Other Sites

LinuxGizmos.com

Pilet: A Portable Cyber-Deck Powered by Raspberry Pi 5 and Dual 8000mAh Batteries

Pilet is an upcoming open-source portable mini-computer powered by Raspberry Pi 5, offering both versatility and portability. Initially named Consolo, it will be available in two models: a 5-inch and a 7-inch, to suit different needs.

9to5Linux

elementary OS 8 “Circe” Officially Released, Based on Ubuntu 24.04 LTS

Based on Ubuntu 24.04 LTS (Noble Numbat) and powered by Linux kernel 6.8, elementary OS 8 introduces a new Secure Session to ensure apps respect your privacy and require your consent, a brand new dock with productive multitasking and window management features, and PipeWire as the default media server.

Firefox 134 Enters Beta, Promises Support for Touchpad Hold Gestures on Linux

Firefox 134 looks like a very small release promising only support for touchpad hold gestures on Linux, allowing users to interrupt kinetic (momentum) scrolling by placing two fingers on the touchpad. This feature was initially planned for Firefox 133, but it was delayed as it was needed for testing.

KDE Plasma 6.2.4 Re-Enables HDR Mode for Users on NVIDIA 565 and Linux 6.11

One of the most interesting changes in KDE Plasma 6.2.4 is support for enabling the HDR mode on GNU/Linux distributions using the NVIDIA 565.57.1 (beta) or later graphics driver for NVIDIA GPU users and Linux kernel 6.11 or later for Intel GPU users. Using previous versions of the NVIDIA graphics driver and Linux kernel results in an unstable HDR experience.

Mozilla Firefox 133 Is Now Available for Download, Here’s What’s New

Highlights of Mozilla Firefox 133 include the ability to show tabs from other devices in the Tab overview menu, GPU-accelerated Canvas2D enabled by default for Windows users, and Bounce Tracking Protection, a new anti-tracking feature enabled in ETP (Enhanced Tracking Protection)’s Strict mode.

Fwupd 2.0.2 Firmware Updater Adds Support for ASUS ROG Ally, Raspberry Pi Pico

Coming five weeks after fwupd 2.0.1, the fwupd 2.0.2 release adds support for checking AMD hardware configuration MSR (Machine Status Register), support for enumerate-only device emulation to increase test coverage, support for passing a JSON file for emulation instead of ZIP, and new get-version-formats and vercmp commands for fwupdtool.

9to5Linux Weekly Roundup: November 24th, 2024

I want to thank all the people who sent us donations. You guys are awesome and your help is very much appreciated! I also want to thank you all for your continued support by commenting, liking, sharing, and boosting the articles, following us on social media, and last but not least thank you for sending us feedback.

news

Security Leftovers

posted by Roy Schestowitz on Nov 03, 2024

Help Net Security ☛ OpenPaX: Open-source kernel patch that mitigates memory safety errors

OpenPaX is an open-source kernel patch that mitigates common memory safety errors, re-hardening systems against application-level memory safety attacks using a simple Linux kernel patch. It’s available under the same GPLv2 license terms as the Linux kernel.
PCLinuxOS Magazine ☛ New NIST Password Guidelines

I know we've covered password security ad-nauseum in the pages of The PCLinuxOS Magazine. I won't even attempt to count how many articles we've previously run, because my count of them varies each time I try. But trust me when I tell you that we've covered it a LOT. Couple that with virtually every other outlet in existence also harping on the same topic, and there's little to no doubt that you've received the “message,” along with every other computer user on the planet. Whether that message was heeded, however, is a whole other matter.

Despite admonitions to the contrary, I'm certain that someone reading this has one of the following “passwords” to “secure” their private, personal data: passwOrd, password123, 12345678, 87654321, abc123, abcd1234, effthis, or one of MANY other insecure passwords that have been proven time and time again to be insecure. We've also run multiple articles on the annual “Worst Passwords of [YEAR]” in The PCLinuxOS Magazine. While the list changes somewhat every year, many of the top 50 worst passwords on those lists remain stagnant and unchanged.
Windows TCO
- Bleeping Computer ☛ Microsoft SharePoint RCE bug exploited to breach corporate network
  
  A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks.
  
  CVE-2024-38094 is a high-severity (CVSS v3.1 score: 7.2) RCE flaw impacting Microsoft SharePoint, a widely used web-based platform functioning as an intranet, document management, and collaboration tool that can seamlessly integrate with Microsoft 365 apps.
  
  Microsoft fixed the vulnerability on July 9, 2024, as part of the July Patch Tuesday package, marking the issue as "important."
  
  Last week, CISA added CVE-2024-38094 to the Known Exploited Vulnerability Catalog but did not share how the flaw was exploited in attacks.

Other Recent Tux Machines' Posts

Slower News [original]: The next few days will be quieter than usual, as per expectations
Mozilla Firefox 133 Is Now Available for Download, Here’s What’s New: Mozilla Firefox 133 open-source web browser is now available for download with the ability to show tabs from other devices in the Tab Overview menu and other changes.
Fwupd 2.0.2 Firmware Updater Adds Support for ASUS ROG Ally, Raspberry Pi Pico: Fwupd 2.0.2 Linux firmware update utiltiy is now available for download with support for checking AMD hardware configuration MSR and other changes.
Canonical wants Ubuntu 20.04 LTS users to upgrade as End of Life approaches: Canonical has issued a warning to users of Ubuntu 20.04 LTS
KDE: Criticism, KUserFeedback (KUF), and Microsoft Outsources: two KDE picks
Review of "How to Make Your Career Suck Less: A Guide to a Less Painful IT Experience" by Igor Ljubuncic [original]: a concise, edited version of the review
Today in Techrights: Some of the latest articles
today's leftovers: only 3 more links for now
Programming Leftovers: coding and more
Security Leftovers: Security related picks
Open Hardware/Modding: Raspberry Pi, Arduino, and More: Raspberry Pi in particular
Server: Kubernetes, Istio, and RHEL Clones: Mostly Red Hat
Barry Kauler's Latest Work on EasyOS: 2 new posts
I'm now using i3 as Window Manager: Even though I love Xfce and have been using it for years
Audiocasts/Shows: Destination Linux, Late Night Linux, and LINUX Unplugged: 3 new episodes
Code of Conduct Censorship and Thomas Bonnefille Joins Bootlin: Kernel news mostly
today's howtos: many howtos for today
Celebrate Thanksgiving by switching from Windows 11 to Linux with elementary OS 8: One super cool feature of elementary OS 8 is its new Secure Session
elementary OS 8 “Circe” Officially Released, Based on Ubuntu 24.04 LTS: The elementary OS team released today elementary OS 8 (codename Circe) as the latest stable version of their Ubuntu-based distribution featuring the modern Pantheon desktop environment with new features and enhancements.
Firefox 134 Enters Beta, Promises Support for Touchpad Hold Gestures on Linux: With Firefox 133 out the door today as the latest stable version of the open-source web browser used by default on all GNU/Linux distributions, Mozilla promoted the next major release, Firefox 134, to the beta channel.
Ubuntu, Mozilla, and C: today's leftovers
Windows TCO Leftovers: True cost of Microsoft
Android Leftovers: Circle to Search could finally ditch a design element we hated back in the Android 12 days
After 16 Years, Pidgin 3 Takes Its First Steps: A blast from the past: Pidgin 3's pre-alpha debuts Dec 31
PipeWire 1.2.7 Enhances ALSA Driver Handling and Adds Lazy Scheduling: PipeWire 1.2.7 is a stable bugfix release that adds lazy scheduling, improves the v4l2 plugin, fixes module crashes, and enhances resampling performance
7 Tricks to Make Learning the Linux Command Line Easier: The Linux command line can seem impenetrable, with arcane instructions and a focus on text interfaces
Call for volunteers: Help us with the GNU Press shop: People around the world are eagerly waiting to receive their GNU Press shop orders, and we need a little help sending everything out
Best Free and Open Source Software, howtos and Installations: Only free and open source software is eligible for inclusion
Vendefoul Wolf – distro based on Devuan: Vendefoul Wolf Linux is a distro based on Devuan and uses the Calamares Installer
This Week in KDE Apps: Bugfixing Week: Welcome to a new issue of "This Week in KDE Apps"! Every week we cover as much as possible of what's happening in the world of KDE apps
KDE Plasma 6.2.4 Re-Enables HDR Mode for Users on NVIDIA 565 and Linux 6.11: The KDE Project released today KDE Plasma 6.2.4 as the fourth maintenance update to the latest KDE Plasma 6.2 desktop environment series with more improvements and bug fixes.
5 ways to get the best Linux support, no matter your skill level: Where do you turn if you're new to Linux or looking for a solution to a problem? Here are your options
Games: Proton Experimental, Star Fox 64, and More: Latest 9 from GamingOnLinux
Today in Techrights: Some of the latest articles
today's leftovers: Misc. picks
today's leftovers: GNU/Linux and FOSS picks
Programming and Development Tools: Programming leftovers mostly
Security Leftovers: only 3 for now
Linux Devices and Open Hardware Leftovers: misc. picks
EasyOS Development Updates: EasyOS's latest
Applications: Makulu Tools, Hugin, amd Email Client: 4 picks regarding software
today's howtos: first big batch
10 Reasons To Choose Ubuntu Server Over the Competition: When you think of a server's operating system (OS), what comes to mind?
Android Leftovers: Why the Pixel Tablet's cancellation makes sense in light of a possible Android and Chrome OS merge
today's leftovers: security and more
Audiocasts/Shows: Linux Out Loud, GNU World Order, Open Source Security Podcast, This Week in Linux: 4 new episodes
Open Hardware/Modding/Retro: GNU-like Mobile Linux, Old Amigas, and More: gadgets and hacking
Guix/Hurd on a Thinkpad X60: A lot has happened with respect to the Hurd since our Childhurds and GNU/Hurd Substitutes post
Free and Open Source Software: Magpie is used by the Budgie Desktop as its window manager
Review: Linux Lite 7.2: Linux Lite 7.2 is an update from the 7.0 release in June, and it's based on Ubuntu 24.04.1 LTS and will receive five years of support
KDE: UX Insights (that we cannot get right now): After the criticism in the last post about the limitations of KUserFeedback (KUF) for doing data-driven UX work
9to5Linux Weekly Roundup: November 24th, 2024: The 215th installment of the 9to5Linux Weekly Roundup is here for the week ending on November 24th, 2024.
Today in Techrights: Some of the latest articles

Tux Machines

Other Sites

LinuxGizmos.com

Pilet: A Portable Cyber-Deck Powered by Raspberry Pi 5 and Dual 8000mAh Batteries

9to5Linux

elementary OS 8 “Circe” Officially Released, Based on Ubuntu 24.04 LTS

Firefox 134 Enters Beta, Promises Support for Touchpad Hold Gestures on Linux

KDE Plasma 6.2.4 Re-Enables HDR Mode for Users on NVIDIA 565 and Linux 6.11

Mozilla Firefox 133 Is Now Available for Download, Here’s What’s New

Fwupd 2.0.2 Firmware Updater Adds Support for ASUS ROG Ally, Raspberry Pi Pico

9to5Linux Weekly Roundup: November 24th, 2024

Tor Project blog

The freedom to browse with privacy

New Release: Tor Browser 14.0.3

news

Security Leftovers

Help Net Security ☛ OpenPaX: Open-source kernel patch that mitigates memory safety errors

PCLinuxOS Magazine ☛ New NIST Password Guidelines

Windows TCO

Bleeping Computer ☛ Microsoft SharePoint RCE bug exploited to breach corporate network

Other Recent Tux Machines' Posts