Other Sites

LinuxGizmos.com

Clipper HAT Mini Brings 4G LTE Connectivity to Raspberry Pi, Includes Free 100MB SIM Card

Pimoroni’s new Clipper HAT Mini brings 4G LTE connectivity to the Raspberry Pi, enabling projects to operate where Wi-Fi is limited or unavailable. Designed for remote applications, it supports reliable data transmission for outdoor sensors, mobile setups, and monitoring systems.

System76 Meerkat MiniPC with 13th Gen Intel Processors and M.2 2280 Slot

The Meerkat mini-desktop is a compact, versatile solution for professional and personal use, supporting multitasking on up to four displays with seamless media, email, and web browsing on Pop!_OS or Ubuntu.

Cost-Effective DART-MX91 SoM with 1.4GHz NXP i.MX 91 Processor Available from $35

Variscite has introduced the DART-MX91 System on Module, a compact and cost-effective solution within the DART Pin2Pin family, targeting edge devices for IoT, smart cities, industrial applications, and more.

Celeron Powered Fanless Mini PC with Dual 4K Display Support and M.2 2280 Slot

The EMP-100 is a compact, fanless mini PC built for versatile applications, including digital signage, industrial control, and retail environments. Designed with an aluminum chassis and VESA mounting support, it provides silent performance, dual 4K display support, and storage expansion via an M.2 2280 slot.

Tor Project blog

New Release: Tor Browser 14.0.2

This version fixes a tor crash bug on macOS when attempting to visit onion sites with PoW protections enabled (tor-browser#43245)

Ubuntu Buzz !

How To Change File Associations on Kubuntu

This article will help you configure file association on Kubuntu. File association, also known as "Open With", is the configuration that determines what application opens what file type, such as PDF should be opened with PDF reader, MP3 should be opened by MP3 player and so on. Every system has its own file associations. When you have many applications and choices, you might need to change such association so your favorite file type can be opened by default with your favorite application. We will show you it is easy to do on Kubuntu 22.04 "Jammy Jellyfish". Now let's start it out!

Kubuntu 22.04 with Legacy Oxygen Theme

This tutorial will help you using silver, metallic theme "Oxygen" that was popular in the era of KDE 4 on the modern Kubuntu 22.04 "Jammy Jellyfish". In short, we will use Elarun as wallpaper and Oxygen as the rest of the whole themes including application style, colors, icons, Plasma style, and splash screen. All in all, we want to offer the best visual experience we had in the past to new generation of Kubuntu users as well as the long time users themselves especially those who appreciate nostalgia. Finally, we hope you will enjoy this!

9to5Linux

LibreOffice 24.8.3 Office Suite Is Now Available for Download with 88 Bug Fixes

LibreOffice 24.8.3 is here one and a half months after the LibreOffice 24.8.2 release to address more of those pesky bugs, crashes, and other annoyances reported by users, thus improving its overall stability and reliability of the open-source, free, and cross-platform office suite.

Red Hat Enterprise Linux 9.5 Released with Sudo System Role and Podman 5.0

Highlights of Red Hat Enterprise Linux 9.5 include several new system roles, including a new role for sudo to automate the configuration of sudo at scale, Red Hat Satellite 6.16 with support for installing the Satellite Server and capsules on Red Hat Enterprise Linux 9 systems, and new file management capabilities in Web Console for performing routine file management tasks without using the command line.

Fedora 42 to Port the Anaconda Installer to Wayland, Default to Anaconda WebUI

The Anaconda WebUI installer was initially planned for the Fedora Linux 39 release, but it was delayed as it needed more work. Now, the Fedora Project aims to ship it with next year’s Fedora Linux 42 release as the default installer for the flagship Fedora Workstation edition featuring the GNOME desktop environment.

Valve Releases Steam Client Update to Further Improve Native Linux Gaming

The last Steam Client update brought a bunch of changes to improve Linux gaming for native titles by implementing support for executing native Linux game titles in the Steam for Linux runtime 1.0 (scout) by default rather than of the legacy runtime environment. The new Steam Client update fixes an issue where native Linux titles could occasionally run in the wrong runtime.

PeaZip 10.1 File Archiver Improves Resilience to Password Guessing Attacks

PeaZip 10.1 is here only two weeks after PeaZip 10 and updates the backend to Pea 1.21, which introduces scrypt KDF as the default option instead of PBKDF2 to improve resilience to password-guessing attacks. This change alone increases the memory cost up to 1GB per instance. KDF was supported since Pea 1.5.

news

Security Leftovers and Windows TCO

posted by Roy Schestowitz on Nov 29, 2023,
updated Nov 29, 2023

OpenSSF (Linux Foundation) ☛ OpenSSF introduces guide to becoming a CVE Numbering Authority as an Open Source project

The Open Source Security Foundation (OpenSSF) is excited to announce a new guide for Open Source projects that are interested in issuing and managing their own CVE IDs through the CVE Numbering Authority (CNA) program. The guide is available on Microsoft's proprietary prison GitHub and will be kept up-to-date with changes to CNA program requirements. Pull requests are also welcome as always.
SANS ☛ Scans for ownCloud Vulnerability (CVE-2023-49103), (Mon, Nov 27th)

Last week, ownCloud released an advisory disclosing a new vulnerability, CVE-2023-49103. The vulnerability will allow attackers to gain access to admin passwords. To exploit the vulnerability, the attacker will use the "graphapi" app to access the output of "phpinfo". If the ownCloud install runs in a container, it will allow access to admin passwords, mail server credentials, and license keys.
Windows TCO
- Hackaday ☛ Easily Bypass Laptop Fingerprint Sensors And Windows Hello
  
  The fun part of security audits is that everybody knows that they’re a good thing, and also that they’re rarely performed prior to another range of products being shoved into the market. This would definitely seem to be the case with fingerprint sensors as found on a range of laptops that are advertised as being compatible with Windows Hello. It all began when Microsoft’s Offensive Research and Security Engineering (MORSE) asked the friendly people over at Blackwing Intelligence to take a poke at a few of these laptops, only for them to subsequently blow gaping holes in the security of the three laptops they examined.
- The Record ☛ Pennsylvania water authority hit with cyberattack allegedly tied to pro-Iran group
  
  A water authority in Pennsylvania reportedly suffered a cyberattack, prompting officials to reassure people in the area that drinking water has not been affected by the incident.
- CBS ☛ Municipal Water Authority of Aliquippa hacked by Iranian-backed cyber group - CBS Pittsburgh
  
  The Municipal Water Authority of Aliquippa said on Saturday that one of their booster stations had been hacked by an Iranian-backed cyber group.

Update

A couple more:

Australia’s new cybersecurity strategy tackles the tough issues [Ed: Except deleting Windows?]

The cybersecurity strategy released last week by the Albanese government is about collaboration and communication, not about conjuring our worst national-security nightmares. It’s focused on industry and consumers.
Alleged GE hack raises concerns about US national security [Ed: GE still uses Windows Vista in its network. The company is hugely incompetence when it comes to tech, never mind security.]

General Electric Co. has allegedly been hacked, and the hacker is offering stolen data, including Defense Advanced Research Projects Agency documents for sale on a hacking forum, raising national security concerns.

Other Recent Tux Machines' Posts

Red Hat Enterprise Linux 9.5 Released with Sudo System Role and Podman 5.0: Red Hat announced today the release and general availability of Red Hat Enterprise Linux 9.5 as the latest version of this enterprise Linux distribution.
WordPress 6.7 'Rollins': WordPress 6.7, code-named 'Rollins,' celebrates legendary jazz saxophonist Sonny Rollins and debuts the sleek, versatile Twenty Twenty-Five theme, designed for any blog, any scale
CachyOS ISO Release for November Improves Support for AMD and NVIDIA Users: The development team behind the Arch Linux-based CachyOS distribution released today a new ISO snapshot that brings various improvements for AMD and NVIDIA GPUs, as well as other changes.
GIMP 3.0 Release Candidate Is Now Available for Public Testing: The development team behind the popular GIMP open-source image editing software announced today the general availability of the Release Candidate (RC) milestone of the highly anticipated GIMP 3.0 release.
Engineering Thelio Astra: We sat down with System76 Mechanical Engineer, Britain and Product Manager
Serving Faster [original]: Trotting ahead
Games: Yawnoc, GOG, GTA, and More: Latest from GamingOnLinux
LibreOffice 24.8.3 Office Suite Is Now Available for Download with 88 Bug Fixes: The Document Foundation announced today the general availability of LibreOffice 24.8.3 as the third maintenance update to the latest LibreOffice 24.8 office suite series fixing more than 80 bugs.
Safety in an unsafe world: Joshua Liebow-Feeser took to the stage at RustConf to describe the methodology that his team uses to encode arbitrary constraints in the Rust type system when working on the Fuchsia operating system
The Overture open-mapping project: OpenStreetMap tends to dominate the space for open mapping data
today's leftovers: operwashing and more
Android Leftovers: How to remove a Google account from your Android phone: Quick and easy guide (2024)
Ubuntu 25.04 Set to Ship With New PDF Viewer: It could be all change for the PDF viewer in the next version of Ubuntu
EDATEC ED-GWL1010: Amlogic S905X4-based PoE-enabled LoRaWAN gateway targets Smart Buildings and IoT applications: The ED-GWL1010 runs Debian 11 Lite, a streamlined 64-bit OS ideal for IoT tasks
Best Free and Open Source Software: We only include free and open source software
FreeBSD 14.2-BETA2 Now Available: The second BETA build of the 14.2-RELEASE release cycle is now available
Ubuntu Touch OTA-6 Focal Release: Ubuntu Touch 20.04 OTA-6 contains only a minimal number of changes due to our current focus on Ubuntu base OS upgrade
Video: Steam Deck, Backdoors, Miriway, Wayland, and More: new videos
VLC playback delay on seek (jump to another timestamp): I never had such issues with VLC before, but they are now present in the media player in my Kubuntu 22.04 on my Slimbook Executive
A tribute to Dian Ina Mahendra: It is with a heavy heart that I share the passing of my dear friend, Dian Ina Mahendra, who left us after a long battle with illness
Communities aren’t an accidental collection of strangers with a common interest: To bring it back to open source projects: if you’re moderately successful
Latest in Perl: From Perl.org (official site)
The OpenWrt One system: OpenWrt is, despite its relatively low profile, one of our community's most important distributions
Building secure images with NixOS: They promise reliability and security, but pose packaging problems for existing distributions
today's leftovers: Red Hat and more
Audiocasts/Shows: Linux Matters, Destination Linux, and More to Come: 2 new episodes
Today in Techrights: Some of the latest articles
Leftovers: Free, Libre, and Open Source Software and GNU/Linux News: today's leftovers
Exploring Fedora’s Future: Anaconda Web UI Installer is Now Open for Testing With a New Design: Months have passed since, and we now have a closer look at the final version of it, all set to debut next year
LibreArts Weekly recap and GIMP: graphics and some GIMP focus
Cloud Native Containers on FreeBSD and Automatic Display switch for OpenBSD laptop: a pair of BSD picks
Programming Leftovers: Programming stuff, some R
Security Leftovers: not many for now
Linux Devices and Open Hardware: System76, Raspberry Pi, and more
today's howtos: many howtos for today
Fedora / Red Hat / IBM Leftovers: buzzwords aplenty
Proprietary or Pseudo-Free Software for GNU/Linux: easy to think it's what they claim
Popular Rockchip SBC distro in limbo after maintainer burns out: Sometimes these companies will even change their licensing
Debian Developers' Takes and Views: from planet debian
today's leftovers: GNU/Linux and Free, Libre, and Open Source Software focus
Security Leftovers: Security picks, only 3 for now
today's howtos: first long batch
Fedora 42 to Port the Anaconda Installer to Wayland, Default to Anaconda WebUI: The upcoming Fedora Linux 42 release, due out in late April or early May 2025, promises to port the Anaconda system installer as a native Wayland application and also default to the long-awaited Anaconda WebUI installer for the Fedora Workstation edition.
Games: Proton Experimental, Karate Survivor, Dungeon Clawler, and More: 8 new articles from GamingOnLinux
DXVK 2.5 Improves Memory Management in God of War and Other Video Games: DXVK 2.5 Vulkan-based implementation of D3D9, D3D10, and D3D11 for Linux / Wine is now available for download as a significant update that improves support for multiple games.
Valve Releases Steam Client Update to Further Improve Native Linux Gaming: Valve released today a new Steam Client update to the stable channel to further improve native Linux gaming, the newly introduced game recording feature, as well as Steam VR and Steam Input.
Android Leftovers: Nothing OS 3.0 gets a second beta as Android 15's stable release nears
QNX 8 Goes Free for Learning and Personal Projects: BlackBerry offers free access to QNX 8, its powerful real-time OS
See How It's Made: Denver Computer Manufacturer Opens Doors for Free Tours: If you’ve ever wondered what goes into making a computer from scratch, Denver’s own System76 has the answer
Best Free and Open Source Software: We recommend the best free and open source alternatives for Linux
Expirion Linux – distro based on Devuan: Expirion Linux is a distro based on Devuan and uses the Refracta Installer
Security and Windows TCO: round 2 for today
Why Can EU Citizen’s Petition for Software Freedom, but We Can’t?: Somebody from Austria has petitioned the European Parliament to start using Linux and open-source apps instead of Microsoft stuff
Today in Techrights: Some of the latest articles
Red Hat is acquiring AI optimization startup Neural Magic: Red Hat, the IBM-owned open source software firm, is acquiring Neural Magi
today's howtos (and Google starts spewing out fake howtos made by LLMs): The WWW is getting worse
Programming Leftovers: Development related links
Raspberry Pi With Proprietary Spyware, Steam Deck (DRM), and Handheld Replica Sound Voltex Game: 3 leftovers stories
Free Software and Web Leftovers: mostly Web
Ubuntu and BSD Leftovers: Some GNU/Linux and BSDs
Audiocasts/Shows: Linux User Space, Late Night Linux, and LINUX Unplugged: 3 new episodes
Software Leftovers: 3 misc. posts about FGSS
It's FOSS Series on openEuler: 5 introductory articles
today's leftovers: Canonical and more
Security Leftovers and Windows TCO: a pair of Windows TCO tales
Linux Kernel: Magic Trackpad and NVIDIA Support: Some kernel news
Devices/Embedded and Open Hardware/Modding: Raspberry Pi and More: But mostly Raspberry Pi stories
Latest From Red Hat's Official Site: From redhat.com
today's howtos: many howtos for today
PeaZip 10.1 File Archiver Improves Resilience to Password Guessing Attacks: PeaZip 10.1 has been released today as a new update to this open-source, free, and cross-platform file compression and encryption software featuring GTK and Qt interfaces for Linux, macOS, and Windows.
GNOME 48 Release Schedule & Potential New Features: GNOME 47 ‘Denver’ proved a decent update to the GNOME desktop
Fedora KDE Plasma Spin Gains Equal Footing With Gnome Edition: Fedora has made a major change to its project, elevating the version running KDE Plasma from an Spin to an official Edition, alongside Fedora Workstation with Gnome
Android Leftovers: Here's How I Find Great Android Games on the Play Store
Reimagining the Fedora Linux installer: Anaconda’s new “Web UI”: The Fedora Linux installer, Anaconda, has been around for 25 years
Games: Rogue Point, ColdRidge, and More: 8 new stories from GamingOnLinux
Debian 12.8 “Bookworm” Released with 68 Bug Fixes and 50 Security Updates: The Debian Project announced today the release and general availability of Debian 12.8 as the seventh ISO update to the latest Debian GNU/Linux 12 “Bookworm” operating system series.
This Linux Timer Tool Uses MPRIS in an Unexpected Way: MPRIS is something most of us associate with music apps and movie players
A sit-down with Ubuntu founder Mark 'SABDFL' Shuttleworth: Talking to the distro's self-appointed benevolent dictator for life about 20 years of Ubuntu
Free and Open Source Software: PairDrop offers local file sharing in your web browser
Of Color and Software: We have been hard at work making sure our design system keeps moving forward
RIP Jérémy Bobbio (Lunar): Longtime Debian and Tor developer, Jérémy Bobbio—perhaps better known as "Lunar"—died on November 8
5 Linux commands you need to have ready - just in case: Why keep a first aid kit or fire extinguisher in your home
Ubuntu Unity still has one of my favorite PC interfaces of all time: If you're looking for an efficient desktop, Unity is hard to beat, and there's an official spin ready to make your life a bit easier
WordPress’s Mullenweg Puts Lipstick on His WP Engine Argument: “I want to jump back two months ago,” Jolo said. “What happened?”
399 Days... [original]: On my main workstation
Today in Techrights: Some of the latest articles
Speed, Not Complexity, is What Visitors Need [original]: he database of new pages is being populated but not accessed by site visitors, to whom only static pages are accessible

Tux Machines

Other Sites

LinuxGizmos.com

Clipper HAT Mini Brings 4G LTE Connectivity to Raspberry Pi, Includes Free 100MB SIM Card

System76 Meerkat MiniPC with 13th Gen Intel Processors and M.2 2280 Slot

Cost-Effective DART-MX91 SoM with 1.4GHz NXP i.MX 91 Processor Available from $35

Celeron Powered Fanless Mini PC with Dual 4K Display Support and M.2 2280 Slot

Tor Project blog

New Release: Tor Browser 14.0.2

Ubuntu Buzz !

How To Change File Associations on Kubuntu

Kubuntu 22.04 with Legacy Oxygen Theme

9to5Linux

LibreOffice 24.8.3 Office Suite Is Now Available for Download with 88 Bug Fixes

Red Hat Enterprise Linux 9.5 Released with Sudo System Role and Podman 5.0

Fedora 42 to Port the Anaconda Installer to Wayland, Default to Anaconda WebUI

Valve Releases Steam Client Update to Further Improve Native Linux Gaming

PeaZip 10.1 File Archiver Improves Resilience to Password Guessing Attacks

news

Security Leftovers and Windows TCO

OpenSSF (Linux Foundation) ☛ OpenSSF introduces guide to becoming a CVE Numbering Authority as an Open Source project

SANS ☛ Scans for ownCloud Vulnerability (CVE-2023-49103), (Mon, Nov 27th)

Windows TCO

Hackaday ☛ Easily Bypass Laptop Fingerprint Sensors And Windows Hello

The Record ☛ Pennsylvania water authority hit with cyberattack allegedly tied to pro-Iran group

CBS ☛ Municipal Water Authority of Aliquippa hacked by Iranian-backed cyber group - CBS Pittsburgh

Australia’s new cybersecurity strategy tackles the tough issues [Ed: Except deleting Windows?]

Alleged GE hack raises concerns about US national security [Ed: GE still uses Windows Vista in its network. The company is hugely incompetence when it comes to tech, never mind security.]

Other Recent Tux Machines' Posts