Other Sites

Internet Society

No Power = No 1s and 0s. Internet Resilience Requires Electrical Resilience

Last week, Cuba lost all Internet connectivity when Hurricane Rafael struck the nation and caused a failure in its power infrastructure. This was only a few weeks after the shutdown of a major power generation plant caused a nationwide power outage and a loss of all Internet connectivity. In late October, the Caribbean island of Guadalupe dropped off the Internet as striking workers took over and shut down the island’s main power plant.

LinuxGizmos.com

OrangePi 4A with Octa-Core ARM Cortex-A55, RISC-V Coprocessor, and M.2 2280 PCIe 2.0 NVMe SSD Support

Following the launch of the OrangePi RV in September, OrangePi has introduced another single-board computer, the OrangePi 4A. With a form factor similar to the Raspberry Pi, this board features an M.2 2280 slot for storage, dual camera interfaces, and multiple display peripherals.

Advancing Open-Source Support for MediaTek’s Genio IoT Platforms with Collabora

MediaTek is advancing its IoT Edge AI capabilities by expanding upstream support for its Genio platforms. Building on the success of the MediaTek Kompanio Chromebook project, this new initiative brings the focus to MediaTek’s Genio Evaluation Kits, which are being integrated into Collabora’s Linux development ecosystem.

Clipper HAT Mini Brings 4G LTE Connectivity to Raspberry Pi, Includes Free 100MB SIM Card

Pimoroni’s new Clipper HAT Mini brings 4G LTE connectivity to the Raspberry Pi, enabling projects to operate where Wi-Fi is limited or unavailable. Designed for remote applications, it supports reliable data transmission for outdoor sensors, mobile setups, and monitoring systems.

System76 Meerkat MiniPC with 13th Gen Intel Processors and M.2 2280 Slot

The Meerkat mini-desktop is a compact, versatile solution for professional and personal use, supporting multitasking on up to four displays with seamless media, email, and web browsing on Pop!_OS or Ubuntu.

9to5Linux

LibreOffice 24.8.3 Office Suite Is Now Available for Download with 88 Bug Fixes

LibreOffice 24.8.3 is here one and a half months after the LibreOffice 24.8.2 release to address more of those pesky bugs, crashes, and other annoyances reported by users, thus improving its overall stability and reliability of the open-source, free, and cross-platform office suite.

Security: Patches, Flaws, and FUD

posted by Roy Schestowitz on Aug 23, 2022

Security updates for Tuesday [LWN.net]

Security updates have been issued by Oracle (kernel and kernel-container), SUSE (bluez, gimp, rubygem-rails-html-sanitizer, systemd-presets-common-SUSE, and u-boot), and Ubuntu (libxslt).
7 open-source malware analysis tools you should try out

There are two main types of malware analysis: static and dynamic.

Performing static analysis of a malicious binary means concentrating on analyizing its code without executing it. This type of analysis may reveal to malware analysts not only what the malware does, but also its developer’s future intentions (e.g., currently unfinished functionalities).
CISA releases 7 Industrial Control Systems Advisories | CISA

CISA has released 7 Industrial Control Systems (ICS) advisories on August 23, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Measuresoft ScadaPro Server and Client [Ed: Microsoft TCO (ActiveX)]

ScadaPro Server uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file.
Measuresoft ScadaPro Server [Ed: Microsoft TCO (ActiveX) again]

The affected product uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file.
'DirtyCred' Vulnerability Haunting Linux Kernel for 8 Years [Ed: It's not a very severe issue; only existing tenants of the same machine can exploit this]

Academic researchers from Northwestern University have shared details on ‘DirtyCred’, a previously unknown privilege escalation vulnerability affecting the Linux kernel.
CERT-In issues threat alert for high severity vulnerabilities in Linux, Unix and Realtek SDK [Ed: This is an issue in unrar, which few Linux machines even have installed; it's not a "Linux" issue]

The path traversal vulnerability in Linux and Unix reportedly exists in the RarLab’s UnRAR utility tool. It can be exploited by attackers to execute arbitrary codes on the targeted systems.
Preparing Your Incident Response Team for Container Incidents

The use of containers—and orchestration platforms like Kubernetes—is increasing rapidly around the globe. Analysts predict that by 2023, more than 70% of global organizations will be running more than two containerized applications in production, up from less than 20% in 2019. The downside of this rapid growth is that many organizations have fallen behind when it comes to securing all of this new technology. This is especially true when it comes to responding to any incidents which may occur in containers.

This article will give you five practical steps to ensure that, when a security incident involving a container happens, your incident response team will be prepared. It is very easy to think that existing policies, methods and tools will cover containers, but they are actually very different and must be accounted for during an incident response effort.
VMware Releases Security Update

VMware has released a security update to address a vulnerability in Tools. A remote attacker could likely exploit the vulnerability to take control of an affected system.

Other Recent Tux Machines' Posts

Red Hat Enterprise Linux 9.5 Released with Sudo System Role and Podman 5.0: Red Hat announced today the release and general availability of Red Hat Enterprise Linux 9.5 as the latest version of this enterprise Linux distribution.
LibreOffice 24.8.3 Office Suite Is Now Available for Download with 88 Bug Fixes: The Document Foundation announced today the general availability of LibreOffice 24.8.3 as the third maintenance update to the latest LibreOffice 24.8 office suite series fixing more than 80 bugs.
GNU/Linux Leftovers: and more
LinuzGizmos: Open-Source, Raspberry Pi, and System76: Collabora plans to launch a blog series detailing the open-source development progress on MediaTek’s Genio platforms
Games: Half-Life 2, Telltale Collection Humble Bundle, and More: GamingOnLinux - the latest 10 articles
digiKam 8.5.0 is released: After five months of active maintenance and many weeks triaging bugs, the digiKam team is proud to present version 8.5.0 of its open source digital photo manager
Android Leftovers: How To Use Lockdown Mode To Secure Your Android Smartphone
WUD 7.1 Brings Fresh Notification Features to Docker Monitoring: WUD 7.1 (What's up Docker?) enhances Docker monitoring with Gotify, Ntfy alerts, HTML Pushover support, and UI improvements
Incus 6.7 Container & Virtual Machine Manager Released: Incus 6.7 simplifies cluster management and web UI access while enhancing OCI DHCP renewals and instance refresh
LXQt packs Wayland punch with 2.1 release: The lightest mainstream Linux desktop joins the tiny handful that support X.org replacement
Best Free and Open Source Software: We only feature free and open source software here
This Week in Plasma: Discover and System Monitor with a side of WINE: This week no major new features were merged, so we focused on polishing up what we already have and fixing bugs
Security Leftovers: Security related picks
Free, Libre, and Open Source Software and Standards: mostly FOSS and programming
today's leftovers: GNU/Linux focused
Fedora and Red Hat Leftovers (and Puff Pieces): a mixed bag
today's howtos: only 4 of them for now
Applications: Rhythmbox Update, Programs for Professional Writers, and Alternatives to the ZIP Command in GNU/Linux: mostly Free software for this batch
Today in Techrights: Some of the latest articles
It's FOSS and Linuxiac Helping Non-FOSS (Proprietary) and Microsoft: disappointing
KDE Gear 24.12 Beta Testing: KDE Gear is our release service for many apps such as mail and calendaring supremo Kontact
BSD: BSD Now, FreeBSD at EuroBSDCon 2024 and FreeBSD Backlight/screen Brightness on Thinkpad X1: BSD news, a pair of articles
Security, FUD, and Windows TCO: security-themed news picks
Programming Leftovers: Development links, may about Python
Latest From Red Hat's Site: some promotion of proprietary stuff
Games: Old Skies, New Steam Games with Native GNU/Linux Clients, PlayStation Emulators: 4 more stories for today
today's howtos: first long batch for today
GNU/Linux and Devices: Wind River, GenBook, Raspberry Pi, and Arduino: several devices that are freedom-centric
PostgreSQL: PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 Released!: versions of PostgreSQL, including 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21
Games: Prime Gaming, Temtem: Swarm, VoxeLibre, and More: GamingOnLinux picks
Games: Steam Deck 2, GodotCon 24, and 'Monarchy' Review on GNU/Linux and Steam Dec: 3 gaming related news picks
mesa 24.3.0-rc2: We have a fairly small RC2 today
Android Leftovers: Arc Browser for Android is now available for all
Ultra-efficient Q4OS 5.7 comes with Debian 12.8-specific changes and more: More than two months after the arrival of its predecessor, Q4OS 5.7 surfaces with Debian Bookworm 12.8-specific updates
The Pros And Cons Of Open Source Software: Is It Really Safe?: If you haven't heard of Linux (or don't know what it does) the TL;DR is that it's a free, open source operating system that can be used by anyone on almost any device
What’s new for Fedora Atomic Desktops in Fedora 41: So let’s see what arrives with the new releases for the Fedora Atomic Desktops variants (Silverblue, Kinoite, Sway Atomic and Budgie Atomic)
A New Linux Distro Has Set Out To Look Like Windows 11: I Try AnduinOS!: We take a brief look at AnduinOS, trying to mimic the Windows 11 look. Is it worth it
Free and Open Source Software, howtos and Installations: This is a multi-part blog looking at a DreamQuest N100 Mini PC running Linux
PureOS Crimson Development Report: October 2024: Welcome to the fourth installment in our PureOS development series
RIP Jérémy Bobbio (Lunar): Longtime Debian and Tor developer, Jérémy Bobbio—perhaps better known as "Lunar"—died on November 8
Stable kernels: Linux 6.11.8, Linux 6.6.61, Linux 6.1.117, and Linux 5.15.172: All users of the 6.11 kernel series must upgrade
Today in Techrights: Some of the latest articles
Buy Nothing Day: This weekend is book-ended by two orgies of consumption, "Black Friday" and "Cyber Monday"
Free, Libre, and Open Source Software and Standards: Even some Openwashing ny OSI
HowTos, EasyOS, Debian, OpenSUSE: today's leftovers
Red Hat Leftovers: lots of fluff though
Programming Leftovers: Development links
Devices/Embedded: GenBook, Amiga, RISC-V, FPGAs, and More: Open Hardware-focused
Raspberry Pi Projects and News: 5 of them
xcompmgr 1.1.10: xcompmgr is a sample compositing manager for X servers
today's howtos: first batch for Friday
today's leftovers: 4 misc. stories
Windows TCO Leftovers: Windows TCO stories
Games: Yawnoc, GOG, GTA, and More: Latest from GamingOnLinux
Safety in an unsafe world: Joshua Liebow-Feeser took to the stage at RustConf to describe the methodology that his team uses to encode arbitrary constraints in the Rust type system when working on the Fuchsia operating system
The Overture open-mapping project: OpenStreetMap tends to dominate the space for open mapping data
today's leftovers: operwashing and more
Android Leftovers: How to remove a Google account from your Android phone: Quick and easy guide (2024)
WordPress 6.7 'Rollins': WordPress 6.7, code-named 'Rollins,' celebrates legendary jazz saxophonist Sonny Rollins and debuts the sleek, versatile Twenty Twenty-Five theme, designed for any blog, any scale
Ubuntu 25.04 Set to Ship With New PDF Viewer: It could be all change for the PDF viewer in the next version of Ubuntu
EDATEC ED-GWL1010: Amlogic S905X4-based PoE-enabled LoRaWAN gateway targets Smart Buildings and IoT applications: The ED-GWL1010 runs Debian 11 Lite, a streamlined 64-bit OS ideal for IoT tasks
CachyOS ISO Release for November Improves Support for AMD and NVIDIA Users: The development team behind the Arch Linux-based CachyOS distribution released today a new ISO snapshot that brings various improvements for AMD and NVIDIA GPUs, as well as other changes.
Best Free and Open Source Software: We only include free and open source software
FreeBSD 14.2-BETA2 Now Available: The second BETA build of the 14.2-RELEASE release cycle is now available
Ubuntu Touch OTA-6 Focal Release: Ubuntu Touch 20.04 OTA-6 contains only a minimal number of changes due to our current focus on Ubuntu base OS upgrade
Video: Steam Deck, Backdoors, Miriway, Wayland, and More: new videos
VLC playback delay on seek (jump to another timestamp): I never had such issues with VLC before, but they are now present in the media player in my Kubuntu 22.04 on my Slimbook Executive
A tribute to Dian Ina Mahendra: It is with a heavy heart that I share the passing of my dear friend, Dian Ina Mahendra, who left us after a long battle with illness
Communities aren’t an accidental collection of strangers with a common interest: To bring it back to open source projects: if you’re moderately successful
Latest in Perl: From Perl.org (official site)
The OpenWrt One system: OpenWrt is, despite its relatively low profile, one of our community's most important distributions
Building secure images with NixOS: They promise reliability and security, but pose packaging problems for existing distributions
today's leftovers: Red Hat and more
Audiocasts/Shows: Linux Matters, Destination Linux, and More to Come: 2 new episodes
Today in Techrights: Some of the latest articles
GIMP 3.0 Release Candidate Is Now Available for Public Testing: The development team behind the popular GIMP open-source image editing software announced today the general availability of the Release Candidate (RC) milestone of the highly anticipated GIMP 3.0 release.

Tux Machines

Other Sites

Security: Patches, Flaws, and FUD

Measuresoft ScadaPro Server and Client [Ed: Microsoft TCO (ActiveX)]

Measuresoft ScadaPro Server [Ed: Microsoft TCO (ActiveX) again]

'DirtyCred' Vulnerability Haunting Linux Kernel for 8 Years [Ed: It's not a very severe issue; only existing tenants of the same machine can exploit this]

CERT-In issues threat alert for high severity vulnerabilities in Linux, Unix and Realtek SDK [Ed: This is an issue in unrar, which few Linux machines even have installed; it's not a "Linux" issue]

Other Recent Tux Machines' Posts