analysis, reported similar findings. A third analyst firm, Canalys, compiled data showing that total worldwide Chromebook shipments nearly quadrupled in 2020 to 11.2 million units, compared to just 2.9 million in 2019. SA's data is shown below.

  • Mac market share grew significantly last year, but Chromebooks pulled ahead

    However, the company said that a dramatic explosion in Chromebook sales during the year meant that ChromeOS convincingly kicked macOS into third place in the desktop OS battle…

Go 1.16 is released

Filed under
Development
Google

Today the Go team is very happy to announce the release of Go 1.16. You can get it from the download page.

The new embed package provides access to files embedded at compile time using the new //go:embed directive. Now it is easy to bundle supporting data files into your Go programs, making developing with Go even smoother. You can get started using the embed package documentation. Carl Johnson has also written a nice tutorial, “How to use Go embed”.

Go 1.16 also adds macOS ARM64 support (also known as Apple silicon). Since Apple’s announcement of their new arm64 architecture, we have been working closely with them to ensure Go is fully supported; see our blog post “Go on ARM and Beyond” for more.

Read more

Also: Go 1.16 released

Google proposes way for Fuchsia OS to run Android and Linux programs ‘natively’

Filed under
OS
Google

One of the bigger issues with making a new operating system, particularly one that’s being built from scratch like Fuchsia, is that people will rightfully want to be able to run their favorite apps on that OS. In the case of Fuchsia, which could theoretically serve as the successor to both Chrome OS and Android, people would likely expect to be able to run both Android apps and Linux apps, along with native Fuchsia apps.

Up to now, the expectation was that Fuchsia could accomplish this in the same way that Chrome OS is currently able to run Linux apps, by running a full instance of Linux in a virtual machine. Chrome OS is even set to use this same strategy for its ability to run Android apps, thanks to a project called arcvm.

However, there are some downsides to the virtual machine approach. For one, managing files between the “host” (Fuchsia, for example) and the “guest” (Android) can be tricky or cumbersome. Additionally, Fuchsia puts an emphasis on security, attempting to keep programs isolated from one another wherever possible. To maintain that level of isolation with Linux apps, Fuchsia would need to run more than one virtual machine, which could bog down performance.

Read more

Google Betrayals

Filed under
Google
Gaming
  • Terraria canceled on Stadia after developer gets locked out of his Google accounts

    The co-creator of Terraria has called off development of the game for Google Stadia following a three-week stretch where he has been inexplicably locked out of all of his Google accounts.

    Andrew Spinks gave the ultimatum early Monday, after getting no response from Google since YouTube locked him out of his account in mid-January. The lockout has also cost Spinks access to apps he’s purchased on Google Stadia, wiped data he stored in Google drive, and terminated a Gmail account he’s used for more than 15 years.

  • ‘Terraria’ Creator Cancels Stadia Version After Google Account Lockout

    Spinks concludes that his problems stem from Google trying to “burn a bridge,” and if that’s the way it’s going to be, he says, he’s cancelling the Stadia release of Terraria, as he “will not be involved with a corporation that values their customers and partners so little. Doing business with you is a liability.”

  • Terraria co-creator says Stadia version is canceled after losing access to Google accounts

    The cancellation of a Stadia port for Terraria comes at a challenging time for Google Stadia: last week, the company announced it was closing its in-house development studio and said it would rely instead solely on third-party developers. The cloud gaming service is also losing one of its biggest exclusives, Crayta, as its timed exclusivity deal is slated to end soon.

  • Terraria on Stadia Canceled After Developer Is Locked Out Of Google Accounts

    The developers of Terraria, Re-Logic, have shared more details about what their severed ties with Google mean. Including how the boycott will include future versions of Terraria and future games from the studio. But existing versions of Terraria on Android and Google Play will not be impacted by the co-creator's decisions today.

    In a statement to IGN, Re-Logic says “Punishing existing customers who paid for our game on these platforms is not what we are about. To be clear: there should be no impact whatsoever to Terraria on Google platforms, both existing/purchased games as well as ongoing store availability.”

    The studio also provided a more in-depth timeline on how its issues with Google came about.

  • Terraria Creator Cancels Stadia Port, Calls Doing Business With Google A "Liability"

    "After using every resource I have to get this resolved, you have done nothing but given me the runaround." He cites his frustration as being linked to thousands of dollars in-app purchases, movie purchases, and Google Drive data now being beyond his reach. Additionally, "I can't access my YouTube channel. The worst of all is losing access to my Gmail address of over 15 years."

  • Google Chrome is killing off support for some ancient PCs

    If you’re one of the few whose PC contains an Intel Pentium 4 or an AMD Athlon 64, bad news: You’re about to lose access to Google’s Chrome browser.

LibreOffice Docs and 2021 Season of Docs

Filed under
LibO
Google
  • Make better presentations with the Impress Guide 7.0

    This 330-page book explores the basics of Impress, before moving on to master slides, styles, templates, graphic objects, effects, exporting in various formats, and much more.

  • The 2021 Season of Docs application for organizations is open!

    Google Open Source is delighted to announce Season of Docs 2021!

    The 2019 Season of Docs brought together open source organizations and technical writers to create 44 successful documentation projects. In 2020, we had 64 successful standard-length technical writing projects and are still awaiting long-running project results.

    In 2021, the Season of Docs program will continue to support better documentation in open source and provide opportunities for skilled technical writers to gain open source experience. In addition, building on what we’ve learned from the successful 2019 and 2020 projects, we’re expanding our focus to include learning about effective metrics for evaluating open source documentation.

  • The 2021 Season of Docs application for organizations is open

    Google Open Source has announced the 2021 edition of Season of Docs.

Control Chromecast Devices From A Linux Desktop Via MPRIS Widgets Using chromecast_mpris

Filed under
Google
Software

chromecast_mpris is a daemon that allows you to control Chromecast devices from your Linux desktop using MPRIS widgets. The tool can also be used to open media and play YouTube videos on your Chromecast from the command line.

MPRIS (Media Player Remote Interfacing Specification) support is available by default in the Plasma Desktop and Linux Mint, GNOME has a simple MPRIS widget in its Date / Time menu (and there are third-party extensions for this as well, like this MPRIS Indicator Button), playerctrl (a command line utility and library for controlling media players that implement the MPRIS D-Bus Interface Specification), etc.

Read more

Proprietary Software Leftovers

Filed under
Server
Google
Microsoft
Security
  • Google’s cloud business lost more than $5.5 billion last year, but it’s growing fast

    Google parent company Alphabet weathered the tail end of 2020 to post better-than-expected earnings for the fourth quarter of the year. But the bigger story is that Alphabet broke out Google Cloud’s sales for the first time ever, revealing an eye-popping $5.6 billion annual loss last year, but a nearly 50 percent jump in revenue (to $13 billion) compared to 2019. And Google Cloud maintained that growth well into the fourth quarter, when the division generated $3.8 billion in sales. That’s a 46 percent jump from the fourth quarter of 2019.

  • Google Cloud Reports Huge Operating Losses in New Disclosure

    Alphabet Inc. said its Google Cloud business had an operating loss of $1.2 billion in the fourth quarter, a new disclosure that may disappoint some Wall Street analysts.

    The Mountain View, California-based company revealed the number on Tuesday in a statement. For 2020, the cloud division lost $5.6 billion, Alphabet said.

  • Microsoft 365 Becomes Haven for BEC Innovation

    Two fresh business email compromise (BEC) tactics have emerged onto the phishing scene, involving the manipulation of Microsoft 365 automated email responses in order to evade email security filters.

    In one case, scammers are targeting victims by redirecting legitimate out-of-office (OOO) replies from an employee to them; and in the other, read receipts are being manipulated. Both styles were seen being used in the wild in the U.S. in December, when auto-responders were more prevalent due to holiday vacation.

  • The reshaped Mac experience

    [...] I’ll quote the relevant ones here (emphasis mine):

    "The selling point of the Macintosh was never the hardware, it was the user interface. So if the selling point now is the hardware, that’s a damning indictment of the current user interface.

    I cannot emphasize enough how everyone seems to have lowered their standards with regard to the user interface. The “Overton window” has moved. The Overton window now has rounded rects.

    We’ve gone from “insanely great” and “It just works” to “Catalyst is good enough for most people.”

    That’s fucking BS, and I won’t tolerate it. [...]"

  • ‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

    ValidCC, a dark web bazaar run by a cybercrime group that for more than six years hacked online merchants and sold stolen payment card data, abruptly closed up shop last week. The proprietors of the popular store said their servers were seized as part of a coordinated law enforcement operation designed to disconnect and confiscate its infrastructure.

  • The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack

    As America struggles to assess the damage from the devastating SolarWinds cyberattack discovered in December, ProPublica has learned of a promising defense that could shore up the vulnerability the hackers exploited: a system the federal government funded but has never required its vendors to use.

    The massive breach, which U.S. intelligence agencies say was “likely Russian in origin,” penetrated the computer systems of critical federal agencies, including the Department of Homeland Security, the Treasury Department, the National Institutes of Health and the Department of Justice, as well as a number of Fortune 500 corporations. The hackers remained undetected, free to forage, for months.

Google Play bans open-source Matrix client Element, citing “abusive content”

Filed under
Google
OSS

The latest app to catch an illogical ban from the Google Play Store is Element, an open-source, end-to-end encrypted messaging client for the federated Matrix chat protocol. Google banned Element late Friday night, a ban which Element said "is due to abusive content somewhere on Matrix." Matrix has millions of users, and as a federated chat protocol, Element does not control the content on Matrix, so this is a bit like banning a web browser for displaying web content. Element says it is working with Google to "explain how Element works and get the situation resolved."

Google has been cracking down on apps that display hateful content, but Element says that it shouldn't be part of the crackdown. "We have also explained that the Matrix servers that we do run as Element (including the default Matrix.org homeserver, which we run on behalf of The Matrix.org Foundation) have strict Terms of Use which we actively enforce," Element said. "We abhor abuse, and Element is not an app that caters to abusive content."

Read more

Syndicate content

More in Tux Machines

Free Software Leftovers

  • From Clean & Green Mockup to OpenBSD cwm(1) desktop

    If the words CGA or Hercules raise sweet memories from your far away youth, the Mockup Clean & Green from u/awareofdistractions may hit you right in the heart. And if you like it so much, it may be used for real-life desktop environment using OpenBSD stock and ports material.

  • Learning more about our users

    At the Tor Project we practice user-centered design. This means we put our users at the heart of our development process, making a conscious effort to understand the contexts in which people use our tools and paying particular attention to the bumps they encounter along the way.

    Many digital product companies rely heavily on data gathered from invasive tracking scripts to better understand their users’ behavior, further fueling the surveillance economy. However that’s not how we do things at Tor – instead, we aim to conduct research that respects the basic principles of privacy and consent.

  • New Release: Tor Browser 10.5a11

    Tor Browser 10.5a11 is now available from the Tor Browser Alpha download page and also from our distribution directory.

    Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

  • FSFE20 +++ IloveFS +++ Job vacancy

    In our February Newsletter, we interview our founding president Georg Greve as part of our publication series to celebrate 20 Years FSFE, we reflect on I love Free Software Day and our FOSDEM participation, we advertise our new job vacancy and as usual we report on our diverse community activities.

  • Keeping platforms open

    My previous article, Whatsapp and the domestication of users, got more attention than I was expecting. Some responses gave me a lot to think about,1 especially regarding actions we can take. I suggest reading that article first; it explained what “user domestication” is and why it’s a problem. It enumerated three countermeasures: FOSS, simplicity, and open platforms.

    Hard problems, by definition, lack easy solutions. Simply choosing (or creating) a platform that avoids user domestication isn’t enough if that platform can change. The price of freedom is eternal vigilance; in addition to settling on the right platform, we must ensure that it honors its users in both the present and the future. Keeping a platform FOSS and simple is more straightforward2 than keeping a platform “open”.

    How do we keep an open platform from becoming a closed platform in the future?

Programming Leftovers

  • 6 Top Data Analysis Tools for Big Data

    Big Data is an all-inclusive term that refers to data sets so large and complex that they need to be processed by specially designed hardware and software tools. The data sets are typically of the order of tera or exabytes in size. These data sets are created from a diverse range of sources: sensors that gather climate information, publicly available information such as magazines, newspapers, articles. Other examples where big data is generated include purchase transaction records, web logs, medical records, military surveillance, video and image archives, and large-scale e-commerce. There is a heightened interest in Big Data and Big Data analysis and the implications they have for businesses. Big Data analysis is the process of examining huge quantities of data to find patterns, correlations, and other useful information that can help firms become more responsive to change, and to make better informed decisions. Big Data analysis can be performed with data mining software. However, the unstructured data sources used for big data analysis are not necessarily suitable for investigation by traditional data mining software.

  • 50 Years of Pascal

    Pascal was easy to teach, and it covered a wide spectrum of applications, which was a significant advantage over Algol, Fortran, and Cobol. The Pascal System was efficient, compact, and easy to use. The language was strongly influenced by the new discipline of structured programming, advocated primarily by E.W. Dijkstra to avert the threatening software crisis (1968).

  • How to use Django Serializers – Linux Hint

    Serializer is used in Django to convert the model instances or querysets into python supported data types that can be easily rendered into JSON, XML, or other formats. The deserialization can also be done by serializers to get back the original data from the serialized data. This feature is available in Django REST Framework. So, the users have to install this framework to use the serializers. Any webpage of the website may contain HTML, CSS, and data from the database tables. But the API does not understand these types of content, and it can understand the raw data only, that is, JSON data. How the serializers can be used to convert the model instance into JSON format has shown in this tutorial.

  • How to use queryset in django – Linux Hint

    Most of the web applications are implemented with the database now. queryset is used in the Django application to retrieve records by filtering or slicing or ordering the database table without changing the original data. The model used Django to create the table in the database. So, the knowledge of using the model in Django is necessary to understand the use of queryset. The main function of the queryset is to iterate the records of database tables by converting them into SQL queries. It can be used from the python command line or by writing the python script to display the browser’s output. The uses of queryset for retrieving data from a database table in different ways have been explained in this tutorial.

  • This Week In Rust: This Week in Rust 379 [Ed: The usual paradox of developing "openly" while requiring people to get an account with Microsoft and then use proprietary software of Microsoft, which attacks Free software.]

    This Week in Rust is openly developed on GitHub.

  • What Is BC in a Bash Script? – Linux Hint

    BC, which stands for Basic Calculator, is a command in Bash that is used to provide the functionality of a scientific calculator within a Bash script. This can be useful for scripting with various arithmentic use cases and scenarios. This article shows you how to use BC in a Bash script.

Security Leftovers

  • How often should I rotate my ssh keys?

    My story for today is about ssh and how even public keys, while much better than simple passwords, are still not a perfect solution.

    The danger is credential theft, which is a fancy way of saying “someone stole your private keys.” Back in the 1990s, that problem was pretty far from our minds; Windows 98 didn’t even have the concept of a separate administrator account, never mind the idea of app sandboxing or the inkling that someone might intentionally want to load malware onto your computer and encrypt all your files for ransomware. Those were the days when some people thought ActiveX controls (essentially loading .exe files from web sites) might be a good idea. Actually, maybe even a great idea as long as there was an “are you sure?” dialog box first.

  • 4 of the Best LastPass Alternatives

    LastPass has recently changed its free account usage policy to be only available on one device, and a lot of its users are not happy about it. If you are a LastPass Free user and are looking to switch, here are four great LastPass alternatives you should check out. These services reserve their pricing tiers for more advanced, business-oriented users while still leaving free users with a powerful set of features to safeguard their online accounts data.

  • Security updates for Thursday

    Security updates have been issued by Arch Linux (ansible-base, keycloak, mumble, and postgresql), Debian (firefox-esr and nodejs), Fedora (dotnet3.1, dotnet5.0, keylime, php-horde-Horde-Text-Filter, radare2, scap-security-guide, and wireshark), openSUSE (postgresql, postgresql13 and python-djangorestframework), Red Hat (Ansible, firefox, and thunderbird), Scientific Linux (firefox and thunderbird), SUSE (php7, postgresql-jdbc, python-cryptography, rpmlint, and webkit2gtk3), and Ubuntu (dnsmasq, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, linux-oem-5.10, linux-oem-5.6, screen, and xterm).

  • Biden signs executive order calling for semiconductor supply chain review

    President Biden signed an executive order Wednesday addressing growing concern over a global semiconductor shortage hampering the production of goods like automobiles and smartphones.

    The White House’s executive order directs the federal government to conduct 100-day reviews of supply chains in four sets of products, including computer chips and large capacity batteries, like those used in electric vehicles, according to administration officials.

  • Biden Orders Review to Shore Up Supply Chain Resiliency

    On top of the 100-day review of the four key industries, Biden’s order will also direct yearlong reviews for six sectors: defense, public health, information technology, transportation, energy and food production.

    Biden said his administration will implement the recommendations as soon as they are available. “We're not going to wait for the review to be completed before we start closing the existing gaps,” he said.

  • Technology Executives Say All Evidence Points To Russia In Major Hack Of Computer Networks

    Smith told the committee that the true scope of the intrusions is still unknown because most victims are not legally required to disclose attacks unless they involve sensitive information about individuals.

  • Finnish IT Giant Hit with Ransomware Cyberattack [iophk: Windows TO]

    Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesday, claiming to have spoken with Geir Remman, a communications director at the company. Remman acknowledged technical problems with several services that TietoEVRY provides to 25 customers, which are “due to a ransom attack,” according to the report.

    Remman told E24 that the company considers the attack “a serious criminal act.” TietoEVRY turned off the unspecified services and infrastructure affected “as a preventative measure” until it can recover relevant data, and restart systems “in a controlled manner,” he said.

Ubuntu Leftovers

  • Ubuntu Aims For Higher Quality LTS Point Releases - Phoronix

    New restrictions will be in place beginning with Ubuntu 20.04.3 LTS this summer to try to enforce better quality releases with less regressions by enforcing better quality control. The change beginning with Ubuntu 20.04.3 LTS will require that stable release update (SRU) procedures are followed even for release blockers. This will require that every fix follows the same verification, regression analysis, and aging period process. The tighter quality controls will likely lead to slips in release targets if bugs are found in the release candidates for new point releases, as it will first need to go through the verification and aging process.

  • DFI Partners With Ubuntu For IoT Hardware, OTA Updates - Phoronix

    Most of you probably haven't heard of DFI much in nearly two decades since the days of their colorful "LanParty" motherboards that were well known at the time, but these days they are focused on the industrial computer industry and have now teamed up with Canonical to partake in the Ubuntu IoT Hardware Certification Partner Program. DFI is the first industrial computer vendor joining the Ubuntu IoT Hardware Certification Partner Program for Ubuntu-certified hardware focused on the Internet of Things and embracing over-the-air software updates.

  • What is MEC ? The telco edge.

    MEC, as ETSI defines it, stands for Multi-access Edge Computing and is sometimes referred to as Mobile edge computing. MEC is a solution that gives content providers and software developers cloud-computing capabilities which are close to the end users. This micro cloud deployed in the edge of mobile operators’ networks has ultra low latency and high bandwidth which enables new types of applications and business use cases. On top of that an application running on MEC can have real-time access to a subset of radio network information that can improve the overall experience.