Language Selection

English French German Italian Portuguese Spanish

Microsoft

How I Switched from Windows 10 to Linux Mint?

Filed under
GNU
Linux
Microsoft

This article explains the reasons and process to switch from Windows 10 to the latest Linux Mint version, which is Linux Mint 20 Ulyana.

I was using Microsoft Windows for almost 10 years. As of January 2020, Microsoft has terminated the support for windows. I had the option to use windows 7 by paying for Windows 7 Extended Security Updates or upgrade to Windows 10 for free. But I was not interested to upgrade from Windows 7 to 10. Now, I have decided to move to the Linux based operating systems rather than Microsoft Windows.
The first question that arose in my mind is which Linux Distro will fulfill my needs in terms of professional and personal use. Some of the Linux distros are fine for professional use, but not meant for personal use like Red Hat Enterprise Linux. Therefore, I was keen on finding the best distro that can be used for professional, as well as personal use, and great community support.

Community support is an important aspect to consider when you are selecting any distro. The reason is that if you face any problem while installing any software applications or doing some configuration, then you can post your problem on the community website, and anyone can give the solution.

Read more

Microsoft Teams, Office 365 and OneDrive suffer outage – UK users unable to work from home

Filed under
Microsoft

Office 365 services such as Microsoft Teams, OneDrive and SharePoint have all reportedly been hit with issues today.

Independent outage monitor Down Detector has recorded a spike in Office 365, Microsoft Teams, OneDrive and SharePoint down reports.

The heaviest hit services are Microsoft Teams and SharePoint, which so far have registered hundreds of down reports.

Out of those affected, some 70 percent of Microsoft Teams users said they were experiencing server connection problems.

Read more

Microsoft Failures and the GitHub Trap

Filed under
Microsoft

Microsoft Kills Another Microsoft Product, Profits From Mass Incarceration Instead

Filed under
Microsoft
  • Microsoft will shut down Minecraft Earth in June

    At its core, Minecraft Earth was a game based upon exploration and discovery. During the early days of lockdown, my kids and I would wander around the neighborhood, looking for animals, ores, and dungeons to explore. But Microsoft said that the “current global situation” prevented the free movement and collaborative play that allowed Minecraft Earth to survive.

    As a result, Minecraft Earth will be turned off in June. “On June 30, we will discontinue all content and service support for the game,” Microsoft said in a blog post. “This means that we will stop all development, and after that date, you will be unable to download or play Minecraft Earth anymore. On July 1, we will delete any Minecraft Earth player data unrelated to Character Creator and Minecoin entitlements.”

  • What went wrong with software for prisons

    Microsoft and its partner Tribridge, a tech company that specialises in business applications and cloud solutions, Microsoft built the IDOC a searchable web-based solution called Offender 360 to centralise databases in the cloud and upgrade its prison management capabilities.

    Then-Governor Patrick Quinn said at the time, Microsoft’s “cutting-edge technology will give Illinois one of the most advanced criminal justice information systems in the country.”

    [...]

    For Microsoft, this was years in the making. In a 2016 blog post, “Digital Technology and the Prison of the Future”, Microsoft envisioned prisons monitored with CCTV, drones and IoT devices, including “finger, face, and eye recognition to identify inmates” as well as RFID tagging and tracking bands.

Microsoft Spin and Blame-Passing After Major Breach

Filed under
Microsoft
  • Microsoft says [crackers] viewed source code as part of SolarWinds attack

    Microsoft made the announcement as part of its investigation into findings last week, first reported by The Washington Post, that Russian [attackers] responsible for one of the biggest cyber incidents in U.S. history had compromised Microsoft cloud customers as part of the attack on IT company SolarWinds.

  • Microsoft Says Suspected Russian [Atackers] Viewed Source Code

    Microsoft had previously said it, too, had received a malicious update of software from information technology provider SolarWinds Corp. that was used to breach government agencies and companies around the world. The details of the campaign are still largely unknown, including how many organizations were victimized and what was taken by the [crackers]. Bloomberg News reported in December that investigators have determined at least 200 organizations were attacked as part of the campaign.

  • SolarWinds [Crackers] Accessed Microsoft Source Code, Microsoft Says

    Source code, the underlying set of instructions that run a piece of software or operating system, is typically among a technology company's most closely guarded secrets, and Microsoft has historically been particularly careful about protecting it.

    It is not clear how much or what parts of Microsoft's source code repositories the [attackers] were able to access, but the disclosure suggests that the [attackers] who used software company SolarWinds as a springboard to break into sensitive U.S. government networks also had an interest in discovering the inner workings of Microsoft products as well.

  • SolarWinds [attackers] accessed Microsoft source code, the company says

    It is not clear how much or what parts of Microsoft's source code repositories the [crackers] were able to access, but the disclosure suggests that the [attackers] who used software company SolarWinds as a springboard to break into sensitive U.S. government networks also had an interest in discovering the inner workings of Microsoft products as well.

  • SolarWinds [crackers] accessed Microsoft source code, the company says

    Three people briefed on the matter said Microsoft had known for days that the source code had been accessed. A Microsoft spokesman said security employees had been working “around the clock” and that “when there is actionable information to share, they have published and shared it.”

Joey Hess: Withdrawing github-backup

Filed under
Development
Microsoft

If the farce of youtube-dl being removed from github, thus losing access to all its issues and pull requests, taught us anything, it's that having that happen does not make many people reconsider their dependence on github.

[...]

That seems like something it might be worth building some software to manage. But it's also just another case of Github's mass bending reality around it; the average Github user doesn't care about this and still gets archived; the average self-hosting git user may care about this slightly more, but most won't get archived, even if that software did get built.

Read more

Proprietary Software Failures and Security Leftovers

Filed under
Microsoft
Security
  • Microsoft rushes out fix for critical Windows 10 bug

    A new critical bug appears to have emerged in Windows 10, which is crashing some computers when they run the chkdsk command.

    It appears that this bug is affecting Windows 10 running the latest update (December 2020), which was released by Microsoft to fix numerous problems. Instead, as Windows Latest reports, some users have found that when they run the Check Disk tool (also known as chkdsk), their PCs crash, and the dreaded Blue Screen of Death appears.

  • Microsoft Azure breach left thousands of customer records exposed

    Thanks to questionable security practises by an app developer, more than half a million sensitive documents of its customers were exposed on the Internet. The documents were housed in an unprotected Microsoft Azure blob storage and could be viewed by anyone with the direct address of the files, without any kind of authentication.

    Azure Blob storage is a feature of Microsoft Azure that allows users to store large amounts of unstructured data on Microsoft's data storage platform.

    The unsecured blob was managed by Surrey-based app developer Probase and according to The Register, it contained 587,000 files, ranging from backed-up emails to letters, spreadsheets, screenshots, and more.

  • Security updates for Tuesday

    Security updates have been issued by CentOS (kernel and thunderbird), Debian (openjdk-8 and webkit2gtk), Fedora (gdm, mingw-openjpeg2, and openjpeg2), Mageia (compat-openssl10, golang-googlecode-net, mbedtls, openssl, and virtualbox), openSUSE (ovmf and xen), Red Hat (kernel, mariadb-connector-c, mariadb:10.3, postgresql:10, and postgresql:9.6), and SUSE (ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark, ceph, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-heat-templates, openstack-nova, python-Jinja2, firefox, java-1_7_0-ibm, java-1_7_1-ibm, PackageKit, and thunderbird).

  • But, what about root passwords?

    If you’ve walked long enough into your enterprise identity management journey you might reach this question: How will root passwords be managed? Having centralized user and group IDs, your access policies—Host Based Access Control (HBAC) and Role Based Access Control (RBAC)—in Red Hat Identity Management (IdM) or any similar solution might still leave root passwords unmanaged.

    [...]

    While there is a resemblance in some of these examples and the public cloud’s approach in having no root password set, and shifting the privileged access to users other than root, there is one big difference. Many physical and virtual provisioning workflows for on-prem will include setting up a default root password for a variety of reasons, but those reasons are beyond the scope of this blog post.

  • Kali Linux: The Last 12 Months (2019/2020) & Looking forwards (2021)

    As the end of the year is coming up (some may say not quickly enough), we want to take a few minutes and recap on our roadmap 2019/2020 post.

    At a higher level, the last 12 months of Kali Linux (outside of the normal release items – e.g. packages updates), Kali has had various refreshes, switches and additional new features added.

  • Josh Bressers: Episode 248 – Door 23: How to report 1000 security flaws

    Josh and Kurt talk about how to file 1000 security flaws. One is easy, scale is hard.

  • The State of Safety Certification of Platforms

    A lot has been written about safety “certification” of platforms. As the number of applications involving human safety increases in markets such as avionics, automotive, industrial, etc., the importance of the functional safety certification of software that controls key functions has never been greater. There are several standards that govern the safety certification of software like DO-178, SEAL, ISO26262, and IEC61508. It is the best known and perhaps the most rigorous is the DO-178 standard that is governed by the FAA for commercial avionics software. A look “under-the-hood” into the process of safety certification reveals many interesting facts.

    As the leader of an engineering team that is working on certifying code for deployment on big programs like the Joint Strike Fighter, I thought it would be interesting to share the next level of what is involved. Let me start with a datapoint. The average time to get a single line of source certified to DO-178 DAL A Standard (used for the most critical system functions in aircraft and helicopters) may take 2-3 hours. So, that means that every 2,000 lines of code takes one year to certify. How many applications these days have as little as 2,000 lines of code?

Proprietary Software and Security Problems

Filed under
Microsoft
Security

Proprietary Software and Security Issues

Filed under
Google
Microsoft
Security
  • Google Blames Gmail, YouTube Outage on Error in User ID System

    Google diagnosed a widespread outage that knocked out major services earlier this week, such as Gmail and YouTube, as a mistake with its system for identifying people online.

    Alphabet Inc.’s Google has several tools that enable it to verify and track logged-in users. In October, the company began moving those tools to a new file storage system, and in the process misreported portions of the data, according to a Friday post. That caused several of its services to go down for 47 minutes Monday morning, a rare technical misstep.

  • Windows 10 updates cause CorsairVBusDriver BSOD crash loop
  • Microsoft has delivered a partial fix for this nagging Windows 10 bug

    Microsoft has released a partial fix for a known issue affecting Windows 10 devices with certain audio drivers for Conexant and Synaptics devices. The issue has been under investigation since May this year.

  • Attackers in compromised US system at least since mid-2019: report

    Malicious attackers, who were exposed as having hit a number of government and private sector entities through software made by Texas firm SolarWinds, appear to have gained access to that firm's network as early as mid-2019, Yahoo! News claims.

  • Suspected Russian [attack]: Was it an epic cyber attack or spy operation?

    But for many current and former American officials, that’s not the right way to look at it. By [cracking] into dozens of corporations and government agencies, they say, the [crackers] have pulled off a stunning and distressing feat of espionage. But they note that it’s just the sort of cyber spying that the American National Security Agency attempts on a regular basis against Russia, China and any number of foreign adversaries.

    It might constitute an attack if the intruders destroyed data, for example, or used their access to do damage in the physical world, say, by shutting down power grids. But breaking into unclassified government and corporate networks? Reading other people’s emails? That’s spying.

  • Exploiting a stack-based buffer overflow in practice

    In my previous post, I detailed a fun method of obtaining root access on the Zyxel VMG8825-T50 router, which required physical access to the device and authenticated access to the web interface.

    In this post, I will detail the exploitation of a vulnerability that could potentially result in unauthenticated RCE as root, given LAN access only. This vulnerability was also found on the VMG8825-T50 router, but it turns out to be present in multiple other Zyxel devices.

Syndicate content

More in Tux Machines

Free Software Leftovers

  • Ingo Juergensmann: Migrating from Drupal to WordPress

    If you can read this on planet.debian.org then migrating my blog from Drupal to WordPress was successful and the feed has been successfully changed by the Debian Planet Maintainers (thanks!). I’ve been a long term Drupal user. I think I started to use Drupal since it was included in Debian. At some point Drupal was removed from Debian and I started to use Serendipity instead. Later Drupal was included in Debian again and I moved back to Drupal. I think this must have been around Drupal 4 or Drupal 5. No idea. I even became active in the Drupal community and went to one of the first Drupal barcamps in Germany, namely in Cologne. This was shortly before Dries Buytaert started a business off of Drupal and went to the USA. I met with many devs of Drupal in Cologne and enjoyed the community and started with others a local Drupal User Group in Rostock. [...] So, after all the years my Drupal journey will come to an end. It was a long time with you. Sometimes joyful, sometimes painful. I wish you all the best, Drupal!

  • The round-the-world trip to fix a bug

    Mrs. Vera Cavalcante (@veracape), from Brazil, a long-time contributor for the Portuguese documentation on LibreOffice, was reviewing the translation of the Calc Guide and double-checking the translated text, with respect to the current user interface and the Help pages. Vera noticed that the Help pages on conditional formatting were not correct any more, and reported in the Brazilian team Telegram group (Bugzilla is still very hard for non-native English speakers).…

  • Red Kubes Container Platform Flies Open Source Flag

    Red Kubes, a Dutch-based startup, open sourced a free community edition of its Otomi Container Platform in a bid to remedy the ongoing complexity surrounding Kubernetes configurations. The scalability, agility, and speed-to-market advantages that Kubernetes offers have been handsome enough to capture a growing share of the enterprise market, but this very strength can become an Achilles heel for container deployments. In this sense, it’s far too easy – and common – to create thousands or even tens of thousands of containers across applications. Not only does this create an operational money pit, but management becomes a herculean feat to any container newbie.

  • The Apache Software Foundation Announces Apache® ECharts™ as a Top-Level Project

    The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® ECharts™ as a Top-Level Project (TLP). Apache ECharts is an intuitive, interactive, and powerful charting and visualization library ideally suited for commercial-grade presentations. The project originated in 2013 at Baidu and entered the Apache Incubator in January 2018.

  • Shots fired in disputes over OSS-as-a-Service

    Cloud services are the great disruptor of both IT organizations and vendors, and wrapping open source software around a service is the latest flashpoint. The open source development model has proven to be an incredible incubator of innovative software by democratizing and distributing the conception, design, implementation and debugging of new titles, advantages that were thoroughly explored more than two decades ago in the book, The Cathedral and the Bazaar. Although open source has since been adopted, encouraged and sponsored by every major software company, its origins were decidedly non-commercial with utopian overtones of liberating code from the tyranny of proprietary shackles. The earliest open source projects, notably Gnu Emacs and other tools from the Gnu Project, embraced this idealistic ethos with a restrictive, comprehensive license, GPL, that applies to derivative work using the code.

  • AWS to Fork Elasticsearch as Elastic Moves Away from Open Source

    Elastic’s license change from open source ALv2 to SSPL appears to have moved Amazon Web Services to “launch new forks of both Elasticsearch and Kibana.” Elasticsearch’s move towards the more restrictive Server Side Public License has already begun to ruffle feathers among developers.

Programming Leftovers

  • Excellent Free Tutorials to Learn Tcl - LinuxLinks

    Tcl (Tool Command Language) is a dynamic programming/scripting language based on concepts of Lisp, C, and Unix shells. Here's our recommended free tutorials to learn Tcl.

  • ROC and Precision-Recall curves - How do they compare?

    Both curves offer two useful information: how to choose the positive class prediction threshold and what is the overall performance of the classification model. The former is determined by selecting the threshold which yield the best tradeoff, in adequation with the prediction task and operational needs. The latter is done by measuring the area under the curves which informs about how good the model is, because by measuring the area under the curves, one computes the overall probability that a sample from the negative class has a lower probability than a sample from the positive class. With scikit-learn, the values can be computed either by using the roc_auc attribute of the object returned by plot_roc_curve() or by calling roc_auc_score() directly for ROC curves and by using the average_precision attribute of the object returned by plot_precision_recall_curve() or by calling average_precision_score() directly for PR curves.

  • Write GIMP scripts to make image processing faster | Opensource.com

    Some time ago, I wanted to give a blackboard-style look to a typeset equation. I started playing around with the GNU Image Manipulation Program (GIMP) and was satisfied with the result. The problem was that I had to perform several actions on the image, I wanted to use this style again, and I did not want to repeat the steps for all the images. Besides, I was sure that I would forget them in no time.

  • Bash wait Command | Linuxize

    wait is a command that waits for the given jobs to complete and returns the exit status of the waited for command. Since the wait command affects the current shell execution environment, it is implemented as a built-in command in most shells. In this article, we’ll explore the Bash built-in wait command.

  • Santiago Zarate: Cron do not send me empty emails
  • Rust & the case of the disappearing stack frames | Inside Rust Blog

    Now that the FFI-unwind Project Group has merged an RFC specifying the "C unwind" ABI and removing some instances of undefined behavior in the "C" ABI, we are ready to establish new goals for the group. Our most important task, of course, is to implement the newly-specified behavior. This work has been undertaken by Katelyn Martin and can be followed here.

Open Hardware: Raspberry Pi, Arduino, Thomas Petazzoni (Bootlin) on Training

  • Qsync fixed on the Pi4 and FF compiled

    The Raspberry Pi4 does not have a hardware battery-backed clock, so relies on getting the date and time from an Internet time server. In EasyOS, Qsync is the utility that does that. At first bootup, QuickSetup has a checkbox to enable getting time from the Internet, which will launch Qsync. At first bootup on the Pi4, if you are going to connect to Internet via wifi, not ethernet, then there won't be an immediate Internet access. No problem, Qsync will run once the Internet connection is established. Qsync will run just once at bootup and after Internet connection. That's fine, but I couldn't understand why it would suddenly stop working. Then discovered that /etc/init.d/qsync was getting its executable-flag cleared.

  • Arduino Blog » This children’s console looks like something straight out of a superhero’s lair

    Kids have wonderful imaginations, and to help students at a primary school have a super time, creator “palladin” was asked to construct a console for them to use. The device features a variety of lights and sci-fi additions, including glowing “reactor” tubes that diffuse light using hair gel and a “memory bank” that emits flashing patterns for a 1950s supercomputer look.

  • Arduino Blog » This pen plotter draws detailed maps the size of walls

    Christopher Getschmann wanted a wall-sized map of the world. He soon realized, however, that it’s tough to actually buy such a map that’s both beautiful and detailed enough to satisfy his cartographic tastes. While many would simply move on to the next “thing,” Getschmann instead took things into his own hands, and built a pen plotter specifically to draw massive 2×3 meter map for his wall.

  • New training course: embedded Linux boot time optimization

    For many embedded products, the issue of how much time it takes from power-on to the application being fully usable by the end-user is an important challenge. Bootlin has been providing its expertise and experience in this area to its customers for many years through numerous boot time optimization projects, and we have shared this knowledge through a number of talks at several conferences over the past years. We are now happy to announce that we have a new training course Embedded Linux boot time optimization, open for public registration. This training course was already given to selected Bootlin customers and is now available for everyone.

Red Hat/Fedora Leftovers

     
  • A brief introduction to Ansible roles for Linux system administration

    In this part one of two articles, learn to use rhel-system-roles with your Ansible deployment to better manage functionality such as network, firewall, SELinux, and more on your Red Hat Enterprise Linux servers.

  •  
  • From Docker Compose to Kubernetes with Podman | Enable Sysadmin

    Use Podman 3.0 to convert Docker Compose YAML to a format Podman recognizes.

  •  
  • Fedora Community Blog: Software Management (RPM, DNF) 2020 retrospective

    On behalf of the RPM and DNF teams, I would like to highlight changes that have appeared in our packages in 2020. Thanks everyone for your bug reports and patches!

  •   
  • Application and data resiliency for Kubernetes

    Using tools like Red Hat OpenShift and Red Hat OpenShift Container Storage, organizations are developing and deploying more stateful applications and microservices at an accelerating pace. According to a recent Enterprise Strategy Group (ESG) research study, 41% of companies currently use containers for production applications. Another 33% use containers for dev/test and pre-production only but plan to use containers for production applications in the next 12 months.

  • Red Hat Introduces Data Resilience for Enterprise Kubernetes Applications

    Red Hat, Inc., the world's leading provider of open source solutions, today introduced new data resilience capabilities for cloud-native workloads with the release of Red Hat OpenShift Container Storage 4.6. This offering from Red Hat Data Services enables customers to extend their existing data protection solutions and infrastructure to enhance data resilience for cloud-native workloads across hybrid and multicloud environments.

  •  
  • Why Red Hat killed CentOS—a CentOS board member speaks

    This morning, The Register's Tim Anderson published excerpts of an interview with the CentOS project's Brian Exelbierd. Exelbierd is a member of the CentOS board and its official liaison with Red Hat. Exelbierd spoke to Anderson to give an insider's perspective on Red Hat's effective termination of CentOS Linux in December, in which the open source giant announced CentOS Linux was to be deprecated immediately—with security upgrades to CentOS Linux 8 ending later in 2021 rather than the 2029 end of support date CentOS users expected.