Language Selection

English French German Italian Portuguese Spanish

February 2021

And Now For Something Completely Different

Filed under
GNU
Linux

elementary. I've been a fan of the project since the early days, when it was just an icon and GTK theme. While designing my own applications, I've borrowed from their design language. And with each successive update, I'm always blown away by every small detail they get right.

[...]

First and foremost, there's a Xubuntu release in progress! Xubuntu 21.04 "Hirsute Hippo" will be released on April 22, and there's plenty of work left to do. The biggest of these is the transition of our new documentation to Docbook so it can be translated and packaged. Outside of documentation, there's a never-ending backlog of issues (focal+) on Launchpad that needs to be reviewed and addressed.

Then, it's elementary time! elementary OS 6 "Odin" is expected sometime this year. I've installed it on my laptop for testing and development, and so far it's looking pretty great. Some areas where I want to start contributing and improving include Light Locker, Glade, Indicators, feature ports, and new apps. Once I have a better grasp of what I'm working on, I'll post some updates here.

If you'd like to follow me on this journey, follow my Twitter handle @bluesabredavis. For regular updates from Xfce, Xubuntu, and related developers, you can subscribe to Planet Bluesabre (Twitter). If you'd like to sponsor me (or need a handy link to unsponsor me, I get it), check out the Donate page on this site.

Read more

Linux Mint Monthly News – February 2021

Filed under
Ubuntu

An announcement was made last week to explain why security updates are important and to remind people to update their computer.

If you haven’t read it yet please visit https://blog.linuxmint.com/?p=4030.

We started working on improvements for the Update Manager. In the next release the manager won’t just look for available updates, it will also keep track of particular metrics and be able to detect cases where updates are overlooked. Some of these metrics are when was the last time updates were applied, when was the last time packages were upgraded on the system, for how many days has a particular update been shown…

In some cases the Update Manager will be able to remind you to apply updates. In a few of them it might even insist. We don’t want it to be dumb and get in your way though. It’s here to help. If you are handling things your way, it will detect smart patterns and usages. It will also be configurable and let you change the way it’s set up.

We have key principles at Linux Mint. One of them is that this is your computer, not ours. We also have many use cases in mind and don’t want to make Linux Mint harder to use for any of them.

We’re still forming strategies and deciding when and how the manager should make itself more visible so it’s too soon to speak about these aspects and get into the details which probably interest you the most here. So far we worked on making the manager smarter and giving it more information and more metrics to look at.

Read more

Edit video on Linux with this Python app

Filed under
Software

In 2021, there are more reasons why people love Linux than ever before. In this series, I'll share 21 different reasons to use Linux. Here's how I use Linux to edit videos.

Back in 2018, I wrote an article about the state of Linux video editing, in which I chose an application called Openshot as my pick for the top hobbyist video editing software. Years later, and my choices haven't changed. Openshot remains a great little video editing application for Linux, and it's managed to make creating videos on Linux boring in the best of ways.

Read more

Also: Ventoy 1.0.36 - Neowin

Shipping Debian with GNOME X.XX.0 is an extremely bad idea

Filed under
GNOME
Debian

Since the freeze has slowly crept in, now is the time to revisit my pet peeve with Debian's release process: to publish a new Debian release as soon as GNOME published a new X.XX.0 version. This is an extremely bad idea: X.XX.0 releases tend to lack polish, their translations are not up-to-date and several silly bugs that hamper the user experience (what the Ubuntu guys call "paper cuts") exist.

Read more

Zrythm 1.0.0-alpha.12.0.1 release

Filed under
Software

Zrythm v1.0.0-alpha.12.0.1 has been released!

Screenshot: 
https://www.zrythm.org/static/images/feb-20-2021.png

Demo:
https://www.zrythm.org/videos/mylofy-zrythmania-part01.webm
(by MyLoFy, CC-BY-SA 4.0)

Zrythm is a digital audio workstation designed to be featureful and
easy to use. It allows limitless automation through curves, LFOs and
envelopes, supports multiple plugin formats including LV2, LADSPA,
DSSI, SFZ, SF2, VST2 and VST3 (via Carla), works with multiple backends
including JACK, PulseAudio, RtAudio/RtMidi and SDL2, assists with chord
progressions via a special Chord Track and chord pads, and can be used
in multiple languages including English, French, Portuguese, Japanese
and German.

Read more

Zrythm DAW Sees New Release And Should Have "Almost No Crashes"

today's howtos

Filed under
HowTos
  • My pragmatic sysadmin view on subdomains and DNS zones

    This question is interesting to me because I had a completely different view of it than Julia Evans did. For me, NS and SOA DNS records are secondary things when thinking about subdomains, down at the level of the mechanical plumbing that you sometimes need. This may surprise people, so let me provide a quite vivid local example of why I say that.

  • An Exploration of JSON Interoperability Vulnerabilities

    JSON is the backbone of web application communications. The simplicity of JSON is often taken for granted. We don't usually consider JSON parsing as part of our threat model. However, in our modern, multi-language, microservice architectures, our applications often rely on several separate JSON parsing implementations, each of which has its own quirks.

    As we've seen through attacks like HTTP request smuggling, discrepancies across parsers combined with multi-stage request processing can introduce serious vulnerabilities. In this research, I conducted a survey of 49 JSON parsers, cataloged their quirks, and present a variety of attack scenarios and Docker Compose labs to highlight their risks. Through our payment processing and user management examples, we will explore how JSON parsing inconsistencies can mask serious business logic vulnerabilities in otherwise benign code.

  • Hardware RAID on the Raspberry Pi CM4

    After a long and arduous journey involving multiple driver revisions and UART debugging on the card, I was able to bring up multiple hardware RAID arrays on the Pi.

  • The Tao of Continuous Integration

    It is a truism in modern software development that a robust continuous integration (CI) system is necessary. But many projects suffer from CI that feels brittle, frustrates developers, and actively impedes development velocity. Why is this? What can you do to avoid the common CI pitfalls?

  • Install Kali Linux on Chromebook: Tips and Tutorials

    If you need more system privileges on your Chromebook, Kali Linux might be right for you, especially since Linux is free and open-source. But remember that this operating system is mainly for penetration testing and not very convenient for daily work.

  • How to install the Foxit reader on Linux

    The Foxit Reader is free PDF software for Linux, Mac, and Windows. It is open-source software. With it, users can create as well as annotate and collaborate with PDF files. Here’s how to install it on Linux.

  • How To Install Git on Manjaro 20 - idroot

    In this tutorial, we will show you how to install Git on Manjaro 20. For those of you who didn’t know, Git is a distributed version control system. Git is a free software designed to handle everything from small to very large projects with speed and efficiency. It can be easy to learn and used for tracking changes in source code during software development. Git has the features of data integrity, non-linear workflows, and fast performance.

    This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Git on a Manjaro 20 (Nibia).

  • How to manage Flatpak permissions graphicly?

    Finding difficulties to manage Flatpak permissions using command lines? Maybe you should give Flatseal a try.

    The main purpose of Flatpak is to provide a centralized service for distributing applications. But while Penguin users enjoy the taste of updated and secured Linux apps, they have hard time managing Flatpak permissions for the lack of graphical front-end which helps them do so.

    Here the important of the Flatsealutility, which developed by the enthusiast engineer Martin Abente Lahaye, appears.

Why India Needs To Fuss Over FOSS

Filed under
OSS

Did you know that over 85% of India’s Internet runs on FOSS, or Free an Open Source Software that strikes at the heart of software patents?

If your answer is ‘No’, you may be pleasantly surprised to know that India now ranks 3rd in the world in terms of FOSS usage, according to GitHub. In fact, some of India’s largest government projects, many technology startups, and some of India’s largest software services companies extensively us FOSS, according to a recently-released report titled ‘The State of FOSS in India’ by CivicData Lab.

FOSS communities in India, according to the report supported by Omidyar Network India, have also organized themselves to solve India’s challenges like digital inclusion by creating Indian language fonts, dictionaries and other essential tools that are widely used across the country.

Read more

Ubuntu 21.04 (Hirsute Hippo) Enters Feature Freeze, Beta Expected on April 1st

Filed under
Ubuntu

The Feature Freeze stage means that no major new features will be implemented in Ubuntu 21.04 until the final release hits the streets in late April 2021. Developers will no focus their efforts on fixing important blockers that won’t delay the final release.

Dubbed as the “Hirsute Hippo,” Ubuntu 21.04 has been in development since late October 2020, shortly after the release of Ubuntu 20.10 (Groovy Gorilla). As its customary, the Feature Freeze stage will be followed shortly by an optional “Ubuntu Testing Week,” which will take place between March 4-11 and intended for those who want to help with the testing.

Read more

More in Tux Machines

Proprietary Software and Security

  • Windows REvil ransomware gang taken down by US spies and allies: claim [iophk: Windows TCO]

    On Wednesday, the news surfaced that the REvil site on the dark web was offline. One Dmitry Smilyanets, who works for the threat intelligence firm Recorded Future and also writes for The Record, a website belonging to the company, claimed to have found a thread claiming to offer the reason for the disappearance of REvil. The CIA's investment arm, In-Q-Tel is an investor in Recorded Future.

  • Governments turn tables on ransomware gang REvil by pushing it offline [iophk: Windows TCO]

    According to three people familiar with the matter, law enforcement and intelligence cyber specialists were able to [crack] REvil’s computer network infrastructure, obtaining control of at least some of their servers.

    After websites that the [attacker] group used to conduct business went offline in July, the main spokesman for the group, who calls himself “Unknown,” vanished from the [Internet].

  • Company That Buys Zero-Day Hacks Now Wants Exploits for Popular VPNs

    Uh oh. An infamous company that pays thousands of dollars for iOS and Android hacking techniques is now out to acquire zero-day exploits for three popular VPN services. Zerodium today sent out a tweet calling for “zero-days” or publicly unknown attacks that work against ExpressVPN, NordVPN, or Surfshark. The attacks must be capable of leaking information from the VPNs, such as a computer’s IP address. Zerodium will also pay for exploits that can trigger a VPN to remotely execute computer code.

  • Verizon 'Visible' Wireless Accounts Hacked, Exploited To Buy New iPhones

    Wireless subscribers of Verizon's Visible prepaid service received a rude awakening after hackers compromised their account, then ordered expensive new iPhones on their dime. Last week a company statement indicated that "threat actors were able to access username/passwords from outside sources," then utilize that access to login to Visible customer accounts. Hacked users say the attackers then utilized that access to order expensive kit, and, initially, getting Visible to do anything about it was a challenge:

Android Leftovers

Stable vs. Bleeding-Edge Linux Distros: Which One Should You Choose?

Linux distributions have multiple ways of delivering software to their users. But which one should you go for—stability or the latest software? One of the major choices that many Linux users face when choosing a Linux distribution is its stability, or how much the software changes. Some distros favor stable, tried-and-true software while others will include newer software that may not be as reliable, also known as "bleeding-edge," a play on "cutting-edge." So, which one should you choose? Let's find out. Read more

This week in NeoChat

Last Saturday we had an improvised NeoChat mini development sprint in a small hotel room in Berlin in the occasion of the 25th anniversary of KDE. In a good KDE tradition, Carl spent this time on improving NeoChat settings. He ported both the NeoChat general settings and the specific room settings to the new Kirigami.CategorizedSetting component. Tobias fixed a lot of papercuts and now the power level should be fetched correctly, we show the number of joined users instead of joined+invited users in the room information pane, the user search is now case insensitive. Nicolas focused on fixing our Android build by making the spellchecking feature compile on Android. Read more