Language Selection

English French German Italian Portuguese Spanish

July 2019

4 best Linux sticky-note apps

Filed under
GNU
Linux
Software

There are a lot of great sticky-note apps on the Linux platform that allows users to quickly paste thoughts, lists, and other important information to notes in the form of virtual Post-it notes. But what app is best? Let’s find out in this list of the 5 best Linux sticky-note apps for Linux!

Read more

today's leftovers

Filed under
Misc
  • Linux Pet Peeves: 5 Things That Really Grind my Gears
  • LHS Episode #293: Have Lawn Chair Will Broadcast

    Welcome to the 293rd installment of Linux in the Ham Shack! In the episode, the hosts tackle topics from upcoming RSGB contests on the new, hot FT-4 mode, the origin of "Mayday" as a distress call, magloop antennas, CoreCtrl, the vanishing floppy disk, DMR (Digital Mobile Radio) and much more. Thank you for tuning in and have a wonderful week.

  • DNS-over-HTTPS (DoH) Update – Detecting Managed Networks and User Choice

    At Mozilla, we are continuing to experiment with DNS-over-HTTPS (DoH), a new network protocol that encrypts Domain Name System (DNS) requests and responses. This post outlines a new study we will be conducting to gauge how many Firefox users in the United States are using parental controls or enterprise DNS configurations.

    With previous studies, we have tried to understand the performance impacts of DoH, and the results have been very promising. We found that DoH queries are typically the same speed or slightly slower than DNS queries, and in some cases can be significantly faster. Furthermore, we found that web pages that are hosted by Akamai–a content distribution network, or “CDN”–have similar performance when DoH is enabled. As such, DoH has the potential to improve user privacy on the internet without impeding user experience.

    Now that we’re satisfied with the performance of DoH, we are shifting our attention to how we will interact with existing DNS configurations that users have chosen.  For example, network operators often want to filter out various kinds of content. Parents and schools in particular may use “parental controls”, which block access to websites that are considered unsuitable for children. These controls may also block access to malware and phishing websites. DNS is commonly used to implement this kind of content filtering.

  • New CSS Features in Firefox 68

    Firefox 68 landed earlier this month with a bunch of CSS additions and changes. In this blog post we will take a look at some of the things you can expect to find, that might have been missed in earlier announcements.

  • How to Build a Career in Artificial Intelligence and Machine Learning?

    Math is just one of the skillsets that aspiring AI and ML professionals are expected to have. This is only one half the requirement, the other half is one’s expertise in programming languages, such as Java, C++, Python, and R.

    While C++ helps engineers increase the speed of their coding process, Python will help them understand and create complex algorithms. Python is also the go-to choice for ML developers, and also offers various libraries and frameworks to ease the process of creating an AI model. Similarly, R and Java help professionals understand stats and implement mappers, respectively. They are important considering the role of visualization in explaining AI.

Linux: Systemd, Graphics and Benchmarks

Filed under
Graphics/Benchmarks
Linux
  • Systemd 243 RC1 Brings Its PStore Service, Zen2/RdRand Workaround & More

    Lennart Poettering has made available the first release candidate of the upcoming systemd 243 update. Systemd 243 is a big one in seeing more than 1,700 commits since the April release of systemd 242. 

  • Radeon RADV Vulkan Driver Adds Navi Wave32 Support For Compute Shaders

    Thanks to Valve's open-source driver developer Samuel Pitoiset, there is now experimental support for using Wave32 support on Navi graphics cards for compute shaders. 

    Navi/RDNA brings support for single-cycle issue Wave32 execution as an alternative to Wave64 for better efficiency. Just over a week ago the initial patches landed adding Wave32 support to RadeonSI for their OpenGL driver while now Samuel has tackled the initial implementation in the RADV driver. 

  • Mining Monero Cryptocurrency On The Open-Source POWER9 Raptor Blackbird

    Unlike my POWER8 server, the Blackbird cannot measure its own system power consumption (only the processor's), so I used a simple watt meter to take measurements. When off, with just the BMC on, the system took so little power my meter could not measure it. It kept showing 0 W, so presumably it's under a Watt. At idle, 55 W.

    [...]

    For each SMT mode, I tried six thread options. The SMT scaling is as expected, at SMT1 there are eight threads, and performance drops after; at SMT2 16 threads, and a corresponding drop after. The "more resources for each thread" effect is also slightly visible, with SMT1 having the highest result at eight mining threads.
    In SMT4, the efficiency scaling is quite nice, showing that a mere eight-core is not even close to the bottleneck here.

Server: 'Cloud', virtualisation and IBM/Red Hat

Filed under
Server
  • Cloud Native Applications in AWS supporting Hybrid Cloud – Part 1

    Let us talk first about what is cloud native and the benefits of SUSE Cloud Application Platform and AWS when building cloud native applications.

  • Cloud Native Applications in AWS supporting Hybrid Cloud – Part 2

    In my previous post , I wrote about using SUSE Cloud Application Platform on AWS for cloud native application delivery. In this follow-up, I’ll discuss two ways to get SUSE Cloud Application Platform installed on AWS and configure the service broker:

  • 10 Top Data Virtualization Tools

    With the continuing expansion of data mining by enterprises, it's no longer possible or advisable for an organization to keep all data in a single location or silo. Yet having disparate data analytics stores of both structured and unstructured data, as well as Big Data, can be complex and seemingly chaotic.

    Data virtualization is one increasingly common approach for dealing with the challenge of ever-expanding data. Data virtualization integrates data from disparate big data software and data warehouses - among other sources – without copying or moving the data. Most helpful, it provides users with a single virtual layer that spans multiple applications, formats, and physical locations, making data more useful and easier to manage.

  • Running MongoDB with OCS3 and using different types of AWS storage options (part 3)

    In the previous post I explained how to performance test MongoDB pods on Red Hat OpenShift with OpenShift Container Storage 3 volumes as the persistent storage layer and Yahoo! Cloud System Benchmark (YCSB) as the workload generator.

    The cluster I’ve used in the prior posts was based on the AWS EC2 m5 instance series and using EBS storage of type gp2. In this blog I will compare these results with a similar cluster that is based on the AWS EC2 i3 instance family that is using local attached storage (sometimes referred as "instance storage" or "local instance store").

  • OpenShift 4.1 Bare Metal Install Quickstart

    In this blog we will go over how to get you up and running with a Red Hat OpenShift 4.1 Bare Metal install on pre-existing infrastructure. Although this quickstart focuses on the bare metal installer, this can also be seen as a “manual” way to install OpenShift 4.1. Moreover, this is also applicable to installing to any platform which doesn’t have the ability to provide ignition pre-boot. For more information about using this generic approach to install on untested platforms, please see this knowledge base article.

Proprietary: Microsoft, Apple and Google

Filed under
Google
Microsoft
Mac
  • Netherlands warns government employees not to use Microsoft's online Office apps

    In one example, it was found that some 300,000 top tier Office users, with the ‘365 Pro Plus' package were being sent back to the US for storage - exactly the sort of behaviour that got Dutch backs up.

    In a wider sense, this is a small but public battle in a much larger war, with the EU still leaning heavily on Microsoft to put its post-GDPR house in order.

  • The iPhone now makes up less than half of Apple’s business

    Apple today reported its fiscal third quarter 2019 earnings, earning $53.8 billion in revenue and earnings per share of $2.18. That revenue is a 1 percent jump year over year. iPhone revenue was $25.99 billion compared to $29.47 billion a year ago. That means the iPhone represented under half of Apple’s revenue for the first time since 2012.

    The all-important services unit took in $11.46 billion in revenue. Wearables saw a big boost, likely thanks to Apple’s second-generation AirPods. CEO Tim Cook said that when the services and wearables / home / accessories divisions are combined, they approach the size of a Fortune 50 company. Revenue from Mac sales was $5.82 billion, and iPads were $5.023 billion, up from $4.634 billion last year at this time.

  • Apple Finds Life After the iPhone While Still Banking on the iPhone

    Combined, Apple’s two major independent product lines not attached to the iPhone -- Mac computers and iPads -- made up only 20% of revenue in the fiscal third quarter, despite gains from the period a year ago, the Cupertino, California-based company reported Tuesday. Apple’s also working on a mixed augmented and virtual reality headset for the coming years, but that, too, is likely to be iPhone-reliant.

  • Chrome 76 for Mac, Windows rolling out: Flash blocked by default, Incognito loophole closed, Settings tweak

    As a big HTML5 proponent for the past decade, Google encouraged sites to switch away from Flash for faster, safer, and more battery-efficient browsing. In late 2016 and early 2017, Chrome blocked background Flash elements and defaulted to HTML5, with users having to manually enable the Adobe plug-in on a site-by-site basis.

  • Google Chrome 76 Released for Linux, Windows, and Mac with 43 Security Fixes

    Google promoted today the Chrome 76 web browser to the stable channel for all supported platforms, including GNU/Linux, Windows, and macOS.

    Google Chrome 76.0.3809.87 is now available as the latest stable version of the popular and cross-platform web browser from Google, based on the open source Chromium project. It contains various bug fixes and improvements, as well as no less than 43 security fixes for the latest vulnerabilities.

Devices: Orange Pi Zero, Avalue, RTL-SDR

Filed under
Linux
Hardware
  • Orange Pi Zero LTS SBC Launched for $8.49 and Up

    You can now buy Orange Pi Zero LTS Arm Linux SBC for $8.49 and up. The tiny board is ideal for headless applications with WiFI and Ethernet connectivity.

  • Toughened up embedded PC can run 8th or 9th Gen Coffee Lake CPUs

    Avalue’s rugged “EPS-CFS” computer runs Linux or Win 10 on Intel 8th or 9th Gen Coffee Lake CPUs up to an octa-core Core i7-9700TE, and supplies up to 32GB GB DDR4, 2x SATA bays, 2x GbE, 2x HDMI, and 4x USB 3.2 ports.

    Avalue announced an embedded computer with Intel’s 8th Gen Coffee Lake T-series or the new, but similarly 14nm-fabricated, 9th Gen Coffee Lake Refresh TE-series chips. The EPS-CFS computer, which is built around Avalue’s 3.5-inch ECM-CFS SBC, joins other 9th Gen-ready products including Kontron’s COMe-cWL6 (E2S) and Congatec’s Conga-TS370 COM Express modules.

  • RTL-SDR: Seven Years Later

    When I wrote that article in 2012, the RTL-SDR project and its community were still in their infancy. It took some real digging to find out which TV tuners based on the Realtek RTL2832U were supported, what adapters you needed to connect more capable antennas, and how to compile all the software necessary to get them listening outside of their advertised frequency range. It wasn’t exactly the most user-friendly experience, and when it was all said and done, you were left largely to your own devices. If you didn’t know how to create your own receivers in GNU Radio, there wasn’t a whole lot you could do other than eavesdrop on hams or tune into local FM broadcasts.

    Nearly a decade later, things have changed dramatically. The RTL-SDR hardware and software has itself improved enormously, but perhaps more importantly, the success of the project has kicked off something of a revolution in the software defined radio (SDR) world. Prior to 2012, SDRs were certainly not unobtainable, but they were considerably more expensive. Back then, the most comparable device on the market would have been the FUNcube dongle, a nearly $200 USD receiver that was actually designed for receiving data from CubeSats. Anything cheaper than that was likely to be a kit, and often operated within a narrower range of frequencies.

Drawing is a Promising ‘Microsoft Paint’ Alternative for Linux

Filed under
Software

Looking for a program like Microsoft Paint but for the Linux desktop? Check out the aptly named ‘Drawing‘, a new GTK app that ably fills the gap.

This simple image editor for Linux desktops is made in the mould of the Microsoft Paint. That mean it isn’t trying to out-do The GIMP, pitch itself as an alternative to Photoshop, or pick up where Pinta left off.

What Drawing can’t do is almost as important as what it can do; that’s to say, it’s a simply designed app designed for simple use-cases.

Think meme making, screenshot annotations, wobbly sketched moustaches on selfies, and that sort of thing.

Read more

Security: Small Airplanes, Hutchins, Updates, Windows XP and WireGuard

Filed under
Security
  • US issues hacking security alert for small planes [iophk: as planes become networked, attacks will no longer require physical access, such a thing has happened in cars.]

    The cybersecurity firm, Rapid7, found that an attacker could potentially disrupt electronic messages transmitted across a small plane’s network, for example by attaching a small device to its wiring, that would affect aircraft systems.

    Engine readings, compass data, altitude and other readings “could all be manipulated to provide false measurements to the pilot,” according to the DHS alert.

  • Small Airplanes Can Be Hacked to Display False Data in Flight

    However, the [attack] requires physical access.

    [...]

    Rapid7 verified the findings by investigating two commercially available avionics systems. It determined that only "some level of physical access" to the aircraft's wiring was needed to pull of the hack, which could be delivered by attaching a small device to the plane's Controller Area Network (CAN) bus to send the false commands.

    The key problem is that the CAN bus is integrated into the plane's other components without any firewalls or authentication systems in place. This means untrusted connections over a USB adapter hooked up to the plane can send commands to its electronic systems.

  • No Jail Time for “WannaCry Hero” [iophk: the plea "bargain" still means he has become a convicted felon]

    Hutchins’ conviction means he will no longer be allowed to stay in or visit the United States, although Judge Stadtmeuller reportedly suggested Hutchins should seek a presidential pardon, which would enable him to return and work here.

  • Security updates for Wednesday

    Security updates have been issued by CentOS (389-ds-base, curl, and kernel), Debian (libssh2), Fedora (kernel, kernel-headers, and oniguruma), openSUSE (chromium, openexr, thunderbird, and virtualbox), Oracle (389-ds-base, curl, httpd, kernel, and libssh2), Red Hat (nss and nspr and ruby:2.5), Scientific Linux (httpd and kernel), SUSE (java-1_8_0-openjdk, mariadb, mariadb-connector-c, polkit, and python-requests), and Ubuntu (openjdk-8, openldap, and sox).

  • It's 2019, and one third of businesses still have active Windows XP deployments [Ed: The problem is that they use Windows (back doors in all versions), not that they use "XP". They should move corporate data to something secure like BSD and GNU/Linux.]

    Zero-day attacks were the second-most cited concern among IT decision makers, according to SpiceWorks, with 18% of respondents citing that as their primary concern. Insider data leaks were the most cited, at 27%, while attacks on IoT devices was third (17%), followed by supply-chain attacks (15%), DDoS attacks (15%), and cryptojacking (15%). Fewer than 20% of respondents indicated their business was "completely prepared" for common security threats.

    Considering the risks that accompany unsupported software generally, and the larger attack surface that results from an unsupported (or otherwise unpatched) operating system, there is a relative lack of urgency to migrate from Windows 7. Certainly, while paid support for volume licenses is a possibility for some, smaller organizations ineligible for volume licensing will be left out in the cold. To date, Microsoft has shown no signs of wavering in their intent to grant a reprieve to the remaining users of Windows 7. Without a major shift, or a reprieve from Redmond, the prospect of unpatched, internet-connected systems is fertile ground for botnet creation.

  • NordLynx: NordVPN Builds New Tech Around WireGuard

    Well known Panama-based VPN provider NordVPN has announced their NordLynx technology today that is based on the WireGuard protocol.

    NordLynx is the company's new "fast and secure" VPN solution built atop WireGuard. The company describes WireGuard as a "radical change" and "a breath of fresh air in the industry."

NetBSD 9.0 release process has started

Filed under
BSD

If you have been following source-changes, you may have noticed the creation of the netbsd-9 branch!

Read more

Also: NetBSD 9.0 Prepping For Release With AArch64 Support, Kernel ASLR & Better NVMe Perf

More in Tux Machines

Neos.io: the next generation open-source WordPress CMS alternative

Neos.io is a free open-source modern CMS solution for developers and designers. It is the ideal solution for enterprise and developers. Neos.io is packed with dozens of features aiming to be easy to use for content creators and editors, effortlessly customized by designers, and extensible for developers. Developers can easily build custom themes, custom content models, plugins to add new features and functions and integrate 3rd party services and solutions. Neos.io offers long-term support for its releases, which means every production release goes through extensive testing and quality check before production. Read more

today's howtos

  • How To Install Netdata on Debian 11 - idroot

    In this tutorial, we will show you how to install Netdata on Debian 11. For those of you who didn’t know, Netdata is an open-source tool designed for the real-time system performance monitoring solution. It monitors processes such as memory, CPU utilization, disk input/output, network bandwidth, system applications, MySQL database among other system real-time metrics. The metrics are visualized on stunning interactive dashboards in form of graphical charts. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Netdata Monitoring tool on a Debian 11 (Bullseye).

  • How To Install OpenVPN Server on Debian 11

    In Linux, we can do many things and one of them is to create our own VPN. To do this, we will use well-known tools like OpenVPN and our beloved Debian 11. So, in this post, you will learn how to install OpenVPN Server on Debian 11.

  • How To Install Tasksel on Ubuntu 20.04 LTS - idroot

    In this tutorial, we will show you how to install Tasksel on Ubuntu 20.04 LTS. For those of you who didn’t know, Tasksel is a Ubuntu tool that allows you to install multiple related packages as coordinated “tasks” onto your server. So instead of installing packages one by one, say for a LAMP stack, you can install a LAMP stack on one go as Tasksel groups packages together. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Tasksel on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

  • How to Install Apache Maven on Ubuntu - Anto ./ Online

    This guide will show you how to install Apache Maven on Ubuntu. You will also see how to verify the install and set up a basic project for testing purposes.

  • How to Install Apache Tomcat 10 on Ubuntu 21 - Unixcop

    Apache Tomcat is an open-source Java servlet and Java Server Page container. Developers build and deploy dynamic java-based applications using Apache Tomcat. Java servlets are small java programs defining how a server handles requests and responses. Developers write the servlets while Tomcat handles all the backend and routing. As it is an opensource tool, Apache Tomcat is contributed by developers all over the world. Apache Tomcat is an open-source Java HTTP web server developed by the Apache Software Foundation. Tomcat helps to deploy the Java Servlet and the JavaServer Pages and serves them like an HTTP web server.

  • How to Install Pigz to Compress Files Faster in Linux

    File compression and decompression is an important milestone for any Linux user. It saves you some significant storage space when dealing with sizable data. Also, we cannot overlook the data security implementations successfully contributed by reputable file compression tools. Compressed files are safer from data corruption and compromise than uncompressed files. The success of file compression and decompression depends on the tool you use for the task.

  • How to Install & Configure Git on AlmaLinux 8

    Git is a mature, actively maintained open source project initially developed in 2005 by Linus Torvalds, the famous Linux operating system kernel creator. Git is designed for developers that need a pretty straightforward version control system. Most software is collaborative efforts and sometimes can have hundreds of people with commits working on software development projects. It is essential to track these commits customarily done in branches in most projects before being merged into the master for release. It is easy to review and track down any incorrect commits and revert, leading to a much easier development if anything goes wrong.

  • How to Install or Upgrade Nvidia Drivers on Ubuntu 21.10 Impish Indri

    Most modern Linux Desktop systems such as Ubuntu come with an Nvidia driver pre-installed in the Nouveau open-source graphics device driver for Nvidia video cards. For the most part, this is acceptable; however, if you are using your Linux system for graphical design or gaming, you may get better drivers. Historically, the Nouveau proprietary drivers are slower than Nvidia’s, which lacks the latest graphics card hardware’s latest features, software technology, and support. In most situations, upgrading your Nvidia Drivers using the following guide is more beneficial than not doing it. In some cases, you may see some substantial improvements overall. In the following tutorial, you will learn how to install Nvidia Graphic Drivers from the Nvidia Proprietary Repository, a PPA repository, or manually using the beta drivers for an example, thus giving you the latest in software available.

  • How to Install themes on Xubuntu and Other Distros Using Xfce Desktop Environment

    Installing themes on Xubuntu is similar to Ubuntu or any other Linux distribution. You put the theme files in the ~/.themes folder and then use a tool to change it. However, some options or the user interface will look different considering Xubuntu uses the Xfce desktop environment. This is why I created this specific tutorial to show the steps with proper screenshots.

  • How to create a virtual CAN interface on Linux - PragmaticLinux

    A virtual CAN interface is the perfect solution when developing CAN nodes, without needing an actual physical CAN bus. Think of a virtual CAN interface as a software CAN adapter, through which you can access an emulated CAN bus. The SocketCAN subsystem of the Linux kernel comes with build-in support for virtual CAN interfaces. This tutorial explains in detail how to create and use a virtual CAN interface on your Linux system.

  • How to install Java 17 in Debian 11 – Citizix

    Java is a high-level, class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible. Java was developed by Sun Microsystems (which is now the subsidiary of Oracle) in the year 1995. James Gosling is known as the father of Java. Java and the JVM (Java’s virtual machine) are required for many kinds of software, including Tomcat, Jetty, Glassfish, Cassandra and Jenkins. In this guide we are going to explore how to install Java Runtime Environment (JRE) and the Java Developer Kit (JDK) in Debian 11.

  • How to install Tiled Map Editor on a Chromebook

    Today we are looking at how to install Tiled Map Editor on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below. This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

  • How to install Vivaldi on Linux Lite 5.4 - Invidious

    In this video, we are looking at how to install Vivaldi on Linux Lite 5.4.

  • How to set up Samba shares in Ubuntu Server the easy way

    Webmin is an administration web UI for managing UNIX-like operating systems. For example, if you have an Ubuntu server and want an easier way to create Samba shares on your system, Webmin is an excellent tool. With Webmin, you can create Samba shares on Ubuntu Server through your web browser, easily manage permissions, etc. In this guide, we’ll show you how to use Webmin to configure Samba shares in Ubuntu Server the easy way.

  • How to set up an FTP server on Ubuntu with Webmin

    Do you want to set up an FTP server on your Ubuntu Server system but don’t want to deal with configuration files? If so, Webmin is for you! Webmin is an excellent tool that allows users to manage UNIX-like servers with an easy-to-use web interface. Here’s how to use Webmin to set up an FTP server on Ubuntu.

  • How to set up an NFS share in Webmin on Ubuntu Server

    NFS (AKA Network File System) is a handy networking tool that makes transferring files on Linux super fast. However, setting it up is tedious if you do not know what you are doing. That’s where Webmin comes in. It’s a web UI manager for UNIX-like operating systems that makes setting up complex things like NFS easy. In this guide, we’ll show you how you can set up an NFS share with it.

  • Installing Mods for Nickelodeon All-Star Brawl (NASB) on Linux - Boiling Steam

    It’s been a few weeks since the release of Nickelodeon All-Star Brawl (NASB). While some media outlets have criticized the game for lacking voice-overs, extra character skins, having a generic soundtrack, and a “cheap budget” feeling, a lot of these issues can be mitigated, thanks to the modding community. Players don’t have to wait for an official update to come out to enjoy quality-of-life upgrades to the game. If you want to make Nigel Thornberry look like Wario, you can do that. If you desire Reptar to look like Bowser or Yoshi, you can do that. If you hunger for more life to the game by adding voice-overs for the characters, you can do that. If you crave victory themes, you can do that. If you’re tired of the bland soundtrack for a particular stage and yearn for something better, you can do that. If you desire PlayStation-style buttons, you can do that.

  • Jenkins: How to create a node agent - Anto ./ Online

    A Jenkins node agent is essentially a worker node that performs operations requested by Jenkins. Jenkins will manage the node agent as well as the required tools. This guide will show you how to create an agent node in Jenkins.

today's leftovers

  • What if Internet stops? How to rebuild an offline federated infrastructure using OpenBSD

    My biggest point would be that my computer could be used to replicate itself to other computer owners, give them the data so they can spread it again. Data copied over and over will be a lot more resilient than a single copy with a few local backups (local as in same city at best because there is no Internet).

    Because most people's computers relying on the Internet to have data turned into useless bricks, I think everyone would be glad to be part of an useful infrastructure that can replicate and extend.

  • Hello World’s first-ever special edition is here!
  • Why Is It So Hard to Figure Out What to Do When You Lose Your Account?

    People lose a lot when they lose their account. For example, being kicked off Amazon could mean losing access to your books, music, pictures, or anything else you have only licensed, not bought, from that company. But the loss can have serious financial consequences for people who rely on the major social media platforms for their livelihoods, the way video makers rely on YouTube or many artists rely on Facebook or Twitter for promotion.

    And it’s even worse when you can’t figure out why your account was closed, much less how to get it restored.  The deep flaws in the DMCA takedown process are well-documented, but at least the rules of a DMCA takedown are established and laid out in the law. Takedowns based on ill-defined company policies, not so much.

    Over the summer, writer and meme king Chuck Tingle found his Twitter account suspended due to running afoul of Twitter’s ill-defined repeat infringer policy. That they have such a policy is not a problem in and of itself: to take advantage of the DMCA safe harbor, Twitter is required to have one. It’s not even a problem that the law doesn’t specify what the policy needs to look like—flexibility is vital for different services to do what makes the most sense for them. However, a company has to make a policy with an actual, tangible set of rules if they expect people to be able to follow it.

Proprietary Software and Security

  • Windows REvil ransomware gang taken down by US spies and allies: claim [iophk: Windows TCO]

    On Wednesday, the news surfaced that the REvil site on the dark web was offline. One Dmitry Smilyanets, who works for the threat intelligence firm Recorded Future and also writes for The Record, a website belonging to the company, claimed to have found a thread claiming to offer the reason for the disappearance of REvil. The CIA's investment arm, In-Q-Tel is an investor in Recorded Future.

  • Governments turn tables on ransomware gang REvil by pushing it offline [iophk: Windows TCO]

    According to three people familiar with the matter, law enforcement and intelligence cyber specialists were able to [crack] REvil’s computer network infrastructure, obtaining control of at least some of their servers.

    After websites that the [attacker] group used to conduct business went offline in July, the main spokesman for the group, who calls himself “Unknown,” vanished from the [Internet].

  • Company That Buys Zero-Day Hacks Now Wants Exploits for Popular VPNs

    Uh oh. An infamous company that pays thousands of dollars for iOS and Android hacking techniques is now out to acquire zero-day exploits for three popular VPN services. Zerodium today sent out a tweet calling for “zero-days” or publicly unknown attacks that work against ExpressVPN, NordVPN, or Surfshark. The attacks must be capable of leaking information from the VPNs, such as a computer’s IP address. Zerodium will also pay for exploits that can trigger a VPN to remotely execute computer code.

  • Verizon 'Visible' Wireless Accounts Hacked, Exploited To Buy New iPhones

    Wireless subscribers of Verizon's Visible prepaid service received a rude awakening after hackers compromised their account, then ordered expensive new iPhones on their dime. Last week a company statement indicated that "threat actors were able to access username/passwords from outside sources," then utilize that access to login to Visible customer accounts. Hacked users say the attackers then utilized that access to order expensive kit, and, initially, getting Visible to do anything about it was a challenge: