0

SMLR 321: Stay 127.0.0.1

Posted by Tom Lawrence on March 27, 2020 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 321

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

News

[Tom]

Use of proprietary software is ‘plummeting’, finds Red Hat report

https://www.redhat.com/en/enterprise-open-source-report/2020

 

[Phil] Protect our Speech and Security Online: Reject the Graham-Blumenthal Bill

https://act.eff.org/action/protect-our-speech-and-security-online-reject-the-graham-blumenthal-bill

Members of Congress have mounted a major threat to your freedom of speech and security online. Senators Lindsey Graham (R-SC) and Richard Blumenthal (D-CT) recently introduced a bill that would undermine key protections for Internet speech in U.S. law. It would also expose providers of the private messaging services we all rely on to serious legal risk, potentially forcing them to undermine their tools’ security.

 

  • The Eliminating Abusive and Rampant Neglect of Interactive Technologies Act (EARN IT Act) would create incentives for companies to “earn” liability protection for violations of laws related to online child sexual abuse material.
  • It’s basically FOSTA/SESTA from 2018 
  • The so-called EARN IT Act (Senate bill 3398) is anti-speech, anti-security, anti-innovation, and unnecessary.

 

[Tom] Cloud’s Full

https://www.theregister.co.uk/2020/03/24/azure_seems_to_be_full/

Customers of Microsoft’s Azure cloud are reporting capacity issues such as the inability to create resources and associated reliability issues.

 

Outage-tracking website Down Detector shows quite a few reports about UK Azure issues today, yet the official Azure Status page is all green ticks. The inability to provision resources does not count as an outage as such – though it is more than an annoyance since it is not always feasible to create the resource in an alternative Azure region. Some types of resource have to be same region in order to work correctly without a lot of reconfiguration.

 

[Tom]

GIMP 2.10.18 Released, Includes New 3D Transform Tool

https://www.omgubuntu.co.uk/2020/02/gimp-2-10-18-arrives-with-major-changes-including-a-new-3d-transform-tool

 

[Jay] Ubuntu Data Collection Report is Out! Read the Interesting Facts

https://itsfoss.com/ubuntu-data-collection-stats/

  • Average Ubuntu install takes 18 minutes: Take that Windows 10 Update
  • Not many dual boots only 7.8%, even less encrypt the disk, only 3.8%
  • USA has the most number of users followed by Brazil, India, China and Russia.

 

[Tony]

Diagram with anyone, anywhere.

diagrams.net is open source, online, desktop and container deployable diagramming software

https://www.diagrams.net/

 

[Tom]

Pet the cat, own the bathrobe: Linus Torvalds on working from home

https://www.zdnet.com/article/pet-the-cat-own-the-bathrobe-linus-torvalds-on-working-from-home/#ftag=RSSbaffb68

Torvalds admits that when he started, “I worried about missing human interaction — not just talking to people in the office and hallways, but going out to lunch etc. It turns out I never really missed it.”

 

[Phil] Let’s Encrypt CAA Rechecking Bug aka the mass revocation event

https://letsencrypt.org/caaproblem/

  • What is CAA?
    • CAA is a type of DNS record that allows site owners to specify which Certificate Authorities (CAs) are allowed to issue certificates containing their domain names. It was standardized in 2013 by RFC 6844 to allow a CA “reduce the risk of unintended certificate mis-issue.” By default, every public CA is allowed to issue certificates for any domain name in the public DNS, provided they validate control of that domain name. That means that if there’s a bug in any one of the many public CAs’ validation processes, every domain name is potentially affected. CAA provides a way for domain holders to reduce that risk.
  • BR §3.2.2.8
    • As part of the issuance process, the CA MUST check for CAA records and follow the processing instructions found, for each dNSName in the subjectAltName extension of the certificate to be issued, as specified in RFC 6844. If the CA issues a certificate, they MUST do so within the TTL of the CAA record, or 8 hours, whichever is greater.
  • The bug: 
    • When a certificate request contained N domain names that needed CAA rechecking, Boulder would pick one domain name and check it N times. What this means in practice is that if a subscriber validated a domain name at time X, and the CAA records for that domain at time X allowed Let’s Encrypt issuance, that subscriber would be able to issue a certificate containing that domain name until X+30 days, even if someone later installed CAA records on that domain name that prohibit issuance by Let’s Encrypt.
  • Impact:
    • 2.6% active certificates that were potentially affected by the bug, totalling approximately 3 million certificates 
  • What did we do and what was our decision:
    • Notifications were sent out to subscribers as fast as possible at the time 
    • 1.7 million affected certificates were replaced in less than 48 hours
    • We chose to not revoke the remaining 1+ million certificates there were not renewed. Those remaining 1+ million certificates are evaluated weekly, some are revoked, and some will naturally expire due to the 90 day life times.
  • What does this mean? Should you trust Let’s Encrypt?
    • That’s really up to you. It’s definitely worth reading the post-mortem and minute by minute playback on the community forum.

 

[Tony]

Penguicon 2020 Has been Canceled

https://2020.penguicon.org/2020/03/canceled/ 

 

[Tony]

Coronavirus Impact: Can We Run Out of the Internet Because of People Working From Home?

https://gadgets.ndtv.com/internet/news/coronavirus-impact-can-we-run-out-of-the-internet-because-of-people-working-from-home-2199980 

 

US Government Sites Give Bad Security Advice

https://krebsonsecurity.com/2020/03/us-government-sites-give-bad-security-advice/ 

 

Track Coronavirus Disease 2019 (COVID-19) Statistics From Commandline

https://www.ostechnix.com/track-coronavirus-disease-2019-covid-19-statistics-from-commandline/

 

https://www.ostechnix.com/track-coronavirus-disease-2019-covid-19-statistics-from-commandline/

 

0

SMLR 320: Rtcwake

Posted by Tom Lawrence on February 9, 2020 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 320

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

 

(Tom) Wireguard is in the linux kernel 5.6 https://www.zdnet.com/article/at-long-last-wireguard-vpn-is-on-its-way-into-linux/ 

  • It is a layer 3 secure VPN. Unlike its older rivals, which it’s meant to replace, its code is much cleaner and simple. The result is a fast, easy-to-deploy VPN.
  • Linus Torvalds wrote, “I’m 1000% with Jason on this. The crypto/ model is hard to use, inefficient, and completely pointless when you know what your cipher or hash algorithm is, and your CPU just does it well directly.”
  • WireGuard works by securely encapsulates IP packets over UDP. It’s authentication and interface design has more to do with Secure Shell (SSH) than other VPNs. You simply configure the WireGuard interface with your private key and your peers’ public keys, and you’re ready to securely talk.

 

(Tom) Lenovo is offering Linux servers

https://www.lenovo.com/us/en/think-workstations/thinkstation-p-series-towers/ThinkStation-P520/p/33TS3TPP520

 

(Tony) Ubuntu Touch is Shaping Up Nicely on the PinePhone [Video]

https://www.omgubuntu.co.uk/2020/01/ubuntu-touch-on-the-pinephone-is-coming-along-nicely

 

(Phil) The Let’s Encrypt Oak CT log is now included in Google Chrome version 78 and Apple Safari!

https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/m4sHsUBq0i0

  • Certificate Transparency is an Internet security standard and open source framework for monitoring and auditing digital certificates.
  • Usable by all publicly-trusted certificate authorities.
  • Let’s Encrypt owns their own uptime

 

(Tom) LibreOffice 6.4 Released, This is What’s New

https://www.omgubuntu.co.uk/2020/01/libreoffice-6-4-released-new-features

QR code generator

App icons in Start Center

Automatic redaction

Faster help system

Table panel added to the Writer sidebar

Comments can be marked as resolved

Combine multiple text boxes into one in Draw, Impress

Sifr icon theme now supports large sizing

Checkbox to enable/disable sending crash reports

 

(Tony) Systemd is changing how home directories are managed in systemd v245

https://systemd.io/HOME_DIRECTORY/ 

  • Systemd-homed has been merged as the latest (optional) fundamental change to Linux distributions in how home directories are handled.
  • Systemd-homed makes it easier to support migratable home directories, more self containment within home directories, better password and encryption handling, and other modern Linux home directory features.
    • LUKS encrypted volumes, mounting home directories from a CIFS server, FSCRYPT encryption, Btrfs sub-volume handling, and making use of JSON-formatted user records. 

 

(Phil) XCP-ng  is officially joining the Xen Project, an open source hypervisor hosted at the Linux Foundation. https://xcp-ng.org/blog/2020/01/28/xcp-ng-join-the-linux-foundation/ 

  • Xen Project is a recognition that XCP-ng is, de facto, the Open Source Xen hypervisor distribution. 
  • Joining the Xen Project won’t change the XCP-ng Project very much. They will continue to invest resources for innovation and are still recruiting 6 new developers in 2020.
  • We can expect more involvement in the Xen Project itself to improve each layer of the XCP-ng Project.

(Tom) Linus Torvalds says “Don’t use ZFS”—but doesn’t seem to understand it

Linus should avoid authoritative statements about projects he’s unfamiliar with.

https://arstechnica.com/gadgets/2020/01/linus-torvalds-zfs-statements-arent-right-heres-the-straight-dope/

 

(Tony) Emotet Hacks Nearby Wi-Fi Networks to Spread to New Victims

https://www.bleepingcomputer.com/news/security/emotet-hacks-nearby-wi-fi-networks-to-spread-to-new-victims/

  • discover wireless networks around an already infected Wi-Fi-enabled computer and attempting to brute-force

 

(Phil) Shellcheck 8 year retrospective https://www.vidarholen.net/contents/blog/?p=859

  • ShellCheck is a static analysis tool that points out common problems and pitfalls in shell scripts.
  • ShellCheck is generally considered a shell script linter, but it actually started life in 2012 as an IRC bot (of all things!) on #bash@Freenode. It’s still there and as active as ever.
  • Since ShellCheck was a hobby project that wasn’t intended to run on random people’s machines, the developer could completely ignore popularity, familiarity, and practicality, and pick the language that was the most fun and interesting. That language is Haskell.
  • Lot’s of what I would have done differently. It’s worth a read.

 

(Tom) Troll Hunter – Mycroft’s Position on Patent Trolls

Patent trolls get paid because short-sighted companies make the decision to pay.  Simply put, it is usually cheaper in the short run to pay a troll than it is to litigate.  It is also cheaper to give a schoolyard bully your lunch money than it is to visit a doctor.  The thing is, once you pay the bully, he’ll just come back again and again and again. Eventually, that lunch money adds up to a lot more than a doctor’s visit.  In the long run the best way to deal with a bully is to punch him square in the face. You might take a beating, but if you do it every time? The bully will find easier prey.

 

https://mycroft.ai/blog/troll-hunter-mycrofts-position-on-patent-trolls/

 

(Tony) SATA HATs support up to four drives on Raspberry Pi 4 or Rock Pi 4

http://linuxgizmos.com/sata-hats-support-up-to-four-drives-on-raspberry-pi-4-or-rock-pi-4/ 

  • RPI NAS vs Mini ITX NAS

0

SMLR 319: Happy GNU Year

Posted by Tom Lawrence on January 5, 2020 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 319

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

WireGuard Sends Out Latest Patch Revision In Preparing For Linux 5.6

https://www.phoronix.com/scan.php?page=news_item&px=WireGuard-Net-Next-5.6-Prep

 

Krita Receives Epic MegaGrant

https://krita.org/en/item/krita-receives-epic-megagrant/

 

Below are 10 of Ubuntu’s most defining moments from the past decade.

https://www.omgubuntu.co.uk/2019/12/ubuntu-defining-moments-2010s

 

Canonical Sponsors WSLConf, Microsoft’s First Linux Conference

https://www.omgubuntu.co.uk/2019/12/canonical-sponsors-wslconf-microsofts-first-linux-conference

 

Purism Announce $1999 ‘Librem 5 USA’ — Same Librem 5, Just Made in America

https://www.omgubuntu.co.uk/2019/12/purism-announce-1999-librem-5-usa-same-librem-5-just-made-in-america

 

New Linux Vulnerability Lets Attackers Hijack VPN Connections

https://www.bleepingcomputer.com/news/security/new-linux-vulnerability-lets-attackers-hijack-vpn-connections/

 

DRM-Free Kindle Alternative
https://github.com/joeycastillo/The-Open-Book

 

VirtualBox 6.1 Debuts with Linux 5.4 Support, Accelerated Video Playback

https://www.omgubuntu.co.uk/2019/12/virtualbox-6-1-released-new-features

 

Kdenlive 19.12 is out

https://kdenlive.org/en/2019/12/kdenlive-19-12-0-is-out/

 

Unbound DNS Resolver undergoes code audit

https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/

 

Home Automation projects 

https://iot.mozilla.org/ 

https://www.openhab.org 

https://smarthome.university/ 

 

ReSpeaker RPi 

https://www.seeedstudio.com/ReSpeaker-4-Mic-Array-for-Raspberry-Pi.html 

https://www.amazon.com/seeed-Studio-ReSpeaker-4-Mic-Raspberry/dp/B076SSR1W1

0

SMLR 318: Mad About MP3

Posted by Tom Lawrence on December 2, 2019 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 318

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

http://www.linux-magazine.com/Online/News/System76-To-Design-And-Build-Laptops-In-House

 

New Kernel 5.4
mainline Linux support for the Qualcomm Snapdragon 855‘s reference board. Sadly, no products using this particular chipset are currently supported, but a solid foundation towards that ability is now in place.

 

A bunch of ARM-based laptops running the Snapdragon 835 SoC are supported by Linux 5.4, including the ASUS NovaGo, HP Envy X2 and the Lenovo Miix 630.

 

Support for the Lenovo Yoga C360, based on the Snapdragon 850 SoC, also features.

 

https://www.omgubuntu.co.uk/2019/11/linux-5-4-kernel-release-features

 

Anonymous pings. When using Zorin OS, your computer may occasionally send us a ping which includes an anonymous unique identifier for your computer. We use this information to count the number of active users of Zorin OS. The unique identifier does not identify you, unless you (or someone acting on your behalf) discloses it separately.

 

You may choose to disable these pings by uninstalling the “zorin-os-census” package from your computer.

https://zorinos.com/legal/privacy/

 

Kdenlive 19.12 Beta

New audio mixer

Bin monitor redesign

Performance and usability improvements

Many Windows fixes

Master effects

Re-implement scrolling trough compositions.

https://kdenlive.org/en/2019/11/kdenlive-19-12-beta/

 

Threadripper 3960X and Threadripper 3970X absolutely dominate in performance.

When it came to the geometric mean for 111 benchmarks ran for this article, the Threadripper 3960X delivered a 22% advantage over the i9-10980XE while the Threadripper 3970X delivered a 37% advantage.

https://www.phoronix.com/scan.php?page=article&item=amd-linux-3960x-3970x&num=1

 

https://linuxsecurity.com/features/features/nextcry-ransomware-targets-nextcloud-linux-servers-and-remains-undetected

 

Tony

 

Humble Book Bundle Cyber Security

https://www.humblebundle.com/books/cybersecurity-2019-packt-books 

 

110 Nursing Homes Cut Off from Health Records in Ransomware Attack

https://krebsonsecurity.com/2019/11/110-nursing-homes-cut-off-from-health-records-in-ransomware-attack/ 

 

Cybertruck pulls F-150 uphill

https://twitter.com/elonmusk/status/1198751258384818176

 

0

SMLR 317: Ohio Linux Fest Recap

Posted by Tom Lawrence on November 10, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 317

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

PinePhone Release Date & Price

PinePhone: Everything You Need to Know About This Linux Phone

sudo snap install kdenlive
Kdenlive is Now Available on the Snap Store

Kdenlive is Now Available on the Snap Store

Urgent security issue in NGINX/php-fpm

Urgent security issue in NGINX/php-fpm

Roadmap for Ubuntu official support for the Raspberry Pi 4
https://ubuntu.com/blog/roadmap-for-official-support-for-the-raspberry-pi-4

On August 7, 2019, Linux Journal shut its doors for good. All staff were laid off and the company is left with no operating funds to continue in any capacity.
https://web.archive.org/web/20190812013229/https://www.linuxjournal.com/content/linux-journal-ceases-publication-awkward-goodbye

Google Open Sources Cardboard
https://developers.googleblog.com/2019/11/open-sourcing-google-cardboard.html

Microsoft: Defender ATP Is Coming To Linux In 2020

Microsoft: Defender ATP is coming to Linux in 2020

The GNOME Foundation has taken the extraordinary step of not just defending itself against a patent troll but to aggressively go after them. This is an important battle. Let me explain.

Let’s fight back against patent trolls

GNOME Patent Troll Defense Fund
https://secure.givelively.org/donate/gnome-foundation-inc/gnome-patent-troll-defense-fund

Calling all Tesla owners: let’s discuss the source code for the GPLed parts of your car!
https://sfconservancy.org/blog/2019/oct/30/calling-all-tesla-owners/

OpenSource Krita Artists forums
https://krita-artists.org/


Tony:
Netflix Optimized FreeBSD’s Network Stack More Than Doubled AMD EPYC Performance
https://www.phoronix.com/scan.php?page=news_item&px=Netflix-NUMA-FreeBSD-Optimized

Avast, NordVPN Breaches Tied to Phantom User Accounts
https://krebsonsecurity.com/2019/10/avast-nordvpn-breaches-tied-to-phantom-user-accounts/

0

SMLR 316: Interview with Ohio Linux Fest

Posted by Tom Lawrence on October 21, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 316

Learn More at https://ohiolinux.org/

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

 

0

SMLR 315 The whale in the room

Posted by Tom Lawrence on October 6, 2019 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 315

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

GNOME Foundation is Being Sued Because of Shotwell Photo Manager

https://itsfoss.com/shotwell-lawsuit/

 

11 Mini PCs That Come With Linux Pre-installed

https://itsfoss.com/linux-based-mini-pc/

 

Oracle demands $12K from network biz that doesn’t use its software

https://www.theregister.co.uk/AMP/2019/10/04/oracle_virtualbox_merula/

 

The Docker ship needs funding to stay afloat  

https://www.cnbc.com/2019/09/27/docker-is-trying-to-raise-money-following-arrival-of-ceo-rob-bearden.html

 

Krita is now for sale on Steam for Linux!

https://steamcommunity.com/games/280680/announcements/detail/1602641040266097544

https://www.reddit.com/r/linux/comments/d2ic2e/krita_is_now_for_sale_on_steam_for_linux/

 

German ministry hellbent on taking back control of ‘digital sovereignty’, cutting dependency on Microsoft

‘Pain points’ include data collection, lock-in and uncontrollable costs

https://www.theregister.co.uk/2019/09/19/german_government_report_digital_sovereignty/

 

New Video Demo of the Librem 5 Shows That …It Actually Works Okay?!

https://www.omgubuntu.co.uk/2019/09/librem-5-aspen-video-demo

 

Huawei MateBook laptops now come with Linux

https://www.techradar.com/in/news/huawei-matebook-laptops-now-come-with-linux

 

What’s inside a Facebook Datacenter Open Compute Rack?

https://youtu.be/2l6gI-ksdKs

 

Moving Firefox to a faster 4-week release cycle

https://hacks.mozilla.org/2019/09/moving-firefox-to-a-faster-4-week-release-cycle/

Moving Firefox to a faster 4-week release cycle

At Oracle OpenWorld 2019, tucked away in the Oracle Code One area, the company had something unique: a 1060 Raspberry Pi 3 B+ cluster it calls the Raspberry Pi Supercomputer.

https://www.servethehome.com/oracle-shows-1060-raspberry-pi-supercomputer-at-oow/

 

“Microsoft Linux Conference” — three words you probably thought you’d ever hear together but you just have, and it’s happening next March.

https://www.omgubuntu.co.uk/2019/09/microsoft-linux-conference-wslconf-march-2020

 

Must Read: PineTime is a $25 Linux-friendly Smartwatch, Coming Next Year (Updated)

https://www.omgubuntu.co.uk/2019/09/pinetime-linux-smartwatch

 

Your own internal ACME compatible Certificate Authority!

https://smallstep.com/blog/private-acme-server/

 

Raspberry Pi 

https://github.com/ccrisan/motioneyeos

 

Calibre 4.0 is out now for GNU/Linux, macOS, and Windows

https://news.softpedia.com/news/calibre-open-source-ebook-management-app-gets-major-release-after-two-years-527701.shtml 

 

Pine64 Is Making a $25 Linux Smartwatch

https://www.pcmag.com/news/370763/pine64-is-making-a-25-linux-smartwatch

0

SMLR 314 Let’s Talk About Pie

Posted by Tom Lawrence on September 9, 2019 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 314

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

Tom

 

Microsoft is Bringing exFAT to the Linux Kernel (And No-One’s Getting Sued) Microsoft has announced that it’s bringing exFAT support to the Linux kernel, with code contributed licensed under GPLv2.

https://www.omgubuntu.co.uk/2019/08/microsoft-is-bringing-exfat-to-the-linux-kernel

 

Dell made an index for their Linux Workstations and Laptops 

www.Dell.com/linux 

 

ARM-Powered Lenovo Yoga C630 Laptop To See Better Support With Linux 5.4

https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.4-Yoga-C630-Lenovo-ARM

 

How to Install Shutter Screenshot Tool in Ubuntu 19.04

https://itsfoss.com/install-shutter-ubuntu/

 

Ubuntu 19.10 Planned Features

https://www.omgubuntu.co.uk/2019/05/ubuntu-19-10-release-features

And the biggest single change in Ubuntu 19.10 is the decision to include NVIDIA drivers on the ISO install image.
Theme support for Snap apps

Ubuntu Dock trash & external drive icons

Updated Yaru GTK Theme

Guest Session support in login screen

Fwupd available as a Snap (Firmware Updater)

Experimental ZFS file system install option

 

WireGuard Releases New Snapshot While Not Expected For Linux 5.4 Mainline

https://www.phoronix.com/scan.php?page=news_item&px=WireGuard-0.0.20190905

 

Python is eating the world: How one developer’s side project became the hottest programming language on the planet

https://www.techrepublic.com/article/python-is-eating-the-world-how-one-developers-side-project-became-the-hottest-programming-language-on-the-planet/

 

An Overview of Intel’s Clear Linux, its Features and Installation Procedure
Clear Linux is a product of Intel’s Open Source Technology Center focusing mainly on the cloud. It’s not your regular general-purpose Linux distributions, but a distribution that mostly suits various cloud use cases leveraging the best of Intel’s hardware and architecture. There are better power management and performance optimizations along with various other features.

https://itsfoss.com/clear-linux/

 

8-Way Linux Distribution Benchmarks On The AMD EPYC 7742 2P Server

https://www.phoronix.com/scan.php?page=article&item=8way-amd-rome&num=1

When taking the geometric mean from the dozens of tests carried out successfully on all eight Linux distributions under test, Intel’s Clear Linux was still the fastest distribution tested on this AMD EPYC 7742 2P “Rome” server.

 

Phil

Pre-show discussion: Does a package mirror exist that transmits data via the torrent protocol rather than http(s)?

 

PPPoE = Point-to-Point Protocol over Ethernet. It is used mainly with DSL services where individual users connect to a DSL modem over Ethernet.

 

Rebuilt my barn radio https://philporada.com/imgs/barn-radio.jpg

 

Rebuilt my firewall

https://www.pcengines.ch/apu4c4.htm

4GB DDR3 ECC Ram

1 GHz quad Jaguar core with 64 bit and AES-NI support

4Gig-E ports

 

Deployed plex on my _old_ firewall https://hub.docker.com/r/plexinc/pms-docker/

 

https://www.satellitetoday.com/imagery-and-sensing/2019/09/05/sstl-releases-raspberry-pi-camera-image-and-video/

Surrey Satellite Technology today released an image and video of the Earth captured from Low-Earth Orbit by a Raspberry Pi camera and computer on board a satellite launched on a Soyuz rocket in July 2019.

 

The image includes the coasts of France, Belgium, The Netherlands and Germany with Denmark and is believed to be the first acquired in low earth orbit by a commercial off-the-shelf Raspberry Pi camera.

 

https://nvd.nist.gov/vuln/detail/CVE-2019-15846

Exim RCE THIS IS BAD

Exim is a popular MTA – mail transfer agent. An MTA directly receives SMTP from a client.

 

The SMTP Delivery process in all versions up to and including Exim 4.92.1 has a Buffer Overflow.  In the default runtime configuration, this is exploitable with crafted Server Name Indication (SNI) data during a TLS negotiation. In other configurations, it is exploitable with a crafted client TLS certificate. Not currently on https://github.com/google/oss-fuzz and it needs to be because Exim is written in C.

 

https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/

In 2017, Mozilla began working on the DNS-over-HTTPS (DoH) protocol. The key findings from this study were to determine how Mozilla could best deploy DoH, honor enterprise configuration and respect user choice about parental controls.

 

Mozilla plans to gradually roll out DNS-over-HTTPS in the USA starting in late September. The plan is to slowly enabling DoH for a small percentage of users. If this goes well, Mozilla will announce when they’re ready for 100% deployment.

 

https://www.zdnet.com/article/free-software-advocate-richard-stallman-spoke-at-microsoft-research-this-week/

Richard Stallman spoke at Microsoft Research this week

A day later, everyone’s seemingly alive but Windows still isn’t ‘free.’

The main topics of the discussion are the continued importance of free software, GPL v3, GNU vs. Linux. Stallman stated that “he had a list of ‘small requests’: make Github push users to better software license hygiene, make hardware manufacturers to publish their hardware specs, make it easier to workaround Secure Boot.”

 

If you’re wondering whether Stallman’s distaste for Microsoft has lessened over the years, his personal home page makes it clear that it has not. The front and center of his main page is a list of “Reasons not to use Microsoft.” The list is current, and includes “Microsoft recorded users of Xboxes and had human workers listen to the recordings,” and “Microsoft tricked users into ‘upgrading’ to Windows 10.'” 

At one point he did state “Sometimes there is a use for windows.”

 

Tony

——————

 

FiftyOneFifty passed away on 9/5/2019,  No details as of now but he will be missed.

 

Android Q/10 released

https://www.techradar.com/news/android-q 

 

0

SMLR 313 Detroit Linux

Posted by Tom Lawrence on August 25, 2019 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 313

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

Triva: 28 year ago today Linus posted in a thread “What would you like to see most in minix?

“just a hobby, won’t be big and professional like gnu”

https://groups.google.com/forum/#!msg/comp.os.minix/dlNtH7RRrGA/SwRavCzVE7gJ

 

Ubuntu 18.04.3 LTS Arrives with Linux Kernsigel 5.0

https://www.omgubuntu.co.uk/2019/08/ubuntu-18-04-3-point-release

 

Japanese anime studio Khara moving to Blender

https://www.blender.org/user-stories/japanese-anime-studio-khara-moving-to-blender/

 

Blender and Next Gen: a Netflix Original

https://www.blender.org/conference/2018/presentations/467

 

When looking at the geometric mean for all the CPU-based renderer tests run for this article, the AMD EPYC 7742 2P server was delivering about 78% better performance than the dual Intel Xeon Platinum 8280 server and similarly for the previous-gen EPYC 7601 performance. Making the EPYC Rome processors even more compelling for render farms is the EPYC 7742 costs less than the Xeon Platinum 8280 and in general more favorite pricing than Cascade Lake at current retail prices.

https://www.phoronix.com/scan.php?page=article&item=blender-epyc-7742&num=3

 

CutiePie is an 8-inch open-source tablet built on top of Raspberry Pi. For now, it is just a working prototype which they announced on Raspberry Pi forums.

https://itsfoss.com/cutiepi-open-source-tab/

 

Knoppix 8.6 Released – This Original Linux Live Distro Now Based On Debian Buster

https://www.phoronix.com/scan.php?page=news_item&px=Knoppix-8.6-Released

 

Over the past few months, System76 has been developing a simple, easy-to-use tool for updating firmware on Pop!_OS and System76 hardware. Today, we’re excited to announce that you can now check and update firmware through Settings on Pop!_OS, and through the firmware manager GTK application on System76 hardware running other Debian-based distributions.

https://blog.system76.com/post/187072707563/the-new-firmware-manager-updating-firmware-across

 

Linux 5.3 Kernel Yielding The Best Performance Yet For AMD EPYC “Rome” CPU Performance

https://www.phoronix.com/scan.php?page=news_item&px=AMD-EPYC-Rome-Linux-5.3-Perf

 

 

Since announcing its Red Hat acquisition, IBM has been on an open source roll, open sourcing everything from Kabanero, software to make it easy for enterprises to tackle Kubernetes deployments, to Razee, battle-tested software it’s been using in its cloud to manage applications in Kubernetes cluster deployments. This week the company went a step further and threw its big blue fedora into the open silicon ring by open sourcing its Power processor.

https://www.datacenterknowledge.com/ibm/ibm-open-sources-its-workhorse-power-chip-architecture

 

Jay

Fedora Switching To The BFQ I/O Scheduler For Better Responsiveness & Throughput

https://www.phoronix.com/scan.php?page=news_item&px=Fedora-Switching-To-BFQ

 

Enhancing our ZFS support on Ubuntu 19.10 – an introduction

https://ubuntu.com/blog/enhancing-our-zfs-support-on-ubuntu-19-10-an-introduction

 

Enhanced Livepatch desktop integration available with Ubuntu 18.04.3 LTS

https://ubuntu.com/blog/enhanced-livepatch-desktop-integration-available-with-ubuntu-18-04-3-lts

 

System76 Unveils Graphical Firmware Updater for All Debian-Based Linux Distros

https://news.softpedia.com/news/system76-unveils-graphical-firmware-updater-for-all-debian-based-linux-distros-527046.shtml

Tony

—-

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

https://krebsonsecurity.com/2019/08/breach-at-hy-vee-supermarket-chain-tied-to-sale-of-5m-stolen-credit-debit-cards/

 

Hackers Want $2.5 Million Ransom for Texas Ransomware Attacks

https://krebsonsecurity.com/2019/08/breach-at-hy-vee-supermarket-chain-tied-to-sale-of-5m-stolen-credit-debit-cards/ 

 

D-Link DIR-600M – Authentication Bypass (Metasploit)

https://www.exploit-db.com/exploits/47250 

 

0

SMLR 312 Merge branch ‘floppy’

Posted by Tom Lawrence on August 6, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 311

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

 

System76 Is Launching An Insanely Powerful Linux Laptop With 4K OLED Display And Intel i9-9980HK

https://www.forbes.com/sites/jasonevangelho/2019/08/02/system76-is-launching-an-insanely-powerful-linux-laptop-with-4k-oled-display-and-intel-i9-9980hk/#3e5038ed15e3

 

Linux finally dropping floppy drive support

https://techreport.com/news/3464145/linux-dropping-floppy-drive-support/

https://github.com/torvalds/linux/commit/47d6a7607443ea43dbc4d0f371bf773540a8f8f4

 

Proton 4.11 released, kernel packages available for testing

https://steamcommunity.com/games/221410/announcements/detail/2957094910196249305

 

Valve LKML post

https://lkml.org/lkml/2019/7/30/1399

 

Kali Linux For Raspberry Pi 4 Is Now Officially Released

https://www.kali.org/news/raspberry-pi-4-and-kali/

 

Alibaba Chip Subsidiary Launches First Product Using Open-Source Architecture

https://www.caixinglobal.com/2019-07-25/alibaba-chip-subsidiary-launches-first-product-using-open-source-architecture-101443785.html

 

Deepin 15.11 Released
Deepin desktop environment (DDE) uses the Kwin (KDE Window Manager) for compositing and management. As well boasting a crop of bug fixes, the new version of dde-kwin is said to be lighter and less crashy than before.

https://www.omgubuntu.co.uk/2019/07/deepin-15-11-released-this-is-whats-new

 

Facebook open-sources algorithms for detecting child exploitation and terrorism imagery

https://www.theverge.com/2019/8/1/20750752/facebook-child-exploitation-terrorism-open-source-algorithm-pdq-tmk

 

Apple joins the Data Transfer Project: an open source project to allow data portability

https://www.techspot.com/news/81221-apple-joins-data-transfer-project-open-source-project.html

 

IBM JUST MADE ITS CANCER-FIGHTING AI PROJECTS OPEN-SOURCE

https://futurism.com/the-byte/ibm-cancer-ai-open-source

 

Understanding Linux /etc/passwd File Format

https://www.2daygeek.com/understanding-linux-etc-passwd-file-format/

 

Phil

– – – –

 

Cool tool

Sampler is a tool for shell commands execution, visualization and alerting. Configured with a simple YAML file.

The license is pretty restrictive in that the software can only be used by a single user.

https://github.com/sqshq/sampler

 

Flame graphs are a visualization of profiled software, allowing the most frequent code-paths to be identified quickly and accurately.

The x-axis shows the stack profile population, sorted alphabetically (it is not the passage of time), and the y-axis shows stack depth, counting from zero at the bottom. Each rectangle represents a stack frame. The wider a frame is, the more often it was present in the stacks. The top edge shows what is on-CPU, and beneath it is its ancestry.

Flame graphs can be generated from any profile data that contains stack traces, including from the following profiling tools:

 

Linux: perf, eBPF, SystemTap, and ktap

Solaris, illumos, FreeBSD: DTrace

Mac OS X: DTrace and Instruments

Windows: Xperf.exe

https://github.com/brendangregg/FlameGraph

 

In Episode 311 we mentioned that Epic Games awarded the Blender Foundation with $1.2 million dollars. This is the first big release since that award.

Blender 2.80 features a redesigned user interface that puts the focus on the artwork that you create. A new dark theme and modern icon set were introduced. Keyboard, mouse and tablet interaction got a refresh with left click select as the new default. Quick Favorites menus provide rapid access to often-used tools.

Following up on the

https://www.blender.org/download/releases/2-80/

 

https://www.forbes.com/sites/jasonevangelho/2019/08/03/manjaro-linux-team-responds-to-libreoffice-versus-freeoffice-in-upcoming-version-18-1/#66e12542bf46

 

The Linux community was in a bit of an uproar this week when Manjaro Linux announced that it would be swapping out the open source office suite LibreOffice in version 18.1 and replacing it with the proprietary FreeOffice. It’s due to a new partnership between the Manjaro developers and FreeOffice creator SoftMaker.

 

After community backlash, the Manjaro developers decided on a solution that would be the best of both worlds, offer their users the choice to pick which

office suite to install. Softmaker went on to publicly state they will be adding save to DOC, XLS, PPT, ODT to their FreeOffice free tier as well.

 

Debian 10 Buster is now available on DistroTest

DistroTest allows you to take a look at the existing systems, test them live in your browser without any installation. Typically you wait up to 1 minute in a queue before being presented with a popup VNC browser.

https://distrotest.net/Debian/10.0

 

GitHub is blocking users in Crimea, Cuba, Iran, North Korea and Syria from accessing its services to comply with U.S. trade control laws.

The Microsoft-owned company disclosed the action on a support page as a courtesy, noting that GitHub users ultimately are responsible for ensuring that their use of GitHub’s products and services complies with all applicable laws and regulations.

The blocking is based on source IP address and payment history for GitHub Pro accounts. GitHub states that developers are not allowed to use VPNs to circumvent the ban. However, this is just an ongoing game of cat and mouse. The developers this ban has blocked are those technical enough to research ways to evade being blocked.

https://www.linuxinsider.com/story/GitHub-Blocks-Devs-in-US-Sanctioned-Regions-86154.html

 

Copyright © 2011-2020 Sunday Morning Linux Review All rights reserved.
This site is using the Desk Mess Mirrored theme, v2.5, from BuyNowShop.com.