Feed aggregator

Security News

TuxMachines - Tue, 2016-08-16 12:14
  • Serving Up Security? Microsoft Patches ‘Malicious Butler’ Exploit — Again

    It’s been a busy year for Windows security. Back in March, Microsoft bulletin MS16-027 addressed a remote code exploit that could grant cybercriminals total control of a PC if users opened “specially crafted media content that is hosted on a website.” Just last month, a problem with secure boot keys caused a minor panic among users.

    However, new Microsoft patches are still dealing with a flaw discovered in November of last year — it was first Evil Maid and now is back again as Malicious Butler. Previous attempts to slam this door shut have been unsuccessful. Has the Redmond giant finally served up software security?

  • PGP Short-ID Collision Attacks Continued, Now Targeted Linus Torvalds

    After contacted the owner, it turned out that one of the keys is a fake. In addition, labelled same names, emails, and even signatures created by more fake keys. Weeks later, more developers found their fake "mirror" keys on the keyserver, including the PGP Global Directory Verification Key.

  • Let's Encrypt: Why create a free, automated, and open CA?

    During the summer of 2012, Eric Rescorla and I decided to start a Certificate Authority (CA). A CA acts as a third-party to issue digital certificates, which certify public keys for certificate holders. The free, automated, and open CA we envisioned, which came to be called Let's Encrypt, has been built and is now one of the larger CAs in the world in terms of issuance volume.

    Starting a new CA is a lot of work—it's not a decision to be made lightly. In this article, I'll explain why we decided to start Let's Encrypt, and why we decided to build a new CA from scratch.

    We had a good reason to start building Let's Encrypt back in 2012. At that time, work on an HTTP/2 specification had started in the Internet Engineering Task Force (IETF), a standards body with a focus on network protocols. The question of whether or not to require encryption (via TLS) for HTTP/2 was hotly debated. My position, shared by my co-workers at Mozilla and many others, was that encryption should be required.

read more

Zenwalk Linux 8.0 - A more Zen Slackware

TuxMachines - Tue, 2016-08-16 12:12

There were a few things I enjoyed about Zenwalk 8.0 and several I did not. Before getting to those, I want to acknowledge that Zenwalk is, in most ways, very much like Slackware. The two distributions are binary compatible and if you like (or dislike) one, you will probably feel the same way about the other. They're quite closely related with similar benefits and drawbacks.

On the positive side of things, I like that Zenwalk trims down the software installed by default. A full installation of Zenwalk requires about two-thirds of the disk space a full installation of Slackware consumes. This is reflected in Zenwalk's focused "one-app-per-task" approach which I feel makes it easier to find things. Zenwalk requires relatively little memory (a feature it shares with Slackware) and, with PulseAudio's plugin removed, consumes very few CPU cycles. One more feature I like about this distribution is the fact Zenwalk includes LibreOffice, a feature I missed when running pure Slackware.

On the other hand, I ran into a number of problems with Zenwalk. The dependency problems which annoyed me while running Slackware were present in Zenwalk too. To even get a working text editor I needed to have development libraries installed. To make matters worse, the user needs a text editor to enable the package manager to install development libraries. It's one of those circular problems that require the user to think outside the box (or re-install with all software packages selected).

Other issues I had were more personal. For example, I don't like window transparency or small fonts. These are easy to fix, but it got me off on the wrong foot with Zenwalk. I do want to acknowledge that while my first two days with Zenwalk were mostly spent fixing things, hunting down dependencies and tweaking the desktop to suit my tastes, things got quickly better. By the end of the week I was enjoying Zenwalk's performance, its light nature and its clean menus. I may have had more issues with Zenwalk than Slackware in the first day or so, but by the end of the week I was enjoying using Zenwalk more for my desktop computing.

For people running older computers, I feel it is worth noting Zenwalk does not offer 32-bit builds. The distribution has become 64-bit only and people who still run 32-bit machines will need to turn elsewhere, perhaps to Slackware.

In the end, I feel as though Zenwalk is a more focused flavour of Slackware. The Slackware distribution is multi-purpose, at least as suited for servers as desktops. Slackware runs on more processor architectures, has a live edition and can dump a lot of software on our hard disk. Zenwalk is more desktop focused, with fewer packages and perhaps a nicer selection of applications. The two are quite similar, but Slackware has a broader focus while Zenwalk is geared to desktop users who value performance.

Also: New Toolchain on Current

read more

OpenMandriva 3.0, Google Linux Snub, TCP Vulnerability

TuxMachines - Tue, 2016-08-16 12:06

OpenMandriva Lx 3.0 was announced Saturday with Linux 4.6.5, Plasma 5.6.5, and systemd 231. An early reviewer said he liked OpenMandriva but Plasma not as much. Elsewhere all anyone can seem to talk about is Google's decision to use something other than Linux to power its next embedded devices and a TCP vulnerability that could allow remote hijacking of Internet traffic. Patrick Volkerding has upgraded the toolchain in Slackware-current and Red Hat security expert said you can't trust any networks anywhere.

read more

Canonical Plans on Improving the Ubuntu Linux Terminal UX on Mobile and Desktop

LXer - Tue, 2016-08-16 12:03
Canonical announced that they are planning on transforming the community developed Terminal app into a convergent Linux terminal that's easy to use on both mobile phones and tablets.

Converged Terminal App Design in Ubuntu

TuxMachines - Tue, 2016-08-16 11:53
  • Canonical Show Off Converged Terminal App Design

    Reshaping the classic terminal app to fit multi-form factor world isn't easy, but it's the task that the Canonical Design team face as part of their work on Unity 8.

  • Canonical Plans on Improving the Ubuntu Linux Terminal UX on Mobile and Desktop

    Canonical, through Jouni Helminen, announced on August 15, 2016, that they were planning on transforming the community-developed Terminal app into a convergent Linux terminal that's easy to use on both mobile phones and tablets.

    Terminal is a core Ubuntu Touch app and the only project to bring you the popular Linux shell on your Ubuntu Phone or Ubuntu Tablet devices. And now, Canonical's designers are in charge of offering a much more pleasant Linux terminal user experience by making Terminal convergent across all screen formats.

    "I would like to share the work so far, invite users of the app to comment on the new designs, and share ideas on what other new features would be desirable," says Jouni Helminen, Lead Designer at Canonical. "These visuals are work in progress - we would love to hear what kind of features you would like to see in your favorite terminal app!"

read more

KDE Frameworks Now Requires Qt 5.5 or Later, Build 5.25.0 Updates Breeze Icons

TuxMachines - Tue, 2016-08-16 11:41

The KDE project announced this past weekend the release of KDE Frameworks 5.25.0, another monthly update to the collection of over 70 add-ons for the Qt5 GUI toolkit and the latest KDE Plasma 5 desktop environment.

KDE Frameworks 5.25.0 comes in time for the recently released KDE Plasma 5.7.3 maintenance update of the modern and widely used Linux desktop, promising to update many of the core components, including but not limited to Attica, which now follows HTTP redirects, the Breeze icon set with lots of additions, extra CMake modules, KDE Doxygen tools, KXMLGUI, KWindowSystem, and KWidgetsAddons.

KDE apps like KTextEditor, KArchive, and Sonnet received bugfixes and other improvements in the KDE Frameworks 5.25.0. The release also comes with many other updated components, among which Plasma Framework, NetworkManagerQt, KXMLGUI, KCoreAddons, KService, Kross, Solid, Package Framework, KNotification, KItemModels, KIO, KInit, KIconThemes, KHTML, KGlobalAccel, KFileMetaData, and KDeclarative.

Also: Chakra GNU/Linux Users Get KDE Plasma 5.7.3, Mozilla Firefox 48.0 & Wine 1.9.16

OpenMandriva Lx 3.0 Goes Stable with KDE Plasma 5.6.5 and Linux Kernel 4.6.5

read more

Is Fuschsia Google’s answer to Samsung’s Tizen?

LXer - Tue, 2016-08-16 11:06
Google is prepping an open source “Fuchsia” OS that can target IoT, handhelds, and laptops. It uses a new “Magenta” kernel, based on the “LK” project. Google has posted GitHub code for an emerging operating system called Fuchsia, designed for a wide range of devices. Like Google’s Android, Chrome OS, and IoT-focused Brillo, Fuchsia is […]

Fedora News

TuxMachines - Tue, 2016-08-16 10:48
  • Booting Lenovo T460s after Fedora 24 Updates
  • Flock 2016
  • Ideas for getting started in the Linux kernel

    Getting new people into OSS projects is always a challenge. The Linux kernel is no different and has it's own set of challenges. This is a follow up and expansion of some of what I talked about at Flock about contributing to the kernel.

    When I tell people I do kernel work I tend to get a lot of "Wow that's really hard, you must be smart" and "I always wanted to contribute to the kernel but I don't know how to get started". The former thought process tends to lead to the latter, moreso than other projects. I would like to dispel this notion once and for all: you do not have to have a special talent to work on the kernel unless you count dogged persistence and patience as a talent. Working in low level C has its own quriks the same way working in other languages does. C++ templates terrify me, javascript's type system (or lack there of) confuses me. You can learn the skills necessary to work in the kernel.

  • Żegnajcie! Fedora Flock 2016 in words

    From August 2 – 5, the annual Fedora contributor conference, Flock, was held in the beautiful city of Kraków, Poland. Fedora contributors from all over the world attend for a week of talks, workshops, collaboration, fun, and community building (if you’re tuning in and not sure what Fedora is exactly, you can read more here). Talks range from technical topics dealing with upcoming changes to the distribution, talks focusing on the community and things working well and how to improve, and many more. The workshops are a chance for people normally separated by thousands of miles to work and collaborate on real issues, problems, and tasks in the same room. As a Fedora contributor, this is the “premier” event to attend as a community member.

read more

Android Leftovers

TuxMachines - Tue, 2016-08-16 10:47

read more

Microsoft's compromised Secure Boot implementation

LXer - Tue, 2016-08-16 10:09
There's been a bunch of coverage of this attack on Microsoft's Secure Boot implementation, a lot of which has been somewhat confused or misleading. Here's my understanding of the situation.

OpenMandriva Lx 3.0 Goes Stable with KDE Plasma 5.6.5 and Linux Kernel 4.6.5

LXer - Tue, 2016-08-16 09:12
Softpedia was informed by the OpenMandriva team about the general availability of the final, production-ready release of the OpenMandriva Lx 3.0 operating system.

Why Desktop Linux Still Hasn’t Taken Over the World

LXer - Tue, 2016-08-16 08:15
The reason why use of the Linux desktop has never taken off has nothing to do with the operating system and everything to do with money.

Android vs. iPhone for Business

LinuxToday - Tue, 2016-08-16 08:00

 Datamation: Is Android or iPhone best for business?

IBM Watson Researchers Share Tips for Serverless Computing on Mesos

LXer - Tue, 2016-08-16 07:17
Serverless computing is the latest trend in cloud computing brought about by the enterprise shift to containers and microservices. Serverless computing platforms promise new capabilities that make writing scalable microservices easier and more cost effective, say IBM software engineer Diana Arroyo and research staff member Alek Slominski.

I need help, desperately!

Reddit - Tue, 2016-08-16 06:59

Ok, sorry in advance if this does not belong here. Anyway, I have a mid 2015 MacBook Pro, I just installed a program called Parallels Desktop and installed Ubuntu. I can not for the the life of me get the screen to fit properly. I've tried the tweak tools and terminal and changing the settings in the Parallels app itself nothing is working. Any help would be greatly appreciated.

P.s. I'm new to Ubuntu and linux for the most part

Edit: I'm on Ubuntu 16.04 (I believe)

submitted by /u/Jkbids1
[link] [comments]

Prevent yourself from accessing certain pages through (timed) cryptography?

Reddit - Tue, 2016-08-16 06:42

Hello, I happen to have a connection with a data plan and need to conserve my data usage for the next two weeks and focus on coding, as my self control is pretty shite I figured I would edit facebook and youtube, as these are my biggest time and data sinks, into my hosts file to redirect at

now the thing is how do I prevent myself from editing it back (passing that power at another person), while making the file still readable by system?

Thanks for any feedback, also I'd like to add that taking myself out of the admin group is not an option.

submitted by /u/Kitten_Basher
[link] [comments]

what are some reliable online sources if i want to learn things like...

Reddit - Tue, 2016-08-16 06:39

What is a disk partition vs file system?
What is the difference between Sparc, PowerPC, and Intel microprocessors?
What is physical volume, logical volume and volume group?

I'm looking for a website that doesn't just provide a quick one paragraph description but goes into the nitty gritty. I'm a up and coming systems administrator and unfortunately school didn't teach me jackshit about that stuff

submitted by /u/j0hn_r0g3r5
[link] [comments]

which terminal app do you use most often?

Reddit - Tue, 2016-08-16 06:31

I'm starting to spend more and more time on terminal now and doing things from command line is easier. But I feel like the default terminal app in KDE, Konsole, is somewhat lacking in this regard.

Which terminal apps does /r/linux use and are there any advantages or unique features you like about them?

submitted by /u/theluggagekerbin
[link] [comments]

Google's brand new OS could replace Android

LXer - Tue, 2016-08-16 06:20
webOS, BeOS and Android heritage. The source code of Google's latest operating system has emerged, and it looks like all new code from the ground up.

Which do i choose?

Reddit - Tue, 2016-08-16 05:29

The day old question, but which distro should I use.

My long term career goal is to be a system admin, and have tinkered with Linux and took a Linux+ prep class.

I am an avid pc gamer, however enjoy a smooth system when I'm just looking stuff up, and like decent audio control.

Still going to try to run a vm using gpu passthrough to game on Windows (we will see)

Can't decide if I should go with a debian or rpm based system :( advice?

Fedora looks good, or Ubuntu or mint ?

Opinions matter

submitted by /u/Maniacmachine
[link] [comments]


Subscribe to LinuxInsight aggregator