Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Proprietary Software and Security

  • TurboTax Is Still Tricking Customers With Tax Prep Ads That Misuse the Word “Free”

    On Dec. 30, the IRS announced it was revamping a long-standing agreement with the online tax preparation industry in which companies offer free filing to people with incomes below certain levels, a category that includes 70% of filers. The change in what’s known as the Free File program came in the wake of multiple ProPublica articles that revealed how the companies in the program steered customers eligible for free filing to their paid offerings. Under the updated agreement, the companies are now prohibited from hiding their Free File webpages from Google searches, and the IRS was allowed to create its own online tax-filing system.

    So far, it seems, the companies are abiding by their promise to make their Free File webpages visible in online searches. But the updated agreement appears to have a loophole: It doesn’t apply to advertising. Nothing in it, the agreement states, “limits or changes the rights” of participating companies to advertise “as if they were not participating in the Free File program.”

  • Ransomware Shuts Gas Compressor for 2 Days in Latest Attack [iophk: Windows TCO]

    It appears likely that the attacker explored the facility’s network to “identify critical assets” before executing the ransomware attack, according to Nathan Brubaker, a senior manager at the cybersecurity firm FireEye Inc. This tactic -- which has become increasingly popular among hackers -- makes it “possible for the attacker to disable security processes that would normally be enough to detect known ransomware indicators,” he said.

  • Twitter says Olympics, IOC accounts [cracked]

    Twitter (TWTR.N) said on Saturday that an official Twitter account of the Olympics and the International Olympic Committee’s (IOC) media Twitter account had been [cracked] and temporarily locked.

    The accounts were [cracked] through a third-party platform, a spokesperson for the social media platform said in an emailed statement, without giving further details.

  • Olympics, IOC accounts were [cracked], Twitter says

    The social media company Twitter on Saturday said that the official Twitter accounts for the Olympics as well as the International Olympic Committee (IOC) have both been [cracked] and temporarily locked.

  • Apple warns revenue will be lower than expected because of coronavirus impact

    In a rare investor update on Monday, Apple said the global effects of the coronavirus outbreak are having have a material impact on the company bottom line. The company does not expect to meet its own revenue guidance for the second quarter due to the impact of the virus, and warns that “worldwide iPhone supply will be temporarily constrained.” Store closures and reduced retail traffic in China are also expected to have a significant impact.

    All of Apple’s iPhone manufacturing partner sites have been reopened but are “ramping up more slowly than we had anticipated,” which means that fewer iPhones than expected will be manufactured. As a result, “[t]hese iPhone supply shortages will temporarily affect revenues worldwide,” says Apple.

  • We decided to leave AWS

    For past adventures, I mostly use third-party email delivery services like Postmark, SendGrid, SES, etc. Unfortunately their pricing models are based on the number of emails, which are not compatible with the unlimited forwards/sends that SimpleLogin offers. In addition, we want SimpleLogin to be easily self-hosted and its components fit on a single server. For these reasons, we decide to run our MTA (Mail Transfer Agent) on EC2 directly.

  • [Old] Kerberos (I): How does Kerberos work? – Theory

    The objective of this series of posts is to clarify how Kerberos works, more than just introduce the attacks. This due to the fact that in many occasions it is not clear why some techniques works or not. Having this knowledge allows to know when to use any of those attacks in a pentest.

    Therefore, after a long journey of diving into the documentation and several posts about the topic, we’ve tried to write in this post all the important details which an auditor should know in order to understand how take advantage of Kerberos protocol.

    In this first post only basic functionality will be discussed. In later posts it will see how perform the attacks and how the more complex aspects works, as delegation.

  • [Old] Kerberos (II): How to attack Kerberos?

    These attacks are sorted by the privileges needed to perform them, in ascending order. Thus, to perform the first attacks only connectivity with the DC (Domain Controller) is required, which is the KDC (Key Distribution Center) for the AD (Active Directory) network. Whereas, the last attack requires a user being a Domain Administrator or having similar privileges.

  • Kerberos (III): How does delegation work?

    In this article, we will focus on understand how the different kinds of delegation work, including some special cases. Additionally, some scenarios where it could be possible to take advantage of these mechanisms in order to leverage privilege escalation or set persistence in the domain will be introduced.

    Before starting with the explanations, I will assume that you already understand Kerberos’ basic concepts. However, if expressions like TGT, TGS, KDC or Golden ticket sound strange to you, you should definitely check the article “How does Kerberos works?” or any related Kerberos’ introduction.

Games: Total War: THREE KINGDOMS - Mandate of Heaven, Space Haven and Besiege

  • Total War: THREE KINGDOMS – Mandate of Heaven DLC Is Out Now for Linux

    Feral Interactive announced today that the Total War: THREE KINGDOMS – Mandate of Heaven Chapter Pack DLC is now available for Linux and macOS systems. Officially released on January 16th, 2020, Mandate of Heaven is the biggest and most detailed Chapter Pack DLC (Downloadable Content) ever released for the Total War: THREE KINGDOMS award-winning turn-based strategy and real-time tactics video game from developer Creative Assembly and publisher SEGA. It introduces a new campaign set in 182 CE, just before the Yellow Turban rebellion. The new campaign will let players adventure through the conflict deep into the Three Kingdoms period. The update also adds a total of six new playable warlords, including three new Yellow Turban warlords, Zhang Jue, Zhang Bao, and Zhang Liang, and three new Han Empire factions, Emperor Liu Hong, Prince Liu Chong, and Lu Zhi.

  • Total War: THREE KINGDOMS - Mandate of Heaven plus the latest patches arrive for Linux
  • Space is a little more hostile in Space Haven, with Alpha 6 introducing ship to ship combat

    One of my most anticipated releases to come from a crowdfunding campaign, Space Haven continues to get some really fun features and another huge Alpha release recently went up. As a little reminder: Space Haven is a colony-building sim with a bit of a difference. Instead of a static colony, you build a fleet of starships tile-by-tile and you can travel around with them. You manage your crew, their needs, make sure they have a comfy bed and deal with all the nastiness of space travel.

  • Physics-based medieval siege engine battler 'Besiege' leaves Early Access after 5 years

    Five years might seem like a little long but crafting something special takes time and Besiege is definitely worthy of the time it spent in development. Spiderling Studios' physics-based building game isn't exactly unique now, there's plenty more physics-based building games that have come and gone in that time. However, Besiege stands tall above so many for the detail and fun factor. This week, they released the big 1.0 with a finished single-player campaign along with adding in some fun sounding logic and automation blocks.

Android Leftovers

GNOME 3.34.4 Released with Various Improvements and Bug Fixes

Released on September 2019, the GNOME 3.34 “Thessaloniki” desktop environment is the first to adopt a new release cycle with extended maintenance updates. Previous GNOME releases only received two maintenance updates during their support cycle. Therefore, GNOME 3.34.4 is here as a minor bugfix release to GNOME 3.34, addressing various issues, as well as updating translations across several components and applications. Among the changes, there’s a big GTK update with better Wayland support, VP8 encoding for the built-in screen-recorder, and another major Vala update. Read more