Ceci est une ancienne révision du document !
1
Telegram for Android now supports multiple accounts Telegram has been busy parrying government attempts to collect user data over the past year, but it hasn't forgotten its users. It's ushering in 2018 with a handful of offerings you'll likely find helpful if it's your chat app of choice, starting with the ability to support multiple accounts on Android. The latest version of Telegram for the platform supports up to three accounts with different phone numbers. You can quickly switch between them on the side menu, but you'll get notifications for all of them regardless of which one's active. While the iOS app remains a step behind its Android sibling and still can't support multiple accounts, the company has something for Apple users, as well. Telegram is finally giving you a way to change what your app looks like under the new Appearance setting. The iOS version now has several themes to choose from, including two dark “night time” themes and a “day” theme with colors you can tweak. That's not quite as useful as having support for more than one account, but fingers crossed that themes' arrival on iOS means Android's other features will soon follow. Unlike the other two in Telegram's update list, both mobile platforms share version 4.7's last new feature: quick replies. You can simply swipe left on a friend's text bubble to write a reply specifically for that part of the conversation, so you can type up multiple responses without confusing yourself and your friend. Source: https://www.engadget.com/2017/12/31/telegram-multiple-account-android/
Maintenant, Telegram pour Android prend en charge des comptes multiples
Depuis un an, Telegram n'arrête pas de parer les tentatives du gouvernement de collecter des données de ces utilisateurs, mais sans oublier ceux-ci. Il démarre 2018 avec une poignée de fonctionnalités que vous trouverez sans doute utiles si Telegram est votre application de tchat préférée ; à commencer par la capacité de prendre plusieurs compte en charge sur Android. La dernière version de Telegram pour la plateforme supporte jusqu'à trois comptes avec des numéros de téléphone différents. Vous pouvez rapidement basculer entre ceux-ci dans le menu latéral, mais vous recevrait des notifications pour tous les trois, peu importe le compte actif.
Bien que l'appli pour iOS reste un peu en retard par rapport à son frère Android et ne supporte toujours pas des comptes multiples, la société a des trucs pour les utilisateurs Apple aussi. Enfin, Telegram vous donne la possibilité de changer l'apparence de l'appli sous le nouveau paramètre Appearance. La version iOS vous propose maintenant plusieurs thèmes, y compris deux thèmes sombre « pour la nuit » et un thème « de jour » avec des couleurs que vous pouvez ajuster. Ce n'est pas tout à fait aussi utile que le support pour plus d'un compte, mais l'arrivée des thèmes pourrait signifier que d'autres fonctionnalités sous Android suivront bientôt. Croisons les doigts.
Contrairement aux deux autres dans la liste de mises à jour de Télégram, les deux plateformes mobiles partagent la dernière nouvelle fonctionnalité de la version 4.7 : des réponses rapides. Il suffit tout simplement de glisser votre doigt vers la gauche d'une bulle de texte d'un ami pour pouvoir écrire une réponse concernant précisément cette partie de la conversation. Comme ça, vous pouvez taper de multiples réponses sans que vous ou votre ami s'embrouille.
Source: https://www.engadget.com/2017/12/31/telegram-multiple-account-android/
Manjaro Linux 17.1.0 Released With Latest Packages Following the September release of Manjaro Linux 17.0.3, the developers of this Arch Linux-based distro have shipped Manjaro Linux 17.1.0. Released on December 31st, 2017, it marks the last Manjaro offering of 2017. In other words, you can kickstart 2018 with this freshly baked desktop-oriented operating system. “This marks the last update of Manjaro in 2017. We wish you all the best for next year. Have fun and celebrate with family and friends,” the announcement reads. As per Manjaro Project Lead, Philip Müller, this is their second try with Xorg-Server v1.19.6. The respective packages of Firefox, Wine, and Gimp have been updated. Apart from the update of Manjaro Mesa-Stack, the dri/drm handling has also been changed. On the kernel front, Linux 4.9 and Linux 4.14 have been updated to their latest point release. Following the footsteps of Arch Linux, Manjaro dropped the 32-bit support in September 2017. Later, Arch Linux 32 came into the picture as a community project, which was soon followed by Manjaro32. It goes without saying that Manjaro32 uses Arch Linux 32 as upstream. Source: https://fossbytes.com/manjaro-linux-17-1-0-released-features-download/
Manjaro Linux 17.1.0 publié avec les tout derniers paquets
Après la sortie en septembre de Manjaro Linux 17.0.3, les développeurs de cette distrib. basée sur Arch Linux ont sorti Manjaro Linux 17.1.0. Publié le 31 décembre 2017, il s'agit de la dernière offrande Manjaro de 2017. En d'autres termes, vous pouvez démarrer 2018 en beauté avec ce système d'exploitation orienté ordinateur de bureau, tout juste sorti du four.
« Il s'agit de la dernière mise à jour de Manjaro pour l'année 2017. Tous nous vœux pour une excellente année 2018. Amusez-vous bien et fêtez ça avec la famille et les amis », est le texte de l'annonce.
Selon le chef du projet Manjaro, Philip Müller, c'est leur deuxième essaie avec Xorg-server v1.19.6. Les paquets respectifs de Firefox, Wine et Gimp ont été mis à jour. Hormis la mise à jour de Manjaro Mesa-Stack, le traitement de dri/drm a également été modifié.
Côté noyau, Linux 4.9 et Linux 4.14 ont été mis à jour vers leur dernière publication ponctuelle.
En suivant les traces d'Arch Linux, Manjaro a abandonné le support du 32-bit en septembre 2017. Après cela, Arch Linux 32 fut publié en tant que projet communautaire, et fut suivi par Manjaro32. Cela va sans dire que Manjaro32 utilise Arch Linux 32 en amont.
Source: https://fossbytes.com/manjaro-linux-17-1-0-released-features-download/
'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug. Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December. Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Your mileage may vary. Similar operating systems, such as Apple's 64-bit macOS, will also need to be updated – the flaw is in the Intel x86-64 hardware, and it appears a microcode update can't address it. It has to be fixed in software at the OS level, or go buy a new processor without the design blunder. Source: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
Un défaut de conception (« la fuite de la mémoire du noyau ») dans les processeurs Intel nécessite une refonte de Linux et de Windows
Un défaut essentiel de conception dans les puces de processeur Intel a nécessité une refonte des noyaux de Linux et de Windows pour éliminer la capacité de nuire du bug de sécurité au niveau des puces.
Les programmeurs se démènent pour réviser le système de mémoire virtuelle dand le noyau Linux Open Source. Entre-temps, on s'attend à ce que Microsoft introduit publiquement les modifications nécessaires à son système d'exploitation Windows dans un correctif prochain. Mardi : ces modifications ont été transférées aux testeurs bêta qui font tourner des compilations fast-ring Windows Insider en novembre et décembre.
Essentiellement, ces mises à jour de Linux et de Windows engendreront une baisse de performance sur les produits Intel. Les effets font toujours l'objet de benchmarking ; toutefois, le ralentissement pourrait être d'environ 5 à 30 %, selon la tâche et le modèle du processeur. Des puces Intel plus récentes ont des caractéristiques - telles que PCID - pour réduire la baisse des performances. Ce que vous obtiendrez peut varier.
Des systèmes d'exploitation similaires, tels que le mac OS 64-bit d'Apple, devront également être mise à jour - le défaut se trouve dans le matériel x86-64 d'Intel et il semble qu'une mise à jour du micro-code ne peut pas le corriger. Il doit être corrigé dans les logiciels du niveau du système d'exploitation, ou allez acheter un nouveau processeur sont l'erreur de conception.
Source: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
2
Black Lab Software Releases Freespire 3.0 & Linspire 7.0 Linux Operating Systems After giving users free copies of Linspire 7.0 for Christmas, Black Lab Software's CEO Roberto J. Dohnert is now also releasing the freely distributed Freespire 3.0 operating system, a slimmed down version of the commercial Linspire 7.0, which can now be purchased from the developer's website. Those of you who managed to grab a free copy of Linspire 7.0 during Christmas already know that the distro is based on Ubuntu 16.04 LTS (Xenial Xerus) and runs the Linux 4.10.0-42 kernel. The distro also comes with popular apps like Google Chrome, Mozilla Thunderbird, LibreOffice, VLC Media Player, Rhythmbox, and Wine. On top of that, Linspire 7.0 also comes with Oracle's powerful VirtualBox virtualization software, IceSSB for installing other popular web browsers, Microsoft .NET Core support, ClamAV virus scanner, BleachBit system cleaner, an Intrusion Detection System (IDS), and support for the Btrfs, XFS, JFS, and ZFS filesystem. On the other hand, Freespire contains a smaller collection of apps, including Mozilla's latest Firefox Quantum web browser, the lightweight Geary email client, AbiWord word processor, Gnumeric spreadsheet editor, Pinta image drawing and editing program, Parole Media Player, IceSSB, and Font Manager. Source: http://news.softpedia.com/news/black-lab-software-releases-freespire-3-0-linspire-7-0-linux-operating-systems-519189.shtml
Black Lab Software publie les systèmes d'exploitation Linux Freespire 3.0 et Linspire 7.0
Après avoir offert des exemplaires gratuits de Linspire 7.0 comme cadeaux de Noël, le PDG de Black Lab Software, Roberto J. Dohnert, sort actuellement le système d'exploitation Freespire 3.0, distribué librement et une version légère de Linspire 7.0, qui est commercialisée, qui peut dorénavant être acheté sur le site Web du développeur.
Ceux d'entre vous qui ont réussi à récupérer un exemplaire gratuit de Linspire 7.0 pendant les fêtes, savent déjà que la distrib. est basée sur Ubuntu 16.04 LTS (Xenial Xerus) et utilise le noyau Linux 4.10.0-42. La distrib. est livrée avec des applis populaires comme Google Chrome, Mozilla Thunderbird, LibreOffice, VLC media Player, Rhythmbox et Wine.
Cerise sur le gâteau, Linspire 7.0 est livrée avec le logiciel puissant de virtualisation VirtualBox d'Oracle, IceSSB pour installer d'autres navigateurs Web populaires, le support de .NET Core de Microsoft, le scanneur de virus ClamAV, le nettoyeur de système BleachBit, un système de détection d'intrusion (Intrusion Detection System (IDS) et du support pour les systèmes de fichiers Btrfs, XFS, JFS et ZFS.
En revanche, Freespire comporte une plus petite collection d'applis, y compris le dernier navigateur Web de Mozilla, Firefox Quantum, le client mail léger Geary, AbiWord pour le traitement de texte, Gnumeric pour les feuilles de calcul, le programme de dessin et d'édition d'image, Pinta, Parole Media Player, IceSSB et Font Manager (gestionnaire de polices).
Linux Kernels 4.14.11, 4.9.74, 4.4.109, 3.16.52, and 3.2.97 Patch Meltdown Flaw Linux kernel maintainers Greg Kroah-Hartman and Ben Hutchings have released new versions of the Linux 4.14, 4.9, 4.4, 3.16, 3.18, and 3.12 LTS (Long Term Support) kernel series that apparently patch one of the two critical security flaws affecting most modern processors. The Linux 4.14.11, 4.9.74, 4.4.109, 3.16.52, 3.18.91, and 3.2.97 kernels are now available to download from the kernel.org website, and users are urged to update their GNU/Linux distributions to these new versions if they run any of those kernel series immediately. Why update? Because they apparently patch a critical vulnerability called Meltdown. As reported earlier, Meltdown and Spectre are two exploits that affect nearly all devices powered by modern processors (CPUs) released in the past 25 years. Yes, that means almost all mobile phones and personal computers. Meltdown can be exploited by an unprivileged attacker to maliciously obtain sensitive information stored in kernel memory. While Meltdown is a serious vulnerability which can expose your secret data, including passwords and encryption keys, Spectre is even worse, and it's not easy to fix. Security researchers say it will haunt us for quite some time. Spectre is known to exploit the speculative execution technique used by modern CPUs to optimize performance. Until the Spectre bug is patched too, it is strongly recommended that you at least update your GNU/Linux distributions to any of the newly released Linux kernel versions. So search the software repositories of your favorite distro for the new kernel update and install it as soon as possible. Don't wait until it's too late, do it now! Source: http://news.softpedia.com/news/linux-kernels-4-14-11-4-9-74-4-4-109-3-16-52-and-3-2-97-patch-meltdown-flaw-519215.shtml
Les noyau Linux 4.14.11, 4.9.74, 4.4.109, 3.16.52, et 3.2.97 corrigent le défaut Meltdown
Les mainteneurs du noyau Linux Greg Kroah-Hartman et Ben Hutchings ont sorti de nouvelles versions des séries du noyau Linux 4.14, 4.9, 4.4, 3.16, 3.18, et 3.12 LTS (avec support à long terme) ; apparemment elles corrigent l'un des deux défauts de sécurité critiques qui touchent la plupart des processeurs modernes.
Les noyaux Linux 4.14.11, 4.9.74, 4.4.109, 3.16.52, 3.18.91, et 3.2.97 peuvent être téléchargés actuellement sur le site Web kernel.org et les utilisateurs doivent immédiatement mettre à jour leur distribution GNU/Linux vers ces nouvelles versions, s'ils font tourner l'une de ces séries du noyau. Pourquoi faire la mise à jour ? Parce que, apparemment, elles corrigent une vulnérabilité critique appelée Meltdown.
Comme nous l'avons signalé, Meltdown et Spectre sont deux exploits qui affectent presque tous les dispositifs propulsés par des processeurs (CPU) modernes sortis au cours des 25 dernières années. Oui, cela veut dire presque tous les téléphones mobiles et les ordinateurs personnels. Meltdown peut être exploité par un attaquant malveillant sans privilèges pour obtenir des informations sensibles stockées dans la mémoire du noyau.
Alors que Meltdown est une vulnérabilité sérieuse qui peut dévoiler vos données secrètes, mots de passe et clés de cryptage compris, Spectre est encore pire et il n'est pas corrigé facilement. Des chercheurs en sécurité disent qu'il nous occupera pendant longtemps. On sait que Spectre exploite la technique d'exécution spéculative utilisée par des CPU modernes pour optimiser la performance.
Jusqu'au moment où Spectre est corrigé aussi, il vous est vivement recommandé d'ua moins mettre à jour vos distributions de GNU/Linux vers n'importe quelle version du noyau Linux qui vient d'être publiée. Aussi, faites de recherches dans les dépôts de votre distrib. préférée pour la nouvelle mise à jour du noyau, puis l'installez dès que possible. N'attendez pas qu'il soit trop tard, faites-le tout de suite !
eelo is a Google-free alternative for people focused on privacy In a world where privacy seems to be at a premium, it’s no surprise that companies like Silent Circle and BlackBerry have attempted to harness that market of people who place significant weight on privacy. Attempts to do so have been met with disappointment, though Gaël Duval still wants to capitalize on that target niche with his eelo mobile operating system. A prominent member of the open source and Linux communities, Duval seems tired of having his privacy be at the mercy of companies like Apple and Google. As a result, he teamed up with two other developers to create eelo, an Android-based operating system that places an emphasis on privacy. Duval says he looked at alternatives, such as Firefox OS, but insinuated they failed at being simple and intuitive enough for folks to use. He also said the idea is not to create a Linux-based smartphone operating system, since doing so requires a great deal of effort that, as companies like Canonical eventually learned, failed miserably. Instead, eelo was born from the existing LineageOS, itself an Android-based open-source operating system that rose from the ashes of CyanogenMod. However, Duval said this was not good enough for his needs, since aesthetics were lacking and the number of included “micro-details” would be “showstoppers for regular users.” The question, then, is whether Duval will succeed with eelo. Unlike other attempts, which paired privacy-focused operating systems with dedicated hardware, Duval wants eelo to be a “non-profit project, a project ‘in the public interest.'” That doesn’t mean eelo will be free for everyone — Duval envisions preloaded versions of eelo on smartphones and premium services for enterprise — but that profit will not be a primary objective. Source: https://www.androidauthority.com/eelo-android-privacy-google-827275/
eelo est une alternative sans Google pour les gens qui sont fixés sur la protection de leur vie privée
Dans un monde où la protection de la vie privée semble limitée, ce n'est pas surprenant que des sociétés comme Silent Circle et BlackBerry ont essayé d'exploiter le marché des gens pour qui la protection de la vie privée est extrêmement importante. Leurs tentatives ont été décevantes, bien que Gaël Duval veut toujours profiter de cette niche cible avec son système d'exploitation mobile eelo.
Un membre important des communautés de Linux et d'Open Source, Duval semble se lasser du fait que sa vie privée soit soumises au bon vouloir de sociétés comme Apple et Google.
Il a donc fait équipe avec deux autres développeurs pour créer eelo, un système d'exploitation basé sur Android que met l'emphase sur la protection de la vie privée.
Duval dit qu'il a examiné des alternatives, comme Firefox OS, mais il a laissé entendre qu'elles n'étaient pas assez simples ou intuitives pour être utilisés. Il a également dit que l'idée n'est pas de créer un système d'exploitation de smartphone basé sur Linux, puisque ce faire nécessite beaucoup d'efforts qui, comme des sociétés comme Canonical ont finalement appris, ont été un échec lamentable.
À la place, eelo est né de LineageOS, qui existait déjà, et qui est lui-même un système d'exploitation Open Source basé sur Android qui est née des centres de CyanogenMod. Cependant, Duval a dit que ceci n'était pas assez bien pour ce dont il avait besoin, puisque l'esthétique faisait défaut et que les nombreux « micro-détails » inclus « décourageraient définitivement les utilisateurs réguliers ».
La question est de savoir si Duval réussira avec eelo. Contrairement à d'autres tentatives, qui couplaient des systèmes d'exploitation axés sur la protection de la vie privée avec du matériel dédié, Duval veut au'eelo soit un « un projet à but non lucratif, un projet “dans l’intérêt public” ». Cela ne signifie pas qu'eelo sera gratuit pour tout le monde - Duval prévoit des versions d'eelo pré-chargées sur des smartphones et des services à valeur ajoutée pour les entreprises - mais que le profit ne sera pas son objectif premier.
Source: https://www.androidauthority.com/eelo-android-privacy-google-827275/
3
Canonical Plans to Release Ubuntu 17.10 Respin ISOs for All Flavors The announcement comes minutes after Canonical announced the end of life of its Ubuntu 17.04 “Zesty Zapus” operating system on January 13, 2018, saying that it's beneficial to have Ubuntu 17.10 images available in the face of the impending EOL for Ubuntu 17.04, as users will need to upgrade their installations. Last month, several users reported broken BIOSes due to a bug in the Ubuntu 17.10 installation images. Laptops from Lenovo, Acer, and Toshiba were affected by the issue, which locked users out of their BIOS settings. The bug could make a user's system unbootable even if the image was booted in live mode. Canonical immediately took action and disabled downloads for the Ubuntu 17.10 Desktop images from the ubuntu.com website. Meanwhile, to fix the issue, they had to update the kernel packages in Ubuntu 17.10 to disable the intel-spi driver at boot time, and they've been working on rebuilding the ISOs since. Early next week, around the date of January 11, Canonical will release the new ISO images for Ubuntu 17.10 and all official flavors, including Kubuntu, Xubuntu, Lubuntu, Ubuntu MATE, Ubuntu Kylin, Ubuntu Studio, and Ubuntu Budgie, and they're announcing today a call for testing to make sure the respin images work correctly. While the company announced earlier this week that it is working on patches to mitigate recently disclosed Meltdown and Spectre security vulnerabilities on the Ubuntu 17.10, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 ESM releases, the Ubuntu 17.10 respins won't include these patches. Source: http://news.softpedia.com/news/canonical-plans-to-release-ubuntu-17-10-respins-for-all-flavors-early-next-week-519258.shtml
PyCryptoMiner Attacks Linux Machines And Turns Them Into Monero-mining Bots A new botnet is in the town and it uses Python as a scripting language to carry out its operation and mine Monero digital coins. As found out by the researchers at F5 Labs, this botnet has been operating under the radar in recent times. Due to its association with Python programming language and crypto-mining, the researchers have aptly named it PyCryptoMiner. The botnet leverages Pastebin.com to receive new command and control server assignments in case the original server stops responding. This technique is pretty unique as most of the malware have no way to switch to another C&C server. Also, file hosting services like Pastebin.com can’t be easily blacklisted or taken down, which allows the PyCryptoMiner attacker to easily update the server as per convenience. The botnet targets Linux systems with exposed SSH ports. If it’s successful in guessing the password, it uses its Python script to talk to C&C server and install Monero miner on the machine. In the recent years, with the rise of IoT, this trend of targetting Linux machines has become popular. As PyCryptoMiner attack uses a scripting language-based malware instead of a binary, its operations are more covert. The bot also performs a check to see if the target machine was already infected by the malware. The operator behind the botnet has been found to be associated with 36,000 domains and 235 email addresses; many of them are related to online scams and adult services. As per the findings, two pool addresses used by the botnets were paid about 64 and 94 Monero, which is about $60,000. The overall impact and profit made by the botnet creator remain unknown. Source: https://fossbytes.com/pycryptominer-linux-machines-turns-monero-mining-bots/
No Internet? No Problem — “ARON” Is A Futuristic And Free Wi-Fi Alternative That Uses IR SureFire is an American company that is known to produce illumination products and other daily use devices. At CES 2018, the company unveiled ARON, its new communications system that works without internet. ARON stands for “augmented reality optical narrowcasting.” SureFire says that the technology is based on Alexander Graham Bell’s invention Photophone. ARON is a type of wireless data transfer system that makes use of infrared light and optical beacons. It has a range of up to 400 meters during the day and 1,200 meters in the night. The product’s web page states that ARON establishes the range, data-rate, and miniaturization like never before. It also offers unprecedented power, freedom, and flexibility. It also allows users to access an AR view of the surroundings and fetch information from it. With the help of ARON, one can transmit any type of digital information. It can be easily installed in a phone or vehicle, and data transfer can be done without any cost. With the help of local beacons, IR light could turn out to be an alternative to radio frequency and make communication easier in high-traffic places. Apart from being free, this technology could turn out to be useful in the areas with limited internet connectivity. It can also be used to establish a communication channel in times of natural disaster that can wipe out the existing communication networks. Source: https://fossbytes.com/aron-free-wi-fi-alternative-surefire/
4
The Linux vs Meltdown and Spectre battle continues The Linux developers has made a lot of progress in dealing with the Meltdown and Spectre. That's good, but there's a lot of work left to be done. Linux developers are not happy about either problem. They were not kept in the loop, and they had to rush patches out to mitigate the security holes. As Greg Kroah-Hartman, maintainer of the Linux stable branch wrote, this is “a textbook example of how not to interact with the Linux kernel community properly. The people and companies involved know what happened, and I'm sure it will all come out eventually, but right now we need to focus on fixing the issues involved, and not pointing blame, no matter how much we want to.” So, where are we with fixing the problems? Work is continuing, but the latest update of the stable Linux kernel, 4.14.2, has the current patches. Some people may experience boot problems with this release, but 4.14.13 will be out in a few days. Patches have also been added to the 4.4 and 4.9 stable kernel trees. But, as Kroah-Hartman added, “This backport is very different from the mainline version that is in 4.14 and 4.15, there are different bugs happening.” Still, he said, “Those are the minority at the moment, and should not stop you from upgrading.” If you're running Linux distribution with an older Linux kernel, stop. No patches for you! Source: http://www.zdnet.com/article/the-linux-vs-meltdown-and-spectre-battle-continues/
Tails 3.4 Anonymous Live System Released with Meltdown and Spectre Patches Tails is a Debian-based live Linux system designed with a single purpose in mind, to hide all your online activity from the prying eyes of the government. For that, it relies on the latest TOR and Tor Browser technologies by allowing users to connect to the Tor anonymous network. The Tails 3.4 release is here a week earlier than expected due to the recently disclosed Meltdown and Spectre security vulnerabilities that affect billions of devices. It's powered by the latest Linux 4.14.12 kernel, which includes patches for Meltdown attacks, and partially mitigates the Spectre issue. Among some of the enhancements implemented in Tails 3.4, we can mention that the operating system no longer deletes downloaded Debian packages after they're installed to sustain the persistence feature of APT Packages, and a fix for a slow boot issue. Additionally, it addresses an issue that prevented certain Debian packages to install properly with the Additional software feature, and updates the uBlock Origin ad-blocker extension to make its settings dashboard work again and restore its icon in Tor Browser. Source: http://news.softpedia.com/news/tails-3-4-anonymous-live-system-released-with-meltdown-and-spectre-patches-519302.shtml
Linux vs Meltdown: Ubuntu gets second update after first one fails to boot Canonical managed to get its fix for the Meltdown CPU bug out on Tuesday as scheduled, but was forced to issue a new release after discovering some 16.04 LTS Xenial users couldn't boot their machines once the update was installed. Several users reported the same problem after installing Ubuntu 16.04 LTS with the kernel image 4.4.0-108, with some reverting to the previous working kernel to resolve the issue. On Wednesday, Canonical posted a new security notice confirming the problem, as well as a second update with a new Linux kernel image, 4.4.0-109. Several users on Ubuntu forums have since confirmed that the update with the 4.4.0-109 Linux kernel image resolves the freezing issue. “I can confirm that the new 4.4.0-109 kernel is working fine, so if anyone is still trying to get their machine running straight from boot-up, simply do your normal update to get the new version, then purge 4.4.0-108, as it seems to be useless for many users, perhaps just Intel CPUs,” wrote one user. Canonical developers plan to address the two other related CPU vulnerabilities known as Spectre in a future update, Canonical's Dustin Kirkland, VP of Ubuntu product development, said last week. The Meltdown and Spectre attacks primarily impact CPUs from Intel and to a lesser extent those from AMD and Arm. However, IBM this week also began releasing firmware patches for its Power CPUs and will follow up next month with operating system patches. Source: http://www.zdnet.com/article/linux-vs-meltdown-ubuntu-gets-second-update-after-first-one-fails-to-boot/
5
City Of Barcelona Chooses Linux And Free Software After Ditching Microsoft According to a report from Spanish newspaper El País , the City of Barcelona is moving away from the proprietary software products from Microsoft. This move is important in the wake of Munich’s recent decision to again adopt Microsoft’s products. As per the report, Barcelona city plans to replace all user applications on its computers with open source alternatives. After finding a proper replacement for all proprietary software, the final step would be to go ahead with replacing the operating system with Linux. To achieve this goal, the City’s administration has begun the process of commissioning IT projects and hiring developers on software programs. As per the plan, in 2018 about 70 percent of the City’s software budget will be spent on developing open source software. It’s being expected that the transition will be completed before Spring 2019. One of the important projects will aim to create an online platform to allow small businesses to take part in public tenders. According to Francesca Bria, the City Council’s Commissioner of Technology and Digital Innovation, the taxpayer’s money should be invested in the open source code that could be reused by the public as well. To start with the same, Exchange Server and Outlook will be replaced by Open-Xchange; Internet Explorer and Microsoft Office will be kicked out in favor of Mozilla Firefox and LibreOffice. At a later stage, it’s expected that Ubuntu will end up being the preferred choice of Linux distribution. As a part of a pilot, the City is already running 1,000 Ubuntu-powered machines. Source: https://fossbytes.com/city-barcelona-linux-open-source/
Ubuntu Core: A secure open source OS for IoT Canonical's Ubuntu Core, a tiny, transactional version of the Ubuntu Linux OS for IoT devices, runs highly secure Linux application packages, known as “snaps,” that can be upgraded remotely. Using the same kernel, libraries and system software as classic Ubuntu, customers can develop snaps on their Ubuntu PCs just like any other application. IoT is where the difference lies. “Because IoT devices tend to be smaller in terms of CPU and memory than a server or a desktop, we've done what we call a 'minimal distribution' of Ubuntu targeted for IoT,” said Mike Bell, executive vice president of devices and IoT at London-based Canonical Ltd. “The great thing is that I can use the same technology on the desktop and in the cloud as I can on an IoT device.” But rather than just cutting down the OS for IoT, Canonical took a step back to figure out the core challenges of IoT and determine how those differed from the cloud. One manufacturer that has already embraced the Ubuntu Core IoT OS is Dell Technologies; the Dell Edge Gateway 3000 launched in February with Ubuntu Core. Source: http://internetofthingsagenda.techtarget.com/feature/Ubuntu-Core-A-secure-open-source-OS-for-IoT
Linux and Windows Servers Targeted with RubyMiner Malware Security researchers have spotted a new strain of malware being deployed online. Named RubyMiner, this malware is a cryptocurrency miner spotted going after outdated web servers. According to research published by Check Point and Certego, and information received by Bleeping Computer from Ixia, attacks started on January 9-10, last week. Ixia security researcher Stefan Tanase told Bleeping Computer that the RubyMiner group uses a web server fingerprinting tool named p0f to scan and identify Linux and Windows servers running outdated software. Once they identify unpatched servers, attackers deploy well-known exploits to gain a foothold on vulnerable servers and infect them with RubyMiner. That malware campaign also utilized the same Ruby on Rails exploit deployed in the RubyMiner attacks, suggesting the same group that was behind those attacks is most likely now trying to spread RubyMiner. Overall, there's been a rise in attempts to spread cryptocurrency mining malware in recent months, especially malware that mines for Monero. Source: https://www.bleepingcomputer.com/news/security/linux-and-windows-servers-targeted-with-rubyminer-malware/
6
BitTorrent flaw could let hackers take control of Windows, Linux PCs Google’s Project Zero has uncovered a “critical flaw” in the Transmission BitTorrent app that could give cybercrooks complete control of users' computers. According to Project Zero, the client is vulnerable to a DNS re-binding attack that effectively tricks the PC into accepting requests via port 9091 from malicious websites that it would (and should) ordinarily ignore. The flaw could enable attackers to execute all kinds of attacks, including remote code execution, and works in both Chrome and Firefox on Windows and Linux PCs. Other browsers will almost certainly be vulnerable too. Publicising details of the attack appears to have done the trick of forcing the developers to rush out a patch, but this has not been applied in all the software that uses the Transmission protocol, Ormandy warned. Transmission is one of a number of BitTorrent peer-to-peer file sharing clients. Rather than a centralised hub-and-spoke system for distributing files and data, shared files are decentralised, but publicised via the software that utilises the protocol. If anyone in the network wants a file, it is downloaded in 'pieces' from the source or sources. Source: https://www.theinquirer.net/inquirer/news/3024494/bittorrent-flaw-lets-hackers-take-control-of-windows-linux-pcs
Google ditches Ubuntu for Debian for internal engineering environment Google engineers have transitioned from Ubuntu to Debian for their internal machines. The company, which has been using Goobuntu, a customised version of Ubuntu, for years, announced last year that it would be switching to gLinux, based on Debian Testing. MuyLinux reports (Spanish) that The Debconf'17 held last August revealed plans for the move as well as a roadmap for the project and plans for a smooth transition. That process has now begun, as the company moves from a “light-skinned” distro which it has no contribution to. Google used Ubuntu's Long Term Support (LTS) builds as a customer of the Ubuntu Advantage Program but was not active in the community. In the case of Debian, it will send changes upstream as an active contributor, whilst running on the Test stream so it can take advantage of faster testing of new builds. This might mean that there are more problems for users than the safe pair of hands of the commercial Ubuntu, but it also means that Google will have complete autonomy over how to fix them, and benefit the community at the same time. For Canonical, it's a big loss. Though Ubuntu has a huge number of clients in servers, cloud, and remains the biggest distro for the limited PC market, the loss of a paying customer the size of Google won't go unnoticed. Source: https://www.theinquirer.net/inquirer/news/3024623/google-ditches-ubuntu-for-debian-from-internal-engineering-environment
Wine 3.0 Released To Run Windows Apps On Linux Efficiently ust recently, we told you that the support for Linux distros in VirtualBox is about to get a lot better with the release of Linux kernel 4.16. But, what if you wish to run Windows apps on your host Linux system? For that, Wine has got your back. The recent Wine 3.0 release is finally here after much wait and a year of development effort. The new package contains tons of small-big changes, 6,000 to be precise. A major highlight of Wine 3.0 is a significant number of Direct3D 10 and 11 changes that have been incorporated in this release. These new features of Direct3D include Computer shaders, Stream output, Structured buffers, Format compatibility queries, Hull and domain shaders, Depth bias, etc. Direct3D’s multi-threaded command stream feature serializes Direct3D rendering commands into a single threat. This results in rendering correctness and performance improvement. That’s not all. The Direct3D graphics card database now recognizes more graphics cards. The support for OpenGL core contexts in Direct3D too has been improved. For Android developers and users, there are some welcome changes as well. Wine can now be built as an APK and one can use it as a proper Android app. Full graphics and audio drivers are also implemented. Source: https://fossbytes.com/wine-3-0-released-features-download/
7
Speech Recognition For Linux Gets A Little Closer It has become commonplace to yell out commands to a little box and have it answer you. However, voice input for the desktop has never really gone mainstream. This is particularly slow for Linux users whose options are shockingly limited, although decent speech support is baked into recent versions of Windows and OS X Yosemite and beyond. There are four well-known open speech recognition engines: CMU Sphinx, Julius, Kaldi, and the recent release of Mozilla’s DeepSpeech (part of their Common Voice initiative). The trick for Linux users is successfully setting them up and using them in applications. [Michael Sheldon] aims to fix that — at least for DeepSpeech. He’s created an IBus plugin that lets DeepSpeech work with nearly any X application. He’s also provided PPAs that should make it easy to install for Ubuntu or related distributions. IBus is one of those pieces of Linux that you don’t think about very often. It abstracts input devices from programs, mainly to accommodate input methods that don’t lend themselves to an alphanumeric keyboard. Usually this is Japanese, Chinese, Korean, and other non-Latin languages. However, there’s no reason IBus can’t handle voice, too. Oddly enough, the most common way you will see Linux computers handle speech input is to bundle it up and send it to someone like Google for translation despite there being plenty of horsepower to handle things locally. If you aren’t too picky about flexibility, even an Arduino can do it. With all the recent tools aimed at neural networks, the speech recognition algorithms aren’t as big a problem as finding a sufficiently broad training database and then integrating the data with other applications. This IBus plugin takes care of that last problem. Source: https://hackaday.com/2018/01/17/speech-recognition-for-linux-gets-a-little-closer/
SDR starter kit developed for Raspberry Pi, Grove and LimeSDR using Scratch Lime Microsystems, in partnership with Seeed Studio has today announced a Starter Kit for its LimeSDR platform based on the Grove Platform and for use with the Raspberry Pi. The kit is priced at $249 (c. £180 / €200). It includes a LimeSDR Mini with antennas optimised for 433/868/915 MHz unlicensed bands, plus a GrovePi+ and a array of Grove sensors and outputs, many of which are supported by a Scratch extension, and other programming environments. The kit provides everything you need to get started learning SDR basics and developing IoT applications and is targeted at educational use and for beginners. By combining the hardware components with Lime’s ScratchRadio software extension, users will be able to quickly and intuitively create simple and fun applications that integrate SDR capabilities and peripheral I/O. Eric Pan, CEO of Seeed, said: “We are excited to announce that we've partnered with Lime Microsystems to develop the Grove Starter Kit for LimeSDR Mini. It will provide a great platform for users to learn about SDR and help kick off IoT projects with the LimeSDR Mini. We cannot wait to see what what the community will do with this new kit!” Ebrahim Bushehri, CEO of Lime, commented: “One of the key reasons we created the LimeSDR was to open access to this technology to as many people as possible. This kit plays a big part in enabling this.” Adding: “Of course, the kit is not limited to Scratch and educational environments, so we’ll also be putting together examples that demonstrate how the kit can be used to develop applications that integrate with existing off-the-shelf systems, such as wireless thermostats and remote controls.” Source: press release