today's leftovers

• MATE 1.24 Binaries Pushed

  I have just build the latest MATE 1.24 on top of latest Slackware-Current (per Feb 26 2020) and pushed the binaries into the usual repository provided by Darren Austin at slackware.uk. I took this chance to bump some libraries to the latest version available. As mentioned earlier, i can't provide mate-power-manager 1.24 since it requires new upower 0.99.x which uses a new API, so i will leave it as it is for now. Once new upower gets included, i will have to make some test first before pushing mate-power-manager 1.24 to public.

• Lessons learned from Credit Karma GraphQL architecture

  Credit Karma and similar companies have transformed the personal finance market during the past two decades. Credit Karma has undergone multiple transformations since launching in 2007, culminating in reports this week from The New York Times and The Wall Street Journal that it will be acquired by Intuit in a deal valued at $7 billion. Credit Karma did not immediately respond to a request for confirmation of the acquisition. While multiple technologies have helped spur Credit Karma's growth, in recent years the company has increasingly embraced GraphQL architecture as a way to improve its services with faster response times for its 100 million members. According to the company, approximately 50% of Credit Karma's data traffic flows through GraphQL.

• How to de-Google-ify your site to make it faster and visitor friendly

  Did you know that 94% of sites include at least one third-party resource while the median page requests content from 9 different domains? These third-party resources represent 35% of the total network activity and 7 of the 10 most used resources are owned by Google.

  Third-party resources slow down the web and are a concern for the privacy of people who visit these sites. Google themselves will point the finger at their analytics and ads when you use their speed tests. They provide guides on making third-party resources less slow too.

  Here’s how you can de-Google-ify your site, get fully independent and in control while having faster loading time, being more eco-friendly and more compliant with the privacy regulations such as GDPR and CCPA.

• Open security group unveils common OpenDXL language

  Initially developed by McAfee, the OpenDXL messaging framework is already used by more than 4,000 suppliers and enterprises to develop and share integrations between various tools.

  Now, with the release of OpenDXL Ontology, OCA said it could offer a single, common language for notifications, information and actions across security products, providing users with a set of tooling that can be applied once and automatically reused everywhere, while eliminating the need to update integrations for new product versions and functionalities.

• Open Cybersecurity Alliance announces new language for connecting cybersecurity tools

  OpenDXL Ontology is based on the Open Data Exchange Layer (OpenDXL), an open messaging framework to develop and share integrations with other tools. With the release of the language, the alliance can provide a single, common solution for notifications, information, actions and communicating with other tools. In addition, it provides companies with a set of tooling that can be applied once and automatically reused everywhere across all product categories, while also eliminating the need to update integrations as product versions and functionalities change

• Open Cybersecurity Alliance Unveils First Open Source Language

  The newly formed Open Cybersecurity Alliance connects the fragmented cyber-security landscape with common, open source code and practices that allow companies to “integrate once, reuse everywhere.” Governed under the auspices of OASIS, the OCA now includes more than 25 member organizations and has brought two major intero-perability projects into the open-source realm, with OpenDXL Ontology (contributed by McAfee) and STIX Shifter (contributed by IBM Security) now available for cross-industry collaboration and development on GitHub.

  In addition to the availability of OpenDXL Ontology, the OCA is also announcing the formation of its Technical Steering Committee, including leaders from AT&T, IBM Security, McAfee, Packet Clearinghouse, and Tripwire, who will drive the technical direction and development of the organization.

• Test and Code: 102: Cosmic Python, TDD, testing and external dependencies - Harry Percival

  Harry Percival has completed his second book, "Architecture Patterns with Python". So of course we talk about the book, also known as "Cosmic Python". We also discuss lots of testing topics, especially related to larger systems and systems involving third party interfaces and APIs.

• IRC is Not Dead | Self-Hosted 13

  Self-Hosted IRC solutions are better than ever. Alan Pope joins us to make a case for the classic way to communicate online and tells us about a modern client for the web, mobile, and desktop you run on your server. Plus, follow up on the new Self-Hosted wiki, and more.

• BSD Fundraising | BSD Now 339

  Meet FuryBSD, NetBSD 9.0 has been released, OpenBSD Foundation 2019 campaign wrapup, a retrospective on OmniOS ZFS-based NFS fileservers, NetBSD Fundraising 2020 goal, OpenSSH 8.2 released, and more.## Headlines

• UbuntuBuzz.com is Now HTTPS and Got New Design!

  Dear readers! We have two good news for you. Starting from Tuesday, 25 February 2020, UbuntuBuzz.com website is now more secure with HTTPS and more fresh with new design. Firstly, by HTTPS you would notice a green padlock on your browser address bar. That's the security sign meaning connection between you and this site is now encrypted. By encrypted means you are safe from tampering in the middle of connection which usually done by crackers or bad internet services. Secondly, after a period of broken design (caused by TinyPic.com shutdown as our image assets were hosted there) whole website is now kindly redesigned by the owner of this website, Mr. Mahmudin Ashar. However, there are still undergoing changes being made so you will see more stuffs coming. Personally, as an author here I really feel grateful to him and I love these changes! I hope these changes make you feel more comfortable visiting us. Do you love these new changes? Please give us feedbacks on comment section. We thank you all dear readers for your support!

The Apache Software Foundation Announces 20th Anniversary of Apache® Subversion®

The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the 20th Anniversary of Apache® Subversion®, the popular centralized software version control system. Apache Subversion ("SVN") allows users to commit code, manage changes, and recover previous versions of all sorts of data across files and directories. Subversion is ideal for distributed teams who need to easily audit and act on modification logs and versioning history across projects. Subversion originated at CollabNet in 2000 as an effort to create an Open Source version-control system similar to the then-standard CVS (Concurrent Versions System) but with additional features and functionality. Subversion was submitted to the Apache Incubator In November 2009, and became an Apache Top-Level Project in February 2010. "We are very proud of Subversion's long history, and remain committed to our mission statement," said Stefan Sperling, Vice President of Apache Subversion. "Subversion has moved well beyond its initial goal of creating a compelling replacement for CVS. In 2010 our mission statement was updated to ‘Enterprise-class centralized version control for the masses’.” Also: Apache Celebrates Subversion's 20th Anniversary

Software: HPLIP, MuseScore, TeamViewer

• HPLIP 3.20.2 Released with Linux Mint 19.3 Support

  HPLIP 3.20.2, HP developed open source Linux driver for HP printers and scanners, was released today with many new devices and Linux Mint 19.3 support.

• MuseScore – Create, play, and print beautiful sheet music

  Do you need a top-notch musical notation editor for your Linux PC? MuseScore should be the software of your choice. A good music notation app requires to provide the user with features like quick corrections, fast editing, reliable sharing, and provision of a uniform layout of sheet music. It should make the whole process of creating, editing, and printing music a lot easier and fast. MuseScore is one of the powerful and versatile open-source music score editors in the market. It might not offer all the editing features provided by high-end paid software, but it provides users with the core functionality needed.

• Best 14 teamviewer alternatives for Linux/Ubuntu

  One of the most popular software enabling computers to be controlled remotely is TeamViewer, but there are many other options that are available as well, which have just as many features (desktop sharing, online conferences, and data transfers). Since TeamViewer dominates the major online users, it has long ranked number one by many users. However, for many, TeamViewer isn’t their number one choice and so in the true spirit of ope n source, let’s talk about thousands of similar software. Since I can’t discuss it all, let’s talk about the top 14 alternatives of TeamViewer for Linux in 2020.

Security: Patches, Whonix, IPFire and More

• Security updates for Thursday

  Security updates have been issued by CentOS (kernel, ksh, python-pillow, and thunderbird), Debian (opensmtpd, proftpd-dfsg, and rake), Fedora (NetworkManager-ssh), openSUSE (chromium), and SUSE (libexif, mariadb, ovmf, python3, and squid). 

• Whonix VirtualBox 15.0.0.8.9 - Point Release! - vanguards; TCP ISN Leak Protection; Extensive Hardening!

  This is a point release. Download Whonix for VirtualBox:

• Build your career in Computer Forensics: List of Digital Forensic Tools - Part I

  Digital devices are present everywhere and considered to be the primary source of evidence in the case of cybercrime. Out of all the devices, phones and laptops are the top weapons used in cybercrimes. Regardless of who the device belonged to, either the victim or suspect, it offers an abundance of data to investigate the crime. But retrieving evidence from these devices in a secure environment can be very challenging. To overcome the time constraint and other complications, cyber forensic professionals use digital forensic tools.  

• What are Open Source Security Approaches? With Examples

  Open source security approaches enable organizations to secure their applications and networks while avoiding expensive proprietary security offerings.  An open source approach allows organizations to secure their applications across cloud providers and other platforms using platform-agnostic APIs. These APIs are written by contributors to the open source software code while cloud providers may use open source code that allows the open APIs to connect to the cloud. Open source approaches, for security or not, also bring in collaboration across an industry. It isn’t just one organization that benefits from a program or technology, but everyone who contributes to and uses it. The open source projects and programs used as examples in this article come from two major open source entities: The Linux Foundation and the Cloud Native Computing Foundation (CNCF). The two also work closely together to further the projects under their purview.

• Cloud Snooper: Hackers Using Linux Kernel Driver To Attack Cloud Server [Ed: So, if you install malicious software in Linux, due to recklessness or sabotage, it'll do malicious things. How is that a Linux weakness?]

  Whether you’re a Linux user or not, you must have heard the buzzword about the Linux — “Best OS for security.” Well, it is true, but being a computer program, Linux also has some downside that challenges its security. Talking about the security risks, recently, SophosLab published a report about a new malware dubbed Cloud Snooper, that can compromise the security of any Linux or other OS based servers by deploying a kernel driver.

• IPFire on AWS: Update to IPFire 2.25 - Core Update 141

  Today, we have updated IPFire on AWS to IPFire 2.25 - Core Update 141 - the latest official release of IPFire. Since IPFire is available on AWS, we are gaining more and more users who are securing their cloud infrastructure behind an easy to configure, yet fast and secure firewall. This update adds the rewritten DNS stack and brings many bug fixes to the cloud.