Linux Blimp

Locking bootloaders with trusted computing is an important step towards protecting users from some of the most devastating malware attacks: by allowing the user to verify their computing environment, trusted computing can prevent compromises to operating systems and other low-level parts of their computer’s operating environment.

But as with every security measure, there’s a difference between “secure for the user” and “secure against the user.” Bootloader protection that doesn’t allow an owner to decide which signatures they trust is security against the user: security that prevents the user from overriding the manufacturer, and so allows the manufacturer to lock the user in.

Apple’s latest bootloader protection, the controversial T2 chip, is a good example of this. The chip comes with a user-inaccessible root of trust that allows for the installation of Apple and Microsoft operating systems, but not GNU/Linux and other open and free alternatives.

There’s no reason it has to be this way: Google’s flagship Pixel Chromebooks come with hardware switches that can be activated during the bootup to allow their owners to change which signatures the system trusts (users can initialize these systems with passwords that prevent others from covertly altering the trusted root later). This gives users the best of both worlds: a system that, by default, protects them from malware, and, with should the user choose, allows them to nominate parties other than Google to decide whom they trust.

To make things worse, publishing tools to allow for bootloader overrides is legally risky under section 1201 of the DMCA, which provides for 5 year prison sentences and $500,000 fines (for a first offense) for anyone who trafficks in tools to override access controls for copyrighted works.

Apple’s T2 documentation makes it clear and explicitly mentions Linux:

NOTE: There is currently no trust provided for the the Microsoft Corporation UEFI CA 2011, which would allow verification of code signed by Microsoft partners. This UEFI CA is commonly used to verify the authenticity of bootloaders for other operating systems such as Linux variants.

In other words, until Apple decides to add this certificate or the T2 chip otherwise is cracked so it could be fully disabled or allowed to load arbitrary keys, good luck even being able to boot Linux distributions on the new Apple hardware.

Gorgeous, illustrated Japanese fireworks catalogs from the early 1900s

The Yokohama Board of Education has posted scans of six fantastic catalogs from Hirayama Fireworks and Yokoi Fireworks, dating from the early 1900s. The illustrated catalogs are superb, with minimal words: just beautiful colored drawings depicting the burst-pattern from each rocket.

READ THE REST

Evolutionary Space Invaders: shoot the aliens as a genetic algorithm modifies them

InvaderZ is a Space Invaders variant that incorporates a genetic algorithm that mutates the invaders as you shoot at them, with survival for a fitness function: the longer an invader lasts before being blasted out of the sky, the more its behaviors are carried over into the next wave (here’s a playable live version). (via […]

READ THE REST

Analyst: Apple’s poor earnings will recover now they’ve switched from innovating to rent-seeking

Apple just had a really poor Q3 earnings report, with hardware sales falling off as people figure out that they just don’t need to get a new phone every year or so; writing in Bloomberg, Leonid Bershidsky tries to soothe investors by pointing out that Apple is still seeing growth in “services” and that there’s […]

READ THE REST

Write with a pen, save your notes online with this futuristic notebook

Note-taking just caught up to the digital age. For most of us, writing freehand is quicker and more convenient than pecking away on a tablet, but what to do when you need those scribbles on file? Grab a Rocketbook Everlast Reusable Notebook, which seamlessly fuses analog and digital notes. Just jot down your thoughts, journals […]

READ THE REST

Easily create professional-grade 2D animation from any image

Remember the cartoons of your youth? There’s a good reason. Nothing sparks the imagination like well-done animation. And whether you need a logo in motion or just want to bring your own imagination to life, CrazyTalk Animator 3 Pro is the tool that can take you there. Easy enough for casual users but with all […]

READ THE REST

Subscribe to Scribd for unlimited access to books, articles and more

For readers, Scribd has long been a fount of content, and it’s only growing. With 40 million titles to choose from, this service has plenty to offer to its more than 750,000 subscribers. Whether you’re into audiobooks, novels, nonfiction or magazines, Scribd is the only subscription service with access to titles from all “Big 5” global […]

READ THE REST

Source

Over the past year we have looked extensively at the performance impact of Spectre mitigations on x86_64 CPUs but now with having the Raptor Talos II in our labs, here are some benchmarks to see the performance impact of IBM’s varying levels of Spectre mitigation for POWER9.

 

 

By default, Raptor Computing Systems ships their system in the safest mode of providing full kernel and user-space protection against Spectre Variant Two. But by editing a file from the OpenBMC environment it’s possible to control the Spectre protections on their libre hardware. Besides the full/user protection against Spectre there is also kernel-only protection that is more akin to the protection found on x86_64 CPUs. Additionally, there is the ability to completely disable the protection for yielding the greatest performance (or what would be considered standard pre-2018) but leaving your hardware vulnerable to Spectre. More details on controlling the Spectre protections on Talos II hardware can be found via the RaptorCS.com Wiki.

This weekend are some benchmarks for reference of the Talos II Secure Workstation with dual 22-core POWER9 CPUs when tested in the default mode of kernel/user protection, kernel protection only, and then no protection at all for seeing how the performance compares — just as we have done many times over the past year for Intel and AMD CPUs too.

These reference benchmarks were done via the Phoronix Test Suite. If you want to see how your own Linux system(s) compare to the performance of this fully open-source system with libre firmware in its various Spectre configurations, simply run phoronix-test-suite benchmark 1811098-SK-TALOSIIDU15.

Source

Last updated November 11, 2018

In a recent announcement, a Code Search and Navigation tool named Sourcegraph was declared Open Source. As it makes navigating through Source Code much more convenient, the tool itself going Open Source is definitely a big plus for developers!

We’ve looked into its features and also tried to find out how it can be so helpful for developers who are used to navigate through code hosts like GitHub, GitLab and others quite regularly.

Sourcegraph Features

As stated on their GitHub page, Sourcegraph has the following features:

• Fast global Code search
• Intelligent Code recognition
• Code host Enhancement on GitHub, GitLab and more
• Extension API for easier third-party integration

You can deploy Sourcegraph on your server and configure it to work with your or your organization’s Git repositories. Once that’s done, you get a search engine where you can search all the codes.

But if you are a lone developer, like me, you can still use Sourcegraph on GitHub or GitHub alternatives like GitLab.

I am going to quickly show you how to use Sourcegraph for a better code navigation on GitHub.

Using Sourcegraph on GitHub

Let’s find out how you can easily try this tool with a Firefox or Chrome extension. Here, we’ve used Firefox:

This is how it looks like with the Sourcegraph extension installed and when you view a file on the Vim repository on GitHub:

Note how we can see the new Sourcegraph buttons within the GitHub interface, thanks to the installed extension. One thing to note is that one need not even login into GitHub to navigate through hosted Code and their repositories in order to make use of the helpful features of Sourcegraph.

When you click on “View File”, the entire look changes and the file is opened for you in a completely new interface within the browser itself:

Without Sourcegraph, if you want to look for files with a particular format, say C++ .cpp files in this example, it is very difficult to filter and view them if we try to use GitHub’s own search engine within this repository:

But once you are using this extension, see how easily you can view all such files in one go within the repository:

Sourcegraph can narrow down through Code Search very intelligently as explained in this video:

Code intelligence in Sourcegraph is powered by Lang Server, which enables identifying the type of Programming Language you are using:

Learn more about its usefulness in the following video:

Bonus Tip on using Sourcegraph

Even without installing an extension on your browser, you can directly use Sourcegraph as an IDE on top of any repository on GitHub by just adding “sourcegraph.com/” as a prefix to the repository URL.

For example, the URL for the official Vim repository is:

github.com/vim/vim

To view the same through Sourcegraph, modify the URL as below and you’re good to go:

sourcegraph.com/github.com/vim/vim

I’ve also tested this method with GitLab and it works there too! You can try other repositories as well!

Sourcegraph Developers have a master plan behind declaring it Open Source:

Make basic code intelligence ubiquitous (for every language, and in every editor, code host, etc.)

Make code review continuous and intelligent

Increase the amount and quality of open-source code

Here are the ways they suggest you can contribute to its Development:

• Submit pull requests to the Sourcegraph Open Source Project
• Actively participate in its continued development
• Add and improve documentation
• Build Sourcegraph extensions to Enhance Code viewing/reviewing on both Sourcegraph and GitHub

So this was a brief look into how Sourcegraph can make the developer’s life a lot more easier and hassle-free.

Are you a Developer? Would you like to adopt this new Open Source Tool in your day-to-day programming tasks? Let us know in the comments section below.

Source

Haguichi is an open source application that provides users with a graphical front-end for the Hamachi (now known as LogMeIn) zero-configuration virtual private network (VPN) software under any GNU/Linux operating system.

A quick overview of its features

Key features include a straightforward, modern and easy-to-use graphical user interface, completely customizable commands, system tray integration, pop-up notifications, rich tooltips, as well as collapsible and sortable network list.

The program is translated into more than 15 languages, supports a wide range of open source desktop environments and Linux-based operating systems, and allows users to easily backup and restore their Hamachi configurations.

It sports a familiar graphical user interface that allows users to connect with a single mouse click. It features supports for both IPv4 and IPv6 protocols, automatic connection during startup, automatic reconnection when the connection is lost, custom commands, and much more,

Under the hood and availability

Under the hood, we can report that the application is written in the Vala programming language. It is also very important to mention that you will need to download and install the Hamachi client before installing this software on your Linux box. Be aware that Hamachi is now know as LogMeIn.

Officially supported Linux distributions include Ubuntu, Arch Linux, openSUSE, Linux Mint, elementary OS, Fedora, and Debian GNU/Linux, for which the developers offer binary installers. A source archive is also available for download, allowing experienced users to configure, compile and install the application under any Linux-based operating system.

Bottom line

In conclusion, Haguichi is a very good graphical user interface for the Hamachi service. It supports a multitude of distributions and desktop environments, and it’s probably the only one that can offer a modern Hamachi client on GNU/Linux.

Source

What is VMware Workstation?

VMware Workstation is a virtualization software developed by the company VMware company, established in 1998. VMware Workstation was launched in 2001 as a platform to install multiple instances of different operating systems, especially the client and server systems. It supports hardware compatibility for hard disks, CD Roms and USB devices, and provides a bridge between the host and virtual machines. The purpose of building such a platform was to enable system administrators to test and verify the client-server environment for software and hardware. The VMware administrator can also switch between different virtual machines at the same time.

Install VMware Workstation

This article shows how to install and launch VMware Workstation on your Ubuntu system. The commands and procedures used in this article describe the installation of VMware Workstation 15 on a Ubuntu 18.04 LTS system.

Step 1: Download the official VMware binary package

The most stable and latest version of the VMware Workstation can be downloaded from their official website. Open your Ubuntu command line, the Terminal, either through the system Dash or the Ctrl+Alt+T shortcut. Then, enter the following wget command in order to download the binary package to your system:

$ wget -O ~/vmware.bin https://www.vmware.com/go/getWorkstation-linux

This command will download the package to the current user’s home folder in a file named vmware.bin.

Step 2: Install Build Essential to your system

In order to install the VMware Workstation, you first need to have a prerequisite called Build Essential on your system. The Built Essential includes a reference to all the packages needed to compile a Ubuntu binary installation package.

Run the following command as sudo in order to install it:

$ sudo apt install build-essential

The system will prompt you with a Y/n option to continue the installation procedure. Please enter Y to continue.

Step 3: Launch the VMware Installer

We will now launch the graphical VMware Installer through the command line, that will guide you through the rest of the installation procedure. Please run the following command to launch the installer:

$ sudo bash ~/vmware.bin

The installer will launch as follows:

The installer will let you make some custom settings such as specifying the default administrator for VMware, selecting the installation folder and choosing an HTTP port for the workstation server. You will be also asked to provide a License Key. You may provide this key if you have it or even wish to skip the step simply by clicking the Next button.

The following window will indicate the successful end of the Installation procedure.

Step 4: Launch the VMware Workstation

You can launch the VMWare Workstation both through the command line and the GUI.

Enter the following command as sudo in order to launch VMware, as only the administrator can use it:

Or enter the VMware keyword in your system Dash and then click on VMWare Workstation icon from the search results.

When you first launch VMware, it will ask if you want to enter the license key, buy it, or use the trial version of the software for 30 days.

Select your choice and click OK.

As mentioned before, you need to be an administrator to use the VMware Workstation. Thus, the following authentication dialog will appear asking you to provide your password.

Enter the password and click the Authenticate button to start VMware.

Click the OK button on the Information dialog.

Here, you can perform the operations such as creating and opening a new, connecting to a remote server and other customizations as an administrator.

Through the step by step installation instructions mentioned in this article, you can install the VMware Workstation through the official binary package and then launch it as an administrator on your Ubuntu system.

Source

Nov 09, 2018, 19:00

Today I am going to do a quick demonstration of how to easily install a suite of security testing tools from Kali Linux onto a Ubuntu machine. For a bit of background information, Kali Linux is a distribution derived from Debian. Its sole purpose is to provide a suite of tools for penetration testing (pentesting) and forensics. It is provided by Offensive Security, an organization dedicated to providing security training. There is a very long list of tools available for Kali. Such tools include (but are not limited to) forensics, vulnerability checks, access checks, and stress testing.

Complete Story

Source

GNOME Control Center is an open source project that allows GNOME users to control various aspects of their desktop environment, as well as of the Linux operating system on top of which GNOME is installed. The application provides a single, easily accessible place where users can interact with GNOME’s settings. It is integrated into the GNOME desktop environment and can be accessed through the system tray area.

Easy access to main GNOME settings

The program is comprised of three main settings categories, such as Personal, Hardware and System. The Personal section includes the Background, Notifications, Online Accounts, Privacy, Region & Language, and Search entries. The Hardware category includes Bluetooth, Color, Displays, Keyboard, Mouse & Touchpad, Network, Power, Printers, Sound and Wacom Tablet. Lastly, the System category include Date & Time, Details, Sharing, Universal Access and Users.

Designed for new and experienced users

It can be easily used by new and experienced users alike, so they can successfully configure various aspects of the GNOME desktop environment. Therefore, users will be able to change the desktop wallpaper, add or remove online accounts, change privacy, language and notification settings, configure the integrated search function, enable Bluetooth support, and configure their peripheral devices.

Additionally, the application can be used to change the color profile and settings of your monitor, configure network connections, printers, wacom tablet, sound and power settings. Also, you can use it to change the default applications, set the date and time, add and remove users, or enable sharing.

Also known as Unity Control Center

Several well known Linux-based operating system forked the GNOME Control Center application, transforming it into their very own control center app. A popular example is the Ubuntu distribution, where GNOME Control Center is present in the form of Unity Control Center. Any GNOME user has interacted with the GNOME Control Center in a form or another to set various hardware components, change the wallpaper or even to add new users on their Linux system.

Source

If you are like me, you use several different chat and messaging services during the day. Some are for work and some are for personal use, and I find myself toggling through a number of them as I move from apps to browser tabs—here, there, and everywhere.

The Franz website explains, “Being part of different communities often requires you to use different messaging platforms. You end up with lots of different apps and browser windows trying to stay on top of your messages and chats. Driven by that, we built Franz, a one-step solution to the problem.”

Franz 5 (version 5.0.0-beta.18), available under the Apache 2 license, is an open source chat/messaging aggregator. With Franz 5, you can access a variety of messaging apps in one window and simply toggle through them. The source code for Franz can be found on GitHub.

I find Franz 5 useful for aggregating my Gmail, Trello, Hangouts, GitHub, and LinkedIn messages (so far).

Who is Franz?

Franz was created by Austrian-based Stefan Malzner, a graphic designer and game creator at Bloodirony. “Emperor Franz Joseph I of Austria [who reigned from 1848-1916] had a rough time following the downfall of the Austrian Empire,” Malzner says. “Why not give someone with the presumably exceptional communication skills of an emperor a second chance?”

Franz 5 supports many services, including GitHub, Slack, LinkedIn, Skype, and Trello.

Cooking up some recipes

If those services aren’t enough for you, Franz is extensible by adding plugins (called “recipes”). Franz 5’s plugin architecture lets you add additional services to adapt the tool as you see fit. The recipe repository can be found on GitHub.

Moreover, the Franz community is adding new services to the platform. Adding new recipes is simple; the instructions are available on GitHub and listed here (Bitbucket, in this example):

1. Clone/download the folder franz-recipe-bitbucket.
2. Open the Franz Recipe folder on your machine:
   • Mac: ~/Library/Application Support/Franz/recipes/
   • Windows: %appdata%/Franz/recipes/
   • Linux: ~/.config/Franz/recipes/
3. Create a dev folder, if you have not already done so
4. Unzip and copy the franz-recipe-bitbucket folder into the recipes dev directory
5. Restart or reload Franz

Instructions for adding your own services can be found on GitHub. To list your plugin with Franz 5, create an issue with the tag deploy, link to your repository, and write a short description of what it does.

For example, Daniel Weinberger added an issue for Android Messages suggesting a mechanism for including unread badge counts, which Poland’s Filip Malczak has been thinking of too. His repository can be found on GitHub.

Leave the messaging to Franz

I’ve been using Franz for only a few days but already rely on it to keep all my messaging corralled in one easy-to-find place. In addition to the free open source version of Franz 5, two premium levels are available on the Franz website if you need added functionality.

Source

Nov 09, 2018, 23:00

Linux Mint’s Cinnamon desktop environment derived from GNOME/GTK components has tagged its v4.0.0 release in source and is already beginning to appear in distribution repositories from the likes of Manjaro.

Complete Story

Source

RPCS3, the open source PlayStation 3 emulator is coming along nicely. The latest progress report goes over some recent work with various improvements.

They’ve now managed to hit over 1,300 titles that you’re able to actually get in-game now, although that doesn’t mean they’re playable just yet but progress is progress. Playable titles has risen to around 1,014 now too.

It’s quite hilarious how badly some games are made, which get uncovered when developers do projects like this since they have to look into so much detail about how each and every game works. They talked a little about Afro Samurai and how it renders all geometry twice to get a stylish black outline, I’m sure there’s plenty of other games doing some terrible things.

One sweet little feature added, is the ability to load a background from games while it’s loading shaders. It’s such a small thing, but it makes it look quite a lot more professional.

They also did some new videos to show off their improvements:

Great to see work going strong on such an important project, it would be such a shame to have so many titles vanish into the abyss as technology moves on. Preservation of gaming is important, even if some rights holders don’t agree with emulation.

I wouldn’t mind playing through the Resistance titles again, so it’s pleasing to see that with their recent work some major graphical issues have been solved.

They still have a long road ahead, with some of the features they’ve worked through sounding rather tricky. They should get there eventually though, the first step is to get things working and rendering and then they can really push through on the optimisation.

See the full post here for the technical details.

Source