In recent history the tech industry has been impervious to market forces that have crippled adjacent sectors, predominantly because of the public’s insatiable demand for digitization. However, over the course of the past year vulnerabilities have begun to emerge, with the economic climate growing so harsh that even the mightiest tech giants have faltered. Tech industry investment was down 40 percent in Q3 2022 compared to the same quarter in 2022, while market leaders such as Meta, Amazon and Twitter have all cut jobs to manage costs. With the technology industry’s aura of infallibility wearing thin, it’s time for the… [Continue Reading]

Practical guide on what the comparison operators are and how to overload them in C++ by mentioning the overloaded operator name with the keyword - “operator”.

Practical guide on the best foods that your player can eat in the Minecraft game for longer survival by taking the hunger and saturations bars in consideration.

To put the programs to sleep in Windows, users can use “Background apps” settings under the “Privacy” settings, the Task Manager app, or the Services app.

The Mesa Radeon Vulkan "RADV" driver's implementation of the graphics pipeline library (VK_EXT_graphics_pipeline_library) is becoming much faster thanks to fast-linking and various pending fixes. In turn this will get games making use of the extension the ability to ideally have no shader pre-caching while still enjoying no in-game stuttering. Valve's Linux graphics driver developers working on RADV have been working through some issues with the RADV graphics pipeline library and for Mesa 23.1 looks like it could be in good shape...

This article discussed the test operators. While working with files, the test operators are the most essential utility provided by Linux packages.

Practical tutorial on some of the reasons that might cause the “profile error occurred” issue on Google Chrome and the different methods to solve them.

Coreboot 4.19 is now available as the latest tagged release for this prominent open-source project allowing various motherboards with their proprietary firmware/BIOS to be replaced by this free software solution...

Launched as a beta in October 2022, Ubuntu Pro Subscription is now generally available to anyone and free to use on up to five computers.

Machdyne revealed today another compact embedded board based on the Lattice ECP5 FPGA which can run on Kakao Linux (partial fork of linux-on-litex-vexriscv). The Kopflos is a headless general-purpose computer equipped with an RJ45 LAN port, a JTAG header and a few USB ports for additional peripherals. The Kopflos Computer implements the Lattice ECP5 FPGA […]

You will recall that we spent a great deal of words and posts in 2021 discussing the problems Twitch created for itself by deciding to suddenly change the way it enforces copyright infringement claims for its streaming community, mostly without informing that community of those changes and remaining extremely opaque and vague about the standards […]

Security researchers warn that Google Ads are being leveraged to distribute malware to unsuspecting victims searching for software downloads. The post Threat Groups Distributing Malware via Google Ads appeared first on Linux Today.

Neo4j is a graph database used to create data relationships. This tutorial will teach you how to install and configure Neo4j on a Ubuntu 22.04 server.

Wizards of the Coast is changing the roles for the Dungeons and Dragons Open Gaming License, and game designers are not happy. The post Beyond Programming: D&D, Open Source, and Gaming appeared first on Linux Today.

Well, a lot has happened since I first started looking into the “World’s First Robot Lawyer,” from DoNotPay. First, Joshua Browder, DoNotPay’s CEO, reached out to me via direct message (DM) and told me he would get me access to my documents by 2 PM the next day – Tuesday, January 24th – saying that […]

Another batch of Intel i915 DRM kernel graphics driver updates were sent out Friday to DRM-Next for queuing ahead of the Linux 6.3 merge window opening next month...

During tonight poke online office hours our friend hdzki came with an interesting use case. He is poking at some binary structures that are like sparse tables whose entries are distributed in the file in an arbitrary way. Each sparse table is characterized by an array of consecutive non-NULL pointers. Each pointer points to an entry in the table. The table entries can be anywhere in the IO space, and are not necessarily consecutive, nor be in order.

After my previous efforts, I wrote up a PKCS#11 module of my own that had no odd restrictions about using non-RSA keys and I tested it. And things looked much better - ssh successfully obtained the key, negotiated with the server to determine that it was present in authorized_keys, and then went to actually do the key verification step. At which point things went wrong - the Sign() method in my PKCS#11 module was never called, and a strangedebug1: identity_sign: sshkey_sign: error in libcryptosign_and_send_pubkey: signing failed for ECDSA "testkey": error in libcrypto"error appeared in the ssh output. Odd. libcrypto was originally part of OpenSSL, but Apple ship the LibreSSL fork. Apple don't include the LibreSSL source in their public source repo, but do include OpenSSH. I grabbed the OpenSSH source and jumped through a whole bunch of hoops to make it build (it uses the macosx.internal SDK, which isn't publicly available, so I had to cobble together a bunch of headers from various places), and also installed upstream LibreSSL with a version number matching what Apple shipped. And everything worked - I logged into the server using a hardware-backed key.Was the difference in OpenSSH or in LibreSSL? Telling my OpenSSH to use the system libcrypto resulted in the same failure, so it seemed pretty clear this was an issue with the Apple version of the library. The way all this works is that when OpenSSH has a challenge to sign, it calls ECDSA_do_sign(). This then calls ECDSA_do_sign_ex(), which in turn follows a function pointer to the actual signature method. By default this is a software implementation that expects to have the private key available, but you can also register your own callback that will be used instead. The OpenSSH PKCS#11 code does this by calling EC_KEY_set_method(), and as a result calling ECDSA_do_sign() ends up calling back into the PKCS#11 code that then calls into the module that communicates with the hardware and everything works.Except it doesn't under macOS. Running under a debugger and setting a breakpoint on EC_do_sign(), I saw that we went down a code path with a function called ECDSA_do_sign_new(). This doesn't appear in any of the public source code, so seems to be an Apple-specific patch. I pushed Apple's libcrypto into Ghidra and looked at ECDSA_do_sign() and found something that approximates this:nid = EC_GROUP_get_curve_name(curve); if (nid == NID_X9_62_prime256v1) { return ECDSA_do_sign_new(dgst,dgst_len,eckey); } return ECDSA_do_sign_ex(dgst,dgst_len,NULL,NULL,eckey); What this means is that if you ask ECDSA_do_sign() to sign something on a Mac, and if the key in question corresponds to the NIST P256 elliptic curve type, it goes down the ECDSA_do_sign_new() path and never calls the registered callback. This is the only key type supported by the Apple Secure Enclave, so I assume it's special-cased to do something with that. Unfortunately the consequence is that it's impossible to use a PKCS#11 module that uses Secure Enclave keys with the shipped version of OpenSSH under macOS. For now I'm working around this with an SSH agent built using Go's agent module, forwarding most requests through to the default session agent but appending hardware-backed keys and implementing signing with them, which is probably what I should have done in the first place. comments

“I can use these If-statements to actually make a computer think. To make decisions. Woah.”

Here's yet another Steam release from Ubisoft, as they continue dumping their older titles on Steam. Watch Dogs: Legion is here and playable on Steam Deck.