As we all know, having a backup these days is important.
So I want to tell you how I do my backups.
I have 4 main repositories: system-config: mostly /etc and /var plus lvm and luks headers system-data: package cache and alike user-config: all config files the user needs to back up user-data: all other data like documents, media, safegames and alike (biggest repo)
And 3 backup targets: One local drive that I carry around with no media data One local drive that I safely deport somewhere else One remote cloud platform that provides enough storage and network for a good recovery
My tools: borg, rsync and acd_cli for Amazon Cloud Drive (fuse)
Borg is a chunk-based backup tool, rsync is a file synchronizer with a lot of great options.
As cloud provider you can use any that supports fuse or has a third party fuse client.
My workflow: Create a snapshot for the current host as <hostname>@<date><time> (system-config and system-data) (on local drive) Create a snapshot for all users using <username>@<date><time> (on local drive) Sync all new changes to ACD using rsync Every x weeks take the deposited drive and rsync all remaining chunks to it and deposit it again in a remote location (not home)
Since I sync my borg backup chunks its both encrypted and will only need to sync the changed chunks.
This is not the ultimate backup solution, just an example of how things could go. Hope this helps!submitted by /u/AnachronGuy
After 6 months of development the MATE Desktop team are proud to announce the release of MATE Desktop 1.16. We’d like to thank every MATE contributor for their help making this release possible.
We in the Red Hat desktop team are looking for a junior software developer who will work on GNOME. Particularly in printing and document viewing areas of the project.
The location of the position is Brno, Czech Republic, where you’d join a truly international team of desktop developers. It’s a junior position, so candidates just off the university, or even still studying are welcome. We require solid English communication skills and experience with C (and ideally C++, too). But what is a huge plus is experience with GNOME development and participation in the community.
We’re excited to announce the release of the Zorin OS 12 Beta. This is a pre-release version which we have created to get your feedback & bug reports on what we’ve built so far.
It’s only been a short couple of weeks since we released the latest version of elementary OS, but we already have so much to share! We’re happy to say that Loki has already passed 45,000 downloads, from 157 different countries since release with 2/3rds of those downloads coming from closed sourced OSes. We’re super proud to be reaching people all over the world who are new to an Open Source operating system. Congratulations to everyone who switched!
I have been a Linux dabbler since 1994 when I first tried Suse Linux. In 2006 I became a full-time Linux user when I converted by laptop to Linux in October of 2006. Like many Linux users I sampled many different distributions while choosing the one that best fit my personality. Eventually I settled on Ubuntu with the release of Ubuntu 7.10 (Gutsy Gibon). Despite choosing Ubuntu I always saw myself as a Linux and open source advocate first and an Ubuntu advocate second. I respected and valued that Linux and open source allowed people the freedom to make personal choices.
Around a week ago, I started to play with programmatically controlling Azure. I needed to create and destroy a bunch of VMs over and over again, and this seemed like something I would want to automate once instead of doing manually and repeatedly. I started to look into the azure-sdk-for-python and mentioned that I wanted to look into this in #debian-python. ardumont from Software Heritage noticed me, and was planning to package azure-storage-python. We joined forces and started a packaging team for Azure-related software.
To break even, the project needs to produce and sell 800 Neo900 devices. Currently, we have around 350 pre-orders, and sourced a bit more than 100 N900 units to refurbish.
The Wayland core protocol documentation has received numerous refinements to improve its clarity and consistency. Along with this, many blank areas of the protocol documentation have been fleshed out.
A new wl_display_add_protocol logger API provides a new, interactive way to debug requests; along with this are new APIs for examining clients and their resources. This is analogous to using WAYLAND_DEBUG=1, but more powerful since it allows run time review of log data such as through a UI view.
There have been improvements to how the protocol XML scanner handles version identification in protocol headers. This enables better detection and fallback handling when compositors and clients support differt versions of their protocols.
The 2016 X.Org Developers' Conference (XDC2016) wrapped up Friday in Helsinki, Finland. Here is a summary of the major happenings for those that may have missed it or didn't yet watch the video streams.
IBM is a technology company worth billions of dollars and is one of the leading businesses in the field. Having formed back in 1911 in New York where their headquarters remain, IBM has provided more than 170 countries with the use of their technology. They’re a company that has always been on top of the game and today is no different. IBM has just unleashed a new Power8 processor that claims to be more powerful than anything they have ever launched before and will be the perfect tool to assist with compute-heavy workloads.
The Ubuntu Phone is getting better, and with every new iteration of the OTA, my little BQ Aquaris E4.5 is gaining more speed and functionality. Like in the air force, with an avionics upgrade, which transforms ancient wings into a powerful and modern bird of prey. Only the pace of advancement is lagging behind the market. See what Android and iOS can do, even Windows Phone, and you realize how late and insufficiently meaningful the Ubuntu Phone really is. This has to change, massively.
This latest round does bring some fine goods to the table - more speed and stability, better icons, more overall visual polish, incremental improvements in the applications and the scopes. But that's not enough to win the heart of the average user. A more radical, app-centric effort is required. More focus on delivering the mobile experience, be it as it may. Ubuntu cannot revolutionalize that which is already considered the past. It can only join the club and enjoy the benefits of a well-established reality. And that is a kickass app stack that makes the touch device worth using in the first place.
Still, it's not all gloomy. E4.5 is a better product now than it was a year ago, fact. Ubuntu Phone is a better operating system than it was even this spring, fact. So maybe one day we will see Ubuntu become an important if not dominant player in the phone and tablet space. It sure is heading in the right direction, my only fear is the availability of resources to pull off this massive rehaul that is needed to make it stand up to the old and proven giants. And that's it really.
If you're keen on Linux (not Android) making it in the mobile world, do not forget to check my Ubuntu tablet review! Especially the convergence piece. On that merry note, you do remember that I'm running a wicked contest this year, too? He/she who reads my books might get a chance to win an M10 tablet. Indeed. Off you go, dear readers. Whereas I will now run the same set of tests we did here on the Aquaris tablet, and see how it likes the OTA-12 upgrade. The end.
In this post, we shall cover a few of the top, open-source artificial intelligence (AI) tools for the Linux ecosystem. Currently, AI is one of the ever advancing fields in science and technology, with a major focus geared towards building software and hardware to solve every day life challenges in areas such as health care, education, security, manufacturing, banking and so much more.
Our overall roadmap is available online and now includes the initial Q3 plans. From now on, we plan to include the quarterly plan with a high-level breakdown in the roadmap page.
Firefox 49.0 is the next major stable release of the web browser. Firefox 48.0.2 and earlier versions of Firefox can be updated to the new release.
Climate change has many components — rising sea levels, alterations in rainfall patterns, and an increase in severe storm activity, among others. Communities around the world are faced with the need to plan for climate change but don’t have the information available to do so effectively.
It’s been a long, drawn-out battle, beginning in 2013 when Cody Wilson, founder of Defense Distributed, published the open source files for his 3D printed handgun, the Liberator, online. The State Department ordered that he take the files down, and Wilson complied, but not before thousands had downloaded them and spread them elsewhere on the Internet. In 2015, with the help of gun rights organization The Second Amendment Foundation, Wilson filed a federal lawsuit claiming that the State Department had violated not only his Second Amendment but his First Amendment rights. By suppressing his right to share information online, Wilson argued, the State Department was violating his right to free speech.
With Oracle now trying to get back on track with advancing enterprise Java, the company is seeking rapprochement with factions that had sought to advance the platform on their own. The two groups involved are mostly amenable to patching up the relationship.
Oracle's Anil Gaur, group vice president of engineering, said this week he had already been in touch with some of the concerned parties. The two factions include Java EE Guardians, led by former Oracle Java EE evangelist Reza Rahman, and Microprofile.io, which has included participation from Red Hat and IBM.
ELI5: Leah Rowe made this commit to the Libreboot website earlier today with the comment "typofix". In fact, it was more than a typo-fix as it shows that the FSF employee either no longer or never did give permission for the opposition against the FSF.
Leah Rowe is still libreboot's maintainer, and the GNU project has zero right to keep libreboot under its umbrella. If the maintainer of a GNU project steps down without intending for that project to leave GNU, then fine. But if a maintainer stays on as that projects maintainer while stating the projects intention to leave GNU, then GNU should honour that request.
At the GNU Tools Cauldron earlier this month in the UK there was a presentation on forthcoming improvements to the GNU Tools, presented by Nick Clifton as part of the Red Hat Tools Team.
The Vee One Suite are free, open-source Linux Audio software, distributed under the terms of the GNU General Public License (GPL) version 2 or later.
I started a tiny project a couple of days ago: arch-audit.
A new experimental package is now on the ghrr drat. It is named tint which stands for Tint Is Not Tufte. It provides an alternative for Tufte-style html presentation. I wrote a bit more on the package page and the README in the repo -- so go read this.
Here is a list of the changes:* Normalized the TLS certificate validation code and added additional error messages to aid troubleshooting. * http*Connect did not work on Linux when cupsd was not running (Issue #4870) * The --no-remote-any option of cupsctl had no effect (Issue #4866) * http*Connect did not return early when all addresses failed (Issue #4870) * Updated the list of supported IPP Everywhere media types. * The IPP backend did not validate TLS credentials properly. * The printer-state-message attribute was not cleared after a print job with no errors (Issue #4851) * The CUPS-Add-Modify-Class and CUPS-Add-Modify-Printer operations did not always return an error for failed adds (Issue #4854) * PPD files with names longer than 127 bytes did not work (Issue #4860) * Updated localizations (Issue #4846, PR #4858) * Added Upstart support (PR #4825) * CUPS now supports Let's Encrypt certificates on Linux. * All CUPS commands now support POSIX options (Issue #4813) * The scheduler now restarts faster (Issue #4760) * Improved performance of web interface with large numbers of jobs (Issue #3819) * Encrypted printing can now be limited to only trusted printers and servers (<rdar://problem/25711658>) * The scheduler now advertises PWG Raster attributes for IPP Everywhere clients (Issue #4428) * The scheduler now logs informational messages for jobs at LogLevel "info" (Issue #4815) * The scheduler now uses the getgrouplist function when available (Issue #4611) * The IPP backend no longer enables compression by default except for certain raster formats that generally benefit from it (<rdar://problem/25166952>) * The scheduler did not handle out-of-disk situations gracefully (Issue #4742) * The LPD mini-daemon now detects invalid UTF-8 sequences in job, document, and user names (Issue #4748) * The IPP backend now continues on to the next job when the remote server/printer puts the job on hold (<rdar://problem/24858548>) * The scheduler did not cancel multi-document jobs immediately (<rdar://problem/24854834>) * The scheduler did not return non-shared printers to local clients unless they connected to the domain socket (<rdar://problem/24566996>) * The scheduler now reads the spool directory if one or more job cache entries point to deleted jobs (<rdar://problem/24048846>) * Added support for disc media sizes (<rdar://problem/20219536>) * The httpAddrConnect and httpConnect* APIs now try connecting to multiple addresses in parallel (<rdar://problem/20643153>) * The cupsd domain socket is no longer world-accessible on macOS (<rdar://problem/7542560>) * Interface scripts are no longer supported for security reasons (<rdar://problem/23135640>) * Added a new cupsHashData API and support for hashed job passwords (<rdar://problem/20221502>) * Localization fixes (<rdar://problem/25292403>, <rdar://problem/25461517>, Issue #4041, Issue #4796) * Documentation changes (Issue #4624, Issue #4781) * Packaging fixes (PR #4832) submitted by /u/oscoscosc
Krebs on Security in record DDOS attack: Everybody’s go-to site for news and views of security issues, has been temporarily knocked offline in a DDOS attack for the record books. We first heard about the attack on Thursday morning after Brian Krebs reported that his site was being hit by as much as 620 Gbs, more than double the previous record which was considered to be a mind-blower back in 2013 when the anti-spam site Spamhaus was brought to its knees.
Security sites such as Krebs’ that perform investigative research into security issues are often targets of the bad guys. In this latest case, Ars Technica reported the attack came after Krebs published the identity of people connected with vDOS, Israeli black hats who launched DDOS attacks for pay and took in $600,000 in two years doing so. Akamai had been donating DDoS mitigation services to Krebs, but by 4 p.m. on the day the attack began they withdrew the service, motivated by the high cost of defending against such a massive attack. At this point, Krebs decided to shut down his site.
When generating the keypair, you're asked for a passphrase to encrypt the private key with. If you will ever lose your private key it should protect others from impersonating you because it will be encrypted with the passphrase. To actually prevent this, one should make sure to prevent easy brute-forcing of the passphrase.
OpenSSH key generator offers two options to resistance to brute-force password cracking: using the new OpenSSH key format and increasing the amount of key derivation function rounds. It slows down the process of unlocking the key, but this is what prevents efficient brute-forcing by a malicious user too. I'd say experiment with the amount of rounds on your system. Start at about 100 rounds. On my system it takes about one second to decrypt and load the key once per day using an agent. Very much acceptable, imo.
Today we’d like to explain what it costs to run Let’s Encrypt. We’re doing this because we strive to be a transparent organization, we want people to have some context for their contributions to the project, and because it’s interesting.
Let’s Encrypt will require about $2.9M USD to operate in 2017. We believe this is an incredible value for a secure and reliable service that is capable of issuing certificates globally, to every server on the Web free of charge.
We’re currently working to raise the money we need to operate through the next year. Please consider donating or becoming a sponsor if you’re able to do so! In the event that we end up being able to raise more money than we need to just keep Let’s Encrypt running we can look into adding other services to improve access to a more secure and privacy-respecting Web.
One of North Korea’s top level DNS servers was mis-configured today (20th September 2016) accidentally allowing global DNS zone transfers. This allowed anyone who makes a zone transfer request (AXFR) to retrieve a copy of the nation’s top level DNS data.
This data showed there are 28 domains configured inside North Korea, here is the list:
As a number of outlets have reported, Yahoo has announced that 500 million of its users’ accounts got hacked in 2014 by a suspected state actor.
But that massive hack is actually one of three interesting hacks of Yahoo in recent years.
Audacious 3.8 has been in development since early August when the first Beta milestone was announced, and it received a second Beta build in early September.