Other Sites

LinuxGizmos.com

Cost-Effective DART-MX91 SoM with 1.4GHz NXP i.MX 91 Processor Available from $35

Variscite has introduced the DART-MX91 System on Module, a compact and cost-effective solution within the DART Pin2Pin family, targeting edge devices for IoT, smart cities, industrial applications, and more.

Celeron Powered Fanless Mini PC with Dual 4K Display Support and M.2 2280 Slot

The EMP-100 is a compact, fanless mini PC built for versatile applications, including digital signage, industrial control, and retail environments. Designed with an aluminum chassis and VESA mounting support, it provides silent performance, dual 4K display support, and storage expansion via an M.2 2280 slot.

Radxa Introduces the Palmshell SLiM X4L with Intel N100 Processor and 2.5GbE RJ45 Port

The Radxa X4L, also known as the Palmshell SLiM X4L, is a compact device powered by Intel’s quad-core N100 processor. With features like a 2.5GbE LAN port, Wi-Fi 6E, and dual 4K@30Hz display support, it’s well-suited for multimedia and general-purpose use.

9to5Linux

Red Hat Enterprise Linux 9.5 Released with Sudo System Role and Podman 5.0

Highlights of Red Hat Enterprise Linux 9.5 include several new system roles, including a new role for sudo to automate the configuration of sudo at scale, Red Hat Satellite 6.16 with support for installing the Satellite Server and capsules on Red Hat Enterprise Linux 9 systems, and new file management capabilities in Web Console for performing routine file management tasks without using the command line.

Fedora 42 to Port the Anaconda Installer to Wayland, Default to Anaconda WebUI

The Anaconda WebUI installer was initially planned for the Fedora Linux 39 release, but it was delayed as it needed more work. Now, the Fedora Project aims to ship it with next year’s Fedora Linux 42 release as the default installer for the flagship Fedora Workstation edition featuring the GNOME desktop environment.

Valve Releases Steam Client Update to Further Improve Native Linux Gaming

The last Steam Client update brought a bunch of changes to improve Linux gaming for native titles by implementing support for executing native Linux game titles in the Steam for Linux runtime 1.0 (scout) by default rather than of the legacy runtime environment. The new Steam Client update fixes an issue where native Linux titles could occasionally run in the wrong runtime.

PeaZip 10.1 File Archiver Improves Resilience to Password Guessing Attacks

PeaZip 10.1 is here only two weeks after PeaZip 10 and updates the backend to Pea 1.21, which introduces scrypt KDF as the default option instead of PBKDF2 to improve resilience to password-guessing attacks. This change alone increases the memory cost up to 1GB per instance. KDF was supported since Pea 1.5.

DXVK 2.5 Improves Memory Management in God of War and Other Video Games

DXVK 2.5 is here one and a half months after DXVK 2.4.1 to improve memory management for God of War and other video games by periodically performing memory defragmentation to return some unused memory to the system. However, this feature is currently disabled on Intel’s ANV Vulkan driver.

Ubuntu Buzz !

How To Change File Associations on Kubuntu

This article will help you configure file association on Kubuntu. File association, also known as "Open With", is the configuration that determines what application opens what file type, such as PDF should be opened with PDF reader, MP3 should be opened by MP3 player and so on. Every system has its own file associations. When you have many applications and choices, you might need to change such association so your favorite file type can be opened by default with your favorite application. We will show you it is easy to do on Kubuntu 22.04 "Jammy Jellyfish". Now let's start it out!

Kubuntu 22.04 with Legacy Oxygen Theme

This tutorial will help you using silver, metallic theme "Oxygen" that was popular in the era of KDE 4 on the modern Kubuntu 22.04 "Jammy Jellyfish". In short, we will use Elarun as wallpaper and Oxygen as the rest of the whole themes including application style, colors, icons, Plasma style, and splash screen. All in all, we want to offer the best visual experience we had in the past to new generation of Kubuntu users as well as the long time users themselves especially those who appreciate nostalgia. Finally, we hope you will enjoy this!

Security Leftovers

posted by Roy Schestowitz on Mar 05, 2023

2023-03-03 Security updates for Friday
Passwordless authentication with FIDO2—beyond just the web

FIDO2 is a standard for authenticating users without the need for passwords. While the technology has been introduced mainly to protect accounts on web sites, it's also useful for other purposes, such as logging into Linux systems. The same technology can even be used beyond authentication, for example to sign files or Git commits. A couple of talks at FOSDEM 2023 in Brussels presented the possibilities for Linux users.

The FIDO2 standard is a joint effort between the FIDO Alliance (FIDO stands for Fast Identity Online) and the World Wide Web Consortium (W3C) to develop standards for strong authentication. Users can securely authenticate themselves with a FIDO2 security key (a hardware token), which is more convenient, faster, and more secure than traditional password-based authentication. The security key can ask the user to touch a button or enter a PIN for authentication; alternatively, it can include a fingerprint reader or other means for biometric authentication. FIDO2 can be used as an extra factor added to a traditional password as part of multi-factor authentication or as the only means of authentication. In the latter case, this is called passwordless authentication. Note that a previous FIDO standard, FIDO U2F, was primarily designed for two-factor authentication.

The FIDO2 standard consists of two parts. Web Authentication (WebAuthn) is a W3C recommendation with broad browser support that describes an API allowing web sites to add FIDO2 authentication to their login pages. FIDO's Client to Authenticator Protocol (CTAP) complements WebAuthn by enabling an external authenticator, such as a security key or a mobile phone, to work with the browser. So in short: the browser talks WebAuthn to the server and CTAP to the authenticator device.
Top 10 open-source security and operational risks of 2023 [Ed: Microsoft-funded sites love articles such as this. This is what Microsoft pays for.]

Many software companies rely on open-source code but lack consistency in how they measure and handle risks and vulnerabilities associated with open-source software, according to a new report.
UK retailer WH Smith struck by cyberattack

U.K. retailer WH Smith PLC has been struck by a cyberattack that resulted in the theft of some company data.
YARA: Detect The Unexpected ..., (Thu, Mar 2nd)

A friend and colleague of mine, DhaeyerWolf, asked me for a bit of help with the design of a YARA rule.
Cyber Plan Would Hold Software Makers Responsible in Hacks

The Biden administration is set to release an aggressive new national cybersecurity strategy on Thursday that seeks to shift the blame from companies that get hacked to software manufacturers and device makers, putting it on a potential collision course with big technology companies.

The 35-page strategy, shared in advance with a group of reporters, asserts that software makers must be “held liable when they fail to live up to the duty of care they owe consumers, businesses or critical infrastructure providers.”
Hackers steal gun owners’ data from firearm auction website

Hackers breached a website that allows people to buy and sell guns, exposing the identities of its users, TechCrunch has learned.

The breach exposed reams of sensitive personal data for more than 550,000 users, including customers’ full names, home addresses, email addresses, plaintext passwords and telephone numbers. Also, the stolen data allegedly makes it possible to link a particular person with the sale or purchase of a specific weapon.
Oakland continues to work on recovery from ransomware attack; Play claims responsibility

Play does not indicate how much data they acquired, but threaten to start dumping it tomorrow (March 4). They claim to have: “Private and personal confidential data, financial, gov and etc. IDs, passports, employee full info, human rights violation information.”

Other Recent Tux Machines' Posts

Serving Faster [original]: Trotting ahead
DXVK 2.5 Improves Memory Management in God of War and Other Video Games: DXVK 2.5 Vulkan-based implementation of D3D9, D3D10, and D3D11 for Linux / Wine is now available for download as a significant update that improves support for multiple games.
CachyOS ISO Release for November Improves Support for AMD and NVIDIA Users: The development team behind the Arch Linux-based CachyOS distribution released today a new ISO snapshot that brings various improvements for AMD and NVIDIA GPUs, as well as other changes.
Security and Windows TCO: round 2 for today
today's howtos: many howtos for today
Fedora / Red Hat / IBM Leftovers: buzzwords aplenty
Red Hat Enterprise Linux 9.5 Released with Sudo System Role and Podman 5.0: Red Hat announced today the release and general availability of Red Hat Enterprise Linux 9.5 as the latest version of this enterprise Linux distribution.
Proprietary or Pseudo-Free Software for GNU/Linux: easy to think it's what they claim
WordPress 6.7 'Rollins': WordPress 6.7, code-named 'Rollins,' celebrates legendary jazz saxophonist Sonny Rollins and debuts the sleek, versatile Twenty Twenty-Five theme, designed for any blog, any scale
Popular Rockchip SBC distro in limbo after maintainer burns out: Sometimes these companies will even change their licensing
Debian Developers' Takes and Views: from planet debian
today's leftovers: GNU/Linux and Free, Libre, and Open Source Software focus
Security Leftovers: Security picks, only 3 for now
today's howtos: first long batch
Fedora 42 to Port the Anaconda Installer to Wayland, Default to Anaconda WebUI: The upcoming Fedora Linux 42 release, due out in late April or early May 2025, promises to port the Anaconda system installer as a native Wayland application and also default to the long-awaited Anaconda WebUI installer for the Fedora Workstation edition.
Games: Proton Experimental, Karate Survivor, Dungeon Clawler, and More: 8 new articles from GamingOnLinux
Valve Releases Steam Client Update to Further Improve Native Linux Gaming: Valve released today a new Steam Client update to the stable channel to further improve native Linux gaming, the newly introduced game recording feature, as well as Steam VR and Steam Input.
Android Leftovers: Nothing OS 3.0 gets a second beta as Android 15's stable release nears
QNX 8 Goes Free for Learning and Personal Projects: BlackBerry offers free access to QNX 8, its powerful real-time OS
See How It's Made: Denver Computer Manufacturer Opens Doors for Free Tours: If you’ve ever wondered what goes into making a computer from scratch, Denver’s own System76 has the answer
Best Free and Open Source Software: We recommend the best free and open source alternatives for Linux
Expirion Linux – distro based on Devuan: Expirion Linux is a distro based on Devuan and uses the Refracta Installer
Why Can EU Citizen’s Petition for Software Freedom, but We Can’t?: Somebody from Austria has petitioned the European Parliament to start using Linux and open-source apps instead of Microsoft stuff
Today in Techrights: Some of the latest articles
Red Hat is acquiring AI optimization startup Neural Magic: Red Hat, the IBM-owned open source software firm, is acquiring Neural Magi
today's howtos (and Google starts spewing out fake howtos made by LLMs): The WWW is getting worse
Programming Leftovers: Development related links
Raspberry Pi With Proprietary Spyware, Steam Deck (DRM), and Handheld Replica Sound Voltex Game: 3 leftovers stories
Free Software and Web Leftovers: mostly Web
Ubuntu and BSD Leftovers: Some GNU/Linux and BSDs
Audiocasts/Shows: Linux User Space, Late Night Linux, and LINUX Unplugged: 3 new episodes
Software Leftovers: 3 misc. posts about FGSS
It's FOSS Series on openEuler: 5 introductory articles
today's leftovers: Canonical and more
Security Leftovers and Windows TCO: a pair of Windows TCO tales
Linux Kernel: Magic Trackpad and NVIDIA Support: Some kernel news
Devices/Embedded and Open Hardware/Modding: Raspberry Pi and More: But mostly Raspberry Pi stories
Latest From Red Hat's Official Site: From redhat.com
today's howtos: many howtos for today
PeaZip 10.1 File Archiver Improves Resilience to Password Guessing Attacks: PeaZip 10.1 has been released today as a new update to this open-source, free, and cross-platform file compression and encryption software featuring GTK and Qt interfaces for Linux, macOS, and Windows.
GNOME 48 Release Schedule & Potential New Features: GNOME 47 ‘Denver’ proved a decent update to the GNOME desktop
Fedora KDE Plasma Spin Gains Equal Footing With Gnome Edition: Fedora has made a major change to its project, elevating the version running KDE Plasma from an Spin to an official Edition, alongside Fedora Workstation with Gnome
Android Leftovers: Here's How I Find Great Android Games on the Play Store
Reimagining the Fedora Linux installer: Anaconda’s new “Web UI”: The Fedora Linux installer, Anaconda, has been around for 25 years
Games: Rogue Point, ColdRidge, and More: 8 new stories from GamingOnLinux
Debian 12.8 “Bookworm” Released with 68 Bug Fixes and 50 Security Updates: The Debian Project announced today the release and general availability of Debian 12.8 as the seventh ISO update to the latest Debian GNU/Linux 12 “Bookworm” operating system series.
This Linux Timer Tool Uses MPRIS in an Unexpected Way: MPRIS is something most of us associate with music apps and movie players
A sit-down with Ubuntu founder Mark 'SABDFL' Shuttleworth: Talking to the distro's self-appointed benevolent dictator for life about 20 years of Ubuntu
Engineering Thelio Astra: We sat down with System76 Mechanical Engineer, Britain and Product Manager
Free and Open Source Software: PairDrop offers local file sharing in your web browser
Of Color and Software: We have been hard at work making sure our design system keeps moving forward
RIP Jérémy Bobbio (Lunar): Longtime Debian and Tor developer, Jérémy Bobbio—perhaps better known as "Lunar"—died on November 8
5 Linux commands you need to have ready - just in case: Why keep a first aid kit or fire extinguisher in your home
Ubuntu Unity still has one of my favorite PC interfaces of all time: If you're looking for an efficient desktop, Unity is hard to beat, and there's an official spin ready to make your life a bit easier
WordPress’s Mullenweg Puts Lipstick on His WP Engine Argument: “I want to jump back two months ago,” Jolo said. “What happened?”
399 Days... [original]: On my main workstation
Today in Techrights: Some of the latest articles
Speed, Not Complexity, is What Visitors Need [original]: he database of new pages is being populated but not accessed by site visitors, to whom only static pages are accessible
Microsoft Windows at All-Time Lows [original]: The way things sway, Microsoft will just go deeper and deeper into debt
Security Leftovers: Security related picks, for now...
GNU/Linux Leftovers: Games, Gentoo, and more
Free, Libre, and Open Source Software Leftovers: Free software and sharing
Radxa, Raspberry Pi, and More Hardware: Some hardware news
Programming Leftovers: only a few for today
Audiocasts/Shows: Open Source Security Podcast and This Week in Linux: 2 new episodes
today's howtos: many howtos for Monday
Celebrating our top contributors on Firefox’s 20th anniversary: Firefox was built by a group of passionate developers, and has been supported by a dedicated community of caring contributors since day one
Streamlining openSUSE Translations Upstream: Managing localization of desktop menus and applications takes a specific tool and approach that fills a gap but leaves inconsistent upstream translations
Fedora Linux Elevates KDE to Edition Status: Fedora Linux 42 elevates KDE to Edition status alongside GNOME
9to5Linux Weekly Roundup: November 10th, 2024: The 213th installment of the 9to5Linux Weekly Roundup is here for the week ending on November 10th, 2024.
Android Leftovers: Android 15 adds support for Wi-Fi Ranging to improve indoor navigation
Putting Linux on a Tablet? 7 Distros to Try: As convertible laptops gain popularity, many users seek to replace Windows with a Linux-based tablet experience
Pop!_OS: One of the Best Linux Distros For Creators of All Types: After a few days of using System76's Linux distribution
Habits to Keep Linux Resource Usage Low: Linux is great at using your computer efficiently, but sometimes you might find yourself on a slower or older machine
5 Linux Features That Make It More Productive Than Windows or Mac: Most people think of Windows or macOS for productivity, but Linux desktops offer powerful customization that can boost your efficiency
Auto-Match Ubuntu’s Accent Colour to Your Wallpaper: For a pinch more personalisation of Ubuntu 24.10 check out Auto Accent Colour
veraPDF – industry supported PDF/A validation: veraPDF is a purpose-built, open source, file-format validator covering all PDF/A and PDF/UA parts and conformance levels
Review: Bazzite 40, Playtron OS Alpha 1, Tucana Linux 3.1: This week I decided to take a look at a few gaming-focused distributions on the DistroWatch waiting list
This Week in KDE Apps: Adopt an App: Welcome to a new issue of "This Week in KDE Apps"! Every week we cover as much as possible of what's happening in the world of KDE apps
Linux 6.12-rc7: No big surprises
Hyprland 0.45: Smoother Rounding, New Configs, and Key Fixes: Hyprland 0.45, a tiling Wayland compositor, has been released with smoother edges, bug fixes, and breaking changes to optimize your experience
Today in Techrights: Some of the latest articles

Tux Machines

Other Sites

Security Leftovers

Top 10 open-source security and operational risks of 2023 [Ed: Microsoft-funded sites love articles such as this. This is what Microsoft pays for.]

Other Recent Tux Machines' Posts