Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Security: Defcon, Carbon Black, Open-Source Cyber Fusion Centre, Open Source Security Podcast and Avaya

  • DARPA's $10 million voting machine couldn't be hacked at Defcon (for the wrong reasons)

    For the majority of Defcon, hackers couldn't crack the $10 million secure voting machine prototypes that DARPA had set up at the Voting Village. But it wasn't because of the machine's security features that the team had been working on for four months. The reason: technical difficulties during the machines' setup. Eager hackers couldn't find vulnerabilities in the DARPA-funded project during the security conference in Las Vegas because a bug in the machines didn't allow hackers to access their systems over the first two days. (DARPA is the Defense Advanced Research Projects Agency.) Galois brought five machines, and each one had difficulties during the setup, said Joe Kiniry, a principal research scientist at the government contractor. "They seemed to have had a myriad of different kinds of problems," the Voting Village's co-founder Harri Hursti said. "Unfortunately, when you're pushing the envelope on technology, these kinds of things happen." It wasn't until the Voting Village opened on Sunday morning that hackers could finally get a chance to look for vulnerabilities on the machine. Kiniry said his team was able to solve the problem on three of them and was working to fix the last two before Defcon ended.

  • At hacking conference, Pentagon's transparency highlights voting companies' secrecy

    At the country's biggest election security bonanza, the US government is happy to let hackers try to break into its equipment. The private companies that make the machines America votes on, not so much. The Def Con Voting Village, a now-annual event at the US's largest hacking conference, gives hackers free rein to try to break into a wide variety of decommissioned election equipment, some of which is still in use today. As in the previous two years, they found a host of new flaws. The hunt for vulnerabilities in US election systems has underscored tensions between the Voting Village organizers, who argue that it's a valuable exercise, and the manufacturers of voting equipment, who didn't have a formal presence at the convention.

  • Carbon Black Open-Source Binary Emulator Eases Malware Analysis

    Carbon Black, the cybersecurity and endpoint protection software provider, has unveiled the Binee open-source binary emulator for real-time malware analysis. The company announced Binee at last week’s DEF CON 27 hacker conference in Las Vegas, Nevada. [...] Carbon Black also has been gaining momentum with MSPs and MSSPs over the past few months. In fact, Carbon Black recorded revenue of $60.9 million and a net loss of $14.6 million in the second quarter of 2019; both of these figures generally beat Wall Street’s expectations.

  • Concordia receives $560K for a new Open-Source Cyber Fusion Centre

    The call for collaborative projects in the area of information communication technologies led to the genesis of the Open-Source Cyber Fusion Centre, a project that will provide companies with a wide array of tools and methodologies for cybersecurity. The project is a joint initiative with Carleton University and two industrial partners, eGloo and AvanTech, all of which have recognized expertise in open-source software application programming interfaces (APIs) and technology stacks. [...] The Open-Source Cyber Fusion Centre’s ongoing research will help strengthen and democratize the Canadian economy. By mitigating cyberthreats, projects of this kind promote entrepreneurship and help nurture a more diverse economy. In addition, the centre provides students with unique opportunities to participate in an ever-changing, complex cybersecurity industry that is becoming increasingly prevalent in Canada. SMEs can get in touch with the centre and its partners to receive support on their security operations. They can install advanced technologies in their corporate network as a free service to monitor the security of their operations.

  • Open Source Security Podcast Ep. 151– The DARPA Cyber Grand Challenge with David Brumley

    Open Source Security Podcast helps listeners better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers, the pair covers a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day.

  • McAfee Discovers Vulnerability in Avaya VoIP Phones

    McAfee researchers have uncovered a remote code execution (RCE) vulnerability in open-source software from a popular line of Avaya VoIP phones. McAfee is warning organizations that use Avaya VoIP phones to check that firmware on the devices have been updated. Avaya’s install base covers 90% of the Fortune 100, with products targeting customers from small business and midmarket, to large corporations.

KDE: Usability & Productivity, CryFS/Plasma Vault, Krita 4.2.5

  • KDE Usability & Productivity: Week 84

    Get ready for week 84 in KDE’s Usability & Productivity initiative! 84 weeks is a lot of weeks, and in fact the end is in sight for the U&P initiative. I’d say it’s been a huge success, but all good things must come to an end to make room for new growth! In fact, KDE community members have submitted many new goals, which the community will be able to vote on soon, with the three winners being unveiled at Akademy next month. But fear not, for the spirit of the Usability & Productivity initiative has suffused the KDE community, and I expect a lot of really cool U&P related stuff to happen even after the initiative has formally ended–including the long-awaited projects of PolicyKit support and mounted Samba and NFS shares in KIO and Dolphin! These projects are making steady progress and I hope to have them done in the next few months, plugging some longstanding holes in our software.

  • ownCloud and CryFS

    It is a great idea to encrypt files on client side before uploading them to an ownCloud server if that one is not running in controlled environment, or if one just wants to act defensive and minimize risk. Some people think it is a great idea to include the functionality in the sync client. I don’t agree because it combines two very complex topics into one code base and makes the code difficult to maintain. The risk is high to end up with a kind of code base which nobody is able to maintain properly any more. So let’s better avoid that for ownCloud and look for alternatives. A good way is to use a so called encrypted overlay filesystem and let ownCloud sync the encrypted files. The downside is that you can not use the encrypted files in the web interface because it can not decrypt the files easily. To me, that is not overly important because I want to sync files between different clients, which probably is the most common usecase. [...] My personal conclusion: CryFS is an interesting project. It has a nice integration in the KDE desktop with Plasma Vault. Splitting files into equal sized blocks is good because it does not allow to guess data based on names and sizes. However, for syncing with ownCloud, it is not the best partner.

  • Krita 4.2.5 Digital Painting Software for Ubuntu/Linux Mint

    Krita is a robust, fast and flexible painting application that makes creating art from scratch or existing resources a fun and productive experience. With many powerful brush engines and unique features such as multi­hand and mirrored painting, Krita explicitly supports creating comics, concept art, storyboards, textures, matte paintings and illustrations. Krita has several features that are unique or a first among free software painting applications: support for colorspaces other than RGB, like CMYK, support for HDR painting, painting assistants, a perspective grid. Pop-up Palette: Quickly pick your color and brush by right-clicking on the canvas. You can also use Krita’s tagging system to swap out the available brushes that are displayed. The ring outside of the color selector contains the most recently used colors. These settings can be configured through the preferences.

HealthyPi v4 open source, wireless, wearable for human vital signs monitoring

A new piece of hardware will soon be launching via the Crowd Supply website called HealthyPi v4, offering a fourth-generation built on the technology and feedback from previous versions. The open source, wireless, wearable has been specifically designed to monitor human vital signs and is powered by an ESP32. Read more Also: EEZ Bench Box 3 open source modular test chassis

Open Hardware and Devices

  • RAKWireless Introduces RAK7200 LoRa Tracker | Features & Specifications
  • Padauk PMS150C “3 Cents” MCU Supports SDCC Open Source Toolchain
  • OpenHW Group Launched
  • Spain's First Open Source Satellite

    [Fossa Systems], a non-profit youth association based out of Madrid, is developing an open-source satellite set to launch in October 2019. The FossaSat-1 is sized at 5x5x5 cm, weighs 250g, and will provide free IoT connectivity by communicating LoRa RTTY signals through low-power RF-based LoRa modules. The satellite is powered by 28% efficient gallium arsenide TrisolX triple junction solar cells. The satellite’s development and launch cost under EUR 30000, which is pretty remarkable for a cubesat — or a picosatellite, as the project is being dubbed. It has been working in the UHF Amateur Satellite band (435-438 MHz) and recently received an IARU frequency spectrum allocation for LoRa of 125kHz.

  • Fitness Trackers Don't Have To Be Proprietary

    The OpenHAK is an open-source fitness tracker in a 3D printed wristwatch case that measures your heart rate and counts your steps, offering the resultant data for you to collect via Bluetooth. At its heart is a Sparkfun Simblee module, with heart rate sensing through a Maxim MAX30101 and step counting .by a Bocsh BMI160. It’s designed for expandability from the start with a header bringing out useful interface lines. In the prototype, they’ve used this to support a small OLED display. The result is a fitness tracker watch that may not match some of the well-known proprietary devices, but which remains completely open and probably costs a lot less too.

  • CutiePi is an open source Raspberry Pi-based tablet (coming in late 2019?)

    The CutiePi is hardly the first tablet built around one of Raspberry Pi’s tiny, low-cost computers. But it’s a pretty nifty looking addition to the category that combines an 8 inch touchscreen display with a Raspberry Pi Compute Module 3 Lite, a custom carrier board, and software to make the Linux-based Raspbian operating system touch-friendly. CutiePie’s developers have a working prototype and hope to begin selling the tablet later this year. But the whole project is open source, so anyone who wants to build their own can check out the code and hardware design files and give it a try.

  • CutiePi open source Raspberry Pi tablet unveiled

    Unfortunately, no information on pricing or worldwide availability has been released as yet for the CutiePi, but as soon as information comes to light, we will keep you updated as always.