Other Sites

9to5Linux

Mesa 24.3 Open-Source Graphics Stack Adds Vulkan 1.3 Conformance for V3DV

Coming more than three months after Mesa 24.2, the Mesa 24.3 release is here to introduce Vulkan 1.3 conformance for the V3DV graphics driver for Raspberry Pi 4 and Raspberry Pi 5 devices, which should give the Raspberry Pi OS distribution a serious graphics boost the next time you update it. In addition, the V3DV driver received support for the VK_KHR_shader_relaxed_extended_instruction Vulkan extension.

LinuxGizmos.com

invisCAM A Compact 2MP Camera for Low Light and Low Power Applications

This month, Arducam introduced the invisCAM, a compact imaging solution that integrates advanced functionality and precise engineering within a small form factor. The camera is designed to address the challenges of achieving high-quality imaging, functional versatility, and cost efficiency in a portable USB device.

Coin-sized ESP32-H2-WROOM-07 RISC-V Module with BLE, Thread, and Zigbee Support for $2.13

The ESP32-H2-WROOM-07 is a compact module featuring a RISC-V single-core 32-bit microprocessor and support for Bluetooth Low Energy. It can be configured with up to 4 MB of flash memory and is designed for applications such as smart home systems, industrial automation, and consumer electronics.

Pine64 Unveils PineCam with RISC-V SG2000 SoC and 2MP Camera

The Pine64 November update introduces the PineCam, a successor to the PineCube IP camera. With a redesigned structure and enhanced features, the PineCam is aimed at applications like monitoring, video streaming, and hardware experimentation.

RED-BEET 2.0: Advanced Powerline Communication for E-Mobility Applications

The RED-BEET 2.0 by 8Devices is a compact powerline communication module built on the Qualcomm QCA7006AQ PLC chip, supporting SPI, Ethernet, HomePlug GreenPHY, and HomePlug AV standards. Its small size, industrial temperature tolerance, and automotive-grade certification are designed for integration into e-mobility and automotive applications.

Security Leftovers

posted by Roy Schestowitz on Mar 05, 2023

2023-03-03 Security updates for Friday
Passwordless authentication with FIDO2—beyond just the web

FIDO2 is a standard for authenticating users without the need for passwords. While the technology has been introduced mainly to protect accounts on web sites, it's also useful for other purposes, such as logging into Linux systems. The same technology can even be used beyond authentication, for example to sign files or Git commits. A couple of talks at FOSDEM 2023 in Brussels presented the possibilities for Linux users.

The FIDO2 standard is a joint effort between the FIDO Alliance (FIDO stands for Fast Identity Online) and the World Wide Web Consortium (W3C) to develop standards for strong authentication. Users can securely authenticate themselves with a FIDO2 security key (a hardware token), which is more convenient, faster, and more secure than traditional password-based authentication. The security key can ask the user to touch a button or enter a PIN for authentication; alternatively, it can include a fingerprint reader or other means for biometric authentication. FIDO2 can be used as an extra factor added to a traditional password as part of multi-factor authentication or as the only means of authentication. In the latter case, this is called passwordless authentication. Note that a previous FIDO standard, FIDO U2F, was primarily designed for two-factor authentication.

The FIDO2 standard consists of two parts. Web Authentication (WebAuthn) is a W3C recommendation with broad browser support that describes an API allowing web sites to add FIDO2 authentication to their login pages. FIDO's Client to Authenticator Protocol (CTAP) complements WebAuthn by enabling an external authenticator, such as a security key or a mobile phone, to work with the browser. So in short: the browser talks WebAuthn to the server and CTAP to the authenticator device.
Top 10 open-source security and operational risks of 2023 [Ed: Microsoft-funded sites love articles such as this. This is what Microsoft pays for.]

Many software companies rely on open-source code but lack consistency in how they measure and handle risks and vulnerabilities associated with open-source software, according to a new report.
UK retailer WH Smith struck by cyberattack

U.K. retailer WH Smith PLC has been struck by a cyberattack that resulted in the theft of some company data.
YARA: Detect The Unexpected ..., (Thu, Mar 2nd)

A friend and colleague of mine, DhaeyerWolf, asked me for a bit of help with the design of a YARA rule.
Cyber Plan Would Hold Software Makers Responsible in Hacks

The Biden administration is set to release an aggressive new national cybersecurity strategy on Thursday that seeks to shift the blame from companies that get hacked to software manufacturers and device makers, putting it on a potential collision course with big technology companies.

The 35-page strategy, shared in advance with a group of reporters, asserts that software makers must be “held liable when they fail to live up to the duty of care they owe consumers, businesses or critical infrastructure providers.”
Hackers steal gun owners’ data from firearm auction website

Hackers breached a website that allows people to buy and sell guns, exposing the identities of its users, TechCrunch has learned.

The breach exposed reams of sensitive personal data for more than 550,000 users, including customers’ full names, home addresses, email addresses, plaintext passwords and telephone numbers. Also, the stolen data allegedly makes it possible to link a particular person with the sale or purchase of a specific weapon.
Oakland continues to work on recovery from ransomware attack; Play claims responsibility

Play does not indicate how much data they acquired, but threaten to start dumping it tomorrow (March 4). They claim to have: “Private and personal confidential data, financial, gov and etc. IDs, passports, employee full info, human rights violation information.”

Other Recent Tux Machines' Posts

Canonical/Ubuntu Leftovers: security and commercial bits
Blender 4.3 Open-Source 3D Graphics App Introduces Experimental Vulkan Backend: The Blender Foundation announced today the release and general availability of Blender 4.3 as a major update to this powerful, free, cross-platform, and open-source 3D graphics and modeling software.
PINE64’s New Smart Camera Runs Linux: Pine64 shared some information about new products and updates in its latest community announcement
FreeCAD 1.0 Released After 22 Years in Development: Good things come to those who wait, and for 3D modelling professionals with a preference for open-source software
Best Free and Open Source Software: Only free and open source software is eligible for inclusion here
This Week in Plasma: Battery Charge Cycles in Info Center: This week we of course continued the customary bug-fixing, but got some nice new features and UI improvements too
This Week in GNOME: #175 Magic: Update on what happened across the GNOME project in the week from November 15 to November 22
Today in Techrights: Some of the latest articles
mesa 24.3.0: This release has seen the continuing trend of OpenGL work slowing down
Linux Code of Conduct Board and CoC Supremacy Over Code/Function: CoC strikes
Android Leftovers: Android finally getting ability to restore credentials in phone move
ReiserFS Reaches Its Final Chapter: Linux kernel 6.13 says goodbye to ReiserFS
Stable kernels: Linux 6.12.1, Linux 6.11.10, Linux 6.6.63, and Linux 6.1.119: All users of the 6.12 kernel series must upgrade
Cybershow News Autumn 2024: The sad reality is that beyond SE-Linux and Apparmor Free and Open Source offerings for effective application whitelisting is still quite thin on the ground and difficult to use. We need some better UX around that.
Khronos Group takes over cross-platform Slang shading language from NVIDIA: Interesting industry news here for you, especially for developers
Programming Leftovers: Development picks
Security and Windows TCO Leftovers: news about patches and incidents
today's howtos: many howtos for now
IBM and Red Hat Leftovers: IBM stuff and mostly RedHat.com
Android Leftovers: Android will soon instantly log you in to your apps on new devices
Proxmox VE 8.3 Released with Enhanced Features: Proxmox Virtual Environment 8.3 is here with faster backups, SDN-firewall integration, webhook notifications, and improved hypervisor migration
Anti-Cheat: A Thorny Problem For Linux Gamers: The anti-cheat situation on Linux is getting worse. Let's see what you can do about it
Rhino Linux: The Unique Distro That Combines Ubuntu and Rolling Releases Needs Your Support!: The ambitious project is now asking for help. Let's try helping them
Huion Kamvas Pro 19 - review on GNU/Linux: This blog post here is a list of my installation method, scripts and tweaks to install the device under a GNU/Linux operating system
Free and Open Source Software, howtos and Installations: This is free and open source software
How RHEL and Fedora Shape Red Hat’s Linux Offerings: Not all Linux distributions provide platforms for enterprise and non-business adopters
Games: Dungeon Clawler, Steam Deck, and More: Latest from GamingOnLinux
Security Leftovers: Security related picks
Distributions and Operating Systems: Kali Linux, BSD, SUSE, and More: BSD and GNU/Linux leftovers
OSI Openwashing (Funded by Microsoft) and Free, Libre, and Open Source Software Leftovers: Some FOSS and fake FOSS picks
POSETTE and PGConf.dev 2025 Preparations (Postgres Events): Postgres news
Programming Leftovers: Development related news picks
Open Hardware/Modding: Arduino, Raspberry Pi, ESP32, and More: some devices and more
Red Hat / CentOS / IBM / Oracle Linux / Alma Leftovers: RHEL camp and IBM
Games: Proton Experimental and Bug in CS2: a pair of gaming picks
today's howtos: long batch for Friday
Media Unable to Tell the Difference Between Proprietary VMware and "Linux": FUD tactics
Today in Techrights: Some of the latest articles
FreeCAD 1.0 Open-Source 3D Parametric Modeler Released, Here’s What’s New: FreeCAD 1.0 has been released today as a major milestone for this open-source, free, and cross-platform parametric 3D computer-aided design (CAD) modeler software for GNU/Linux, macOS, and Windows systems.
Rocky Linux 9.5 Released, Here’s What’s New: Rocky Linux 9.5 is now available for download, packed with updates like Podman 5.0, GCC 11.5, Node.js 22, and more
11 Reasons Why You Should Switch from Windows to Linux: Here are a number of reasons why you should consider GNU/Linux as your next operating system
libtool-2.5.4 released: The Libtool Team is pleased to announce the release of libtool 2.5.4
Mesa 24.3 Open-Source Graphics Stack Adds Vulkan 1.3 Conformance for V3DV: The Mesa 24.3 open-source graphics stack for Linux-based operating systems has been officially released as the third major update in the Mesa 24.x series.
Why I Ditched Linux for Samsung DeX: Canonical pursued convergence with the Ubuntu Phone, an effort to make a phone that was also a PC
MYiR Tech MYC-LR3576 Rockchip RK3576 LGA SoM offers 6 TOPS NPU and 8K video support for AIoT applications: MYiR Tech’s Rockchip RK3576 SoM also supports Linux 6.1 and Debian 12 along with software resources like kernel and driver source code
SolidRun unveils HummingBoard i.MX8M IIOT SBC and the IIOT-200-8M Gateway for Edge AI and industrial IoT applications: In terms of software support the company mentions that the SBC supports Yocto and Debian BSPs, with drivers for peripherals like TPM 2.0, RTC, Wi-Fi, Bluetooth, and various I/O interfaces
Android Leftovers: 10 Features You No Longer Need to Root Your Android Phone For
Linux, HowTos, Fedora, and Debian 13: today's leftovers
Ubuntu? That’s a Bullfinch, Not an Oriole: Here’s something lighthearted for you—unless you’re pedantic about ornithology
Ubuntu 25.04 (Plucky Puffin) Daily Build ISOs Are Now Available for Download: Now that Canonical officially opened the development of Ubuntu 25.04 (Plucky Puffin), it has published the first daily build ISO images for early adopters, application developers, and general public testing.
Windows TCO and Microsoft Imprisonment of Developers: Microsoft as a risk
Tools and Emulators: Linux is an excellent platform for retro gaming
Best Free and Open Source Software, howtos and Installations: Many of these desktop clients are a complete solution as they include a server
Slimbook Executive, long-term report 6: Let me define deja-vu for you. In my fourth Slimbook Titan article
Thelio Astra Native ARM64 Platform with 128 Core Ampere Altra CPU 512GB ECC RAM and 40TB Storage: System76 indicates that the Thelio Astra runs Ubuntu 22.04 LTS and 24.04 LTS
Upgrade to Freedom! The Switch from Windows 10: This looming transition sets the stage for Linux communities to embrace the Upgrade to Freedom
Leap Micro 6.1 Alpha is now available. Get ready for Leap Micro 5.5 End of Life: Leap Micro 6.1 Alpha images can be found at get.opensuse.org
Games: GamingOnLinux's Latest 10: articles from GamingOnLinux
today's leftovers: with GNU/Linux focus
Programming Leftovers: Programming stuff, some Python
Security Leftovers: Security related stories and some FUD, too
today's howtos: first batch of today
AlmaLinux OS 9.5 Is Here as a Free Alternative to Red Hat Enterprise Linux 9.5: The AlmaLinux OS Foundation announced today the release and general availability of AlmaLinux OS 9.5 (codename Teal Serval), as the latest stable version of this free Red Hat Enterprise Linux (RHEL) fork.
Red Hat Helping Microsoft's Attack on Linux and Privacy: among other things
Linux Foundation Openwashing Foundations: Fake openness as a product
EasyOS Scarthgap and Daedalus 6.4.4 releases: Bringing both of these to the same version number
Announcing Incus 6.7: The Incus team is pleased to announce the release of Incus 6.7
Back In Time back from the dead: Back In Time is a GPL-2.0-licensed backup tool based on rsync and written in Python
Today in Techrights: Some of the latest articles

Tux Machines

Other Sites

Security Leftovers

Top 10 open-source security and operational risks of 2023 [Ed: Microsoft-funded sites love articles such as this. This is what Microsoft pays for.]

Other Recent Tux Machines' Posts