Other Sites

9to5Linux

Darktable 5.0 Open-Source RAW Image Editor Officially Released, Here’s What’s New

Darktable 5.0 brings major UI/UX improvements like camera-specific styles for more than 500 camera models to more closely approximate the out-of-camera JPEG rendition, an optional splash screen showing startup progress, a high-contrast theme with bright white text on a dark gray background, more new-user hints on an empty Lighttable, and a global preference to swap the left and right side panels in the darkroom view.

CachyOS Now Uses AutoFDO Kernel as Default Across All Supported Architectures

Powered by the latest and greatest Linux 6.12 LTS kernel series, the CachyOS release for December 2024 enables AutoFDO (Automatic Feedback-Directed Optimization) for the default linux-cachyos kernel on all supported architectures for a slight performance boost.

Debian-Based Grml 2024.12 Linux Distro Is Out with Support for 64-Bit ARM CPUs

Based on the software repositories of the upcoming Debian 13 “Trixie” operating system series (a.k.a. Debian Testing) and powered by Linux kernel 6.11, the Grml 2024.12 (codename “Adventgrenze“) release is here to introduce support for 64-bit ARM AArch64 (ARM64) architectures, UEFI 32-bit boot to support 64-bit PCs with 32-bit firmware, and a new Grml flavour naming schema.

DXVK 2.5.2 Improves Support for Alpha Protocol, Borderlands 2, and Other Games

DXVK 2.5.2 is here to add an implementation of D3D9 shader validation interfaces, which is needed for The Void and several other D3D9 games, add support for VK_FORMAT_A8_UNORM to fix warnings in various games, as well as rendering issues in TopSpin 2K25, and optimize the behavior of disabled clip planes for D3D9 games.

LinuxGizmos.com

Progress and Future Plans for Upstream Support of Rockchip RK3588

As 2024 concludes, the Rockchip RK3588 platform has seen substantial progress in upstream support. Collabora’s latest announcement highlights advancements in kernel integration, hardware enablement, and foundational software, driven by the open-source community.

$6.80 LILYGO T7-C6 Board Leverages RISC-V Single-Core Processor & 4MB Integrated Flash Memory

The LILYGO T7-C6 is a compact development board built around the ESP32-C6-MINI-1 module, offering versatile features designed for IoT and wireless communication applications. The board is available with either an onboard PCB antenna or an external antenna and supports modern wireless protocols, including 2.4 GHz Wi-Fi 6, Bluetooth 5 (LE), and IEEE 802.15.4.

Security Leftovers

posted by Roy Schestowitz on Mar 28, 2023

OneNote Embedded URL Abuse

Whilst Microsoft is fixing the embedded files feature in OneNote I decided to abuse a whole other feature. Embedded URLs. Turns out this is something they may also have to fix.
[...]

In my previous blogpost I described how OneNote is being abused in order to deliver a malicious URL. In response to this attack, helpnetsecurity recently reported that Microsoft is planning to release a fix for the issue in April this year. Currently, it’s still unknown what this fix will look like, but from helpnetsecurity’s post, it seems like Microsoft’s fix will focus on the OneNote embedded file feature.

During my testing, I discovered that there is another way to abuse OneNote to deliver malware: Using URLs. The idea is similar to how Threat Actors are already abusing URLs in HTML pages or PDFs. Where the user is presented with a fake warning or image to click on which would open the URL in their browser and loads a phishing page.
Apps running as spot extra secure in Puppy

I watch what Dima (dimkr in the forum) is doing on woof-CE with great interest. In particular, the steps that he has implemented to enhance security for applications running as user 'spot'.

See his summary here:

https://forum.puppylinux.com/viewtopic.php?p=70405#p70405
Microsoft: No-Interaction Outlook Zero Day Exploited Since Last April [iophk: Windows TCO; Ed: Lies, decoys, and distraction. Microsoft is trying to offload blame to those who exploit the holes while Microsoft sits on its hands, making bug doors in everything it makes]

Microsoft says it has evidence that Russian APT actors were exploiting a nasty Outlook zero-day as far back as April 2022, upping the stakes on organizations to start hunting for signs of compromise.

[...]

The vulnerability, tracked as CVE-2023-23397, was flagged in the ‘already exploited’ category when Redmond shipped a fix earlier this month and Microsoft’s incident responders have pinned the attacks on Russian government-level hackers targeting organizations in Europe.
Fortinet’s Threat Report finds attackers are retooling and leveraging more wiper malware

One of the outcomes of war in the modern age is that it can lead to a new class of destructive tools in the hands of cyber threat actors.
FBI warns business email compromise attacks are now targeting commodities

BEC attacks, an attack method that involves fraud enabled by social engineering, are not new. A report in September found that one-third of all cyberattacks now involve BEC, but typically, such attacks aim to steal money. The FBI warning details that those behind the attacks are now also targeting tangible goods.

According to a March 24 announcement by the FBI, criminal actors are impersonating the email domains of legitimate companies to initiate the bulk purchase of goods from vendors across the U.S. The email messages sent to vendors appear to come from known sources of business, which vendors assume are legitimate business transactions, so they fulfill the purchase orders for distribution.
Hacks at Pwn2Own Vancouver 2023

An impressive array of hacks were demonstrated at the first day of the Pwn2Own conference in Vancouver: [...]

Other Recent Tux Machines' Posts

CachyOS Now Uses AutoFDO Kernel as Default Across All Supported Architectures: Today, the development team behind the Arch Linux-based CachyOS distribution released a new ISO snapshot for December 2024 with various improvements, updated components, a new default kernel, and other changes.
2024 Was a Good Year for GNU/Linux and ChromeOS in Malaysia [original]: Microsoft's cash cow, Windows, seems to be dying
Debian-Based Grml 2024.12 Linux Distro Is Out with Support for 64-Bit ARM CPUs: Grml, a live bootable Linux distro based on Debian GNU/Linux and designed for system administrators and users of text tools, has been updated today to version 2024.12, a release that extends hardware support and brings updated components.
DXVK 2.5.2 Improves Support for Alpha Protocol, Borderlands 2, and Other Games: DXVK 2.5.2 is out today as the second maintenance update to the DXVK 2.5 series for this Vulkan-based implementation of D3D9, D3D10, and D3D11 for Linux / Wine.
Rockchip RK3588 mainline Linux support – Current status and future work for 2025: The Rockchip RK3588 is one of the most popular Arm SoCs for single board computers, and while good progress has been made with regards to mainline u-boot and Linux support
New: the Fast Sketch Plugin for Krita: Together with Intel, we have been working a new plugin for Krita
Rhino Linux Is One of the Most Innovative Linux Distros: Rhino Linux is a gorgeous desktop that will appease both new users and those with plenty of Linux skills
Free and Open Source Software: This is free and open source software
I converted this Windows 11 Mini PC into a Linux workstation - and didn't regret it: The Herk Orion is a capable Ryzen-powered Mini PC in its own right
Wine 10.0-rc3: The Wine development release 10.0-rc3 is now available
Today in Techrights: Some of the latest articles
Linux, BSD, and Free, Libre Software: today's leftovers
Security Leftovers: Security and back doors
Programming Leftovers: Development related picks
CMS/SSG Updates: Ghost, WordPress, and More: Content Management Systems (CMS) / Static Site Generators (SSG) picks
Open Hardware/Modding: RISC-V, Amiga, and More: some hardware picks
Christian Hergert's December Projects and This Week in GNOME: GNOME projects' updates and developers
GNU/Linux Benchmarks on x86: Benchmarks from two sites
Darktable 5.0 Open-Source RAW Image Editor Officially Released, Here’s What’s New: Darktable 5.0 open-source raw image editor has been released today as a major update introducing new features, improvements, and enhanced camera support.
today's leftovers: BSD, SUSE, and more
Programming Leftovers: Development and more
Open Hardware/Modding: Arduino, Raspberry Pi, and More: Hardware links
New in Red Hat's Site and Some Red Hat Fluff: redhat.com and more
today's howtos: Instructionals/Technical articles and posts
Security and Windows TCO: incidents and more
Android Leftovers: Android 16 may promote this Google app to a core app that cannot be uninstalled
openSUSE Unveils YQPkg, a Standalone GUI Package Management Tool: YQPkg is a new Qt-based GUI package management tool for openSUSE
Adélie Linux 1.0 – small, fast, but not quite grown up: Remarkably compact, remarkably cross-platform, remarkably long beta period
When World Collides : the new and improved Pepper&Carrot website: It's been a month and a half of intense work, but I'm thrilled to finally share the results with you
NGINX vs Apache; Web Server Comparison: NGINX and Apache are leading web server solutions utilized for hosting websites and web applications
LibreOffice Themes will replace the color customization: Since the first implementation of a dark color theme we continuously improved the customization of LibreOffice
DeLinuxCo Workstation – Manjaro spin: DeLinuxCo Workstation is a Linux distribution that’s based on Manjaro
Best Free and Open Source Software: Only free and open source software is eligible for inclusion here
New LabPlot User Documentation: In recent weeks we have been working on transferring LabPlot’s documentation to a new format
Games: Team Fortress, OFF, and More: 8 new articles
This Week in Plasma: end-of-year bug fixing: Lots of KDE folks are winding down for well-deserved end-of-year breaks
A systemd-sysupdate Plugin for GNOME Software: Towards Making GNOME OS' Boot Trusted
LXC/LXCFS/Incus 6.0.3 LTS release: The Linux Containers project maintains Long Term Support (LTS) releases for its core projects
Today in Techrights: Some of the latest articles
Kali Linux 2024.4 Released with Linux Kernel 6.11, GNOME 47, and New Hacking Tools: Offensive Security announced today the release and general availability of Kali Linux 2024.4 as the latest stable ISO snapshot of this Debian-based rolling release distro for ethical hacking and penetration testing.
today's leftovers: GNU/Linux, Free software, and more
today's howtos: 3 howtos for now
Games: SteamOS, Godot, and More: 3 picks for now
FRAME sockets added to OpenBSD and NetBSD 10.1 available: some BSD news
Red Hat Leftovers: DNF, CentOS, and More
Open Hardware: Raspberry Pi, ESP32, and More: Hardware picks
LibreOffice 24.8.4 Office Suite Is Now Available for Download with 55 Bug Fixes: The Document Foundation announced today the general availability of LibreOffice 24.8.4 as the fourth maintenance update to the latest LibreOffice 24.8 office suite series to address more than 50 bugs.
Mozilla: Hey Hi (AI) Nonsense, Thunderbird Update, Plunder by the Executives, Surveillance, and Financial Interferences: Bad and meh from Mozilla... company gone astray
Applications: Kodi, Virtual Data Room (VDR), Quick Web Apps, GNOME Maps: Some Free software news
WordPress: Holiday Break: I hope to find the time, energy, and money to reopen all of this sometime in the new year
today's howtos: Instructionals/Technical articles
Want to save your old computer? Try these 6 Linux distros: Here's how to save money, reduce e-waste, and extend the life of your old hardware at the same time
Fedora Asahi Remix 41 Released for Apple Silicon Macs with KDE Plasma 6.2: Today, the Fedora and Asahi Linux projects announced the general availability of Fedora Asahi Remix 41 as the latest version of this distribution developed for Apple Silicon Macs.
Calibre 7.23 Brings Cover Preview and Tag Browser Updates: Calibre 7.23 update: Manage book data files, expanded Tag browser, template import/export
today's leftovers: Debian, Canonical, IBM, and more
Hardware: OpenWrt, Raspberry Pi, Armv9, and More: Open Hardware focus
FSF, Fake 'FSF' (FSFE, Sponsored by Microsoft), and Openwashing: Some Free and nonfree picks
Programming Leftovers: Development picks
Windows TCO, Security, and CISA: incidents and more
Games: Godot, FromSoftware, Stalker 2: Heart of Chornobyl, and New Steam Games with Native GNU/Linux Clients: 4 new stories
Mobile testing in libadwaita: Lately I’ve been working on touch controls overlays in Highscore
Android Leftovers: Google Keep making users ‘reload’ notes, rounds corners on Android
Xfce 4.20 Desktop Environment Released with Experimental Wayland Support: Two years after the release of Xfce 4.18, Xfce 4.20 is here as another major update to this light and fast desktop environment for GNU/Linux distributions.
Kdenlive 24.12 Added Multiple Subtitle Tracks & Removed Qt5 Support: Kdenlive, the popular Qt-based free open-source video editor
These 6 Linux myths you still believe simply aren't true: Linux is everywhere. It's on the majority of servers, powers the Steam Deck handheld gaming device
Best Free and Open Source Software: We recommend the best free and open source software
Luckfox Reveals First Boards Featuring Rockchip RK3506G2 Triple-Core Processors with Linux Support: Luckfox indicates on their Wiki pages that the Lyra series supports operating systems such as Buildroot and Ubuntu 22.04
Stable kernels: Linux 6.12.6, Linux 6.6.67, Linux 6.1.121, Linux 5.15.175, Linux 5.10.232, and Linux 5.4.288: I'm announcing the release of the 6.12.6 kernel
Fedora Server User Survey: Your Cattle or Your Pets: Your answers will help us focus our efforts to improve Fedora Server and provide better support for your use cases
Today in Techrights: Some of the latest articles

Tux Machines

Other Sites

Security Leftovers

Microsoft: No-Interaction Outlook Zero Day Exploited Since Last April [iophk: Windows TCO; Ed: Lies, decoys, and distraction. Microsoft is trying to offload blame to those who exploit the holes while Microsoft sits on its hands, making bug doors in everything it makes]

Other Recent Tux Machines' Posts