GrSecurity

Hi,
anyone know if grsecurity team has planing to sell grsecurity patches just for personal use ?

https://redd.it/f1srpc
@r_linux

Alexa, are you listening? The Amazon Echo is vulnerable to a physical attack that allows an attacker to gain a root shell on the underlying Linux operating system and install malware without leaving physical evidence of tampering.
https://labs.f-secure.com/archive/alexa-are-you-listening/

https://redd.it/f23e2r
@r_linux

systemd-homed service merged: It will change how you manage your home directories in Linux (more info in the comments)
https://systemd.io/HOME_DIRECTORY/

https://redd.it/f23jht
@r_linux

Desktop publishing on Linux: SCRIBUS and VIVADESIGNER

There is very few good software solutions for desktop publishing in Linux. I have been using Scribus for a few years and have learned the tricks of pre-press production on this software. It is excellent and reliable, although it does have some drawbacks.

Very recently I also discovered the German proprietary software called VivaDesigner, which has a Linux version. It is quite cheap, but almost completely unknown. I do not know why this company does not advertize its products more efficiently. Due to the lack of reviews on the internet about VivaDesigner I was reluctant to buy it but the free demo version convinced me. It is a well thought-out piece of software which is going to make my life as a book designer easier. Their support is responsive, personalized, quick and very helpful.

One of the best features of VivaDesigner is the possibility to import Indesign .indd and .idml files. VivaDesigner also exports the .idml file. Scribus also has the plugin to import the .idml, but not to export it.

With this post I wanted to give an indication to those Linux people who are looking for a programs to use in addition to Scribus. And also I wanted to spread the word about one of the few companies in this field who caters to Linux users.

https://redd.it/f23uy9
@r_linux

Why is it so hard for a company to provide an open firmware?

In the last few years, we've seen a number of improvement in terms of hardware support on Linux. More and more hardware work "out of the box" (especially if you're using a distro such as Fedora or Ubuntu or their derivatives).

However, there is always a pain point for anything requiring a firmware. For instance, touchpads and touchscreens. Often do I see problems with touchpads, spend some time investigating, and after a while discover this has been magically fixed by an obscure firmware update\*. Sometimes the problem is indeed fixed, sometimes the situation has merely improved, but it's never possible to know what's been done in this firmware.

I was discussing with a colleague who told me that even if these firmwares were open source, they would be totally useless without public datasheet. And even if the datasheet were made publicly available, we would still require the whole proprietary toolchain used to produce the binary firmwares.

His conclusion is that it's impossible to get this, because of the way manufacturers and [ODM](https://en.wikipedia.org/wiki/ODM) work.

I'm still unsure what's the big deal here. For instance, touchpads have been around for at least 3 decades to the general user. Surely, there is no huge secret or intellectual property that a touchpad-making company would like to keep from its competitors... is there? Am I missing something?

(Of course, the same goes with computers BIOS.)

Thanks!

\* sometimes I also discover there are no firmware update and the issue cannot be fixed by software either, making the device hardly usable or unusable.

https://redd.it/f24ryp
@r_linux

Regular Releases Are Wrong - Why I No Longer Use openSUSE Leap
https://rootco.de/2020-02-10-regular-releases-are-wrong/

https://redd.it/f24dbl
@r_linux

Easy backups with Borg: Encrypted, deduplicated, fast and Open-Source
https://gp2mv3.com/easy-backups-with-borg/

https://redd.it/f25x4e
@r_linux

Where can I access the files created on the Windows 10 Ubuntu app?



https://redd.it/f26rdt
@r_linux

KDE's Plasma 5.18 is out: easier system settings, interactive notifications, emojis, wallpapers and much more
https://kde.org/announcements/plasma-5.18.0

https://redd.it/f27iit
@r_linux

Is it possible to make money as a linux distro dev? Open discussion and sharing ideas how.

The noscript is too short to deliver my thought :)

Somebody in another place said something super interesting. Something that probably most devs tried to make money from working on a Linux distro but very few succeeded. Those few who did it are being envied and often bad mouthed by the rest.



How a distro dev can make a living from working on distro or open software?


My first thought is patreon and youtube channel.


P.s. I'm not a dev but it hurts me when I hear a story of a leading dev who goes through depression and financial troubles while burning out working on a distro.

https://redd.it/f27y31
@r_linux

Firefox 73.0 released
https://www.mozilla.org/en-US/firefox/73.0/releasenotes/

https://redd.it/f28ogg
@r_linux

Linus Torvalds and Others Tell the History of Git By Creating a new VCS for Linux
https://www.welcometothejungle.com/en/articles/btc-history-git

https://redd.it/f29j9w
@r_linux

PeerTube v2.1 released with: UI improvements, performance improvements, ability to disable WebTorrent (and only enable HLS), new internal video privacy mode, ability to transcode videos in an audio only video container, comments improvements, bug fixes & much more!
https://github.com/Chocobozzz/PeerTube/releases/tag/v2.1.0

https://redd.it/f2a0ez
@r_linux

Cryptography Dispatches: The Linux CSPRNG Is Now Good!
https://buttondown.email/cryptography-dispatches/archive/cryptography-dispatches-the-linux-csprng-is-now/

https://redd.it/f2ae61
@r_linux

Dell's Linux support is a major disappointment

I saw a lot of posts in this subreddit hailing Dell for putting Linux on their machines. After doing some research, I decided to dive in and bought a Dell Precision 7540 with Ubuntu 18.04 pre-installed.

The Precision was pricey but I loved it's upgrade-ability and I hoped that this would be a computer I could rely on for a long time. Additionally, I am a relative Linux newbie (Apple refugee) and I hoped that the system would be adequately supported by Dell if I ran into trouble.

Things went downhill quickly. The computer I received had several issues, including that it would frequently not wake up from a suspend state and if it did, it would often start a fresh session after logging in (e.g. no apps or documents open). Additionally, before the login screen would appear, I often could see my desktop for a few seconds as though I were already logged in – obviously a big security risk.

After a call to Dell Pro support, I realized that their approach to any issues on a Linux system is basically to reinstall the system. Their Pro technicians are not trained to support Linux...at all. Their internal support documentation is so poor that during one of my calls when I managed to fix the issue I had called in about, the technician asked me to provide a detailed denoscription of how I solved it so he could use that solution for future calls. I was happy to, but then I realized that he should have already had this kind of documentation on hand.

Eventually, Dell support decided to replace my unit, but when the replacement arrived it had Windows instead of Ubuntu Linux installed. I had to wait another 10 days to get a third replacement and guess what...it also had Windows installed.

This is my work machine and the process has cost me several hours. I am also a freelancer, so those lost hours equate to money lost. I requested a return and refund and I will never buy from Dell again let alone recommend their services.

If you bought a Dell XPS, did you have a better experience? Were my expectations unreasonable?

https://redd.it/f2ccl8
@r_linux

Btrfs highlights in 5.5: 3-copy and 4-copy block groups
https://kdave.github.io/btrfs-hilights-5.5-raid1c34/

https://redd.it/f25rk5
@r_linux

Restic sftp: "Permission denied" (SSH_FX_PERMISSION_DENIED)

I'm trying to use backup my data with restic over ssh from my main machine macos to the raspberry pi 3 with ssd drive. ssh works fine but when I'm trying to use sftp with restic I get this error:

Fatal: create repository at sftp:hostname@ipaddress:/mnt failed: sftp: "Permission denied" (SSH\_FX\_PERMISSION\_DENIED)

command I'm trying to exe: restic -r sftp:hostname@ipaddress:/mnt init

How to fix this?

https://redd.it/f2dww8
@r_linux

Running Linux Programs as Unikernels on macOS
https://dev.to/eyberg/running-linux-programs-as-unikernels-on-macos-9dd

https://redd.it/f2cp2i
@r_linux

iptables not doing it's job?

Hi, so I'll try to be short.

​

I've been using google cloud for a while now. I have Ubuntu and I'm using VNC to access and host some online game rooms for my friends and I.

​

I often get locked out of VNC (can't connect due to too many failed authentications). Later I found out there have been brute force attacks every 2 or so hours mostly from Ukraine.

​

I had the iptables set so the port 5901 which I use will only let my IP connect, so how is it locking me out?

​

Later I tried setting the google cloud firewall for my account and that did work, but I just want to know if iptables are actually not preventing this issue.

​

Also, is there a way to reset failed authentications, so I don't have to close the instance and open it again to access it (I would have to rehost all the rooms again if I did that)?

​

Edit : this is what i've been using so far :

​

sudo iptables -S

sudo iptables -F INPUT

sudo iptables -I INPUT -p tcp -s myip --dport 5901 -j ACCEPT

sudo iptables -A INPUT -p tcp -s myip --dport 5901 -j DROP

sudo iptables -S

https://redd.it/f2fqtb
@r_linux

Chob - a cli helper tool for searching applications across platforms (Flathub, Snapcraft and AppImage)
https://github.com/MuhammedKpln/chob

https://redd.it/f2fhpx
@r_linux

Rob Landley about the /usr split
https://blog.w1r3.net/2018/01/06/rob-landley-about-usr-split.html

https://redd.it/f2hhcn
@r_linux