Language Selection

English French German Italian Portuguese Spanish

Proprietary Software and New FUD

Filed under
Security
  • Back to windows after twenty years

    See, the whole reason I thought Windows might be a suitable alternative for me was all the enthusiasm around Windows Linux Subsystem (WSL). Basically putting all the *nix tooling at your fingertips, like it is on OSX, in a way that doesn’t require crazy hoops.

    But it’s just not there. The first version of WSL is marred with terrible file-system performance, and I got to feel that right away, when I spent eons checking out a git repository via GitHub for Windows. A 10-second operation on OSX took 5-6 minutes on Windows.

    [...]

    Windows still clearly isn’t for me. And I wouldn’t recommend it to any of our developers at Basecamp. But I kinda do wish that more people actually do make the switch. Apple needs the competition. We need to feel like there are real alternatives that not only are technically possible, but a joy to use. We need Microsoft to keep improving, and having more frustrated Apple users cross over, point out the flaws, and iron out the kinks, well, that’s only going to help.

  • These Machines Can Put You in Jail. Don’t Trust Them.

    The machines are sensitive scientific instruments, and in many cases they haven’t been properly calibrated, yielding results that were at times 40 percent too high. Maintaining machines is up to police departments that sometimes have shoddy standards and lack expertise. In some cities, lab officials have used stale or home-brewed chemical solutions that warped results. In Massachusetts, officers used a machine with rats nesting inside.

    Technical experts have found serious programming mistakes in the machines’ software. States have picked devices that their own experts didn’t trust and have disabled safeguards meant to ensure the tests’ accuracy.

    The Times interviewed more than 100 lawyers, scientists, executives and police officers and reviewed tens of thousands of pages of court records, corporate filings, confidential emails and contracts. Together, they reveal the depth of a nationwide problem that has attracted only sporadic attention.

  • Uber’s Self-Driving Car Didn’t Know Pedestrians Could Jaywalk

    The software inside the Uber self-driving SUV that killed an Arizona woman last year was not designed to detect pedestrians outside of a crosswalk, according to new documents released as part of a federal investigation into the incident. That’s the most damning revelation offered up in a trove of new documents related to the crash, but other details indicate that, in a variety of ways, Uber’s self-driving car work failed to consider how humans actually operate.

  • Libarchive vulnerability can lead to code execution on Linux, FreeBSD, NetBSD [Ed: Very typical ZDNet FUD from Catalin Cimpanu, their drama queen hired from a lying site. To exploit the alleged bug one needs to run (and get) malicious files. But CBS tabloids with money from Microsoft don't let facts get in the way. Skip the headline and find "Exploitation scenarios include users who receive malicious files from attackers or local apps that use Libarchive's various components for file decompression."]
  • Former CIA Employee Who Allegedly Disclosed ‘Vault 7’ Files To WikiLeaks Challenges Espionage Act Charges

    Former CIA employee Josh Schulte, who is accused of leaking the “Vault 7” files to WikiLeaks, urged a federal court to rule the Espionage Act is unconstitutional. He also asked the court to dismiss the Espionage Act charges against him.

    The files Schulte allegedly released brought scrutiny to the CIA’s hacking arsenal, which targeted smartphones and computers. A program called “Weeping Angel,” that allowed the CIA to attack Samsung F8000 TVs and convert them into spying devices was exposed. They also showed how the CIA targeted Microsoft Windows, as well as Signal and WhatsApp users, with malware.

More on libarchive

  • Linux users warned to update libarchive to beat flaw [Ed: If users do not download malicious, dodgy files and then execute these, that might be fine. Same for macros in documents. It's not a major or critical issue.]

    The bug is identified as CVE-2019-18408, a high-priority ‘use-after-free’ bug when dealing with a failed archive.

    No real-world exploits have been detected but if one existed, it would attempt to use a malicious archive to induce a denial-of-service state or arbitrary code execution.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Stable kernels 5.3.12, 4.19.85, and 4.14.155

  • Linux 5.3.12
    I'm announcing the release of the 5.3.12 kernel. All users of the 5.3 kernel series must upgrade. The updated 5.3.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.3.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
  • Linux 4.19.85
  • Linux 4.14.155

today's howtos

Games: Parkitect, Warlords I + II, FPS Counter in GNU/Linux Games

  • Parkitect - Taste of Adventure is out expanding your theme park building possibilities

    Possibly one of the most relaxing and engrossing games release last year, Parkitect just expanded with a free update and a big Parkitect - Taste of Adventure DLC.

  • Warlords I + II given the DOSBox and DRM-free treatment over on GOG

    Sometimes a lot of newer strategy games can be a bit much, perhaps a little retro flavour is in order? Warlords I + II, two strategy titles from the 90's are now on GOG. Both of them have been nicely packaged up for Linux gamers so you can just buy them both together, install and then it will run with a pre-configured DOSBox with no hassle. That's the way I like my retro gaming to be, a solid bit of nostalgia without some headaches.

  • How to Show FPS Counter in Linux Games

    Linux gaming got a major push when Valve announced Linux support for Steam client and their games in 2012. Since then, many AAA and indie games have made their way to Linux and the number of users who game on Linux have increased considerably. With the growth of Linux gaming, many users started to look for proper ways to display “frames per second” (FPS) counter as an overlay on running Linux games. An FPS counter helps in tweaking performance of running games as well as in benchmarking a PC’s overall ability to play games at different resolutions. Unfortunately there is no single unified way to display FPS counter in all Linux games that is independent of underlying technologies a game is running upon. Different renderers and APIs have different ways to display FPS counter. This guide will explain various methods that can be used to display an FPS counter in Linux games.

today's leftovers

  • NVIDIA DP MST Audio To Begin Working With The Linux 5.5 Kernel

    While the official NVIDIA Linux driver has worked well with DisplayPort Multi-Stream Transport (DP MST) setups for years now for driving large displays, audio hasn't worked under Linux for NVIDIA's driver in this combination. But with the upcoming Linux 5.5 cycle that will be addressed.

  • Fedora Update Weeks 39–45

    Somehow, my semi-weekly updates turned into monthly things. Mostly, updates per week have been rather light and stable, so it always seemed that there was no need to write an update. Of course, that ends up meaning one really large update after a long time. This past week was pretty busy, so I thought it best to finally write up a post. One small changeset was removing automated Suggests from R packages when they do not exist in Fedora yet. This is due to legal concerns on the F31 Change for automated R dependencies. So far, I’ve fixed mine, and intend to fix others’ soon. On the Python 2 front, aside from dropping unused subpackages from Fedora 32, I’ve also ported git-cinnabar’s test running from nose to unittest. This makes it easier to get the Python 2 exception. Since upstream is working on Python 3 support, I expect that this exception won’t need to be in place for long.

  • Zekr Quran (1.1.0 Final) on linux (Fedora 30)

    It work fine on Java 6 era but not anymore. You need to tweak, hack, compile you self or find package alternative. I want to build this software as RPM package so it will be available for others but maybe it will take lot of effort.. plus there is issue about licensing, humm.. maybe next time? Anyway, If you are looking for solution how to install Zekr on Fedora, just let me know. I will help.

  • Magicsee N5 Plus Amlogic S905X3 TV Box Comes with a 2.5″ SATA HDD/SSD Bay

    Amlogic S905X3 TV boxes have been announced since June. S905X3 is Amlogic’s first Arm Cortex-A55 processor and targets 4K UHD HDR TV boxes The box runs Android 9.0, and ships with an IR remote control, a power supply, an HDMI cable, and a user manual in English. There’s CLOSE/OPEN switch to open the lid and install the drive, so no tools appear to be needed to install a hard drive.

  • Mozilla Localization (L10N): L10n Report: November Edition

    As anticipated in previous reports, the release cycles are getting progressively shorter, in order to reach a consistent 4 weeks length in the first half of 2020. Firefox 71 will be released next week, on December 3rd. At that point Firefox 72 will move to beta, and the deadline to ship updates for that version will be on December 24th. Firefox 71 will ship with 3 new languages: Catalan (Valencian) (ca-valencia), Tagalog (tl), and Triqui (trs).

  • Better math import from PPTX into Impress

    Impress now has a much improved math handling in its importer from PPTX, eliminating annoying duplicated objects you had to delete after import, manually. First, thanks TU Dresden who made this work by Collabora possible.