Language Selection

English French German Italian Portuguese Spanish

Microsoft

User-hostile Hardware

Filed under
Hardware
Microsoft
Mac
  • Linus Torvalds wants Apple’s new M1-powered Macs to run Linux

    Earlier this month, Apple revealed its own ARM-based M1 processor, along with new MacBooks and a desktop Mac Mini powered by this chip. Reviewers across the globe have been praising Apple‘s first attempt, giving it high marks for performance and battery life.

    All this positive coverage has tempted many to take the plunge and buy one of the new machines — even if some apps are not running natively at the moment. Even Linus Torvalds, the principal developer of the Linux kernel, wants one.

    [...]

    Linux support on MacBooks would’ve made it a more attractive bet for programmers. However, I don’t think any engineers at the Cupertino campus plan to make that happen anytime soon. Sorry, Linus.

  • New Microsoft chip will come with added costs, says ex-NSA hacker

    Microsoft's new security chip, announced last week, will have an impact on hardware-only attacks, an American security professional says, adding that it could also assist in firmware security, but would result in added costs.

Proprietary Software and Security Issues

Filed under
Microsoft
Mac
Security

Security and Proprietary Software Leftovers

Filed under
Microsoft
Mac
Security

  • Security updates for Wednesday

    Security updates have been issued by Arch Linux (chromium, firefox, gdm, linux-hardened, matrix-synapse, salt, sddm, and wordpress), Debian (firefox-esr, libmaxminddb, and moin), Fedora (cifs-utils, firefox, galera, java-latest-openjdk, mariadb, mariadb-connector-c, and wordpress), Gentoo (blueman, chromium, firefox, mariadb, qemu, salt, tmux, and wireshark), openSUSE (sddm), Oracle (kernel), Red Hat (kernel-alt, microcode_ctl, and rh-nodejs12-nodejs), SUSE (kernel, microcode_ctl, openldap2, python-waitress, spice-vdagent, u-boot, and ucode-intel), and Ubuntu (firefox, intel-microcode, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi, linux, linux-gcp, linux-gcp-4.15, linux-gcp-5.4, linux-gke-4.15, linux-gke-5.3, linux-hwe, linux-hwe-5.4, linux-oem, linux-oem-osp1, linux-oracle, linux-oracle-5.4, and moin).

  • Less than 6 months to 16.04 ESM: 6 things to prepare | Ubuntu

    Ubuntu 16.04 LTS Xenial Xerus will enter the extended security maintenance (ESM) period in April 2021. This article explains the ESM period and provides a guide for six key considerations when planning a migration path from Ubuntu 16.04 LTS.

    [...]

    2) Consider the full stack. The OS is a heart of the system, and an OS migration is a significant change that touches multiple aspects of your configuration, from the Linux kernel up to your applications. Remember to evaluate how the migration will impact your existing workloads and APIs as your current configuration might depend on specific versions of the applications and libraries that shipped with Ubuntu 16.04 LTS. You will likely find newer versions of applications and libraries if you choose a more recent version of Ubuntu (you can find a few examples below). Those versions might not be fully compatible with your overall configuration anymore after the migration.

  •                

  • Waves of attacks on US hospitals show a change in tactics for cybercriminals [iophk: Windows TCO]

                     

                       

    United States hospitals were targeted by two major cybersecurity attacks this fall: the first taking down Universal Health Services, a chain of hundreds of hospitals, and the second by a group called UNC1878 threatening hundreds of individual health care facilities all around the country. Targeting health care institutions directly marks a new approach for cybercriminals.

  •                

  • Ransomware Hits Dozens of Hospitals in an Unprecedented Wave [iophk: Windows TCO]

                     

                       

    On Wednesday evening, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and Department of Health and Human Services warned that there is a "an increased and imminent cybercrime threat to US hospitals and health care providers," above and beyond the wave of attacks that have already occurred. The alert points to the notorious Trickbot trojan and Ryuk ransomware as the primary hacking tools involved in the attacks. Security analysts at private companies say that the activity is tied to the Russian criminal gang sometimes called UNC 1878 or Wizard Spider.

  •                

  • Ransomware Group Turns to Facebook Ads

                     

                       

    It’s not clear whether this was an isolated incident, or whether the fraudsters also ran ads using other [cracked] Facebook accounts. A spokesperson for Facebook said the company is still investigating the incident. A request for comment sent via email to Campari’s media relations team was returned as undeliverable.

  •                

  • On Apple's Piss-Poor Documentation

                     

                       

    However, as users rightly demand more complicated and fancy apps, the APIs often need to get more fancy and complicated as well. Suddenly you look up and, instead of only using screwdrivers and hammers, you’re using power tools and complicated saws, and everything is much more fiddly than it once was.

                       

    With real tools, you’d expect to receive an owner’s manual, which explains how to use the tool you’ve just purchased. A rough analogy exists for APIs, insofar as most platform vendors will provide documentation. This is basically the "owner’s manual" for that API.

                       

    Apple’s documentation has, for years, been pretty bad. Over the last couple years, it has gone from bad → awful → despicable → embarrassing. All too often, I go to research how to do something new, and use an API I’m not familiar with, only to be stymied by those three dreaded words:

    No overview available.

Linux graphics, why sharing code with Windows isn't always a win.

Filed under
Graphics/Benchmarks
Microsoft

A recent article on phoronix has some commentary about sharing code between Windows and Linux, and how this seems to be a metric that Intel likes.

I'd like to explore this idea a bit and explain why I believe it's bad for Linux based distros and our open source development models in the graphics area.

tl;dr there is a big difference between open source released and open source developed projects in terms of sustainability and community.

The Linux graphics stack from a distro vendor point of view is made up of two main projects, the Linux kernel and Mesa userspace. These two projects are developed in the open with completely open source vendor agnostic practices. There is no vendor controlling either project and both projects have a goal of try to maximise shared code and shared processes/coding standards across drivers from all vendors.

This cross-vendor synergy is very important to the functioning ecosystem that is the Linux graphics stack. The stack also relies in some places on the LLVM project, but again LLVM upstream is vendor agnostic and open source developed.

The value to distros is they have central places to pick up driver stacks with good release cycles and a minimal number of places they have to deal with to interact with those communities. Now usually hardware vendors don't see the value in the external communities as much as Linux distros do. From a hardware vendor internal point of view they see more benefit in creating a single stack shared between their Windows and Linux to maximise their return on investment, or make their orgchart prettier or produce less powerpoints about why their orgchart isn't optimal.

A shared Windows/Linux stack as such is a thing the vendors want more for their own reasons than for the benefit of the Linux community.

Why is it a bad idea?

I'll start by saying it's not always a bad idea. In theory it might be possible to produce such a stack with the benefits of open source development model, however most vendors seem to fail at this. They see open source as a release model, they develop internally and shovel the results over the fence into a github repo every X weeks after a bunch of cycles. They build products containing these open source pieces, but they never expend the time building projects or communities around them.

[...]

A warning then to anyone wishing for more vendor code sharing between OSes it generally doesn't end with Linux being better off, it ends up with Linux being more fragmented, harder to support and in the long run unsustainable.

Read more

Proprietary Software Misc.

Filed under
Microsoft

How to switch an old Windows laptop to Linux

Filed under
GNU
Linux
Hardware
Microsoft

By the federal government’s Digital Analytics Program (DAP) count in October 2020, 3.2 percent of computer users still are on Windows 7 — even though Microsoft no longer supports it for free. If you have an older system but are worried that it won’t support Windows 10 — or if you simply don’t want to deal with Windows anymore — I have a suggestion: Switch to desktop Linux.

Desktop Linux can run on your Windows 7 (and older) laptops and desktops. Machines that would bend and break under the load of Windows 10 will run like a charm. And today’s desktop Linux distributions are as easy to use as Windows or macOS.

And if you’re worried about being able to run Windows applications — don’t. For instance, you can run the free Office Online, which comes with limited versions of Word, Excel, and PowerPoint on Linux. Teams now runs on Linux. Skype has long been available on Linux. And Microsoft’s exporting its new Edge web browser to Linux. The full Office 365 suite will be coming to Linux soon — it’s only a matter of when.

For all your other desktop software needs, there’s usually a free, open-source program that can do just as good a job. Gimp, for example, instead of Photoshop. Or Thunderbird for email instead of Outlook. For a full-fledged office suite, I highly recommend LibreOffice.

You can run many native Windows programs on Linux using Wine. This can be hard to set up, but its commercial brother, CodeWeaver’s Crossover Linux, makes it easy to set up many proprietary programs, including games.

If that doesn’t work for your office’s Windows-only programs, you can always keep running Windows 7, with a lot less danger, on a virtual machine (VM) on Linux. For this job, I recommend Oracle’s great free VirtualBox VM program.

Read more

Microsoft warns Windows 10 update breaks Office updates

Filed under
Microsoft

Microsoft has warned Windows 10 users that recent updates come with a number of bugs. Reportedly, one of the flaws prevents individuals from updating Office products due to a certificate loss issue.

After downloading October 2020 Patch Tuesday updates, some Windows 10 users received an error message reading, “Download of Office 365 file failed, error =” when trying to apply the latest Office updates. Microsoft is yet to reveal a workaround for the problem, meaning individuals must uninstall the faulty Windows update, then update Office and then re-install the Windows patch.

Read more

From Linux to Windows and Back

Filed under
GNU
Linux
Microsoft

Then a few days ago I began to think of using Windows again. I’m still not sure why. Maybe it is this Covid thing. One feels more and more frustrated and tied down. That feeling finds different pegs to express itself upon. I felt fed up with my Linux version of Zoom, I couldn’t see my students most of the time. I felt irritated with my Linux version of Microsoft Teams, I could see only four faces of my colleagues at a time (on the rare occasions that they switched on their cameras). I couldn’t scan from my mother’s all-in-one printer-cum-scanner. I couldn’t buy a new printer-cum-scanner because the new ones weren’t supported in Linux either.

Maybe Windows would be better. I would be able to see more people, use more devices, feel happier and the sky would be blue again. So I got my university’s ever-helpful IT folks to install Windows and MS Office on my laptop. That was two days ago. And today I am back to Linux.

Why? Well, yes it is true that lots of devices work better with Windows, especially the newest ones. The apple of my eye, the stylus my university gave me to write on a whiteboard during online classes, directly converts my handwriting into computer text on Microsoft OneNote. More features of my mother’s printer-scanner work now. Even the sound on YouTube is better. The sound hardware company Realtek has special device drivers for sound under Windows. Nothing like that for Linux. I can hear it fine there, to be sure, but there is an extra oomph in my headphones under Windows.

The other side is that Windows grabs you with a bear hug. It takes much more space on my hard disk. It eats up a huge amount of RAM. Opening programs takes longer than on my Linux installation. And sometimes they still don’t work. I opened a complicated file made on a previous version of MS Word in the latest MS Word on my laptop. It froze. I tried again, it froze again. Then I tried it on the open source LibreOffice which I had been using on Linux. It sprang onto my screen in a fraction of a second.

Starting and closing Windows can be a pain. It wants to install updates again and again. Even otherwise it takes a long time for my desktop to be usable. And then everything is slower than on Linux. Mine is a relatively new laptop. But this must be torture on an older machine, I thought.

Read more

How to Install Google Chrome Extensions in Microsoft Edge Browser in Linux

Filed under
Microsoft

Microsoft announced its latest browser a while back – Microsoft Edge for Ubuntu and other Linux as a preview. In this quick guide, I will walk you through the steps to Install Google Chrome Extensions in Microsoft Edge Browser.
Read more

Proprietary Software and Microsoft Security Problems

Filed under
Microsoft
Security
  • Windows REvil ransomware group member says annual take is US$100m

    A man who claims to be a member of the group behind the Windows REvil ransomware says the group takes in more than US$100 million (A$1.4 million) annually through ransom payments.

  • Microsoft: No Driver Updates Allowed for Win7 and Win8
  • Nitro again insists data breach 'isolated' as incident gets more coverage

    ASX-listed Nitro Software, a firm that had its origins in Melbourne and offers a service to create, edit and sign PDFs and digital documents, has issued an update on Wednesday to its earlier statement regarding a data breach, in what appears to be an attempt to negate the details published about the incident by the American website Bleeping Computer and a number of other websites.

  • Git shared hosting quirk | Daniel Lange's blog

    The hack was discussed on Github in Dec 2018 when it was discovered. I forgot about it again but Konstantin's mail brought the memory back and I think it deserves more attention.

    I'm sure putting some illegal content into a fork and sending a made up "blob" URL to law enforcement would go quite far. Good luck explaining the issue. "Yes this is my repo" but "no, no that's not my data" ... "yes, it is my repo but not my data" ... "no we don't want that data either, really" ... "but, but there is nothing we can do, we host on github...1".

Syndicate content

More in Tux Machines

5 open source alternatives to GitHub

Git is a popular version-control system, primarily used for code but popular in other disciplines, too. It can run locally on your computer for personal use, it can run on a server for collaboration, and it can also run as a hosted service for widespread public participation. There are many hosted services out there, and one of the most popular brands is GitHub. GitHub is not open source. Pragmatically, this doesn't make much of a difference to most users. The vast majority of code put onto GitHub is, presumably, encouraged to be shared by everyone, so GitHub's primary function is a sort of public backup service. Should GitHub fold or drastically change its terms of service, recovering data would be relatively simple because it's expected that you have a local copy of the code you keep on GitHub. However, some organizations have come to rely on the non-Git parts of GitHub's service offerings, making migration away from GitHub difficult. That's an awkward place to be, so for many people and organizations, insurance against vendor lock-in is a worthwhile investment. Read more

5 Ways to Check Your Android Phone Hacked or Not

Do you suspect that your Android smartphone or tablet is infected with some malware or spyware? Well, there are several pointers that can indicate this is the case. For example, your device is unnecessarily slow and even freezes periodically, or displays popups. Experiencing these symptoms can mean that your device has been hacked but that is not always the case. Sometimes, devices act funny due to a handful of reasons including a security hack. In today’s article, we give you five tips on how to check whether your phone is infected with malicious software as well as how to ensure that it is safe/protected. Read more

Top Tips to Protect Your Linux System

Linux-based operating systems have a reputation for their high-security level. That's one of the reasons why the market share for Linux has been growing. The most commonly used operating systems such as Windows are often affected by targeted attacks in the form of ransomware infections, spyware, as well as worms, and malware. As a result, many personal, as well as enterprise users, are turning to Linux-based operating systems such as the Ubuntu-based Linux OS for security purposes. While Linux based systems are not targeted as frequently as other popular operating systems, they are not completely foolproof. There are plenty of risks and vulnerabilities for all types of Linux devices which put your privacy as well as your identity at risk. Read more

Kernel (Linux): Windows Assimilation, Wake-on-LAN, AMD and Intel

  • Tuxera First to Bring Network Bandwidth-Saving SMB Compression Feature to Linux Environments
  • Tuxera First to Bring Network Bandwidth-Saving SMB Compression Feature to Linux Environments

    Tuxera, a world-leader in quality-assured storage management and networking software, announced that the company's SMB server implementation, Fusion File Share by Tuxera, now offers transparent compression to platforms outside of Microsoft Windows. Compression is being rapidly and widely adopted in the storage industry as a feature in memory hardware, file system implementations, and also networking protocols such as Microsoft's server messaging block technology (SMB). The ability to compress files inline during transfer can significantly reduce bandwidth and transfer time. Microsoft released the transparent compression feature to their SMB protocol specification in early 2019. However, Tuxera is the first to implement SMB compression outside of Microsoft Windows, bringing this highly in-demand feature to Linux environments in enterprises around the world.

  • Wake-on-LAN

    With Wake-on-LAN (WoL) it can be slightly easier to manage machines in-house. You can fire up the workstation and start the day’s compile jobs (to catch up with overnight work by the KDE community, say) while drinking an espresso downstairs and doomscrolling. [...] If all the administrative bits are in place, then the simple way to wake up a machine is wake <hostname>. This requires root, since it sends specially-crafted (broadcast) Ethernet packets, which isn’t something that regular users can do.

  • AMD+SUSE Tackling Frequency Invariance For AMD EPYC 7002 CPUs - Phoronix

    Thanks to work by AMD and SUSE engineers, the Linux kernel could soon be seeing frequency invariance support for EPYC 7002 "Rome" processors for yielding greater performance and power efficiency. Over the past year we have seen a lot of Linux kernel work for dealing with frequency invariance but to now that on the x86 side has been focused on Intel Xeon processors. Now through the cooperation of AMD with patches led by SUSE, frequency invariance is being worked on for the EPYC 7002 "Rome" processors.

  • Intel Begins Landing Their Open-Source Vulkan Driver Ray-Tracing Support

    This week marked the release of Vulkan 1.2.162 with the ray-tracing extensions now finalized. As such Intel's stellar open-source team has begun landing their work around Vulkan ray-tracing ahead of the Xe HPG hardware availability that will support this functionality. Back in October I wrote about Intel preparing their open-source driver support for Vulkan ray-tracing ahead of Xe HPG and now with the updated Vulkan spec out there they are able to push more of their work.