Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • How secure are your containerized apps? [Ed: Why does SJVN promote the Microsoft-connected anti-FOSS firm Snyk?]
  • IPFire 2.23 - Core Update 131 is available for testing

    Finally, the next major version of IPFire is ready to testing. We consider our new Intrusion Prevention System such an important change, that we are calling it "IPFire 2.23" from now on. This update also contains a number of other bug fixes and enhancements.

  • How hacking threats spurred secret U.S. blacklist

    U.S. energy regulators are pursuing a risky plan to share with electric utilities a secret "don't buy" list of foreign technology suppliers, according to multiple sources.

    The move reflects the federal government's growing concern that hackers and foreign spies are targeting America's vital energy infrastructure. And it's also raised new questions about the value of top-secret U.S. intelligence if it can't get into the hands of power industry executives who can act on it to avoid high-risk vendors.

    Joseph McClelland, director of the Federal Energy Regulatory Commission's Office of Energy Infrastructure Security, told a Department of Energy advisory committee last month that officials are working on "an open-source procurement list" for utilities to use when deciding where to source their software and equipment.

More in Tux Machines

Android Leftovers

Latest From Libinput

  • libinput and tablet proximity handling
    This is merely an update on the current status quo, if you read this post in a year's time some of the details may have changed libinput provides an API to handle graphics tablets, i.e. the tablets that are used by artists. The interface is based around tools, each of which can be in proximity at any time. "Proximity" simply means "in detectable range". libinput promises that any interaction is framed by a proximity in and proximity out event pair, but getting to this turned out to be complicated. libinput has seen a few changes recently here, so let's dig into those. Remember that proverb about seeing what goes into a sausage? Yeah, that.
  • libinput and the Dell Canvas Totem
    We're on the road to he^libinput 1.14 and last week I merged the Dell Canvas Totem support. "Wait, what?" I hear you ask, and "What is that?". Good question - but do pay attention to random press releases more. The Totem (Dell.com) is a round knob that can be placed on the Dell Canvas. Which itself is a pen and touch device, not unlike the Wacom Cintiq range if you're familiar with those (if not, there's always lmgtfy).
  • Libinput 1.14 Will Support Dell's Totem Input Device
    Dell announced the Totem two years ago while the Linux support is finally getting in order. However, there isn't yet any notable applications/tool-kits at least on Linux that support utilizing this specialized input device. Red Hat input expert Peter Hutterer, who also maintains libinput, has blogged about the Totem support addition for the upcoming libinput 1.14. If you are interested in this unique input device, Peter's post has all the interesting technical bits.

Jami/Ring, finally functioning peer to peer communication client

Some years ago, in 2016, I wrote for the first time about the Ring peer to peer messaging system. It would provide messaging without any central server coordinating the system and without requiring all users to register a phone number or own a mobile phone. Back then, I could not get it to work, and put it aside until it had seen more development. A few days ago I decided to give it another try, and am happy to report that this time I am able to not only send and receive messages, but also place audio and video calls. But only if UDP is not blocked into your network. The Ring system changed name earlier this year to Jami. I tried doing web search for 'ring' when I discovered it for the first time, and can only applaud this change as it is impossible to find something called Ring among the noise of other uses of that word. Now you can search for 'jami' and this client and the Jami system is the first hit at least on duckduckgo. Jami will by default encrypt messages as well as audio and video calls, and try to send them directly between the communicating parties if possible. If this proves impossible (for example if both ends are behind NAT), it will use a central SIP TURN server maintained by the Jami project. Jami can also be a normal SIP client. If the SIP server is unencrypted, the audio and video calls will also be unencrypted. This is as far as I know the only case where Jami will do anything without encryption. Read more

Codethink open sources part of onboarding process

Here at Codethink, we’ve recently focused our energy into enhancing the onboarding process we use for all new starters at the company. As we grow steadily in size, it’s important that we have a well-defined approach to both welcoming new employees into the company, and introducing them to the organization’s culture. As part of this overall onboarding effort, we’ve created How to Git going in FOSS: an introductory guide to the world of free and open source software (FOSS), and some of the common technologies, practices, and principles associated with free and open source software. This guide was initially aimed at work experience students and summer interns. However, the document is in fact equally applicable to anyone who is new to free and open source software, no matter their prior experience in software or IT in general. How to Git going in FOSS is hosted on GitLab and consists of several repositories, each designed to be a self-guided walk through. Read more