Distribution Release: Kali Linux 2018.2

Kali Linux is a Debian-based distribution with a collection of security, penetration testing and forensics tools. The project's latest release is Kali Linux 2018.2, which includes kernel updates and fixes for the Meltdown and Spectre CPU bugs. "This Kali release is the first to include the Linux 4.15....

from DistroWatch.com: News https://ift.tt/2FtRvpP
via IFTTT

IPFire Open Source Firewall Linux Distribution Gets Cryptography Improvements

IPFire, the open-source and free firewall distribution based on the Linux kernel, has been updated today to version 2.19 Core Update 120, a release that adds new features, improvements, and updated components.

IPFire 2.19 Core Update 120 is packed with quite a lot of new features that promise to improve the overall security of the operating system, as well as to increase the performance of various cryptographic operations. For the latter, the new release ships with the OpenSSL 1.1.0 cryptography library, which adds support for new ciphers.

"With this change, we have decided to entirely deprecate SSLv3 and the web user interface will require TLSv1.2 which is also the default for many other services. We have configured a hardened list of ciphers which only uses recent algorithms and entirely removes broken or weak algorithms like RC4, MD5 and so on," said Michael Tremer in the release notesread more)

from Softpedia News / Linux https://ift.tt/2rby8NU
via IFTTT

Linux Mint 19 "Tara" Won't Collect or Send Any of Your Personal or System Data

Linux Mint founder and lead developer Clement Lefebvre published another Monthly News newsletter today, this time for the month of April 2018, to keep the community up-to-date with the development of the upcoming Linux Mint 19 "Tara" operating system.

Now that Canonical released the Ubuntu 18.04 LTS (Bionic Beaver) operating system, on which Linux Mint 19 "Tara" will be based, it's time for the Linux Mint team to finalize their releases. There's still no fixed release date for Linux Mint 19 "Tara," nor LMDE (Linux Mint Debian Edition) 3, but Clement Lefebvre said they will arrive soon.

While the beta versions are expected to land early next month, along with the official unveiling of the Cinnamon 3.8 desktop environment, the final releases should be out 2-3 weeks after that. So we're now looking at the end of May or early... (read more)

from Softpedia News / Linux https://ift.tt/2Ks4E6w
via IFTTT

Slackware-Based Porteus Linux 4.0 Officially Released with Seven Desktop Flavors

Porteus Linux developer Jay Flood announced over the weekend the release and general availability of the final Porteus 4.0 operating system series, based on the Slackware Current software repositories.

Coming four years after the Porteus 3.0 series, the Porteus 4.0 release ships with the latest Slackware Linux packages, it's powered by the latest Linux 4.16 kernel branch (Linux 4.16.3 is included in the install images), and comes with no less than seven desktop flavors, including KDE, Xfce, LXDE, LXQt, Cinnamon, MATE, and Openbox.

Porteus 4.0 features support for UEFI/EFI installations using the syslinux bootloader for both BIOS and UEFI/EFI machines with a single, universal configuration file that you can find in /mnt/sdXY/boot/syslinux/porteus.cfg. Also, a new porteus/porteus-v4.0-x86_64.cfg configuration file replaces the old .sgn file and adds support for cheatcodes.

New update-browser and Porteus Update features

Also new in Porteus 4.0 there... (read more)

from Softpedia News / Linux https://ift.tt/2HElME3
via IFTTT

KDE Plasma 5.13 Desktop to Get Overhauled Lock & Login Screens with New Features

KDE developer Nathaniel Graham reports on one of the biggest changes coming to the KDE Plasma 5.13 desktop environment release this summer, namely the revamp of the lock and login screens.

By default, the upcoming KDE Plasma 5.13 desktop environment will present users with new, overhauled lock and login screens that would act quite different from what they used until now. For example, the lock screen will no function more like a screensaver, keeping the password field and controls hidden until you press a button, move the mouse, or touch the screen.

You can even set an image slideshow, an animated effect, or a solid color as the background. Moreover, every time you update to a new major KDE Plasma release, both the lock and login screens will automatically use the default wallpaper of that specific release if you don't mess with the ... (read more)

from Softpedia News / Linux https://ift.tt/2JHxRt1
via IFTTT

Kubuntu 18.04 Bionic Beaver - Long-term uncertainty

Begin to start to commence the spring distro testing season! We open with a long, thorough review of Kubuntu 18.04 Bionic Beaver, tested in a mixed multi-boot Windows and Linux setup on a laptop with UEFI and GPT, covering live session, installation and post-install use and tweaks, including look & feel, fonts, networking support and many associated troubles with Wireless connectivity, Bluetooth, Samba sharing and printing, multimedia support - HD video and MP3 playback, smartphone support - Android, iPhone, Windows Phone, partitioning, package management and updates, applications, hardware compatibility, webcam, proprietary drivers, suspend & resume, stability, resources, performance, severe desktop hangs due to Baloo indexing, application crashes, various visual niggles and bugs, other problems, customization, and more. Enjoy.

from Dedoimedo RSS https://ift.tt/2HIs45Q
via IFTTT

Voyager Linux 18.04 Released with Long Term Support, Based on Xubuntu 18.04 LTS

The developer behind the Ubuntu-based Voyager Linux distribution released a new LTS (Long Term Support) branch based on Canonical's recently released Xubuntu 18.04 LTS (Bionic Beaver) operating system.

Meet Voyager Linux 18.04 LTS, the newest long term supported series of the Voyager Linux operating system, based on the Ubuntu and Xubuntu 18.04 LTS packages. Powered by the Linux 4.15 kernel, this release uses the latest Xfce 4.12 desktop environment by default, but comes with a highly customized desktop interface.

Included in Voyager Linux 18.04 LTS, there's the LibreOffice office suite, Shotwell image viewer and organizer, Kodi media center, Clementine audio play... (read more)

from Softpedia News / Linux https://ift.tt/2rcEP1r
via IFTTT

Canonical Adds Multipass Cleanbuild Support to Its Snapcraft Snap Creator Tool

Canonical released over the weekend version 2.42 of its Snapcraft command-line tool for creating Snap packages on the Ubuntu Linux operating system.

Snapcraft 2.42 comes less than two weeks after version 2.41, which improved the mechanism for overriding lifecycle steps, passthrough property, error reporting, and updated the dotnet, nodejs, and python plugins, to add even more enhancements to the utility that helps application developers to package their apps as Snaps.

In Snapcraft 2.42, there's a new feature called multipass cleanbuild support, which might come in handy to users of snapcraft cleanbuild with multipass installed. To try it out, you'll have to run the "$ SNAPCRAFT_BUILD_ENVIRONMENT=multipass snapcraft cleanbuild" command in the terminal emulator.

On the other hand, Snapcraft 2.42 removes support for remote persistent containers, which was in the experimental phase for some time now and never got to be ready for production use. It was available only a... (read more)

from Softpedia News / Linux https://ift.tt/2jjh3wU
via IFTTT

Distribution Release: IPFire 2.19 Core 120

IPFire is a Linux distribution which focuses on security and is suited for being used as a firewall. Administration is handled through a web interface. The project has released a new update to its 2.19 series: IPFire 2.19 Core Update 120. The new version removes old and broken....

from DistroWatch.com: News https://ift.tt/2HDNhlp
via IFTTT

Confirmed: Twitter Also Sold Data To Cambridge Analytica Researcher

Cambridge Analytica and Facebook have been in the headlines for past one month for all the wrong reasons. Now, as per the latest revelation, Twitter is facing flak for selling data to Cambridge Analytica-linked researcher, Aleksandr Kogan. In a statement to The Telegraph, Twitter has confirmed that Aleksandr Kogan’s commercial enterprise had purchased one-time Twitter API […] The post Confirmed: Twitter Also Sold Data To Cambridge Analytica Researcher appeared first on Fossbytes.

from Fossbytes https://ift.tt/2HYvqF9
via IFTTT

MeX Linux OS Drops Linux Mint Base, It's Now Based on Ubuntu 18.04 LTS

Arne Exton released a new version of its MeX Linux operating system that switches from the older Linux Mint base to the latest Ubuntu release.

If previous versions of the MeX Linux distribution were based on Linux Mint, starting with build 180426, the operating system is now only based on packages from the Ubuntu and Debian GNU/Linux software repositories. The latest release is derived from the Ubuntu 18.04 LTS (Bionic Beaver) operating system series.

"Mex Linux is no longer based on Linux Mint," said Arne Exton. "MeX Build 180426 is based only on Debian and Ubuntu 18.04 LTS (Long Term Support). I have replaced the original kernel with “my” special kernel 4.15.0-19-exton. All packages in MeX Linux have been upgraded to the latest version by 180426."

What's new in MeX Linux Build 180426

There are several... (read more)

from Softpedia News / Linux https://ift.tt/2FvjGo6
via IFTTT

Flatpak Linux Application Sandboxing & Distribution Framework Learns New Tricks

Flatpak, the Linux application sandboxing and distribution framework, has been updated recently to version 0.11.4, a maintenance update that introduces numerous important changes.

With Flatpak 0.11.4, the development team updated the "flatpak build" command to allow it to always use multi-arch support, as well as to mount app extensions during the build process. In addition, the "flatpak build-init" command now supports adding of extension points earlier than build-finish by using the --extension argument, and build-finish now supports the --remove-extension argument.

Updates were also made to the "flatpak uninstall" command, which can now pick the user or system automatically if they're not specified, the "flatpak run" command, which received several new options like --no-a11y-bus and --no-documents-portal. Also, users can now use "flatpak remove" (without quotes) as an alias for the ... (read more)

from Softpedia News / Linux https://ift.tt/2rb7Rzb
via IFTTT

System76 Releases Pop!_OS Linux 18.04, Based on Ubuntu 18.04 LTS (Bionic Beaver)

System76 value-added computer reseller released the Pop!_OS Linux 18.04 operating system for their computer lineup as well as anyone else who wants to install their Ubuntu-based GNU/Linux distribution.

Based on Canonical's recently released Ubuntu 18.04 LTS (Bionic Beaver) operating system series and powered by Linux kernel 4.15, Pop!_OS Linux 18.04 is the second release of System76's Ubuntu derivative and the best so far, featuring lots of changes, including a brand new installer, new power management features, firmware notifications, and proper HiDPI support.

"The installer is the centerpiece of the work that we’ve been busily implementing for Pop!_OS 18.04.  It represents an incredible amount of effort from everyone in the country and whose final work we are intimately proud of and something we have repeatedly shown te... (read more)

from Softpedia News / Linux https://ift.tt/2HzMGku
via IFTTT

Windows 10 April 2018 Update Features: What’s New In The Big Update?

Ever since Microsoft started offering Windows 10, the arrival of new features has become more frequent. Now, we can get a new Windows update once every six months instead of waiting for years. And if you’re one of the Insiders currently enjoying the goodness of RS4 and RS5, you get to try new changes and […] The post Windows 10 April 2018 Update Features: What’s New In The Big Update? appeared first on Fossbytes.

from Fossbytes https://ift.tt/2jhXN35
via IFTTT

Miner One Is Launching Its Bitcoin-Mining High-Altitude Ballon Today, New Stable Version of GIMP and More

News

Bitcoin

Blockchain

GIMP

Linux Mint

Ubuntu

Distributions

News briefs for April 30, 2018.

Miner One announced via press release that it is launching its bitcoin-mining balloon today. You can watch the launch on Facebook. Space Miner One is a capsule and high-altitude balloon that will "perform data-mining operations at the edge of space". Miner One's goal is to "remind people that cryptocurrency is really about the future and the revolutionary technology at its heart: so-called blockchain technology."

After six years of development, a new stable version of GIMP has been released. Version 2.10.0 has a new default Dark theme and supports HIDPI displays and the GEGL image processing library. GIMP 2.10.0 also includes new tools, better file format support and an upgraded user interface, among other things. See the release notes for all the details.

The European Union wants online platforms to incorporate their own bot-detection mechanisms, TechCrunch reports. This is "as part of a voluntary Code of Practice the European Commission now wants platforms to develop and apply—by this summer—as part of a wider package of proposals it's put out which are generally aimed at tackling the problematic spread and impact of disinformation online."

Ubuntu "Budgie" announced its very first LTS version. This release features "more customisation options via budgie welcome, lots more Budgie Applets available to be installed, dynamic Workspaces, hot-corners and Window Shuffler" and more. See the release notes for more info, and go here to download.

Linux Mint published its monthly update this morning. The report details what the Mint team is working on, including adapting to the Debian Stretch and Ubuntu Bionic package bases, finalizing Cinnamon 3.8, adding new features to Mint tools, working on documentation, plans for Mint 19 and LMDE 3 and more.

from Linux Journal - The Original Magazine of the Linux Community https://ift.tt/2rbeMYb
via IFTTT

Working around Intel Hardware Flaws

Working around Intel Hardware Flaws

Image

Zack Brown Mon, 04/30/2018 - 07:07

kernel

Hardware

Spectre

Meltdown

Intel

Efforts to work around serious hardware flaws in Intel chips are ongoing. Nadav Amit posted a patch to improve compatibility mode with respect to Intel's Meltdown flaw. Compatibility mode is when the system emulates an older CPU in order to provide a runtime environment that supports an older piece of software that relies on the features of that CPU. The thing to be avoided is to emulate massive security holes created by hardware flaws in that older chip as well.

In this case, Linux is already protected from Meltdown by use of PTI (page table isolation), a patch that went into Linux 4.15 and that was subsequently backported all over the place. However, like the BKL (big kernel lock) in the old days, PTI is a heavy-weight solution, with a big impact on system speed. Any chance to disable it without reintroducing security holes is a chance worth exploring.

Nadav's patch was an attempt to do this. The goal was "to disable PTI selectively as long as x86-32 processes are running and to enable global pages throughout this time."

One problem that Nadav acknowledged was that since so many developers were actively working on anti-Meltdown and anti-Spectre patches, there was plenty of opportunity for one patch to step all over what another was trying to do. As a result, he said, "the patches are marked as an RFC since they (specifically the last one) do not coexist with Dave Hansen's enabling of global pages, and might have conflicts with Joerg's work on 32-bit."

Andrew Cooper remarked, chillingly:

Being 32bit is itself sufficient protection against Meltdown (as long as there is nothing interesting of the kernel's mapped below the 4G boundary). However, a 32bit compatibility process may try to attack with Spectre/SP2 to redirect speculation back into userspace, at which point (if successful) the pipeline will be speculating in 64bit mode, and Meltdown is back on the table. SMEP will block this attack vector, irrespective of other SP2 defenses the kernel may employ, but a fully SP2-defended kernel doesn't require SMEP to be safe in this case.

And Dave, nearby, remarked, "regardless of Meltdown/Spectre, SMEP is valuable. It's valuable to everything, compatibility-mode or not."

SMEP (Supervisor Mode Execution Protection) is a hardware mode, whereby the OS can set a register on compatible CPUs to prevent userspace code from running. Only code that already has root permissions can run when SMEP is activated.

Andy Lutomirski said that he didn't like Nadav's patch because he said it drew a distinction between "compatibility mode" tasks and "non-compatibility mode" tasks. Andy said no such distinction should be made, especially since it's not really clear how to make that distinction, and because the ramifications of getting it wrong might be to expose significant security holes.

Andy felt that a better solution would be to enable and disable 32-bit mode and 64-bit mode explicitly as needed, rather than guessing at what might or might not be compatibility mode.

The drawback to this approach, Andy said, was that old software would need to be upgraded to take advantage of it, whereas with Nadav's approach, the judgment would be made automatically and would not require old code to be updated.

Linus Torvalds was not optimistic about any of these ideas. He said, "I just feel this all is a nightmare. I can see how you would want to think that compatibility mode doesn't need PTI, but at the same time it feels like a really risky move to do this." He added, "I'm not seeing how you keep user mode from going from compatibility mode to L mode with just a far jump."

In other words, the whole patch, and any alternative, may just simply be a bad idea.

Nadav replied that with his patch, he tried to cover every conceivable case where someone might try to break out of compatibility mode and to re-enable PTI protections if that were to happen. Though he did acknowledge, "There is one corner case I did not cover (LAR) and Andy felt this scheme is too complicated. Unfortunately, I don't have a better scheme in mind."

Linus remarked:

Sure, I can see it working, but it's some really shady stuff, and now the scheduler needs to save/restore/check one more subtle bit.

And if you get it wrong, things will happily work, except you've now defeated PTI. But you'll never notice, because you won't be testing for it, and the only people who will are the black hats.

This is exactly the "security depends on it being in sync" thing that makes me go "eww" about the whole model. Get one thing wrong, and you'll blow all the PTI code out of the water.

So now you tried to optimize one small case that most people won't use, but the downside is that you may make all our PTI work (and all the overhead for all the _normal_ cases) pointless.

And Andy also remarked, "There's also the fact that, if this stuff goes in, we'll be encouraging people to deploy 32-bit binaries. Then they'll buy Meltdown-fixed CPUs (or AMD CPUs!) and they may well continue running 32-bit binaries. Sigh. I'm not totally a fan of this."

The whole thread ended inconclusively, with Nadav unsure whether folks wanted a new version of his patch.

The bottom line seems to be that Linux has currently protected itself from Intel's hardware flaws, but at a cost of perhaps 5% to 30% efficiency (the real numbers depend on how you use your system). And although it will be complex and painful, there is a very strong incentive to improve efficiency by adding subtler and more complicated workarounds that avoid the heavy-handed approach of the PTI patch. Ultimately, Linux will certainly develop a smooth, near-optimal approach to Meltdown and Spectre, and probably do away with PTI entirely, just as it did away with the BKL in the past. Until then, we're in for some very ugly and controversial patches.

Note: If you're mentioned above and want to post a response above the comment section, send a message with your response text to ljeditor@linuxjournal.com.

from Linux Journal - The Original Magazine of the Linux Community https://ift.tt/2rcmscP
via IFTTT

This Code On USB Can Trigger BSOD Even On Locked Windows PCs

In the past, we’ve told you about the perils of picking any random USB drive and using it. It might contain malware and dangerous scripts to target your online accounts. A Bitdefender security researcher, Marius Tivadar, has underlined the importance of this issue with his proof-of-concept code (Via: CSO Online). When put on a USB stick, […] The post This Code On USB Can Trigger BSOD Even On Locked Windows PCs appeared first on Fossbytes.

from Fossbytes https://ift.tt/2vUmnju
via IFTTT

Man Sues France For Taking Away His 24-Year-Old Domain “France.com”

Jean-Noel Frydman, a French-born American who is the founder of the company France.com, has started a legal war against the French Republic, Atout France, The Ministry For Europe And Foreign Affairs, and Versign. Inc. He filed a lawsuit in the US after his domain France.com was seized and its ownership was transferred to the French Ministry of Affairs […] The post Man Sues France For Taking Away His 24-Year-Old Domain “France.com” appeared first on Fossbytes.

from Fossbytes https://ift.tt/2FtCowh
via IFTTT

“Ocean Cove” Is Intel’s Next-Gen High Performance CPU Architecture, Leak Reveals

Who are you going to blame if you share your secrets in the most innocent manner via a job posting? Intel did the same and ended up revealing its next-generation high-performance CPU architecture named “Ocean Cove.” The name Ocean Cove was leaked in a job listing for a senior CPU microarchitecture. While Intel is already falling […] The post “Ocean Cove” Is Intel’s Next-Gen High Performance CPU Architecture, Leak Reveals appeared first on Fossbytes.

from Fossbytes https://ift.tt/2r9AhcZ
via IFTTT

DistroWatch Weekly, Issue 761

This week in DistroWatch Weekly: Review: Ubuntu 18.04 LTSNews: UBports to run on Librem 5, Slackware makes PulseAudio optional, educational Linux comicsQuestions and answers: Accessing ZFS snapshotsReleased last week: Ubuntu 18.04, Kubuntu 18.04, Xubuntu 18.04Torrent corner: Kubuntu, Lubuntu, OpenIndiana, Pisi, SwagArch, Ubuntu, Ubuntu Budgie, Ubuntu Kylin, Ubuntu MATE,....

from DistroWatch.com: News https://ift.tt/2r8dHR7
via IFTTT

Development Release: UBOS 14 Beta

UBOS is an Arch-based Linux distribution designed to greatly reduce the amount of time required to set up and maintain common network services. A new version, UBOS 14 Beta, of the minimal server distribution is available for testing. The new release offers a smoother backup process, faster site....

from DistroWatch.com: News https://ift.tt/2je40Nr
via IFTTT

Here's Ubuntu 18.04 LTS (Bionic Beaver) Running on the Microsoft Surface Pro 3

If you think about installing Canonical's recently released Ubuntu 18.04 LTS (Bionic Beaver) operating system on the Microsoft Surface Pro 3 2-in-1 detachable laptop, we have some good news for you.

After we saw that Ubuntu 18.04 LTS could run on the Nintendo Switch gaming console, though not without some heavy patching to make hardware acceleration and Wi-Fi networking work, now someone managed to install the Linux-based operating system on a Microsoft Surface Pro 3 device.

A user on Framasphere has posted a photo earlier today of what it would appear to be the Ubuntu 18.04 LTS (Bionic Beaver) operating system running ... (read more)

from Softpedia News / Linux https://ift.tt/2r8JFNY
via IFTTT

Distribution Release: Voyager Live 18.04

Voyager Live is an Xubuntu-based distribution and live DVD showcasing the Xfce desktop environment for French users. The project latest release, Voyager Live 18.04, is a long term support release offering three years of support. An English translation of the original French release announcement reads: "I present you....

from DistroWatch.com: News https://ift.tt/2HFwElm
via IFTTT

Elisa music player - Fur Elise

Sounds of Linux. A question beckons, does Linux require new media-focused software? The answer to that question may lie in my latest OCS-Mag article, which analyzes the pros and cons of Elisa, a brand new KDE-centric music player. Take a look.

from Dedoimedo RSS https://ift.tt/2HA0Ou4
via IFTTT

OS Release: OpenIndiana 2018.04

Alexander Pyhalov has announced the release of a new version of OpenIndiana, an open source operating system which is a continuation of OpenSolaris. The new version, OpenIndiana 2018.04, features a rebuilt userland using version 6 of the GNU Compiler Collection. The GNOME 2 desktop has been removed in....

from DistroWatch.com: News https://ift.tt/2vUlurb
via IFTTT

Weekend Reading: Privacy

Weekend Reading: Privacy

Image

Carlie Fairchild Sat, 04/28/2018 - 08:59

Privacy

Security

Tor

Facebook

Most people simply are unaware of how much personal data they leak on a daily basis as they use their computers. Enter this weekend's reading topic: Privacy.

The Wire by Shawn Powers

In the US, there has been recent concern over ISPs turning over logs to the government. During the past few years, the idea of people snooping on our private data (by governments and others) really has made encryption more popular than ever before. One of the problems with encryption, however, is that it's generally not user-friendly to add its protection to your conversations. Thankfully, messaging services are starting to take notice of the demand. For me, I need a messaging service that works across multiple platforms, encrypts automatically, supports group messaging and ideally can handle audio/video as well. Thankfully, I found an incredible open-source package that ticks all my boxes: Wire.

Facebook Compartmentalization by Kyle Rankin

Whenever people talk about protecting privacy on the internet, social-media sites like Facebook inevitably come up—especially right now. It makes sense—social networks (like Facebook) provide a platform where you can share your personal data with your friends, and it doesn't come as much of a surprise to people to find out they also share that data with advertisers (it's how they pay the bills after all). It makes sense that Facebook uses data you provide when you visit that site. What some people might be surprised to know, however, is just how much. Facebook tracks them when they aren't using Facebook itself but just browsing around the web.

Some readers may solve the problem of Facebook tracking by saying "just don't use Facebook"; however, for many people, that site may be the only way they can keep in touch with some of their friends and family members. Although I don't post on Facebook much myself, I do have an account and use it to keep in touch with certain friends. So in this article, I explain how I employ compartmentalization principles to use Facebook without leaking too much other information about myself.

Protection, Privacy and Playoffs by Shawn Powers

I'm not generally a privacy nut when it comes to my digital life. That's not really a good thing, as I think privacy is important, but it often can be very inconvenient. For example, if you strolled into my home office, you'd find I don't password-protect my screensaver. Again, it's not because I want to invite snoops, but rather it's just a pain to type in my password every time I come back from going to get a cup of tea. (Note: when I worked in a traditional office environment, I did lock my screen. I'm sure working from a home office is why I'm comfortable with lax security.)

A Machine for Keeping Secrets? by Vinay Gupta

The most important thing that the British War Office learned about cryptography was how to keep a secret: Enigma was broken at Bletchley Park early enough in World War II to change the course of the war—and of history. Now here's the thing: only if the breakthrough (called Ultra, which gives you a sense of its importance) was secret could Enigma's compromise be used to defeat the Nazis. Breaking Enigma was literally the "zero-day" that brought down an empire. Zero-day is a bug known only to an attacker. Defenders (those creating/protecting the software) have never seen the exploit and are, therefore, largely powerless to respond until they have done analysis. The longer the zero-day is kept secret, and its use undiscovered, the longer it represents absolute power.

Own Your DNS Data by Kyle Rankin

I honestly think most people simply are unaware of how much personal data they leak on a daily basis as they use their computers. Even if they have some inkling along those lines, I still imagine many think of the data they leak only in terms of individual facts, such as their name or where they ate lunch. What many people don't realize is how revealing all of those individual, innocent facts are when they are combined, filtered and analyzed.

Cell-phone metadata (who you called, who called you, the length of the call and what time the call happened) falls under this category, as do all of the search queries you enter on the Internet.

For this article, I discuss a common but often overlooked source of data that is far too revealing: your DNS data.

Tor Security for Android and Desktop Linux by Charles Fisher

The Tor Project presents an effective countermeasure against hostile and disingenuous carriers and ISPs that, on a properly rooted and capable Android device or Linux system, can force all network traffic through Tor encrypted entry points (guard nodes) with custom rules for iptables. This action renders all device network activity opaque to the upstream carrier—barring exceptional intervention, all efforts to track a user are afterward futile.

from Linux Journal - The Original Magazine of the Linux Community https://ift.tt/2r43J48
via IFTTT

After 6 Years, GIMP 2.10 is Here With Ravishing New Looks and Tons of New Features

6 years after the release of GIMP 2.8, the major new stable release 2.10 is here. Have a look at the new look, new features and installation procedure.

from It's FOSS https://ift.tt/2r7eD8b
via IFTTT

Windows 10 April 2018 Update Release Date Announced: April 30

After waiting for all these days, Microsft is finally going to push the new Windows 10 feature update to the users on April 30. The company delayed the unannounced update due to some BSOD-causing bug that appeared last minute. One good thing is now it has a more comprehensible official name: Windows 10 April 2018 […] The post Windows 10 April 2018 Update Release Date Announced: April 30 appeared first on Fossbytes.

from Fossbytes https://ift.tt/2r87p3I
via IFTTT

Randomly Switching Upper and Lowercase in a Shell Script

Randomly Switching Upper and Lowercase in a Shell Script

Image

Dave Taylor Fri, 04/27/2018 - 16:49

HOW-TOs

Programming

Shell Scripting

Dave wraps up the shell-script L33t generator

Last time, I talked about what's known informally as l33t-speak, a series of letter and letter-pair substitutions that marks the jargon of the hacker elite (or some subset of hacker elite, because I'm pretty sure that real computer security experts don't need to substitute vowels with digits to sound cool and hip).

Still, it was an interesting exercise as a shell-scripting problem, because it's surprisingly simply to adapt a set of conversion rules into a sequence of commands. I sidestepped one piece of it, however, and that's what I want to poke around with this article: changing uppercase and lowercase letters somewhat randomly.

This is where "Linux Journal" might become "LiNUx jOurNAl", for example. Why? Uhm, because it's a puzzle to solve. Jeez, you ask such goofy questions of me!

Breaking Down a Line Letter by Letter

The first and perhaps most difficult task is to take a line of input and break it down letter by letter so each can be analyzed and randomly transliterated. There are lots of ways to accomplish this in Linux (of course), but I'm going to use the built-in Bash substring variable reference sequence. It looks like this:

${variable:index:length}

So to get just the ninth character of variable input, for example, I could use ${input:9:1}. Bash also has another handy variable reference that produces the length of the value of a particular variable: ${#variable}. Put the two together, and here's the basic initialization and loop:

input="$*"
length="${#input}"

while [ $charindex -lt $length ]
do
    char="${input:$charindex:1}"
    # conversion occurs here
    newstring="${newstring}$char"
    charindex=$(( $charindex + 1 ))
done

Keep in mind that charindex is initialized to 0, and newstring is initialized to "", so you can see how this quickly steps through every character, adding it to newstring. "Conversion occurs here" is not very exciting, but that's the placeholder you need.

Lower, Meet Upper, and Vice Versa

Last time I also showed a quick and easy way to choose a number 1–10 randomly, so you can sometimes have something happen and other times not happen. In this command:

doit=$(( $RANDOM % 10 ))       # random virtual coin flip

Let's say there's only a 30% chance that an uppercase letter will convert to lowercase, but a 50% chance that a lowercase letter will become uppercase. How do you code that? To start, let's get the basic tests:

if [ -z "$(echo "$char" | sed -E 's/[[:lower:]]//')" ]
then
   # it's a lowercase character
elif [ -z "$(echo "$char" | sed -E 's/[[:upper:]]//')" ]
then
   # it's uppercase
fi

This is a classic shell-script trick: to ascertain if a character is a member of a class, replace it with null, then test to see if the resultant string is null (the -Z test).

The last bit's easy. Generate the random number, then if it's below the threshold, transliterate the char; otherwise, do nothing. Thus:

if [ -z "$(echo "$char" | sed -E 's/[[:lower:]]//')" ]
then
  # lowercase. 50% chance we'll change it
  if [ $doit -lt 5 ] ; then
    char="$(echo $char | tr '[[:lower:]]' '[[:upper:]]')"
  fi
elif [ -z "$(echo "$char" | sed -E 's/[[:upper:]]//')" ]
then
  # uppercase. 30% chance we'll change it
  if [ $doit -lt 3 ] ; then
    char="$(echo $char | tr '[[:upper:]]' '[[:lower:]]')"
  fi
fi

Put it all together and you have this Frankenstein's monster of a script:

$ sh changecase.sh Linux Journal is a great read.
LiNuX JoURNal is a GrEaT ReAd.
$ !!
LINuX journAl IS a gREat rEAd
$

Now you're ready for writing some ransom notes, it appears!

from Linux Journal - The Original Magazine of the Linux Community https://ift.tt/2Fncj2e
via IFTTT