Google is warning that it intends to deprecate and remove trust in Symantec-issued SSL/TLS certificates, as Symantec shoots back that the move is unwarranted.
I learned that my site was stolen on a Saturday. Three days later I had it back, but only after the involvement of fifty or so employees of six different companies, middle-of-the-night conferences with lawyers, FBI intervention, and what amounted to a sting operation that probably should have starred Sandra Bullock instead of…well…me.
The Linux Foundation umbrella organization is responsible for this year's WireGuard GSoC, so if you're a student, write "Linux Foundation" as your mentoring organization, and then specify in your proposal your desire to work with WireGuard, listing "Jason Donenfeld" as your mentor.
Bruce Schneier is one of my favorite speakers when it comes to the topic of all things security. His talk from IBM Interconnect 2017, “Security and Privacy in a Hyper-connected World“, covered a wide range of security concerns.
Last week, WikiLeaks released a trove of CIA documents that detail many of the spy agency’s hacking capabilities. These documents, if genuine (and early reports suggest that they are), validate concerns that U.S. spy agencies are stockpiling cybersecurity vulnerabilities. The intelligence community uses undisclosed vulnerabilities to develop tools that can penetrate the computer systems and networks of its foreign targets. Unfortunately, since everyone uses the same technology in today’s global economy, each of these vulnerabilities also represents a threat to American businesses and individuals. In the future, rather than hoard this information, the CIA and other intelligence agencies should commit to responsibly disclosing vulnerabilities it discovers to the private sector so that security holes can be patched.
The new software is a ssh-agent proxy that allows a group of trusted users to share an SSH identity without exposing the contents of that identity’s private key.
A common use of the ssh-agent is to “forward” your agent to a remote machine (using the -A flag in the OpenSSH client). After you’ve forwarded your ssh-agent, you can use the socket that that agent creates to access any of your many (now unencrypted) keys, and login to any other machines for which you may have keys in your ssh-agent. So, too, potentially, can all the other folks that have root access to the machine to which you’ve forwarded your ssh-agent.
After years of training journalists and NGOs communication and operational security, after years of conducting research into the tools and protocols used, it took some more years developing a reasonable answer to most of the issues encountered during all this time.
In todays world of commercially available government malware you don't want to store your encryption keys on your easily infected computer. You want them stored on something that you could even take into a sauna or a hot-tub - maintaining continuous physical contact.
So people who care about such things use external smartcard-based crypto devices like Ubikey Neos or Nitrokeys (formerly Cryptosticks). The problems with these devices is that you have to enter PIN codes on your computer that you shouldn't trust, that they are either designed for centralized use in organizations, or they are based mostly on PGP.
Those of you who follow my repository RSS feeds have already noticed, but many people rely on the announcements I make on this blog (plus, I can give a lot more detail here).
I uploaded the packages for the March 2017 release of my ‘ktown’ repository: KDE 5_17.03. Actually, there is a lot of interesting stuff going on in this release, because I decided to do some things that were on my TODO for a long while. Read more about that below in the “NEWS” section.
What you get in this new release is: KDE Frameworks 5.32.0, Plasma 5.9.3 and Applications 16.12.3. All of this is still built on top of Qt 5.7.1.
This Plasma 5 release targets only Slackware-current for the moment, because of the PLASMA5 Live that I release in parallel. But packages for Slackware 14.2 (only 64bit) are already being compiled at the moment, so updates will be visible in my 14.2 repository in a couple of days at most.
22 things Amarok does: the good, the bad, the ugly, and the hope
Ask not what you can do for Amarok. Ask what Amarok can do for you!
Many years ago, just the mention of this music player would invoke shivers down my spine. It was stylish, exotic, modern, elegant, powerful. It did everything superbly, and there was always a hidden Joker up its sleeve. The plethora of options and possibilities and feature was endless. And then it all changed.
Amarok slid out of the spotlight and became just another program to play your music collection. Recently, fueled by nostalgia and perhaps vain hope, I’ve invested fresh new energy and time working with it, taming it, fighting it, loving it, hating it, trying to figure out how relevant, sleek and accessibility this player still is. My curiosity peaked with the extensive Plasma testing I did last month in my somewhat ultra-long article The State of Plasma. So I fired KDE neon once again, a brand new image, and started fiddling. Here’s the Spaghetti Western of what to expect. With a big disclaimer. Read on.
Also: Reading old stuff
A Short MATE Desktop 1.18 Review in March 2017
MATE 1.18 has been released at 13 March 2017. The source code are available on their public file server and the runnable version has been available on Ubuntu MATE 17.04 "Zesty Zapus". This short review covers some new things for end-users: better playback notifications, "safely remove disk" notification, touchpad/mouse control improvements (libinput), MATE Calc returns, and some more. It's RAM usage on Zesty at idle is ~700MB. This is a continuation from our previous MATE 1.17 review. I hope this review will be helpful for you all. Enjoy!