0

SMLR 314 Let’s Talk About Pie

Posted by Tom Lawrence on September 9, 2019 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 314

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

Tom

 

Microsoft is Bringing exFAT to the Linux Kernel (And No-One’s Getting Sued) Microsoft has announced that it’s bringing exFAT support to the Linux kernel, with code contributed licensed under GPLv2.

https://www.omgubuntu.co.uk/2019/08/microsoft-is-bringing-exfat-to-the-linux-kernel

 

Dell made an index for their Linux Workstations and Laptops 

www.Dell.com/linux 

 

ARM-Powered Lenovo Yoga C630 Laptop To See Better Support With Linux 5.4

https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.4-Yoga-C630-Lenovo-ARM

 

How to Install Shutter Screenshot Tool in Ubuntu 19.04

https://itsfoss.com/install-shutter-ubuntu/

 

Ubuntu 19.10 Planned Features

https://www.omgubuntu.co.uk/2019/05/ubuntu-19-10-release-features

And the biggest single change in Ubuntu 19.10 is the decision to include NVIDIA drivers on the ISO install image.
Theme support for Snap apps

Ubuntu Dock trash & external drive icons

Updated Yaru GTK Theme

Guest Session support in login screen

Fwupd available as a Snap (Firmware Updater)

Experimental ZFS file system install option

 

WireGuard Releases New Snapshot While Not Expected For Linux 5.4 Mainline

https://www.phoronix.com/scan.php?page=news_item&px=WireGuard-0.0.20190905

 

Python is eating the world: How one developer’s side project became the hottest programming language on the planet

https://www.techrepublic.com/article/python-is-eating-the-world-how-one-developers-side-project-became-the-hottest-programming-language-on-the-planet/

 

An Overview of Intel’s Clear Linux, its Features and Installation Procedure
Clear Linux is a product of Intel’s Open Source Technology Center focusing mainly on the cloud. It’s not your regular general-purpose Linux distributions, but a distribution that mostly suits various cloud use cases leveraging the best of Intel’s hardware and architecture. There are better power management and performance optimizations along with various other features.

https://itsfoss.com/clear-linux/

 

8-Way Linux Distribution Benchmarks On The AMD EPYC 7742 2P Server

https://www.phoronix.com/scan.php?page=article&item=8way-amd-rome&num=1

When taking the geometric mean from the dozens of tests carried out successfully on all eight Linux distributions under test, Intel’s Clear Linux was still the fastest distribution tested on this AMD EPYC 7742 2P “Rome” server.

 

Phil

Pre-show discussion: Does a package mirror exist that transmits data via the torrent protocol rather than http(s)?

 

PPPoE = Point-to-Point Protocol over Ethernet. It is used mainly with DSL services where individual users connect to a DSL modem over Ethernet.

 

Rebuilt my barn radio https://philporada.com/imgs/barn-radio.jpg

 

Rebuilt my firewall

https://www.pcengines.ch/apu4c4.htm

4GB DDR3 ECC Ram

1 GHz quad Jaguar core with 64 bit and AES-NI support

4Gig-E ports

 

Deployed plex on my _old_ firewall https://hub.docker.com/r/plexinc/pms-docker/

 

https://www.satellitetoday.com/imagery-and-sensing/2019/09/05/sstl-releases-raspberry-pi-camera-image-and-video/

Surrey Satellite Technology today released an image and video of the Earth captured from Low-Earth Orbit by a Raspberry Pi camera and computer on board a satellite launched on a Soyuz rocket in July 2019.

 

The image includes the coasts of France, Belgium, The Netherlands and Germany with Denmark and is believed to be the first acquired in low earth orbit by a commercial off-the-shelf Raspberry Pi camera.

 

https://nvd.nist.gov/vuln/detail/CVE-2019-15846

Exim RCE THIS IS BAD

Exim is a popular MTA – mail transfer agent. An MTA directly receives SMTP from a client.

 

The SMTP Delivery process in all versions up to and including Exim 4.92.1 has a Buffer Overflow.  In the default runtime configuration, this is exploitable with crafted Server Name Indication (SNI) data during a TLS negotiation. In other configurations, it is exploitable with a crafted client TLS certificate. Not currently on https://github.com/google/oss-fuzz and it needs to be because Exim is written in C.

 

https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/

In 2017, Mozilla began working on the DNS-over-HTTPS (DoH) protocol. The key findings from this study were to determine how Mozilla could best deploy DoH, honor enterprise configuration and respect user choice about parental controls.

 

Mozilla plans to gradually roll out DNS-over-HTTPS in the USA starting in late September. The plan is to slowly enabling DoH for a small percentage of users. If this goes well, Mozilla will announce when they’re ready for 100% deployment.

 

https://www.zdnet.com/article/free-software-advocate-richard-stallman-spoke-at-microsoft-research-this-week/

Richard Stallman spoke at Microsoft Research this week

A day later, everyone’s seemingly alive but Windows still isn’t ‘free.’

The main topics of the discussion are the continued importance of free software, GPL v3, GNU vs. Linux. Stallman stated that “he had a list of ‘small requests’: make Github push users to better software license hygiene, make hardware manufacturers to publish their hardware specs, make it easier to workaround Secure Boot.”

 

If you’re wondering whether Stallman’s distaste for Microsoft has lessened over the years, his personal home page makes it clear that it has not. The front and center of his main page is a list of “Reasons not to use Microsoft.” The list is current, and includes “Microsoft recorded users of Xboxes and had human workers listen to the recordings,” and “Microsoft tricked users into ‘upgrading’ to Windows 10.'” 

At one point he did state “Sometimes there is a use for windows.”

 

Tony

——————

 

FiftyOneFifty passed away on 9/5/2019,  No details as of now but he will be missed.

 

Android Q/10 released

https://www.techradar.com/news/android-q 

 

0

SMLR 313 Detroit Linux

Posted by Tom Lawrence on August 25, 2019 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 313

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

Triva: 28 year ago today Linus posted in a thread “What would you like to see most in minix?

“just a hobby, won’t be big and professional like gnu”

https://groups.google.com/forum/#!msg/comp.os.minix/dlNtH7RRrGA/SwRavCzVE7gJ

 

Ubuntu 18.04.3 LTS Arrives with Linux Kernsigel 5.0

https://www.omgubuntu.co.uk/2019/08/ubuntu-18-04-3-point-release

 

Japanese anime studio Khara moving to Blender

https://www.blender.org/user-stories/japanese-anime-studio-khara-moving-to-blender/

 

Blender and Next Gen: a Netflix Original

https://www.blender.org/conference/2018/presentations/467

 

When looking at the geometric mean for all the CPU-based renderer tests run for this article, the AMD EPYC 7742 2P server was delivering about 78% better performance than the dual Intel Xeon Platinum 8280 server and similarly for the previous-gen EPYC 7601 performance. Making the EPYC Rome processors even more compelling for render farms is the EPYC 7742 costs less than the Xeon Platinum 8280 and in general more favorite pricing than Cascade Lake at current retail prices.

https://www.phoronix.com/scan.php?page=article&item=blender-epyc-7742&num=3

 

CutiePie is an 8-inch open-source tablet built on top of Raspberry Pi. For now, it is just a working prototype which they announced on Raspberry Pi forums.

https://itsfoss.com/cutiepi-open-source-tab/

 

Knoppix 8.6 Released – This Original Linux Live Distro Now Based On Debian Buster

https://www.phoronix.com/scan.php?page=news_item&px=Knoppix-8.6-Released

 

Over the past few months, System76 has been developing a simple, easy-to-use tool for updating firmware on Pop!_OS and System76 hardware. Today, we’re excited to announce that you can now check and update firmware through Settings on Pop!_OS, and through the firmware manager GTK application on System76 hardware running other Debian-based distributions.

https://blog.system76.com/post/187072707563/the-new-firmware-manager-updating-firmware-across

 

Linux 5.3 Kernel Yielding The Best Performance Yet For AMD EPYC “Rome” CPU Performance

https://www.phoronix.com/scan.php?page=news_item&px=AMD-EPYC-Rome-Linux-5.3-Perf

 

 

Since announcing its Red Hat acquisition, IBM has been on an open source roll, open sourcing everything from Kabanero, software to make it easy for enterprises to tackle Kubernetes deployments, to Razee, battle-tested software it’s been using in its cloud to manage applications in Kubernetes cluster deployments. This week the company went a step further and threw its big blue fedora into the open silicon ring by open sourcing its Power processor.

https://www.datacenterknowledge.com/ibm/ibm-open-sources-its-workhorse-power-chip-architecture

 

Jay

Fedora Switching To The BFQ I/O Scheduler For Better Responsiveness & Throughput

https://www.phoronix.com/scan.php?page=news_item&px=Fedora-Switching-To-BFQ

 

Enhancing our ZFS support on Ubuntu 19.10 – an introduction

https://ubuntu.com/blog/enhancing-our-zfs-support-on-ubuntu-19-10-an-introduction

 

Enhanced Livepatch desktop integration available with Ubuntu 18.04.3 LTS

https://ubuntu.com/blog/enhanced-livepatch-desktop-integration-available-with-ubuntu-18-04-3-lts

 

System76 Unveils Graphical Firmware Updater for All Debian-Based Linux Distros

https://news.softpedia.com/news/system76-unveils-graphical-firmware-updater-for-all-debian-based-linux-distros-527046.shtml

Tony

—-

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

https://krebsonsecurity.com/2019/08/breach-at-hy-vee-supermarket-chain-tied-to-sale-of-5m-stolen-credit-debit-cards/

 

Hackers Want $2.5 Million Ransom for Texas Ransomware Attacks

https://krebsonsecurity.com/2019/08/breach-at-hy-vee-supermarket-chain-tied-to-sale-of-5m-stolen-credit-debit-cards/ 

 

D-Link DIR-600M – Authentication Bypass (Metasploit)

https://www.exploit-db.com/exploits/47250 

 

0

SMLR 312 Merge branch ‘floppy’

Posted by Tom Lawrence on August 6, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 311

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

 

System76 Is Launching An Insanely Powerful Linux Laptop With 4K OLED Display And Intel i9-9980HK

https://www.forbes.com/sites/jasonevangelho/2019/08/02/system76-is-launching-an-insanely-powerful-linux-laptop-with-4k-oled-display-and-intel-i9-9980hk/#3e5038ed15e3

 

Linux finally dropping floppy drive support

https://techreport.com/news/3464145/linux-dropping-floppy-drive-support/

https://github.com/torvalds/linux/commit/47d6a7607443ea43dbc4d0f371bf773540a8f8f4

 

Proton 4.11 released, kernel packages available for testing

https://steamcommunity.com/games/221410/announcements/detail/2957094910196249305

 

Valve LKML post

https://lkml.org/lkml/2019/7/30/1399

 

Kali Linux For Raspberry Pi 4 Is Now Officially Released

https://www.kali.org/news/raspberry-pi-4-and-kali/

 

Alibaba Chip Subsidiary Launches First Product Using Open-Source Architecture

https://www.caixinglobal.com/2019-07-25/alibaba-chip-subsidiary-launches-first-product-using-open-source-architecture-101443785.html

 

Deepin 15.11 Released
Deepin desktop environment (DDE) uses the Kwin (KDE Window Manager) for compositing and management. As well boasting a crop of bug fixes, the new version of dde-kwin is said to be lighter and less crashy than before.

https://www.omgubuntu.co.uk/2019/07/deepin-15-11-released-this-is-whats-new

 

Facebook open-sources algorithms for detecting child exploitation and terrorism imagery

https://www.theverge.com/2019/8/1/20750752/facebook-child-exploitation-terrorism-open-source-algorithm-pdq-tmk

 

Apple joins the Data Transfer Project: an open source project to allow data portability

https://www.techspot.com/news/81221-apple-joins-data-transfer-project-open-source-project.html

 

IBM JUST MADE ITS CANCER-FIGHTING AI PROJECTS OPEN-SOURCE

https://futurism.com/the-byte/ibm-cancer-ai-open-source

 

Understanding Linux /etc/passwd File Format

https://www.2daygeek.com/understanding-linux-etc-passwd-file-format/

 

Phil

– – – –

 

Cool tool

Sampler is a tool for shell commands execution, visualization and alerting. Configured with a simple YAML file.

The license is pretty restrictive in that the software can only be used by a single user.

https://github.com/sqshq/sampler

 

Flame graphs are a visualization of profiled software, allowing the most frequent code-paths to be identified quickly and accurately.

The x-axis shows the stack profile population, sorted alphabetically (it is not the passage of time), and the y-axis shows stack depth, counting from zero at the bottom. Each rectangle represents a stack frame. The wider a frame is, the more often it was present in the stacks. The top edge shows what is on-CPU, and beneath it is its ancestry.

Flame graphs can be generated from any profile data that contains stack traces, including from the following profiling tools:

 

Linux: perf, eBPF, SystemTap, and ktap

Solaris, illumos, FreeBSD: DTrace

Mac OS X: DTrace and Instruments

Windows: Xperf.exe

https://github.com/brendangregg/FlameGraph

 

In Episode 311 we mentioned that Epic Games awarded the Blender Foundation with $1.2 million dollars. This is the first big release since that award.

Blender 2.80 features a redesigned user interface that puts the focus on the artwork that you create. A new dark theme and modern icon set were introduced. Keyboard, mouse and tablet interaction got a refresh with left click select as the new default. Quick Favorites menus provide rapid access to often-used tools.

Following up on the

https://www.blender.org/download/releases/2-80/

 

https://www.forbes.com/sites/jasonevangelho/2019/08/03/manjaro-linux-team-responds-to-libreoffice-versus-freeoffice-in-upcoming-version-18-1/#66e12542bf46

 

The Linux community was in a bit of an uproar this week when Manjaro Linux announced that it would be swapping out the open source office suite LibreOffice in version 18.1 and replacing it with the proprietary FreeOffice. It’s due to a new partnership between the Manjaro developers and FreeOffice creator SoftMaker.

 

After community backlash, the Manjaro developers decided on a solution that would be the best of both worlds, offer their users the choice to pick which

office suite to install. Softmaker went on to publicly state they will be adding save to DOC, XLS, PPT, ODT to their FreeOffice free tier as well.

 

Debian 10 Buster is now available on DistroTest

DistroTest allows you to take a look at the existing systems, test them live in your browser without any installation. Typically you wait up to 1 minute in a queue before being presented with a popup VNC browser.

https://distrotest.net/Debian/10.0

 

GitHub is blocking users in Crimea, Cuba, Iran, North Korea and Syria from accessing its services to comply with U.S. trade control laws.

The Microsoft-owned company disclosed the action on a support page as a courtesy, noting that GitHub users ultimately are responsible for ensuring that their use of GitHub’s products and services complies with all applicable laws and regulations.

The blocking is based on source IP address and payment history for GitHub Pro accounts. GitHub states that developers are not allowed to use VPNs to circumvent the ban. However, this is just an ongoing game of cat and mouse. The developers this ban has blocked are those technical enough to research ways to evade being blocked.

https://www.linuxinsider.com/story/GitHub-Blocks-Devs-in-US-Sanctioned-Regions-86154.html

 

0

SMLR 311 Dial 311 for Linux

Posted by Tom Lawrence on July 24, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 311

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

Kdenlive update

https://kdenlive.org/en/2019/07/kdenlive-19-04-3-is-out/

 

How to Mirror & Control Your Android Phone using Scrcpy

https://www.omgubuntu.co.uk/2019/07/scrcpy-mirror-android-to-ubuntu-linux

 

New Pinebook Pro Video Demos 4K Video, External Monitor, and WebGL

https://www.omgubuntu.co.uk/2019/07/new-pinebook-pro-video-demo

 

Libinput update

https://www.phoronix.com/scan.php?page=news_item&px=Libinput-1.14-Release-Candidate

 

AMD Releases BIOS Fix To Motherboard Partners For Booting Newer Linux Distributions

https://www.phoronix.com/scan.php?page=news_item&px=AMD-Releases-Linux-Zen2-Fix

 

Open Source Bionic Leg

https://news.umich.edu/open-source-bionic-leg-first-of-its-kind-platform-aims-to-rapidly-advance-prosthetics/

https://opensourceleg.com/

 

Don’t ask why, ask why not!

https://twitter.com/MattisLind/status/1147536339291791361

 

Tony

———–

Hackers breach FSB contractor, expose Tor deanonymization project and more

https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/#ftag=RSSbaffb68 

 

Slack to reset passwords for tens of thousands of users

https://www.zdnet.com/article/slack-to-reset-passwords-for-tens-of-thousands-of-users/#ftag=RSSbaffb68 

 

QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

https://krebsonsecurity.com/2019/07/quickbooks-cloud-hosting-firm-insynq-hit-in-ransomware-attack/ 

 

Bar Camp Grand Rapids – August 9 & 10, 2019

https://barcampgr.org/

Phil

——-

Epic Games Awards Open Source 3D Creation Tool Blender With $1.2 Million

https://www.theouterhaven.net/2019/07/epic-games-awards-open-source-3d-creation-tool-blender-with-1-2-million/

GameMode – A Tool To Improve Gaming Performance On Linux

https://www.ostechnix.com/gamemode-a-tool-to-improve-gaming-performance-on-linux/

A muggle’s guide to AWK arrays

https://www.datafix.com.au/BASHing/2019-07-12.html

 

EvilGnome 

https://www.bleepingcomputer.com/news/security/new-evilgnome-backdoor-spies-on-linux-users-steals-their-files/

0

SMLR 310 CAN_GOT_HAXXD

Posted by Tom Lawrence on July 7, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 310

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

https://www.raspberrypi.org/blog/raspberry-pi-4-on-sale-now-from-35/

 

https://arstechnica.com/information-technology/2019/06/the-raspberry-pi-4-launch-site-runs-on-a-pi-4-cluster/

 

Pine64 Smartphone

https://liliputing.com/2019/06/pinephone-149-linux-smartphone-could-support-ubuntu-sailfish-maemo-luneos-and-more.html

 

Public Administrations will have to carry out a comparative assessment before acquiring new software, which will favor open source solutions (including those reused by other administrations).

The development of new software and the purchase of proprietary software licenses must be justified.

All software developed on behalf of the Public Administration must be made available through open source in a publicly accessible repository and included in the Developers Italia catalog.

 

https://medium.com/team-per-la-trasformazione-digitale/open-source-guidelines-for-acquisition-reuse-software-in-italian-public-administration-d6d5997d3e51

 

19.10 ZFS 

https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-19.10-Experimental-ZFS

 

The GopenPGP library makes it easy to perform simple operations, such as encrypt, decrypt, sign and verify messages, manage keys, etc without having to deal with complicated cryptographic concepts. This high-level interface is compatible with go-mobile, a popular tool for building mobile apps written in Go.

https://protonmail.com/blog/openpgp-golang/

 

FreeBSD’s Release Engineering Lead Departs The Foundation

https://forum.netgate.com/topic/144403/freebsd-s-release-engineering-lead-departs-the-foundation-joins-netgate

 

Samba has been undergoing work to improve its performance on the large scale for organizations with 100,000+ users and over one hundred thousand computer objects and memberships. Samba 4.11 will be able to scale a hell of a lot better than previous releases due to performance improvements around reindexing, domain joins, LDAP server memory, custom LMBD map size, better batch operation support, better LDB search performance, better sub-tree rename performance, and other tuning to allow Samba to perform at massive scales. 

https://www.phoronix.com/scan.php?page=news_item&px=Samba-4.11-Features

 

Making Artificial Intelligence

Accessible To Everyone

 

https://www.acumos.org/

 

https://www.baturin.org/docs/iproute2/

 

LibreCAD is a free Open Source CAD application for Windows, Apple and Linux.

https://librecad.org/

 

I found a bug in OpenSSL! – https://github.com/openssl/openssl/issues/9187

 

Raspberry Pi4 is out

Firmware update to reduce power usage by 300mW and improve performance

https://www.pcgamer.com/if-you-bought-a-raspberry-pi-4-grab-this-firmware-update-to-improve-performance/

 

Latest Raspbian is built on Debian 10 “Buster” which has now been publicly released

https://www.debian.org/News/2019/20190706

  • 4.19 kernel
  • In this release, GNOME defaults to using the Wayland display server instead of Xorg
  • AppArmor, a mandatory access control framework for restricting programs’ capabilities, is installed and enabled by default.

 

Microsoft asks to join Linux distribution security contacts list

https://www.zdnet.com/google-amp/article/microsoft-asks-to-join-private-linux-security-developer-list/

This list’s purpose is to “report and discuss security issues that are not yet public (but that are to be made public no more than 14 days after being revealed to the group)”. Examples include Intel’s CPU Meltdown and Spectre security bugs would not have been discussed on linux-distros. Security issues that are already publicly discussed are handled in the OSS-Security mailing list.

 

  • Azure Sphere – for IoT devices
  • Windows Subsystem for Linux v2 aka WSLv2
  • Azure HDInsight
  • Azure Kubernetes Service

0

SMLR 309 We are all a ‘Bit’ off

Posted by Tom Lawrence on June 17, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 309

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

Exim Flaw

https://arstechnica.com/information-technology/2019/06/millions-of-machines-affected-by-command-execution-flaw-in-exim-mail-server/

 

Atari’s new VCS isn’t a console, but it isn’t quite a computer either, but it does run on Linux!

https://arstechnica.com/gaming/2019/06/ataris-new-vcs-isnt-a-console-but-it-isnt-quite-a-computer-either/

 

CERN Ditches Microsoft to ‘Take Back Control’ with Open Source Software

https://www.omgubuntu.co.uk/2019/06/cern-ditch-microsoft-open-source-malt

 

Enable Dynamic Transparency in Ubuntu 19.04

https://www.omgubuntu.co.uk/2019/04/how-to-re-enable-dynamic-transparency-on-the-ubuntu-19-04-desktop

 

New Kdenlive

https://kdenlive.org/en/2019/06/kdenlive-19-04-2-is-out/

 

New GIMP

https://www.gimp.org/news/2019/06/12/gimp-2-10-12-released/

 

SSD Benchmarks

https://www.phoronix.com/scan.php?page=article&item=30usd-ssd-benchmarks&num=6

 

https://keybase.io/encrypt#lawrencesystems

 

Jay

Ubuntu 18.04 LTS With Latest GNOME Update Now Plays Nicely For 120~144Hz Displays

https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-18.04-LTS-High-Refresh

 

KDE Plasma 5.16 Released With A Lot Of Polishing, File Manager Improvements

https://kde.org/announcements/plasma-5.16.0.php

 

This is Firefox’s Colourful New Logo (Yes, Another New Logo)

https://www.omgubuntu.co.uk/2019/06/mozilla-firefox-family-logo

 

Firefox Premium Coming Later This Year, But Will You Pay for It?

https://www.omgubuntu.co.uk/2019/06/firefox-premium-would-you-pay

 

Systemd Is Now Seeing Continuous Fuzzing By Fuzzit

https://www.phoronix.com/scan.php?page=news_item&px=Systemd-Fuzzing-Fuzzit

 

Regolith Linux is the i3 Ubuntu Spin You’ve Been Waiting For

https://www.omgubuntu.co.uk/2019/06/install-regolith-linux-i3-gaps-ubuntu

 

EndeavourOS Is Hoping To Be The Successor To Antergos – Convenient To Use Arch Linux

https://www.phoronix.com/scan.php?page=news_item&px=EndeavourOS-Announcement

 

Phil

https://distrotest.net/

On Distro Test you will find over 200 operating systems and ~670 versions of said operating systems which you can test online with just your browser.

 

https://www.linuxjournal.com/content/securing-kernel-stack

Kernel developer Elena Reshetova is working on an approach to randomize the kernel stack offset after every system call. Her plan is to obscure the trail left by the stack, so attackers can’t follow it or predict it. And, she recently posted some kernel patches to accomplish this.

 

https://www.oilshell.org/blog/2019/06/13.html

Oil is your upgrade path from bash. It’s the only language that shell / bash can be automatically translated to. Andy Chu details why replacing scripts with perl, python, ruby, etc isn’t always feasible. Check out this website for a very in depth and technical description

 

http://meetings-archive.debian.net/pub/debian-meetings/2019/miniconf-hamburg/lightning_talks_demos.webm

Debian will [probably] get PPA (personal package archives) according to Debian maintainer Alexander Wirt at the Mini Deb Conference in Hamburg, Germany. Skip ahead to 39m20s for the announcement.

Opera built in free VPN https://www.opera.com/computer/features/free-vpn

0

SMLR 308 Don’t Get Stung By The Wasp

Posted by Tom Lawrence on June 2, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 308

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

https://www.intezer.com/blog-hiddenwasp-malware-targeting-linux-systems/

grep sftp /etc/passwd

 

All of the current versions of Docker have a vulnerability that can allow an attacker to get read-write access to any path on the host server. The weakness is the result of a race condition in the Docker software and while there’s a fix in the works, it has not yet been integrated.

https://duo.com/decipher/docker-bug-allows-root-access-to-host-file-system

 

“One downside I think we should not forget is that GitHub is becoming a monopoly. With private repositories, the new package manager, and now a way to support creators, [GitHub is] trying to become indispensable, and I don’t think that’s a good thing,” he told LinuxInsider.

https://www.linuxinsider.com/story/GitHub-Opens-New-Door-to-Financial-Support-for-Open-Source-Devs-86042.html

 

Asus ZenScreen & USB-C

https://www.phoronix.com/scan.php?page=news_item&px=ASUS-ZenScreen-MB16AC-2019

 

Microsoft Becomes Master of Its Own Linux Kernel

https://www.linuxinsider.com/story/Microsoft-Becomes-Master-of-Its-Own-Linux-Kernel-86007.html

 

Ryzen 9 3900X $499 12 core / 24 thread

https://www.tomshardware.com/news/amd-third-gen-ryzen-7nm-launch-intel-cpu,39449.html

 

2FA ToTP Auth

https://gitlab.gnome.org/World/Authenticator

 

Foliate is an ePub eBook Reader8888

https://www.omgubuntu.co.uk/2019/05/foliate-ebook-reader-linux

 

Notepad++ in Linux

https://www.omgubuntu.co.uk/2019/05/install-notepad-in-ubuntu

 

Jay

Linux 5.1 Hit By A Data Loss Bug Due To Overly Aggressive FSTRIM

https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.1-FSTRIM-Bug

 

Linux Fix Pending For Borked Hibernation After Disabling Hyper Threading

https://www.phoronix.com/scan.php?page=news_item&px=Linux-Fix-Disable-HT-Hibernate

 

Linux 5.1.5 Kernel Fixes The Latest Data Corruption Bug

https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.1.5-Released

 

Ubuntu 19.10 Now Includes Proprietary Nvidia Drivers on the ISO

https://www.omgubuntu.co.uk/2019/05/ubuntu-19-10-nvidia-drivers-iso

 

System76 Is Making Progress On Open-Source Firmware For Their Laptops

https://www.phoronix.com/scan.php?page=news_item&px=System76-May-Firmware-Progress

 

Antergos Linux project has been discontinued

https://www.fosslinux.com/14859/antergos-linux-project-has-been-discontinued.htm

 

Fork: Endeavour, Antergos community’s next stage……..

https://forum.antergos.com/topic/11780/endeavour-antergos-community-s-next-stage

 

Tony

———–

 

0

SMLR 307 Night of The Living Daemon

Posted by Tom Lawrence on May 20, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 307

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

South Korea will ditch Microsoft Windows for Linux
https://betanews.com/2019/05/18/korea-linux/

 

List of Linux adopters

https://en.wikipedia.org/wiki/List_of_Linux_adopters

 

The attacks can be launched with the help of specially crafted TCP packets sent to vulnerable Linux boxes which can trigger use-after-free errors and enable the attackers to execute arbitrary code on the target system.

 

The remotely exploitable vulnerability has been assigned a 8.1 high severity base score by NIST’s NVD, it is being tracked as CVE-2019-11815 (Red Hat, Ubuntu, SUSE, and Debian) and it could be abused by unauthenticated attackers without interaction from the user.

https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/

 

Nextcloud 16 introduces machine learning based security and usability features, ACL permissions and cross-app projects

https://nextcloud.com/blog/nextcloud-16-introduces-machine-learning-based-security-and-usability-features-acl-permissions-and-cross-app-projects/

 

History of the OwnCloud to NextCloud Fork

https://media.libreplanet.org/u/libreplanet/m/why-i-forked-my-own-project-and-my-own-company-31c3/

 

Six more devices from ThinkPenguin, Inc. now FSF-certified to Respect Your Freedom

https://www.fsf.org/news/six-more-devices-from-thinkpenguin-inc-now-fsf-certified-to-respect-your-freedom

 

Linux Kernel’s Perf Now Supports Zstd-Compressed Trace Recording

https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.2-Compressed-Perf

 

ZombieLoad

https://www.phoronix.com/scan.php?page=news_item&px=MDS-Zombieload-Initial-Impact

 

PineBook

https://liliputing.com/2019/05/pinebook-pro-update-the-199-linux-laptop-is-almost-ready-to-go.html

=====================================================

Tony

 

It’s not just Huawei. Trump’s new tech sector order could ripple through global supply chains.

https://www.washingtonpost.com/politics/2019/05/18/its-not-just-huawei-trumps-new-tech-sector-order-could-ripple-through-global-supply-chains/?noredirect=on&utm_term=.e85ef78273d8

 

Executive Order on Securing the Information and Communications Technology and Services Supply Chain

https://www.whitehouse.gov/presidential-actions/executive-order-securing-information-communications-technology-services-supply-chain/

 

Ann Arbor Tech Trak – June 7, 2019

https://a2tech360.com/events/tech-trek/

 

Hack:A2 – June 8, 2019

https://a2tech360.com/events/hacka2/

Jay

Next Generation Plasma Notifications

https://blog.broulik.de/2019/05/next-generation-plasma-notifications

 

Tilix Terminal Emulator Needs a New Maintainer

https://www.omgubuntu.co.uk/2019/05/tilix-terminal-emulator-new-maintainer

 

Mozilla Had A Rough Night With Add-Ons Getting Disabled Due To An Expired Certificate

https://www.phoronix.com/scan.php?page=news_item&px=Firefox-Add-Ons-Cert-Expired

 

===============================

Phil

What is a zombie process?

https://www.howtogeek.com/119815/htg-explains-what-is-a-zombie-process-on-linux/

 

Centos8 build cycle and status

https://wiki.centos.org/About/Building_8

 

FCC to combat robocalls (finally wow, great job team, /sarcasm)

https://www.fcc.gov/about-fcc/fcc-initiatives/fccs-push-combat-robocalls-spoofing

 

https://letsencrypt.org/2019/05/15/introducing-oak-ct-log.html

Today we are announcing a new Certificate Transparency log called Oak. The Oak log will be operated by Let’s Encrypt and all publicly trusted certificate authorities will be welcome to submit certificates.

 

Certificate Transparency (CT) is a system for logging and monitoring certificate issuance. It greatly enhances everyone’s ability to monitor and study certificate issuance, and these capabilities have led to numerous improvements to the CA ecosystem and Web security. As a result, it is rapidly becoming critical Internet infrastructure. Let’s Encrypt accelerated the adoption of CT by logging every certificate since we started issuing in 2015 – approximately half a billion certificates at this point.

 

Microarchitectural Data Sampling “MDS” vulnerabilities now known more commonly as Zombieload

https://www.phoronix.com/scan.php?page=article&item=mds-zombieload-mit&num=1

 

0

SMLR 306 Recording at Penguicon 2019

Posted by Tom Lawrence on May 9, 2019 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 306

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

0

SMLR 305 Wooden Proxy Mouse

Posted by Tom Lawrence on April 29, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 305

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

GNOME Devs Mull Making Dedicated System Info Tool

https://www.omgubuntu.co.uk/2019/04/does-gnome-need-a-dedicated-system-info-tool

 

Docker Hub Security Breach details, signs/hints

https://forums.docker.com/t/docker-hub-security-breach-details-signs-hints/73850

 

Some tips for checking your Docker for issues related to the breach

https://blog.madhuakula.com/some-tips-to-review-docker-hub-hack-of-190k-accounts-addcd602aade

 

New Netdata

https://my-netdata.io/

https://www.reddit.com/r/linuxadmin/comments/bhdmyy/netdata_the_opensource_realtime_performance_and/

 

Fanless mini-tower runs Linux Mint on up to 5GHz octa-core i9-9900K

http://linuxgizmos.com/fanless-mini-tower-runs-linux-mint-on-up-to-5ghz-octa-core-i9-9900k/

 

NVIDIA GeForce GTX 1650 Linux Gaming Performance & Benchmarks

https://www.phoronix.com/scan.php?page=article&item=nvidia-gtx1650-linux&num=1

 

Periodic reminder that you DRM means you don’t really own eBooks, movies, or other content (Microsoft’s eBook store is shutting down)

https://liliputing.com/2019/04/periodic-reminder-that-you-drm-means-you-dont-really-own-ebooks-movies-or-other-content-microsofts-ebook-store-is-shutting-down.html

 

THE LINUX DESKTOP IS IN TROUBLE!

Linus Torvalds looks to Chromebooks and Android for the future of the Linux desktop, while Linux Mint developers aren’t happy with each other.

https://www.zdnet.com/article/the-linux-desktop-is-in-trouble/

 

Top 15 Open source Video conference and Team communication solutions for Windows, Linux, Mac OSX and Phones

https://medevel.com/10-os-video-conferencing/

 

HealthyPi is the first fully open-source, full-featured vital sign monitor. Using the Raspberry Pi as its computing and display platform, the HealthyPi add-on HAT turns the Raspberry Pi into a vital sign monitoring system.

http://healthypi.protocentral.com/

 

Phil

https://www.zdnet.com/article/docker-hub-hack-exposed-data-of-190000-users/

 

Matrix.org Data Breach and Remediation Round Up

https://securityaffairs.co/wordpress/83751/data-breach/matrix-org-hack.html

According to Matrix.org, the attacker has exploited a known vulnerability in the Jenkins open source automation server to hijack credentials and gain access to the systems of the organization. Homeservers, source code and packages, identity servers, and Modular.im servers were not impacted.

“An attacker gained access to the servers hosting Matrix.org. The intruder had access to the production databases, potentially giving them access to unencrypted message data, password hashes and access tokens. As a precaution, if you’re a matrix.org user you should change your password now.” reads the data breach notification published by Matrix.org.

 

The attacker used a cloudflare API key to repoint DNS for matrix.org to a defacement website (https://github.com/matrixnotorg/matrixnotorg.github.io). The API key was known compromised in the original attack, and during the rebuild the key was theoretically replaced. However, unfortunately only personal keys were rotated, enabling the defacement.

 

https://web.archive.org/web/20190412080323/https://github.com/matrix-org/matrix.org/issues/created_by/matrixnotorg

 

Block List Project

https://blocklist.site/app/

The Block List Project is an independent project with growing support. Their mission is to help create a safer browsing experience by blocking malicious websites.

 

Open Sprinkler

https://opensprinkler.com/

Keeping your lawn and flowers beautiful doesn’t have to be stressful. OpenSprinkler unchains you from your sprinkler or irrigation control box, enabling you to program, run, or stop zones at any time from anywhere.

 

OpenSprinkler Pi is an extension board for Raspberry Pi and allows the operator to directly access and control sprinkler valves.

 

Jay

Ubuntu 14.04 Reaches End of Life on April 30

https://www.omgubuntu.co.uk/2019/04/ubuntu-14-04-end-of-life

 

The End of Scientific Linux

https://lwn.net/Articles/786422/

 

Cross Generation Gaming, new episodes every Sunday

http://crossgengaming.tv

 

————————————-

 

Tony

 

Penguicon

https://2019.penguicon.org/

Penguicon Schedule

https://penguicon2019.sched.com

Search Sunday Morning, Tony Bemus, Jay LaCroix, or Tom Lawrence

 

X2Go vs Nomachine vs Remote desktop softwares:

https://en.wikipedia.org/wiki/Comparison_of_remote_desktop_software

GNU Stow: simlink your dot files:

https://www.gnu.org/software/stow/stow.html

Managing dotfiles with GNU stow

https://alexpearce.me/2016/02/managing-dotfiles-with-stow/

 

Copyright © 2011-2019 Sunday Morning Linux Review All rights reserved.
This site is using the Desk Mess Mirrored theme, v2.5, from BuyNowShop.com.