Language Selection

English French German Italian Portuguese Spanish

June 2017

Latest Clonezilla Live Stable Update Includes a Lite Server, Linux Kernel 4.11.6

Filed under
Development

Clonezilla Live and GParted Live developer Steven Shiau is pleased to announce the release and immediate availability for download of a new stable version of his widely-used Clonezilla Live project.

Read more

Arduino-compatible robot dev kit includes RPi 3 and Tinker Board add-ons

Filed under
Linux

Husarion unveiled an Arduino-ready “Core2” robotics board for web based prototyping, plus a Linux-ready “Core2-ROS” that adds an RPi 3 or Tinker Board.

San Francisco based robotics firm Husarion, which has previously launched an industrial picker robot called the RoboCore, has gone to Crowd Supply to pitch a new Husarion Core2 prototyping platform for the robotics maker community. The $89 Cortex-M4 based Core2 controller board, which includes an ESP32 WiFi adapter, is also available in a version that runs Linux and Robot Operating System called the Core2-ROS. The ROS version replaces the ESP32 with a WiFi-ready Raspberry Pi 3 or Asus Tinker Board SBC.

Read more

Six Things to Do to Secure Your Linux System

Filed under
Linux
Security

Tuesday's Petya slam dunk by the bad guys, which may or may not have been a state sponsored swipe at Ukraine, was only one of several wake-up calls during the last couple of months for the folks taking care of IT security.

At least they should have been wake-up calls, but by the carnage left behind it looks as if a lot of folks have been operating their server rooms on autopilot. Not only were there patches at the ready to plug the vulnerabilities Petya used to do whatever it did (other than the fact that it probably wasn't ransomware, what it did hasn't been entirely sorted out yet), but I've heard credible first hand reports from several largish corporations that didn't have available backups.

Read more

8 Best Linux Distros For Programming And Developers (2017 Edition)

Filed under
Linux

Linux-based operating systems are often used by developers to get their work done and create something new. Their major concerns while choosing a Linux distro for programming are compatibility, power, stability, and flexibility. Distros like Ubuntu and Debian have managed to establish themselves as the top picks. Some of the other great choices are openSUSE, Arch Linux, etc.

Read more

RPi 3-like Le Potato SBC showcases fast Amlogic S905X SoC

Filed under
Android
Linux

Libre Computers’ $25 to $35 “Le Potato” is an RPi 3 clone that runs Android 7.1 or Linux 4.13 on a quad -A53 S905X. There’s no WiFi, but you get HDMI 2.0.

A Shenzhen based Libre Computer Project from Shenzhen Libre Technology Co. Ltd. has gone to Kickstarter to launch the first of a series of “Libre Computer Boards” called Le Potato. The project has so far received less than $4K toward its $25K all or nothing goal, with the campaign due to finish on July 24. However, if the project doesn’t fund, “we will utilize our other pre-prepared financing option and go directly to retail,” says the company.

Read more

Important CentOS 7 Linux Kernel Security Update Patches Five Vulnerabilities

Filed under
OS
Security

CentOS maintainer Johnny Hughes recently published a new security advisory for user of the CentOS 7 operating system series to inform them about an important kernel security update.

Read more

Canonical Promises Smooth and Easy Unity 7 to GNOME Shell Migration for Users

Filed under
Ubuntu

Canonical's Will Cooke is today reporting on the latest or upcoming improvements that the Ubuntu Desktop and Snappy team plans to implement in the Ubuntu Linux operating system.

Read more

Is Ubuntu set to be the OS for Internet of Things?

Filed under
Ubuntu

The Internet of Things has enjoyed major growth in recent years, as more and more of the world around us gets smarter and more connected.

But keeping all these new devices updated and online requires a reliable and robust software background, allowing for efficient and speedy monitoring and backup when needed.

Software fragmentation has already become a significant issue across the mobile space, and may threaten to do so soon in the IoT.

Read more

More in Tux Machines

Security Leftovers

  • Cryptojacking Code Found in 11 Open Libraries, Thousands Infected

    A cryptojacking code was found in 11 open-source code libraries written in Ruby, which have been downloaded thousands of times. Hackers downloaded the software, infected it with malware, and subsequently reposted it on the RubyGems platform, industry news outlet Decrypt reported on Aug. 21.

  • Malicious cryptojacking code found in 11 Ruby libraries

    Cryptojacking software has been found in 11 code libraries for the programming language Ruby—exposing thousands of people. The latest heist, discovered yesterday on code repository Github made use of a package manager called RubyGems, a popular program that allows developers to upload and share improvements on existing pieces of software.

  • Cryptojacking Scripts Found in 11 Open-Source Code Libraries

    According to a Decrypt report, the malware was discovered on Tuesday inside Github code repository, infecting the language manager called RubyGems.

  • First‑of‑its‑kind spyware sneaks into Google Play
  • Open-source spyware bypasses Google Play defenses — twice

    Radio Balouch — the app in question — is a legitimate radio application serving Balouchi music enthusiasts, except that it also included AhMyth, a remote access espionage tool that has been available on GitHub as an open-source project since late 2017. Lukas Stefanko, ESET researcher who uncovered the campaign, said the app was uploaded twice on Google Play — once on July 2 and a second time on July 13 — only to be swiftly removed by Google within 24 hours upon being alerted by the security team. It continues to be available on third-party app stores. While the service’s dedicated website “radiobalouch.com” is no longer accessible, the attackers also seem to have promoted the app on Instagram and YouTube. The app, in total, attracted over 100 installs.

  • 61 impacted versions of Apache Struts left off security advisories

    Security researchers have reviewed security advisories for Apache Struts and found that two dozen of them inaccurately listed affected versions for the open-source development framework. The advisories have since been updated to reflect vulnerabilities in an additional 61 unique versions of Struts that were affected by at least one previously disclosed vulnerability but left off the security advisories for those vulnerabilities.

  • Sectigo Sponsors Automated Certificate Issuance and Renewal in Electronic Frontier Foundation’s Certbot Open Source Software Tool

    Sectigo, the world’s largest commercial Certificate Authority (CA) and a provider of purpose-built and automated PKI management solutions, today announced its sponsorship of Electronic Frontier Foundation’s (EFF) free, open source software tool, Certbot, to support efforts to encrypt the entire internet and build a network that is more structurally private, safe, and protected against censorship.

GNU Parallel 20190822 ('Jesper Svarre') released [stable]

GNU Parallel 20190822 ('Jesper Svarre') [stable] has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/ No new functionality was introduced so this is a good candidate for a stable release. GNU Parallel is 10 years old next year on 2020-04-22. You are here by invited to a reception on Friday 2020-04-17. Read more

KDE ISO Image Writer – Release Announcement

My GSoC project comes to an end and I am going to conclude this series of articles by announcing the release of a beta version of KDE ISO Image Writer. Read more Also: How I got a project in Labplot KDE

Linux Foundation: Automotive Grade Linux Announcement and Calling Surveillance Operations "Confidential Computing"

  • Automotive Grade Linux Announces New Instrument Cluster Expert Group and UCB 8.0 Code Release

    Automotive Grade Linux (AGL), an open source project developing a shared software platform for in-vehicle technology, today announced a new working group focused on Instrument Cluster solutions, as well as the latest code release of the AGL platform, the UCB 8.0. The AGL Instrument Cluster Expert Group (EG) is working to reduce the footprint of AGL and optimize the platform for use in lower performance processors and low-cost vehicles that do not require an entire infotainment software stack. Formed earlier this year, the group plans to release design specifications later this year with an initial code release in early 2020. “AGL is now supported by nine major automotive manufacturers, including the top three producers by worldwide volume, and is currently being used in production for a range of economy and luxury vehicles” said Dan Cauchy, Executive Director of Automotive Grade Linux at the Linux Foundation. “The new Instrument Cluster Expert Group, supported by several of these automakers, will expand the use cases for AGL by enabling the UCB platform to support solutions for lower-cost vehicles, including motorcycles.”

  • Shhh! Microsoft, Intel, Google and more sign up to the Confidential Computing Consortium

    The Linux Foundation has signed up the likes of Microsoft and Google for its Confidential Computing Consortium, a group with the laudable goal of securing sensitive data. The group – which also includes Alibaba, Arm, Baidu, IBM, Intel, Red Hat, Swisscom and Tencent – will be working on open-source technologies and standards to speed the adoption of confidential computing. The theory goes that while approaches to encrypting data at rest and in transit have supposedly been dealt with, assuming one ignores the depressingly relentless splurts of user information from careless vendors, keeping it safe while in use is quite a bit more challenging. Particularly as workloads spread to the cloud and IoT devices.

  • Tech giants come together to form cloud security watchdog

    Some of the world’s biggest technology companies are joining forces to improve the security of files in the cloud. This includes Google, IBM, Microsoft, Intel, and many others. The news first popped up on the Linux Foundation, where it was said that the Confidential Computing Consortium will work to bring industry standards and identify the proper tools to encrypt data used by apps, devices and online services. At the moment, cloud security solutions focus to protect data that’s either resting, or is in transit. However, when the data is being used is “the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data.”

  • Tech firms join forces to boost cloud security

    Founding members of the group – which unites hardware suppliers, cloud providers, developers, open source experts and academics – include Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent. [...] “The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open source technologies,” said Jim Zemlin, executive director at the Linux Foundation. “The Confidential Computing Consortium is a leading indicator of what is to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use.”

  • Google, Intel and Microsoft form data protection consortium
  • Intel Editorial: Intel Joins Industry Consortium to Accelerate Confidential Computing

    Leaders in information and infrastructure security are well versed in protecting data at-rest or in-flight through a variety of methods. However, data being actively processed in memory is another matter. Whether running on your own servers on-prem, in an edge deployment, or in the heart of a cloud service provider’s data center, this “in-use” data is almost always unencrypted and potentially vulnerable.

  • Confidential Computing: How Big Tech Companies Are Coming Together To Secure Data At All Levels

    Data today moves constantly from on-premises to public cloud and the edge, which is why it is quite challenging to protect. While there are standards available that aim to protect data when it is in rest and transit, standards related to protecting it when in use do not exist. Protecting data while in use is called confidential computing, which the Confidential Computing Consortium is aiming to create across the industry. The Confidential Computing Consortium, created under the Linux Foundation, will work to build up guidelines, systems and tools to ensure data is encrypted when it’s being used by applications, devices and online services. The consortium says that encrypting data when in use is “the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data.” Members focused on the undertaking are Alibaba, ARM, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.

  • IT giants join forces for full-system data security

    Apple is conspiciously missing from the consortium, despite using both Intel hardware and inhouse designed ARM-based processors. Of the first set of commitments, Intel will release its Software Guard Extensions (SGX) software development kit as open source through the CCC.

  • Google, Intel, and Microsoft partner to improve cloud security

    Some of the biggest names in tech have banded together in an effort to promote industry-wide security standards for protecting data in use.

  • Alibaba, Baidu, Google, Microsoft, Others Back Confidential Computing Consortium

    The Confidential Computing Consortium aims to help define and accelerate open-source technology that keeps data in use secure. Data typically gets encrypted by service providers, but not when it’s in use. This consortium will focus on encrypting and processing the data “in memory” to reduce the exposure of the data to the rest of the system. It aims to provide greater control and transparency for users.

  • Microsoft, Intel and others are doubling down on open source Linux security

    In other words, the operating system could be compromised by some kind of malware, but the data being used in a program would still be encrypted, and therefore safe from an attacker.

  • Microsoft, Intel, and Red Hat Back Confidential Computing

    The Linux Foundation’s latest project tackles confidential computing with a group of companies that reads like a who’s who of cloud providers, chipmakers, telecom operators, and other tech giants. Today at the Open Source Summit the Linux Foundation said it will form a new group called the Confidential Computing Consortium. Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom, and Tencent all committed to work on the project, which aims to accelerate the adoption of confidential computing.