0

SMLR 310 CAN_GOT_HAXXD

Posted by Tom Lawrence on July 7, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 310

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

https://www.raspberrypi.org/blog/raspberry-pi-4-on-sale-now-from-35/

 

https://arstechnica.com/information-technology/2019/06/the-raspberry-pi-4-launch-site-runs-on-a-pi-4-cluster/

 

Pine64 Smartphone

https://liliputing.com/2019/06/pinephone-149-linux-smartphone-could-support-ubuntu-sailfish-maemo-luneos-and-more.html

 

Public Administrations will have to carry out a comparative assessment before acquiring new software, which will favor open source solutions (including those reused by other administrations).

The development of new software and the purchase of proprietary software licenses must be justified.

All software developed on behalf of the Public Administration must be made available through open source in a publicly accessible repository and included in the Developers Italia catalog.

 

https://medium.com/team-per-la-trasformazione-digitale/open-source-guidelines-for-acquisition-reuse-software-in-italian-public-administration-d6d5997d3e51

 

19.10 ZFS 

https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-19.10-Experimental-ZFS

 

The GopenPGP library makes it easy to perform simple operations, such as encrypt, decrypt, sign and verify messages, manage keys, etc without having to deal with complicated cryptographic concepts. This high-level interface is compatible with go-mobile, a popular tool for building mobile apps written in Go.

https://protonmail.com/blog/openpgp-golang/

 

FreeBSD’s Release Engineering Lead Departs The Foundation

https://forum.netgate.com/topic/144403/freebsd-s-release-engineering-lead-departs-the-foundation-joins-netgate

 

Samba has been undergoing work to improve its performance on the large scale for organizations with 100,000+ users and over one hundred thousand computer objects and memberships. Samba 4.11 will be able to scale a hell of a lot better than previous releases due to performance improvements around reindexing, domain joins, LDAP server memory, custom LMBD map size, better batch operation support, better LDB search performance, better sub-tree rename performance, and other tuning to allow Samba to perform at massive scales. 

https://www.phoronix.com/scan.php?page=news_item&px=Samba-4.11-Features

 

Making Artificial Intelligence

Accessible To Everyone

 

https://www.acumos.org/

 

https://www.baturin.org/docs/iproute2/

 

LibreCAD is a free Open Source CAD application for Windows, Apple and Linux.

https://librecad.org/

 

I found a bug in OpenSSL! – https://github.com/openssl/openssl/issues/9187

 

Raspberry Pi4 is out

Firmware update to reduce power usage by 300mW and improve performance

https://www.pcgamer.com/if-you-bought-a-raspberry-pi-4-grab-this-firmware-update-to-improve-performance/

 

Latest Raspbian is built on Debian 10 “Buster” which has now been publicly released

https://www.debian.org/News/2019/20190706

  • 4.19 kernel
  • In this release, GNOME defaults to using the Wayland display server instead of Xorg
  • AppArmor, a mandatory access control framework for restricting programs’ capabilities, is installed and enabled by default.

 

Microsoft asks to join Linux distribution security contacts list

https://www.zdnet.com/google-amp/article/microsoft-asks-to-join-private-linux-security-developer-list/

This list’s purpose is to “report and discuss security issues that are not yet public (but that are to be made public no more than 14 days after being revealed to the group)”. Examples include Intel’s CPU Meltdown and Spectre security bugs would not have been discussed on linux-distros. Security issues that are already publicly discussed are handled in the OSS-Security mailing list.

 

  • Azure Sphere – for IoT devices
  • Windows Subsystem for Linux v2 aka WSLv2
  • Azure HDInsight
  • Azure Kubernetes Service

0

SMLR 309 We are all a ‘Bit’ off

Posted by Tom Lawrence on June 17, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 309

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

Exim Flaw

https://arstechnica.com/information-technology/2019/06/millions-of-machines-affected-by-command-execution-flaw-in-exim-mail-server/

 

Atari’s new VCS isn’t a console, but it isn’t quite a computer either, but it does run on Linux!

https://arstechnica.com/gaming/2019/06/ataris-new-vcs-isnt-a-console-but-it-isnt-quite-a-computer-either/

 

CERN Ditches Microsoft to ‘Take Back Control’ with Open Source Software

https://www.omgubuntu.co.uk/2019/06/cern-ditch-microsoft-open-source-malt

 

Enable Dynamic Transparency in Ubuntu 19.04

https://www.omgubuntu.co.uk/2019/04/how-to-re-enable-dynamic-transparency-on-the-ubuntu-19-04-desktop

 

New Kdenlive

https://kdenlive.org/en/2019/06/kdenlive-19-04-2-is-out/

 

New GIMP

https://www.gimp.org/news/2019/06/12/gimp-2-10-12-released/

 

SSD Benchmarks

https://www.phoronix.com/scan.php?page=article&item=30usd-ssd-benchmarks&num=6

 

https://keybase.io/encrypt#lawrencesystems

 

Jay

Ubuntu 18.04 LTS With Latest GNOME Update Now Plays Nicely For 120~144Hz Displays

https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-18.04-LTS-High-Refresh

 

KDE Plasma 5.16 Released With A Lot Of Polishing, File Manager Improvements

https://kde.org/announcements/plasma-5.16.0.php

 

This is Firefox’s Colourful New Logo (Yes, Another New Logo)

https://www.omgubuntu.co.uk/2019/06/mozilla-firefox-family-logo

 

Firefox Premium Coming Later This Year, But Will You Pay for It?

https://www.omgubuntu.co.uk/2019/06/firefox-premium-would-you-pay

 

Systemd Is Now Seeing Continuous Fuzzing By Fuzzit

https://www.phoronix.com/scan.php?page=news_item&px=Systemd-Fuzzing-Fuzzit

 

Regolith Linux is the i3 Ubuntu Spin You’ve Been Waiting For

https://www.omgubuntu.co.uk/2019/06/install-regolith-linux-i3-gaps-ubuntu

 

EndeavourOS Is Hoping To Be The Successor To Antergos – Convenient To Use Arch Linux

https://www.phoronix.com/scan.php?page=news_item&px=EndeavourOS-Announcement

 

Phil

https://distrotest.net/

On Distro Test you will find over 200 operating systems and ~670 versions of said operating systems which you can test online with just your browser.

 

https://www.linuxjournal.com/content/securing-kernel-stack

Kernel developer Elena Reshetova is working on an approach to randomize the kernel stack offset after every system call. Her plan is to obscure the trail left by the stack, so attackers can’t follow it or predict it. And, she recently posted some kernel patches to accomplish this.

 

https://www.oilshell.org/blog/2019/06/13.html

Oil is your upgrade path from bash. It’s the only language that shell / bash can be automatically translated to. Andy Chu details why replacing scripts with perl, python, ruby, etc isn’t always feasible. Check out this website for a very in depth and technical description

 

http://meetings-archive.debian.net/pub/debian-meetings/2019/miniconf-hamburg/lightning_talks_demos.webm

Debian will [probably] get PPA (personal package archives) according to Debian maintainer Alexander Wirt at the Mini Deb Conference in Hamburg, Germany. Skip ahead to 39m20s for the announcement.

Opera built in free VPN https://www.opera.com/computer/features/free-vpn

0

SMLR 308 Don’t Get Stung By The Wasp

Posted by Tom Lawrence on June 2, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 308

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

https://www.intezer.com/blog-hiddenwasp-malware-targeting-linux-systems/

grep sftp /etc/passwd

 

All of the current versions of Docker have a vulnerability that can allow an attacker to get read-write access to any path on the host server. The weakness is the result of a race condition in the Docker software and while there’s a fix in the works, it has not yet been integrated.

https://duo.com/decipher/docker-bug-allows-root-access-to-host-file-system

 

“One downside I think we should not forget is that GitHub is becoming a monopoly. With private repositories, the new package manager, and now a way to support creators, [GitHub is] trying to become indispensable, and I don’t think that’s a good thing,” he told LinuxInsider.

https://www.linuxinsider.com/story/GitHub-Opens-New-Door-to-Financial-Support-for-Open-Source-Devs-86042.html

 

Asus ZenScreen & USB-C

https://www.phoronix.com/scan.php?page=news_item&px=ASUS-ZenScreen-MB16AC-2019

 

Microsoft Becomes Master of Its Own Linux Kernel

https://www.linuxinsider.com/story/Microsoft-Becomes-Master-of-Its-Own-Linux-Kernel-86007.html

 

Ryzen 9 3900X $499 12 core / 24 thread

https://www.tomshardware.com/news/amd-third-gen-ryzen-7nm-launch-intel-cpu,39449.html

 

2FA ToTP Auth

https://gitlab.gnome.org/World/Authenticator

 

Foliate is an ePub eBook Reader8888

https://www.omgubuntu.co.uk/2019/05/foliate-ebook-reader-linux

 

Notepad++ in Linux

https://www.omgubuntu.co.uk/2019/05/install-notepad-in-ubuntu

 

Jay

Linux 5.1 Hit By A Data Loss Bug Due To Overly Aggressive FSTRIM

https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.1-FSTRIM-Bug

 

Linux Fix Pending For Borked Hibernation After Disabling Hyper Threading

https://www.phoronix.com/scan.php?page=news_item&px=Linux-Fix-Disable-HT-Hibernate

 

Linux 5.1.5 Kernel Fixes The Latest Data Corruption Bug

https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.1.5-Released

 

Ubuntu 19.10 Now Includes Proprietary Nvidia Drivers on the ISO

https://www.omgubuntu.co.uk/2019/05/ubuntu-19-10-nvidia-drivers-iso

 

System76 Is Making Progress On Open-Source Firmware For Their Laptops

https://www.phoronix.com/scan.php?page=news_item&px=System76-May-Firmware-Progress

 

Antergos Linux project has been discontinued

https://www.fosslinux.com/14859/antergos-linux-project-has-been-discontinued.htm

 

Fork: Endeavour, Antergos community’s next stage……..

https://forum.antergos.com/topic/11780/endeavour-antergos-community-s-next-stage

 

Tony

———–

 

0

SMLR 307 Night of The Living Daemon

Posted by Tom Lawrence on May 20, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 307

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

South Korea will ditch Microsoft Windows for Linux
https://betanews.com/2019/05/18/korea-linux/

 

List of Linux adopters

https://en.wikipedia.org/wiki/List_of_Linux_adopters

 

The attacks can be launched with the help of specially crafted TCP packets sent to vulnerable Linux boxes which can trigger use-after-free errors and enable the attackers to execute arbitrary code on the target system.

 

The remotely exploitable vulnerability has been assigned a 8.1 high severity base score by NIST’s NVD, it is being tracked as CVE-2019-11815 (Red Hat, Ubuntu, SUSE, and Debian) and it could be abused by unauthenticated attackers without interaction from the user.

https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/

 

Nextcloud 16 introduces machine learning based security and usability features, ACL permissions and cross-app projects

https://nextcloud.com/blog/nextcloud-16-introduces-machine-learning-based-security-and-usability-features-acl-permissions-and-cross-app-projects/

 

History of the OwnCloud to NextCloud Fork

https://media.libreplanet.org/u/libreplanet/m/why-i-forked-my-own-project-and-my-own-company-31c3/

 

Six more devices from ThinkPenguin, Inc. now FSF-certified to Respect Your Freedom

https://www.fsf.org/news/six-more-devices-from-thinkpenguin-inc-now-fsf-certified-to-respect-your-freedom

 

Linux Kernel’s Perf Now Supports Zstd-Compressed Trace Recording

https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.2-Compressed-Perf

 

ZombieLoad

https://www.phoronix.com/scan.php?page=news_item&px=MDS-Zombieload-Initial-Impact

 

PineBook

https://liliputing.com/2019/05/pinebook-pro-update-the-199-linux-laptop-is-almost-ready-to-go.html

=====================================================

Tony

 

It’s not just Huawei. Trump’s new tech sector order could ripple through global supply chains.

https://www.washingtonpost.com/politics/2019/05/18/its-not-just-huawei-trumps-new-tech-sector-order-could-ripple-through-global-supply-chains/?noredirect=on&utm_term=.e85ef78273d8

 

Executive Order on Securing the Information and Communications Technology and Services Supply Chain

https://www.whitehouse.gov/presidential-actions/executive-order-securing-information-communications-technology-services-supply-chain/

 

Ann Arbor Tech Trak – June 7, 2019

https://a2tech360.com/events/tech-trek/

 

Hack:A2 – June 8, 2019

https://a2tech360.com/events/hacka2/

Jay

Next Generation Plasma Notifications

https://blog.broulik.de/2019/05/next-generation-plasma-notifications

 

Tilix Terminal Emulator Needs a New Maintainer

https://www.omgubuntu.co.uk/2019/05/tilix-terminal-emulator-new-maintainer

 

Mozilla Had A Rough Night With Add-Ons Getting Disabled Due To An Expired Certificate

https://www.phoronix.com/scan.php?page=news_item&px=Firefox-Add-Ons-Cert-Expired

 

===============================

Phil

What is a zombie process?

https://www.howtogeek.com/119815/htg-explains-what-is-a-zombie-process-on-linux/

 

Centos8 build cycle and status

https://wiki.centos.org/About/Building_8

 

FCC to combat robocalls (finally wow, great job team, /sarcasm)

https://www.fcc.gov/about-fcc/fcc-initiatives/fccs-push-combat-robocalls-spoofing

 

https://letsencrypt.org/2019/05/15/introducing-oak-ct-log.html

Today we are announcing a new Certificate Transparency log called Oak. The Oak log will be operated by Let’s Encrypt and all publicly trusted certificate authorities will be welcome to submit certificates.

 

Certificate Transparency (CT) is a system for logging and monitoring certificate issuance. It greatly enhances everyone’s ability to monitor and study certificate issuance, and these capabilities have led to numerous improvements to the CA ecosystem and Web security. As a result, it is rapidly becoming critical Internet infrastructure. Let’s Encrypt accelerated the adoption of CT by logging every certificate since we started issuing in 2015 – approximately half a billion certificates at this point.

 

Microarchitectural Data Sampling “MDS” vulnerabilities now known more commonly as Zombieload

https://www.phoronix.com/scan.php?page=article&item=mds-zombieload-mit&num=1

 

0

SMLR 306 Recording at Penguicon 2019

Posted by Tom Lawrence on May 9, 2019 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 306

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

0

SMLR 305 Wooden Proxy Mouse

Posted by Tom Lawrence on April 29, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 305

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

GNOME Devs Mull Making Dedicated System Info Tool

https://www.omgubuntu.co.uk/2019/04/does-gnome-need-a-dedicated-system-info-tool

 

Docker Hub Security Breach details, signs/hints

https://forums.docker.com/t/docker-hub-security-breach-details-signs-hints/73850

 

Some tips for checking your Docker for issues related to the breach

https://blog.madhuakula.com/some-tips-to-review-docker-hub-hack-of-190k-accounts-addcd602aade

 

New Netdata

https://my-netdata.io/

https://www.reddit.com/r/linuxadmin/comments/bhdmyy/netdata_the_opensource_realtime_performance_and/

 

Fanless mini-tower runs Linux Mint on up to 5GHz octa-core i9-9900K

http://linuxgizmos.com/fanless-mini-tower-runs-linux-mint-on-up-to-5ghz-octa-core-i9-9900k/

 

NVIDIA GeForce GTX 1650 Linux Gaming Performance & Benchmarks

https://www.phoronix.com/scan.php?page=article&item=nvidia-gtx1650-linux&num=1

 

Periodic reminder that you DRM means you don’t really own eBooks, movies, or other content (Microsoft’s eBook store is shutting down)

https://liliputing.com/2019/04/periodic-reminder-that-you-drm-means-you-dont-really-own-ebooks-movies-or-other-content-microsofts-ebook-store-is-shutting-down.html

 

THE LINUX DESKTOP IS IN TROUBLE!

Linus Torvalds looks to Chromebooks and Android for the future of the Linux desktop, while Linux Mint developers aren’t happy with each other.

https://www.zdnet.com/article/the-linux-desktop-is-in-trouble/

 

Top 15 Open source Video conference and Team communication solutions for Windows, Linux, Mac OSX and Phones

https://medevel.com/10-os-video-conferencing/

 

HealthyPi is the first fully open-source, full-featured vital sign monitor. Using the Raspberry Pi as its computing and display platform, the HealthyPi add-on HAT turns the Raspberry Pi into a vital sign monitoring system.

http://healthypi.protocentral.com/

 

Phil

https://www.zdnet.com/article/docker-hub-hack-exposed-data-of-190000-users/

 

Matrix.org Data Breach and Remediation Round Up

https://securityaffairs.co/wordpress/83751/data-breach/matrix-org-hack.html

According to Matrix.org, the attacker has exploited a known vulnerability in the Jenkins open source automation server to hijack credentials and gain access to the systems of the organization. Homeservers, source code and packages, identity servers, and Modular.im servers were not impacted.

“An attacker gained access to the servers hosting Matrix.org. The intruder had access to the production databases, potentially giving them access to unencrypted message data, password hashes and access tokens. As a precaution, if you’re a matrix.org user you should change your password now.” reads the data breach notification published by Matrix.org.

 

The attacker used a cloudflare API key to repoint DNS for matrix.org to a defacement website (https://github.com/matrixnotorg/matrixnotorg.github.io). The API key was known compromised in the original attack, and during the rebuild the key was theoretically replaced. However, unfortunately only personal keys were rotated, enabling the defacement.

 

https://web.archive.org/web/20190412080323/https://github.com/matrix-org/matrix.org/issues/created_by/matrixnotorg

 

Block List Project

https://blocklist.site/app/

The Block List Project is an independent project with growing support. Their mission is to help create a safer browsing experience by blocking malicious websites.

 

Open Sprinkler

https://opensprinkler.com/

Keeping your lawn and flowers beautiful doesn’t have to be stressful. OpenSprinkler unchains you from your sprinkler or irrigation control box, enabling you to program, run, or stop zones at any time from anywhere.

 

OpenSprinkler Pi is an extension board for Raspberry Pi and allows the operator to directly access and control sprinkler valves.

 

Jay

Ubuntu 14.04 Reaches End of Life on April 30

https://www.omgubuntu.co.uk/2019/04/ubuntu-14-04-end-of-life

 

The End of Scientific Linux

https://lwn.net/Articles/786422/

 

Cross Generation Gaming, new episodes every Sunday

http://crossgengaming.tv

 

————————————-

 

Tony

 

Penguicon

https://2019.penguicon.org/

Penguicon Schedule

https://penguicon2019.sched.com

Search Sunday Morning, Tony Bemus, Jay LaCroix, or Tom Lawrence

 

X2Go vs Nomachine vs Remote desktop softwares:

https://en.wikipedia.org/wiki/Comparison_of_remote_desktop_software

GNU Stow: simlink your dot files:

https://www.gnu.org/software/stow/stow.html

Managing dotfiles with GNU stow

https://alexpearce.me/2016/02/managing-dotfiles-with-stow/

 

0

SMLR 304 The resource has !NOT been modified

Posted by Tom Lawrence on March 31, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 304

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

 

Show Notes

https://httpstatuses.com/304

A conditional GET or HEAD request has been received and would have resulted in a 200 OK response if it were not for the fact that the condition evaluated to false.

 

Write in and echo hi to show@smlr.us.

 

Tom

Kdenlive Code Sprint & Developer Interview

https://kdenlive.org/en/2019/03/sprint-2019-in-lyon/

 

OpenShot Updated release (including an updated Windows installer)

https://www.openshot.org/blog/2019/03/20/openshot-244-released-keyframe-scaling-docking-and-more/

 

Ubuntu 19.04 Beta Available

https://www.omgubuntu.co.uk/2019/03/download-ubuntu-19-04-beta-iso

 

OpenSSH 8.0 Quantum Resistant Keys

https://codesmithdev.com/openssh-8-0-releasing-with-quantum-computing-resistant-keys/

 

Jetson Nano Brings AI Computing to Everyone! It delivers 472 GFLOPS of compute performance with a quad-core 64-bit ARM CPU and a 128-core integrated NVIDIA GPU. It also includes 4GB LPDDR4 memory in an efficient, low-power package with 5W/10W

https://devblogs.nvidia.com/jetson-nano-ai-computing/

On Being a Free Software Maintainer

“How dare you not (use your free time to) fix this ultra high priority bug that is affecting me?” or “This is an absolutely basic feature! How is it not implemented yet (by you on your free time)?!” or even “You made me move to Software Y, and you need to win me back” are going to be realities you will have to face.”

https://feaneron.com/2019/03/28/on-being-a-free-software-maintainer/

 

New York Times Open Source Workflow data management tool The means for creating (and maintaining) a documentation site — or a style guide, or a knowledge base, or any other set of information frequently used as a reference — have shifted back and forth over time. Blogging software! Wikis! Flat files! Database-driven! Google Docs! GitHub Pages! Dropbox Paper! Notion! The number of options — and the degree to which their selection sometimes come down to one person’s aesthetic choice or workflow preference — has left the job of keeping updated documentation a bit of a mess.

http://www.niemanlab.org/2019/03/the-new-york-times-has-released-an-open-source-tool-to-let-you-manage-all-your-internal-knowledge-more-easily/

Cisco RV320 “mitigated” security flaw by blocking user agent

https://www.redteam-pentesting.de/en/advisories/rt-sa-2019-003/-cisco-rv320-unauthenticated-configuration-export

 

Unleash The ASUS HASH!

https://skylightcyber.com/2019/03/28/unleash-the-hash-shadowhammer-mac-list/

 

$50 million CTF Writeup

https://github.com/manoelt/50M_CTF_Writeup/blob/master/README.md

 

Defending The Defenders Of The Cyber Universe: How To Mitigate Stress In Cybersecurity

https://www.forbes.com/sites/forbestechcouncil/2019/03/28/defending-the-defenders-of-the-cyber-universe-how-to-mitigate-stress-in-cybersecurity/#74d62cb4b8ca

Phil

Hashicorp Vault and Kubernetes

https://github.com/pgporada/vault-k8s-secrets-OHMY

 

How I generate my ssh keys

ssh-keygen -t ed25519 -b 521

 

The Linux Vendor Firmware Service (LVFS) is now a Linux Foundation project

https://www.linuxfoundation.org/blog/2019/03/lvfs-project-announcement/

LVFS is a secure website that allows hardware vendors to upload firmware updates. It’s used by all major Linux distributions to provide metadata for clients, such as fwupdmgr, GNOME Software and KDE Discover.

 

Richard Hughes, upstream maintainer of LVFS and Principal Software Engineer at Red Hat states, “My long-term goal is for the LVFS to be seen like a boring, critical part of infrastructure in Linux, much like you’d consider a NTP server for accurate time, or a PGP keyserver for trust.”

 

With the recent Spectre and Meltdown issues hitting the industry, firmware updates are no longer seen as something that just adds support for new hardware or fixes the occasional hardware issue. Now the EFI BIOS is a fully fledged operating system with networking capabilities, companies and government agencies are realizing that firmware updates are as important as kernel updates, and many are now writing in “must support LVFS” as part of any purchasing policy.

 

What the heck is Citrix doing?

https://xenserver.org/blog/entry/what-is-citrix-doing-with-xenserver-org.html

As many of you know, XenServer.org was created many years ago to provide developers and users of the Free edition a venue through which to share insights and suggestions regarding product features, enhancements, and technical support. The upcoming rebranding of “XenServer” to “Citrix Hypervisor” offers an opportunity to consolidate access to product resources to a single website – citrix.com.

https://web.archive.org/web/20190325130530/https://xenserver.org/blog/entry/what-is-citrix-doing-with-xenserver-org.html

 

Open Morrowind

https://openmw.org/en/

OpenMW is a free, open source, and modern engine which re-implements and extends the 2002 Gamebryo engine for the open-world role-playing game The Elder Scrolls III: Morrowind.

 

Jay

Mozilla Improves Web Browser Security in Firefox 66 Update

https://www.eweek.com/enterprise-apps/mozilla-improves-web-browser-security-in-firefox-66-update

 

Ubuntu 19.04 Is Offering Some Performance Improvements Over Ubuntu 18.10, Comparison To Clear Linux

https://www.phoronix.com/scan.php?page=article&item=ubuntu-1904-first&num=1

 

CodeWeavers on how Proton (Steam Play) helped improve Wine 4.2

https://www.gamingonlinux.com/articles/codeweavers-on-how-proton-steam-play-helped-improve-wine-42.13845

Google announce ‘Stadia’, their new cloud gaming service built on Linux and Vulkan

https://www.gamingonlinux.com/articles/google-announce-stadia-their-new-cloud-gaming-service-built-on-linux-and-vulkan.13792

An Automated Way To Install Essential Applications On Ubuntu

https://www.ostechnix.com/an-automated-way-to-install-essential-applications-on-ubuntu/

Firefox 66 Release Notes

https://www.mozilla.org/en-US/firefox/66.0/releasenotes/

Tony

————————–

New Work: Arbor Networks , the security division of NetScout

  Here is a history video of Arbor Networks: https://www.youtube.com/watch?v=cAsdpvAuv9I&index=12&list=PLu8eXm-IEjEAoLW4hssuIOqVKD2TB3HJp

 

Secure Your Linux Server With Fail2Ban [Beginner’s Guide]

0

SMLR Episode 303 See Other Green

Posted by Tom Lawrence on March 17, 2019 in Show-mp3, Show-ogg |
Play

http://smlr.us

Downloads:

Show 303

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Jay’s Site

https://www.learnlinux.tv/

Jay’s Bash Prompt https://pastebin.com/kzPjE8y4

Tech News:

Simple Private 1GB Free or 2.5gb Logged in File Sharing
ffsend upload ${FILE_NAME}

https://send.firefox.com/

 

Darpa Open Source Voting

https://motherboard.vice.com/en_us/article/yw84q7/darpa-is-building-a-dollar10-million-open-source-secure-voting-system

 

CDC Beto O’Rourke’

https://www.reuters.com/investigates/special-report/usa-politics-beto-orourke/

 

WireGuard is now in Gnome Network Manager

https://blogs.gnome.org/thaller/2019/03/15/wireguard-in-networkmanager/

 

Linux Kernel 5.0

https://lkml.org/lkml/2019/3/3/236

“But I’d like to point out (yet again) that we don’t do feature-based releases,

and that “5.0” doesn’t mean anything more than that the 4.x numbers

started getting big enough that I ran out of fingers and toes”

AMD FreeSync display support

Raspberry Pi Touchscreen support in mainline kernel

Btrfs swap file support & Adiantum data encryption

 

Stephen Wolfram Blog Post “Seeking the Productive Life: Some Details of My Personal Infrastructure”

https://blog.stephenwolfram.com/2019/02/seeking-the-productive-life-some-details-of-my-personal-infrastructure/

 

Ubuntu 16.04.6 LTS Released, Fixes Major APT Security Issue

https://www.omgubuntu.co.uk/2019/02/ubuntu-16-04-6-lts-released-fixes-major-apt-security-issue

 

Open source Free Self-hosted Web Analytics

https://medevel.com/best-20-open-source-free-self-hosted-web-analytics/

 

Web Analytics. Open Source.

http://www.openwebanalytics.com/

 

Firefox maker fears DarkMatter ‘misuse’ of browser for hacking

https://www.reuters.com/article/us-usa-spying-darkmatter/firefox-maker-fears-darkmatter-misuse-of-browser-for-hacking-idUSKCN1QL28T

 

Citrix today warned its customers that foreign hackers romped through its internal company network and stole corporate secrets.

https://www.theregister.co.uk/2019/03/08/citrix_hacked_data_stolen/

 

Q&A: Crypto-guru Bruce Schneier on teaching tech to lawmakers, plus privacy failures – and a call to techies to act

‘Politicians are reluctant to disrupt the enormous wealth creation machine technology has turned out to be’

https://www.theregister.co.uk/2019/03/15/qa_bruce_schneier/

 

Jay:

GNOME 3.32 Released, This is What’s New

https://www.omgubuntu.co.uk/2019/03/best-gnome-3-32-features

 

Google Hardware makes cuts to laptop and tablet development, cancels products

https://arstechnica.com/gadgets/2019/03/google-hardware-makes-cuts-to-laptop-and-tablet-development-cancels-products/

 

Debian Sticking With Merged /usr Plan

https://www.phoronix.com/scan.php?page=news_item&px=Debian-Go-Ahead-Merged-Usr

 

KDE Plasma 5.16 Will Let You Reboot Into The UEFI Setup Screen

https://www.phoronix.com/scan.php?page=news_item&px=KDE-Plasma-5.16-Reboot-To-UEFI

 

Phil – Ep 303

 

303 See Other

The server is redirecting the user agent to a different resource, as indicated by a URI in the Location header field, which is intended to provide an indirect response to the original request.

 

L0phtCrack is a password auditing and recovery application originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, hybrid attacks, and rainbow tables.

 

List of open source tools for AWS security: defensive, offensive, auditing, etc.

https://github.com/toniblyx/my-arsenal-of-aws-security-tools

 

Automatic Certificate Management Environment (ACME) has been standardized by the IETF as RFC 8555.

https://tools.ietf.org/html/rfc8555

 

Having a standardized protocol for certificate issuance and management is important for two reasons. First, it improves the quality of the software ecosystem because developers can focus on developing great software for a single protocol, instead of having many pieces of less well maintained software for bespoke APIs. Second, a standardized protocol makes switching from one CA to another easier by minimizing technical dependency lock-in.

 

CAs & PKIs that offer ACME certificates

 

https://vas3k.com/blog/dumbass_home/?ref=sn

Internet of Things. How to Automate Your Rented Box Today

 

So, you want to bring a little more cyberpunk to your life. The light should lead your way when you’re sneakin’ to the bathroom at night; a coffee machine should start automagically with the morning alarm. Smart Нome, Internet of Things or whatever they call teapots with microcontrollers this year. I call it “Dumbass Home” because it simply fits better.

 

His solution uses a raspberry pi with a zigbee and z-wave USB adapters and the python project HomeAssistant

 

Discusses different vendor products and their pros and cons

 

Secretary of the Navy – Cyber Security Review

https://www.navy.mil/strategic/CyberSecurityReview.pdf

The report highlights the value of data and the need to modify the Navy’s business and data hygiene processes in order to protect data as a resource.  This review also provides an assessment of the culture, people, governance, processes, and resources as they pertain to cybersecurity in the Department of the Navy.  Recommendations in the review specifically address policy, processes, and resources needed to enhance cyber defense and increase resiliency.

 

In fact, with an expectation that the nation will require an increase of as many as 1.5 million additional trained professionals needed by 2020

 

Boats Can’t Divide by Zero

https://medium.com/@bishr_tabbaa/when-smart-ships-divide-by-zer0-uss-yorktown-4e53837f75b2

0

SMLR Episode 302 Unicorn Bash Prompts

Posted by Tom Lawrence on February 26, 2019 in Show-mp3 |
Play

http://smlr.us

Downloads:

Show 302

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

 

Read more…

0

SMLR Episode 301 Fresh Looks:Endless OS

Posted by Tom Lawrence on February 17, 2019 in Show-mp3, Show-ogg |
Play

Freshlooks Endless OS

Endless OS

http://smlr.us

Downloads:

Show 301

Contact Us:

show (at) smlr.us or the Contact us page

On the Lawrence Systems Forums

https://forums.lawrencesystems.com/c/smlr-podcast

 

Read more…

Copyright © 2011-2019 Sunday Morning Linux Review All rights reserved.
This site is using the Desk Mess Mirrored theme, v2.5, from BuyNowShop.com.