Language Selection

English French German Italian Portuguese Spanish

Linux

Hands-On: Kali Linux 2018.1 on the Raspberry Pi Zero W

Filed under
Linux
Reviews
Security

The installation image is actually on the Offensive Security Kali Linux ARM Images page, so don't get confused if you go to the normal Kali Linux Downloads page and don't see it. There is a link to the ARM images near the bottom of that page.

As with most Raspberry Pi installation images, the download is a compressed (xz) snapshot, not an ISO image.

Read more

Nintendo Switch Hacked to Run Linux

Filed under
Linux
Gaming

Hacking group fail0verflow has discovered a vulnerability in Nintendo Switch that allows the installation of Linux, basically opening the door to something that the parent company hoped it’d never come true: pirated games.

In a post on Twitter earlier this week, fail0verflow revealed that Nintendo Switch comes with a bug that cannot be fixed with firmware updates and which can be abused at any moment to install Linux.

Read more

Zerodium offers $45000 for Linux zero-day vulnerabilities

Filed under
Linux
Security

Zerodium is offering $45,000 to hackers willing to privately report zero-day vulnerabilities in the Linux operating system.

On Thursday, the private exploit acquisition program announced the new addition to its bounties on Twitter. Until 31 March, Zerodium is willing to offer increased payouts of up to $45,000 for local privilege escalation (LPE) exploits.

The zero-day, unreported vulnerabilities, should work with default installations of Linux such as the popular Ubuntu, Debian, CentOS, Red Hat Enterprise Linux (RHEL), and Fedora builds.

Read more

Tizen TV and Tizen Software

Filed under
Linux

Linux: Detainting the Kernel, x86, and LF's Open Networking Foundation

Filed under
Linux
  • diff -u: Detainting the Kernel

    Sometimes someone submits a patch without offering a clear explanation of why the patch would be useful, and when questioned by the developers, the person offers vague or hypothetical explanations. Something like that happened recently when Matthew Garrett submitted a patch to disable a running kernel's ability to detect whether it was running entirely open-source code.

    Specifically, he wanted to be able to load unsigned modules at runtime, without the kernel detecting the situation and "tainting" itself. Tainting the kernel doesn't affect its behavior in any significant way, but it is extremely useful to the kernel developers, who typically will refuse to chase bug reports on any kernel that uses closed-source software. Without a fully open-source kernel, there's no way to know that a given bug is inside the open or closed portion of the kernel. For this reason, anyone submitting bug reports to the kernel developers always should make sure to reproduce the bug on an untainted kernel.

  • Intel & AMD IOMMU Improvements Slated For Linux 4.16

    With the in-development Linux 4.16 kernel there are improvements to note for both AMD and Intel users.

  • The Complete Schedule for Open Networking Summit North America Is Now Live

        

    In addition, hear from industry visionaries in keynote sessions; attend LF Networking, Acumos Project, and Open Networking Foundation Developer Forums; and sign up for technical training on ONAP & OPNFV.

Purism's Updates on Librem and Librem 5

Filed under
GNU
Linux
  • Qubes 4.0 fully working on Librem laptops, coreboot added IOMMU and TPM

    It’s easy to take things for granted when your computer runs a non-free proprietary BIOS. While the BIOS that comes with your computer is usually configured to match its features that’s not always the case. You end up with a sort of binary arrangement: if your BIOS supports a feature or allows you to change a setting, great, but if it doesn’t, you are generally out of luck. One example is with some of the new UEFI computers that ship with stripped-down BIOS options. One example we ran across recently had legacy boot disabled, secure boot enabled, and no way to change either setting, which is a terrible restriction for users wanting a free software distribution like PureOS or any another distribution that avoids the misnamed “secure boot” UEFI option.

  • Designing the Mobile Experience with Convergence in Mind

    It is always great to have the opportunity to discuss face to face with community members to get the pulse of what their thoughts are and suggestions they might have for the Librem 5 project. As such, I was happy to spend time discussing at length with people attending FOSDEM this week-end. Comments from the many supporters made me realize that there are some points regarding goals and vision, in terms of design for the entire Librem line, that needed to be expanded upon and clarified. Keep in mind that although the vision for our short and long-term design goals for the Librem 5 is becoming increasingly clearer, it is of course still “work in progress” from a design perspective; things are not set in stone and therefore we are listening (and responding) to the community’s feedback.

What Is Kali Linux, and Do You Need It?

Filed under
GNU
Linux
Security

If you’ve heard a 13-year-old would-be hacker talking about how 1337 they are, chances are, Kali Linux came up. Despite it’s script kiddie reputation, Kali is actually a real tool (or set of tools) for security professionals.

Kali is a Linux distribution based on Debian. Its goal is simple; include as many penetration and security audit tools as possible in one convenient package. Kali delivers, too. Many of the best open-source tools for conducting security tests are collected and ready to use.

Read more

Freespire 3.0.6.5 released

Filed under
GNU
Linux

Today we are releasing Freespire 3.0.6.5 which is a bug fix and incremental release of the Freespire 3.0 series. We also added some features and applications that users wanted us to include in the distribution. With this release we fixed several issues.

Read more

Automation controller debuts Linux-based PLCnext software

Filed under
Linux
Hardware

Phoenix Contact’s rugged, dual Cortex-A9 based “PLCnext AXC F 2152” controller for its Axioline F I/O field bus is the first field controller designed to run Phoenix’s Linux-based PLCnext control stack, which enables PLC control using high-level languages.

Today’s embedded engineers have a wider breadth of tech knowledge than their parents’ generation, but they are less likely to know the intricacies of the old-school Programmable Logic Controllers (PLCs) and field bus technologies that still drive much of the industrial automation world. As reported in Design & Control, Phoenix Contacts decided to reach out to younger engineers by providing a Real-Time Linux-based PLCnext Technology field controller stack, which supports multiple high-end programming languages in addition to traditional IEC 61131 PLC programming. A year after announcing PLCnext, Phoenix has launched the first controller based on the technology.

Read more

Open Hardware/Modding: RISC-V, PIXO Pixel, Arduino

Filed under
Linux
Hardware
  • RISC-V gains momentum as it moves from MCUs to Linux-friendly SoCs

    The open source RISC-V ISA has evolved quickly into silicon, thanks to help from companies like SiFive and Microsemi. SiFive’s HiFive Unleashed board should arrive less than two years after SiFive announced its first Linux-driven Freedom SoCs.

    It’s been two years since the open source RISC-V architecture emerged from computer labs at UC Berkeley and elsewhere and began appearing in soft-core implementations designed for FPGAs, and over a year since the first commercial silicon arrived. So far, the focus has primarily been on MCU-like processors, but last October, SiFive announced the first Linux-driven RISC-V SoC with its quad-core, 64-bit bit Freedom U540 (AKA U54-MC Coreplex). A few days ago at FOSDEM, SiFive opened pre-sales for an open source HiFive Unleashed SBC that showcases the U540.

  • SiFive releases Linux SoC processor and board

    SiFive Inc. (San Mateo, Calif.), a startup that is offering processor cores that comply with the RISC-V open source architecture, has launched a Linux-capable RISC-V based processor chip, the Freedom U540 SoC.

  • Chip Embarks As First Linux-Capable RISC-V Based SoC

    SiFive launches what it calls the industry's first Linux-capable RISC-V based processor SoC. The company recently demonstrated the first real-world use of the HiFive Unleashed board featuring the Freedom U540 SoC, based on its U54-MC Core IP. During the demo, SiFive provided updates on the RISC-V Linux effort, surprising attendees with an announcement that the presentation had been run on the HiFive Unleashed development board. With the availability of the HiFive Unleashed board and Freedom U540 SoC, SiFive has brought to market the first multicore RISC-V chip designed for commercialization, and now offers the industry's widest array of RISC-V based Core IP.

  • PIXO Pixel - Open Source LED Display for Makers

    Sean Hodgins is an inventor and maker interested in purposing current technologies in new and different ways. He’s currently running a crowdfunding campaign on Kickstarter for the PIXO Pixel, an open source RGB display that controls 256 LEDs.

  • AFRL, NextFlex leverage open-source community to create flexible circuit system

    Lightweight, low-cost and flexible electronic systems are the key to next-generation smart technologies for military as well as consumer and commercial applications.

    An Air Force Research Laboratory-led project in conjunction with NextFlex, America’s Flexible Hybrid Electronics Institute, has resulted in the first ever, functional samples of flexible Arduino circuit board systems made by using a flexible hybrid electronics manufacturing process, setting the stage for smart technologies for the internet of things and sensor applications like wearable devices.

Syndicate content

More in Tux Machines

GNOME and Fedora

  • RFC: Integrating rsvg-rs into librsvg
    I have started an RFC to integrate rsvg-rs into librsvg. rsvg-rs is the Rust binding to librsvg. Like the gtk-rs bindings, it gets generated from a pre-built GIR file.
  • 1+ year of Fedora and GNOME hardware enablement
    A year and a couple of months ago, Christian Schaller asked me to pivot a little bit from working full time on Fleet Commander to manage a new team we were building to work on client hardware enablement for Fedora and GNOME with an emphasis on upstream. The idea was to fill the gap in the organization where nobody really owned the problem of bringing up new client hardware features vertically across the stack (from shell down to the kernel), or rather, ensure Fedora and GNOME both work great on modern laptops. Part of that deal was to take over the bootloader and start working closer to customers and hardware manufacturing parnters.
  • Fedora Atomic Workstation: Works on the beach
    My trip is getting really close, so I decided to upgrade my system to rawhide. Wait, what ? That is usually what everybody would tell you not to do. Rawhide has this reputation for frequent breakage, and who knows if my apps will work any given day. Not something you want to deal with while traveling.
  • 4 cool new projects to try in COPR for February

Why You Shouldn’t Use Firefox Forks (and Proprietary Opera)

  • Why You Shouldn’t Use Firefox Forks Like Waterfox, Pale Moon, or Basilisk
    Mozilla Firefox is an open source project, so anyone can take its code, modify it, and release a new browser. That’s what Waterfox, Pale Moon, and Basilisk are—alternative browsers based on the Firefox code. But we recommend against using any of them.
  • Opera Says Its Next Opera Release Will Have the Fastest Ad Blocker on the Block
    Opera Software promoted today its upcoming Opera 52 web browser to the beta channel claiming that it has the faster ad blocker on the market compared to previous Opera release and Google Chrome. One of the key highlights of the Opera 52 release will be the improved performance of the built-in ad blocker as Opera claims to have enhanced the string matching algorithm of the ad blocker to make it open web pages that contain ads much faster than before, and, apparently than other web browsers, such as Chrome.

Graphics: Glxinfo, ANV, SPIR-V

  • Glxinfo Gets Updated With OpenGL 4.6 Support, More vRAM Reporting
    The glxinfo utility is handy for Linux users in checking on their OpenGL driver in use by their system and related information. But it's not often that glxinfo itself gets updated, except that changed today with the release of mesa-demos-8.4.0 as the package providing this information utility. Mesa-demos is the collection of glxinfo, eglinfo, glxgears, and utilities related to Mesa. With the Mesa-demos 8.4.0 it is predominantly glxinfo updates.
  • Intel ANV Getting VK_KHR_16bit_storage Support Wrapped Up
    Igalia's Jose Maria Casanova Crespo sent out a set of patches today for fixes that allow for the enabling of the VK_KHR_16bit_storage extension within Intel's ANV Vulkan driver. The patches are here for those interested in 16-bit storage support in Vulkan. This flips on the features for storageBuffer16BitAccess, uniformAndStorageBuffer16BitAccess, storagePushConstant16 and the VK_KHR_16bit_storage extension. This support is present for Intel "Gen 8" Broadwell graphics and newer. Hopefully the work will be landing in Mesa Git soon.
  • SPIR-V Support For Gallium3D's Clover Is Closer To Reality
    It's been a busy past week for open-source GPU compute with Intel opening up their new NEO OpenCL stack, Karol Herbst at Red Hat posting the latest on Nouveau NIR support for SPIR-V compute, and now longtime Nouveau contributor Pierre Moreau has presented his latest for SPIR-V Clover support. Pierre has been spending about the past year adding SPIR-V support to Gallium3D's "Clover" OpenCL state tracker. SPIR-V, of course, is the intermediate representation used now by OpenCL and Vulkan.

Security: Updates, Tinder, FUD and KPTI Meltdown Mitigation

  • Security updates for Friday
  • Tinder vulnerability let hackers [sic] take over accounts with just a phone number

    The attack worked by exploiting two separate vulnerabilities: one in Tinder and another in Facebook’s Account Kit system, which Tinder uses to manage logins. The Account Kit vulnerability exposed users’ access tokens (also called an “aks” token), making them accessible through a simple API request with an associated phone number.

  • PSA: Improperly Secured Linux Servers Targeted with Chaos Backdoor [Ed: Drama queen once again (second time in a week almost) compares compromised GNU/Linux boxes to "back doors"]
    Hackers are using SSH brute-force attacks to take over Linux systems secured with weak passwords and are deploying a backdoor named Chaos. Attacks with this malware have been spotted since June, last year. They have been recently documented and broken down in a GoSecure report.
  • Another Potential Performance Optimization For KPTI Meltdown Mitigation
    Now that the dust is beginning to settle around the Meltdown and Spectre mitigation techniques on the major operating systems, in the weeks and months ahead we are likely to see more performance optimizations come to help offset the performance penalties incurred by mitigations like kernel page table isolation (KPTI) and Retpolines. This week a new patch series was published that may help with KPTI performance.