2 év 6 hónap óta
The
Ubuntu Flavors
offerings (Kubuntu and the like) have
decided
that the way to improve the user experience is to put more emphasis on the
Snap package format.
Going forward, the Flatpak package as well as the packages to
integrate Flatpak into the respective software center will no
longer be installed by default in the next release due in April
2023, Lunar Lobster. Users who have used Flatpak will not be
affected on upgrade, as flavors are including a special migration
that takes this into account. Those who haven’t interacted with
Flatpak will be presented with software from the Ubuntu
repositories and the Snap Store.
corbet
2 év 6 hónap óta
corbet
2 év 6 hónap óta
Security updates have been issued by Debian (amanda, apr-util, and tiff), Fedora (apptainer, git, gssntlmssp, OpenImageIO, openssl, webkit2gtk3, xorg-x11-server, and xorg-x11-server-Xwayland), Oracle (firefox and thunderbird), Red Hat (python3), SUSE (gnutls, php7, and python-Django), and Ubuntu (chromium-browser, libxpm, and mariadb-10.3, mariadb-10.6).
corbet
2 év 6 hónap óta
2 év 6 hónap óta
FIDO2 is a standard for
authenticating users without the need for passwords. While the technology has
been introduced mainly to protect accounts on web sites, it's also useful
for other purposes, such as logging into Linux systems. The same technology
can even be used beyond authentication, for example to sign files or Git
commits. A couple of talks at
FOSDEM
2023 in Brussels presented the possibilities for Linux users.
jake
2 év 6 hónap óta
Security updates have been issued by CentOS (libksba, thunderbird, and tigervnc and xorg-x11-server), Debian (clamav, nss, python-django, and sox), Fedora (kernel and thunderbird), Mageia (curl, firefox, nodejs-qs, qtbase5, thunderbird, upx, and webkit2), Red Hat (httpd:2.4, kernel, kernel-rt, kpatch-patch, pcs, php:8.0, python-setuptools, Red Hat build of Cryostat, Red Hat Virtualization Host 4.4.z SP 1, samba, systemd, tar, and thunderbird), Scientific Linux (firefox and thunderbird), and SUSE (clamav, firefox, jhead, mozilla-nss, prometheus-ha_cluster_exporter, tar, and ucode-intel).
corbet
2 év 6 hónap óta
NKI
2 év 6 hónap óta
The 6.2 kernel was
released on February 19,
at the end of a ten-week development cycle. This time around, 15,536
non-merge changesets found their way into the mainline repository, making
this cycle significantly more active than
its
predecessor. Read on for a look at the work that went into this kernel
release.
corbet
2 év 6 hónap óta
Version 13.1 of the GNU GDB debugger has been released. Changes include
support for the LoongArch and CSKY architectures, a number of Python API
improvements, support for zstd-compressed debug sections, and more.
corbet
2 év 6 hónap óta
Security updates have been issued by Debian (c-ares, gnutls28, golang-github-opencontainers-selinux, isc-dhcp, nss, openssl, snort, and thunderbird), Fedora (clamav, curl, phpMyAdmin, thunderbird, vim, webkitgtk, and xen), Red Hat (firefox), Slackware (kernel), SUSE (apache2-mod_security2, gssntlmssp, postgresql-jdbc, postgresql12, and timescaledb), and Ubuntu (firefox).
jake
2 év 6 hónap óta
NKI
2 év 6 hónap óta
A Samsung bejelentette Message Guard nevű funkcióját, amelynek célja, hogy megvédje a felhasználókat a kattintás nélküli kémprogramoktól és egyéb rosszindulatú szoftverektől. A zero click támadás lényege, hogy a káros kódokat a szoftverek sérülékenységeinek kihasználásával, felhasználói interakció nélkül telepítik a céleszközökre a támadók. Az új funkció jelenleg a Samsung Messages és a Google Messages szolgáltatásokban érhető […]
The post A Samsung új funkciója védelmet ígér a zero click támadásokkal szemben first appeared on Nemzeti Kibervédelmi Intézet.
NKI
2 év 6 hónap óta
A Twitter blogján bejelentette, hogy a továbbiakban kizárólag csak a Twitter Blue előfizetéssel rendelkező felhasználók számára lesz elérhető a platform SMS-alapú kétfaktoros hitelesítési (2FA) funkciója. A Twitter fiókbiztonsági jelentésében szereplő 2021 júliusa és 2021 december közötti adatai alapján a felhasználók mindössze 2,6%-a használ kétfaktoros hitelesítést a platformon. Ezen felhasználók többsége (74,4%) SMS-alapú 2FA-t, 28,9%-a hitelesítő […]
The post Fizetőssé válik Twitteren az SMS alapú 2FA, de ez nem biztos, hogy baj first appeared on Nemzeti Kibervédelmi Intézet.
NKI
2 év 6 hónap óta
2 év 6 hónap óta
corbet
2 év 6 hónap óta
The
splice()
system call is built on an appealing idea: connect two file descriptors
together so that data can be moved from one to the other without passing
through user space and, preferably, without being copied in the kernel.
splice() has enabled some significant performance optimizations
over the years, but it has also proved difficult to work with and
occasionally surprising. A recent linux-kernel discussion showed how
splice() can cause trouble, to the point that some developers now
wonder if adding it was a good idea.
corbet
2 év 6 hónap óta
Greg is a Fellow at the Linux Foundation and is responsible for the Linux kernel stable releases. He is also the maintainer of a variety of different kernel subsystems (USB, char/misc, tty/serial, driver core, staging, etc.) and has written a few books and articles about Linux kernel development.
Wikipedia entry that is usually very out of date
reddit AMA in 2020
reddit AMA in 2015
Great’s setup back in 2012
2 év 6 hónap óta
Security updates have been issued by Debian (webkit2gtk and wpewebkit), Fedora (firefox, phpMyAdmin, tpm2-tools, and tpm2-tss), Slackware (mozilla), SUSE (mozilla-nss, rubygem-actionpack-4_2, rubygem-actionpack-5_1, and tar), and Ubuntu (linux-azure and linux-hwe-5.19).
jake
2 év 6 hónap óta
USENIX's SREcon conference is the best venue for learning the latest in systems engineering (not just site reliability engineering) and if you have useful production stories and takeaways to share -- especially if you are in the Asia/Pacific region -- please consider submitting a talk proposal to [SREcon APAC 2023]. The [call for participation] ends on March 2nd, only two weeks away. It is held this year in Singapore, June 14-16, and I'm excited to be program co-chair with fellow Aussie [Jamie Wilkinson]. To quote from our CFP:
You build computer platforms, debug them, and support them, and you have learned something useful to share: You are invited to submit proposals to give talks at SREcon23 Asia/Pacific, which welcomes speakers from a variety of backgrounds, not just SRE, and from a variety of different-sized companies, not just those that are technology-focused. Your insights will help create a relevant, diverse, and inclusive program. Conversations are never complete when they focus just on successes; we encourage talks that focus on lessons learned from failures or hard problems.
At the seventh SREcon Asia/Pacific, we are especially seeking the deepest engineering talks: Those that cover gritty technical internals, advanced tools and techniques, and complex problems that may matter to others, whether your solutions were elegant, ugly, or unsuccessful.
We look forward to learning from speakers across the SRE and systems engineering space. This year we particularly welcome new speakers; many of our best talks have come from people with new perspectives to share and the last few years most certainly has given us all new experiences and stories we can share and from which we can learn.
At every SREcon globally, we welcome and encourage participation from all individuals in any country, including people that are underrepresented in, or excluded from, technology, including but not limited to: people of all colours, women, LGBTQ people, people with disabilities, neurodiverse participants, students, veterans, and others with unique characteristics.
Similarly, we welcome participants from diverse professional roles: QA testers, performance engineers, security teams, OS engineers, DBAs, network administrators, compliance experts, UX designers, government employees, and data scientists. Regardless of who you are or the job title you hold, if you are a technologist who faces unique challenges and shares our areas of interest, we encourage you to be a part of SREcon23 Asia/Pacific.
More details are or the [CFP page].
We're especially looking to highlight local content from the Asia/Pacific region. SREcon usually has good representation of the FAANGs (Facebook, Amazon, Apple, Netflix, Google, etc.) but I think every company has interesting stories to share. I'd love to see deeply technical talks about production incidents, where the approaches and tools used can be widely applied by others. And I'd love to hear about the ones that got away, where current tooling and approaches are insufficient.
For many years I've helped with the USENIX LISA conference, which was the premier event for production systems engineering. In recent years attendees have moved to SREcon, which covers similar topics, and [LISA 2021] may have been the last time LISA runs as a stand-alone conference (see [LISA made LISA obsolete]). I think LISA still exists as the people of the LISA community, many of whom are now involved with SREcon where our engineering principles live on and develop further.
If you've never been to an SREcon, check out the [SREcon APAC 2022] conference page, which links to slides and videos of the talks.
[SREcon APAC 2022]: https://www.usenix.org/conference/srecon22apac/program
[call for participation]: https://www.usenix.net/conference/srecon23apac/call-for-participation
[CFP page]: https://www.usenix.net/conference/srecon23apac/call-for-participation
[SREcon APAC 2023]: https://www.usenix.net/conference/srecon23apac
[LISA 2021]: https://www.usenix.org/conference/lisa21
[LISA made LISA obsolete]: https://www.usenix.org/publications/loginonline/lisa-made-lisa-obsolete-thats-compliment
[Jamie Wilkinson]: https://www.linkedin.com/in/jamie-wilkinson-8043553/
2 év 6 hónap óta
USENIX's SREcon conference is the best venue for learning the latest in systems engineering (not just site reliability engineering) and if you have useful production stories and takeaways to share -- especially if you are in the Asia/Pacific region -- please consider submitting a talk proposal to [SREcon APAC 2023]. The [call for participation] ends on March 2nd, only two weeks away. It is held this year in Singapore, June 14-16, and I'm excited to be program co-chair with fellow Aussie [Jamie Wilkinson]. To quote from our CFP:
You build computer platforms, debug them, and support them, and you have learned something useful to share: You are invited to submit proposals to give talks at SREcon23 Asia/Pacific, which welcomes speakers from a variety of backgrounds, not just SRE, and from a variety of different-sized companies, not just those that are technology-focused. Your insights will help create a relevant, diverse, and inclusive program. Conversations are never complete when they focus just on successes; we encourage talks that focus on lessons learned from failures or hard problems.
At the seventh SREcon Asia/Pacific, we are especially seeking the deepest engineering talks: Those that cover gritty technical internals, advanced tools and techniques, and complex problems that may matter to others, whether your solutions were elegant, ugly, or unsuccessful.
We look forward to learning from speakers across the SRE and systems engineering space. This year we particularly welcome new speakers; many of our best talks have come from people with new perspectives to share and the last few years most certainly has given us all new experiences and stories we can share and from which we can learn.
At every SREcon globally, we welcome and encourage participation from all individuals in any country, including people that are underrepresented in, or excluded from, technology, including but not limited to: people of all colours, women, LGBTQ people, people with disabilities, neurodiverse participants, students, veterans, and others with unique characteristics.
Similarly, we welcome participants from diverse professional roles: QA testers, performance engineers, security teams, OS engineers, DBAs, network administrators, compliance experts, UX designers, government employees, and data scientists. Regardless of who you are or the job title you hold, if you are a technologist who faces unique challenges and shares our areas of interest, we encourage you to be a part of SREcon23 Asia/Pacific.
More details are or the [CFP page].
We're especially looking to highlight local content from the Asia/Pacific region. SREcon usually has good representation of the FAANGs (Facebook, Amazon, Apple, Netflix, Google, etc.) but I think every company has interesting stories to share. I'd love to see deeply technical talks about production incidents, where the approaches and tools used can be widely applied by others. And I'd love to hear about the ones that got away, where current tooling and approaches are insufficient.
For many years I've helped with the USENIX LISA conference, which was the premier event for production systems engineering. In recent years attendees have moved to SREcon, which covers similar topics, and [LISA 2021] may have been the last time LISA runs as a stand-alone conference (see [LISA made LISA obsolete]). I think LISA still exists as the people of the LISA community, many of whom are now involved with SREcon where our engineering principles live on and develop further.
If you've never been to an SREcon, check out the [SREcon APAC 2022] conference page, which links to slides and videos of the talks.
[SREcon APAC 2022]: https://www.usenix.org/conference/srecon22apac/program
[call for participation]: https://www.usenix.net/conference/srecon23apac/call-for-participation
[CFP page]: https://www.usenix.net/conference/srecon23apac/call-for-participation
[SREcon APAC 2023]: https://www.usenix.net/conference/srecon23apac
[LISA 2021]: https://www.usenix.org/conference/lisa21
[LISA made LISA obsolete]: https://www.usenix.org/publications/loginonline/lisa-made-lisa-obsolete-thats-compliment
[Jamie Wilkinson]: https://www.linkedin.com/in/jamie-wilkinson-8043553/