Other Sites

9to5Linux

LibreOffice 24.8.3 Office Suite Is Now Available for Download with 88 Bug Fixes

LibreOffice 24.8.3 is here one and a half months after the LibreOffice 24.8.2 release to address more of those pesky bugs, crashes, and other annoyances reported by users, thus improving its overall stability and reliability of the open-source, free, and cross-platform office suite.

Internet Society

No Power = No 1s and 0s. Internet Resilience Requires Electrical Resilience

Last week, Cuba lost all Internet connectivity when Hurricane Rafael struck the nation and caused a failure in its power infrastructure. This was only a few weeks after the shutdown of a major power generation plant caused a nationwide power outage and a loss of all Internet connectivity. In late October, the Caribbean island of Guadalupe dropped off the Internet as striking workers took over and shut down the island’s main power plant.

LinuxGizmos.com

OrangePi 4A with Octa-Core ARM Cortex-A55, RISC-V Coprocessor, and M.2 2280 PCIe 2.0 NVMe SSD Support

Following the launch of the OrangePi RV in September, OrangePi has introduced another single-board computer, the OrangePi 4A. With a form factor similar to the Raspberry Pi, this board features an M.2 2280 slot for storage, dual camera interfaces, and multiple display peripherals.

Advancing Open-Source Support for MediaTek’s Genio IoT Platforms with Collabora

MediaTek is advancing its IoT Edge AI capabilities by expanding upstream support for its Genio platforms. Building on the success of the MediaTek Kompanio Chromebook project, this new initiative brings the focus to MediaTek’s Genio Evaluation Kits, which are being integrated into Collabora’s Linux development ecosystem.

Clipper HAT Mini Brings 4G LTE Connectivity to Raspberry Pi, Includes Free 100MB SIM Card

Pimoroni’s new Clipper HAT Mini brings 4G LTE connectivity to the Raspberry Pi, enabling projects to operate where Wi-Fi is limited or unavailable. Designed for remote applications, it supports reliable data transmission for outdoor sensors, mobile setups, and monitoring systems.

System76 Meerkat MiniPC with 13th Gen Intel Processors and M.2 2280 Slot

The Meerkat mini-desktop is a compact, versatile solution for professional and personal use, supporting multitasking on up to four displays with seamless media, email, and web browsing on Pop!_OS or Ubuntu.

Security Leftovers

posted by Roy Schestowitz on Aug 26, 2022

Living off the land, AD CS style | Pen Test Partners

Unless you have been living under a rock for the last year or so, Active Directory Certificate Services (AD CS) abuse continues to be a hot topic in offensive security, ever since the excellent research released by Will Schroeder (@harmj0y) and Lee Christensen (@tifkin_). I, like many, have enjoyed the fruits of Will and Lee’s research since its release last year.

Up until now exploitation of these AD CS misconfigurations typically requires tools like Certify directly over C2, or Oliver Lyak’s excellent certipy tool over SOCKS into the target environment.

Recently, my genius and handsome colleague Nick (guess who tech QA’d this post?) and I got into a conversation around living off the land techniques for AD CS abuse. The environment he was targeting at the time was brutal from a red teamer perspective, with a high functioning SOC and excellent detection capability. In situations such as this, living of the land is a much more effective way of remaining undetected and blending in with legitimate traffic.

[...]

There are several ways to enrol for certificates using traditional Windows features and tools. The certutil command line tool and the web enrolment endpoint that is sometimes exposed, to name a few. But we wanted to avoid the command line if possible and not rely on the web enrolment endpoint as often this is not available.
Security updates for Friday [LWN.net]

Security updates have been issued by Debian (zlib), Fedora (dotnet3.1, firefox, java-1.8.0-openjdk-aarch32, thunderbird, and zlib), Mageia (canna, chromium-browser-stable, dovecot, firefox/nss, freeciv, freetype2, gnutls, kernel, kernel-linus, kicad, ldb/samba/sssd, libgsasl, microcode, nodejs, rsync, thunderbird, and unbound), Oracle (php:7.4 and systemd), Scientific Linux (firefox, rsync, systemd, and thunderbird), Slackware (vim), and SUSE (bluez, gstreamer-plugins-good, java-1_7_1-ibm, java-1_8_0-ibm, kernel, libcroco, postgresql10, postgresql13, python-lxml, and webkit2gtk3).
Security and Cheap Complexity - Schneier on Security

I’ve been saying that complexity is the worst enemy of security for a long time now. (Here’s me in 1999.) And it’s been true for a long time.
The anomaly of cheap complexity

So, computers are insecure because they have so many complex layers.
Day in the life of a package maintainer: Reproducible Go packages

In this new blog series, I would like to introduce you to the daily adventures of an Arch Linux package maintainer.

This time, we will have a look at reproducible package builds. Reproducible package builds are very important for us, as package maintainers, because reproducible package builds create an independently-verifiable path from source to the final package. This means, every Arch Linux user can verify that noone tampered with the Arch Linux package build process. Technically spoken, this means that we can build the same package on different systems and get an exact identical package (identical as in: they share the same SHA256 checksum).

Other Recent Tux Machines' Posts

LibreOffice 24.8.3 Office Suite Is Now Available for Download with 88 Bug Fixes: The Document Foundation announced today the general availability of LibreOffice 24.8.3 as the third maintenance update to the latest LibreOffice 24.8 office suite series fixing more than 80 bugs.
GNU/Linux Leftovers: and more
LinuzGizmos: Open-Source, Raspberry Pi, and System76: Collabora plans to launch a blog series detailing the open-source development progress on MediaTek’s Genio platforms
Games: Steam Deck 2, GodotCon 24, and 'Monarchy' Review on GNU/Linux and Steam Dec: 3 gaming related news picks
mesa 24.3.0-rc2: We have a fairly small RC2 today
The Pros And Cons Of Open Source Software: Is It Really Safe?: If you haven't heard of Linux (or don't know what it does) the TL;DR is that it's a free, open source operating system that can be used by anyone on almost any device
What’s new for Fedora Atomic Desktops in Fedora 41: So let’s see what arrives with the new releases for the Fedora Atomic Desktops variants (Silverblue, Kinoite, Sway Atomic and Budgie Atomic)
RIP Jérémy Bobbio (Lunar): Longtime Debian and Tor developer, Jérémy Bobbio—perhaps better known as "Lunar"—died on November 8
Security Leftovers: Security related picks
Free, Libre, and Open Source Software and Standards: mostly FOSS and programming
today's leftovers: GNU/Linux focused
Fedora and Red Hat Leftovers (and Puff Pieces): a mixed bag
today's howtos: only 4 of them for now
Applications: Rhythmbox Update, Programs for Professional Writers, and Alternatives to the ZIP Command in GNU/Linux: mostly Free software for this batch
Today in Techrights: Some of the latest articles
It's FOSS and Linuxiac Helping Non-FOSS (Proprietary) and Microsoft: disappointing
KDE Gear 24.12 Beta Testing: KDE Gear is our release service for many apps such as mail and calendaring supremo Kontact
BSD: BSD Now, FreeBSD at EuroBSDCon 2024 and FreeBSD Backlight/screen Brightness on Thinkpad X1: BSD news, a pair of articles
Security, FUD, and Windows TCO: security-themed news picks
Programming Leftovers: Development links, may about Python
Latest From Red Hat's Site: some promotion of proprietary stuff
Games: Old Skies, New Steam Games with Native GNU/Linux Clients, PlayStation Emulators: 4 more stories for today
today's howtos: first long batch for today
GNU/Linux and Devices: Wind River, GenBook, Raspberry Pi, and Arduino: several devices that are freedom-centric
PostgreSQL: PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 Released!: versions of PostgreSQL, including 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21
Games: Prime Gaming, Temtem: Swarm, VoxeLibre, and More: GamingOnLinux picks
Android Leftovers: Arc Browser for Android is now available for all
Ultra-efficient Q4OS 5.7 comes with Debian 12.8-specific changes and more: More than two months after the arrival of its predecessor, Q4OS 5.7 surfaces with Debian Bookworm 12.8-specific updates
A New Linux Distro Has Set Out To Look Like Windows 11: I Try AnduinOS!: We take a brief look at AnduinOS, trying to mimic the Windows 11 look. Is it worth it
Free and Open Source Software, howtos and Installations: This is a multi-part blog looking at a DreamQuest N100 Mini PC running Linux
PureOS Crimson Development Report: October 2024: Welcome to the fourth installment in our PureOS development series
Stable kernels: Linux 6.11.8, Linux 6.6.61, Linux 6.1.117, and Linux 5.15.172: All users of the 6.11 kernel series must upgrade
Today in Techrights: Some of the latest articles
Buy Nothing Day: This weekend is book-ended by two orgies of consumption, "Black Friday" and "Cyber Monday"
Red Hat Enterprise Linux 9.5 Released with Sudo System Role and Podman 5.0: Red Hat announced today the release and general availability of Red Hat Enterprise Linux 9.5 as the latest version of this enterprise Linux distribution.
Free, Libre, and Open Source Software and Standards: Even some Openwashing ny OSI
HowTos, EasyOS, Debian, OpenSUSE: today's leftovers
Red Hat Leftovers: lots of fluff though
Programming Leftovers: Development links
Devices/Embedded: GenBook, Amiga, RISC-V, FPGAs, and More: Open Hardware-focused
Raspberry Pi Projects and News: 5 of them
xcompmgr 1.1.10: xcompmgr is a sample compositing manager for X servers
today's howtos: first batch for Friday
today's leftovers: 4 misc. stories
Windows TCO Leftovers: Windows TCO stories
Games: Yawnoc, GOG, GTA, and More: Latest from GamingOnLinux
Safety in an unsafe world: Joshua Liebow-Feeser took to the stage at RustConf to describe the methodology that his team uses to encode arbitrary constraints in the Rust type system when working on the Fuchsia operating system
The Overture open-mapping project: OpenStreetMap tends to dominate the space for open mapping data
today's leftovers: operwashing and more
Android Leftovers: How to remove a Google account from your Android phone: Quick and easy guide (2024)
WordPress 6.7 'Rollins': WordPress 6.7, code-named 'Rollins,' celebrates legendary jazz saxophonist Sonny Rollins and debuts the sleek, versatile Twenty Twenty-Five theme, designed for any blog, any scale
Ubuntu 25.04 Set to Ship With New PDF Viewer: It could be all change for the PDF viewer in the next version of Ubuntu
EDATEC ED-GWL1010: Amlogic S905X4-based PoE-enabled LoRaWAN gateway targets Smart Buildings and IoT applications: The ED-GWL1010 runs Debian 11 Lite, a streamlined 64-bit OS ideal for IoT tasks
CachyOS ISO Release for November Improves Support for AMD and NVIDIA Users: The development team behind the Arch Linux-based CachyOS distribution released today a new ISO snapshot that brings various improvements for AMD and NVIDIA GPUs, as well as other changes.
Best Free and Open Source Software: We only include free and open source software
FreeBSD 14.2-BETA2 Now Available: The second BETA build of the 14.2-RELEASE release cycle is now available
Ubuntu Touch OTA-6 Focal Release: Ubuntu Touch 20.04 OTA-6 contains only a minimal number of changes due to our current focus on Ubuntu base OS upgrade
Video: Steam Deck, Backdoors, Miriway, Wayland, and More: new videos
VLC playback delay on seek (jump to another timestamp): I never had such issues with VLC before, but they are now present in the media player in my Kubuntu 22.04 on my Slimbook Executive
A tribute to Dian Ina Mahendra: It is with a heavy heart that I share the passing of my dear friend, Dian Ina Mahendra, who left us after a long battle with illness
Communities aren’t an accidental collection of strangers with a common interest: To bring it back to open source projects: if you’re moderately successful
Latest in Perl: From Perl.org (official site)
The OpenWrt One system: OpenWrt is, despite its relatively low profile, one of our community's most important distributions
Building secure images with NixOS: They promise reliability and security, but pose packaging problems for existing distributions
today's leftovers: Red Hat and more
Audiocasts/Shows: Linux Matters, Destination Linux, and More to Come: 2 new episodes
Today in Techrights: Some of the latest articles
GIMP 3.0 Release Candidate Is Now Available for Public Testing: The development team behind the popular GIMP open-source image editing software announced today the general availability of the Release Candidate (RC) milestone of the highly anticipated GIMP 3.0 release.