Linux Servers – Greguti http://greguti.com/ Mon, 21 Jun 2021 22:04:57 +0000 en-US hourly 1 https://wordpress.org/?v=5.7.2 https://greguti.com/wp-content/uploads/2021/05/cropped-icon-32x32.png Linux Servers – Greguti http://greguti.com/ 32 32 ISRG wants to secure Linux kernel memory with Rust https://greguti.com/isrg-wants-to-secure-linux-kernel-memory-with-rust/ https://greguti.com/isrg-wants-to-secure-linux-kernel-memory-with-rust/#respond Mon, 21 Jun 2021 21:17:26 +0000 https://greguti.com/isrg-wants-to-secure-linux-kernel-memory-with-rust/

Enlarge / No no this kind of rust.

The Internet Security Research Group, the parent organization of the better-known Let’s Encrypt project, provided prominent developer Miguel Ojeda a one-year contract to work on Rust under Linux and other full-time security efforts.

What is a Rust for Linux?

As we saw in March, Rust is a low-level programming language offering most of the flexibility and performance of C (the language used for kernels in Unix and Unix-like operating systems for years. 1970) in a more secure manner.

Efforts to make Rust a viable language for Linux kernel development began at the Linux Plumbers 2020 conference, with the idea coming from Linus Torvalds himself. Torvalds specifically requested the availability of the Rust compiler in the default kernel build environment, to support such efforts, not to replace all of the Linux kernel source code with equivalents developed by Rust, but to allow the new development to function properly.

Using Rust for new code in the kernel, which can mean new hardware drivers or even replacing GNU Coreutils, potentially reduces the number of bugs hidden in the kernel. Rust simply won’t allow a developer to leak memory or create the potential for buffer overflows, major sources of performance and security issues in complex C-language code.

Google, ISRG and Ojeda

The Internet Security Research Group (ISRG) new contract gives Ojeda a full-time salary to continue the memory security work he was already doing part-time. ISRG Executive Director Josh Aas notes that the group has worked closely with Google engineer Dan Lorenc and that financial support from Google itself is essential to sponsor Ojeda’s ongoing work.

“Large efforts to eliminate entire categories of security concerns are the best large-scale investments,” Lorenc said, adding that Google was “delighted to [help] ISRG supports Miguel Ojeda’s work dedicated to improving kernel memory security for everyone. “

Prossimo and the security of memory

Ojeda’s work is the first project to be sponsored under the ISRG’s Prossimo banner, but it’s not the first step the organization has taken towards greater memory security. Previous initiatives include a memory-secure TLS module for the Apache web server, a memory-secure version of the loop data transfer utility, and rust—A secure, in-memory alternative to the ubiquitous OpenSSL network encryption library.

Find the Prossimo initiatives on memorysafety.org, along with links to donations, the ISRG and its Prossimo projects are 100% supported by charitable donations, both from individuals and community-minded businesses. If you want to get involved, the ISRG accepts direct currencies donations via PayPal or Donorbox, various cryptocurrencies, and even mutual fund securities or stocks.


Source link

]]>
https://greguti.com/isrg-wants-to-secure-linux-kernel-memory-with-rust/feed/ 0
QOwnNotes 21.6.4 – Neowin https://greguti.com/qownnotes-21-6-4-neowin/ https://greguti.com/qownnotes-21-6-4-neowin/#respond Sun, 20 Jun 2021 20:38:00 +0000 https://greguti.com/qownnotes-21-6-4-neowin/




Razvan serea
Journalist
Neowin

·

June 20, 2021 4:38 PM EDT

QOwnNotes is an open source (GPL) plain text notepad with markdown support and to-do list manager for GNU / Linux, Mac OS X, and Windows, which (optional) works with the Notes application. ‘ownCloud (or Nextcloud). So you can write down your thoughts with QOwnNotes and edit or search them later from your mobile device (like with CloudNotes) or from the ownCloud web service. Notes are stored as raw text files and you can sync them with your ownCloud sync client. Of course, other software, such as Dropbox, Syncthing, Seafile or BitTorrent Sync can also be used.

Characteristics:

  • Note folder can be chosen freely (multiple note folders can be used)
  • Note substrings search is possible and the search results are highlighted in the notes
  • the application can be used with customizable keyboard shortcuts
  • external modifications of the note files are monitored (the notes or the list of notes are reloaded)
  • old versions of your notes can be restored from your ownCloud server
  • deleted notes can be restored from your ownCloud server
  • the differences between the current note and the externally modified note are displayed in a dialog box
  • note highlighting and a markdown preview mode
  • notes get their name from the first line of note text (like in the ownCloud notes web app) and note text files are automatically renamed, if the first line changes
  • compatible with ownCloud’s notes web application and ownCloud mobile notes applications
  • compatible with ownCloud’s selective sync function by supporting an unlimited number of note folders with the option to choose the respective folder on your server
  • manage your ownCloud task lists (ownCloud tasks or Tasks Plus / Calendar Plus) or use another CalDAV server to synchronize your tasks with
  • note encryption (AES-256 is built in or you can use custom encryption methods like Keybase.io (encryption-keybase.qml) or PGP (encryption-pgp.qml))
  • support for dark mode theme
  • Themes support for Markdown syntax highlighting
  • all panels can be placed anywhere you want, they can even float or stack (fully dockable)
  • support for freedesktop theme icons, you can use QOwnNotes with your native desktop icons and with your favorite dark desktop theme
  • support for hierarchical tagging of notes and subfolders of notes
  • support for sharing notes on your ownCloud server
  • portable mode to carry QOwnNotes on USB sticks
  • Evernote import
  • QOwnNotes is available in many different languages ​​like English, German, French, Polish, Chinese, Japanese, Russian, Portuguese, Hungarian, Dutch and Spanish

QOwnNotes 21.6.4 changelog:

  • fixed an issue when enabling the subfolders panel after disabling it
    for note folders with sub-folders

  • note preview can now also highlight code blocks with uppercase identifiers

  • now the shorter link https://web.libera.chat/#qownnotes is used for the
    IRC channel in the chat menu

Download: QOwnNotes 21.6.4 | 37.8 MB (Open Source)
Download: QOwnNotes for other operating systems
View: QOwnNotes home page

Be alerted of all our software updates on Twitter at @NeowinSoftware

Report a problem with the article

1480528120_screentogif
Previous article

ScreenToGif 2.32




Source link

]]>
https://greguti.com/qownnotes-21-6-4-neowin/feed/ 0
How to install Clipgrab on Linux Mint 20.1 to download videos https://greguti.com/how-to-install-clipgrab-on-linux-mint-20-1-to-download-videos/ https://greguti.com/how-to-install-clipgrab-on-linux-mint-20-1-to-download-videos/#respond Sat, 19 Jun 2021 13:42:41 +0000 https://greguti.com/how-to-install-clipgrab-on-linux-mint-20-1-to-download-videos/

Well here we see how to install and use Clipgrab on Linux Mint 20.1, Ubuntu 21.04 / 20.4 / 18.04 including Debian, Elementary OS, Kali, MX Linux and others. Also learn the steps to create your desktop shortcut.

Clipgrab is a graphics program that can be used to download videos from online media platforms like YouTube, Vimeo, DailyMotion or Facebook etc. and convert them if you want (e.g. to MP3, OGG Vorbis / Theora or WMV). It’s really convenient because if you don’t need video and are interested in its audio, save the media file as MP3. For the conversion, FFmpeg is used in the background.

Its interface is quite clean and simply designed that does not require any guide to understand, even for beginners. Besides Linux, Clipgrab is available for Windows and Mac OS X and is licensed under GPL3. The best thing is that you can search for videos using keywords on Clipgrab if you don’t have the URL of a particular video.

ClipGrab can automatically download videos when a video link is found in the clipboard. It is also possible to use a proxy server.

Install and Clipgrab on Linux Mint 20.1

1. Run the system update

It is not necessary, but just make sure the system is using the latest security updates, run it.

sudo apt update

2. Install dependencies – FFmpeg & Python 2

To convert videos using Clipgrab we need FFmpeg on our system and to allow the software to search Youtube or other videos we also need to install python 2 on Linux Mint.

sudo apt install ffmpeg

By default python 3 will be there, however, we need python 2, so run the command below, it will automatically select python-is-python2 instead of python.

sudo apt install python

3. Download Clipgrab for Linux mint 20.1

Clipgrab is available in APP Image format and can therefore be run on any Linux system, regardless of its base or code. Therefore, we first download the same, and then we will see how to use it.

Visit the official Clipgrab page to download the AppImage- file Here is the link. Select the Linux binary.

Download the image from the Clipgrab app

4. Move the YouTube download file to a safe location

By default, the file will be in your Downloads folder because we got it from the browser. But there are chances that we accidentally delete it, so let’s move it to a safe place.

cd Downloads

sudo mv ClipGrab-*-x86_64.AppImage /opt/clipgrab.AppImage

#Download logo

wget https://www.how2shout.com/linux/wp-content/uploads/2021/06/clipgrab.png

sudo cp clipgrab.png /opt/

5. Create a desktop and Cligrab application launch shortcut

Let’s create a desktop shortcut for this Youtube downloader so that we can easily access it on Linux Mint.

nano ~/Desktop/Clipgrab.desktop

Copy the entire block of text below and paste it into the file.

Desktop Entry]
Version=1.0
Type=Application
Name=ClipGrab
Comment=Download and convert videos from various portals (e.g. YouTube)
Exec=/opt/clipgrab.AppImage
Icon=/opt/clipgrab.png
Categories=Application;Network
Terminal=false

Save the file by pressing g- Ctrl + X, type Yes, then press the Enter Key.

Too, copy the shortcut to Applications folder, so that we can access it from the launcher.

sudo cp ~/Desktop/Clipgrab.desktop /usr/share/applications

Now, you will have it on the application launcher

Clipgrab app shortcut

in addition, also make the shortcut on the desktop executable, to do this, right click on it, select Properties >> Authorizations tab, and select the “Allow the file to run as a program” box.

Linux Mint Desktop Shortcut for Clipgrab youtube

6. Run Clipgrab on Linux Mint

Finally using shortcuts run this youtube video downloader and use keyword or url to download videos.

Install Clipgrab youtube downloader on Linux Mint with desktop shortcut

See also another lightweight Snap Video downloader – Lightweight Video Downloader for Linux Mint 20.1

7. Remove or uninstall

To remove this video downloader platform, just delete the files we have downloaded and created so far:

sudo rm -r /opt/clipgrab.AppImage
sudo rm -r /opt/clipgrab.png
sudo rm -r /usr/share/applications/Clipgrab.desktop


Source link

]]>
https://greguti.com/how-to-install-clipgrab-on-linux-mint-20-1-to-download-videos/feed/ 0
Why you shouldn’t use Telnet for remote connections https://greguti.com/why-you-shouldnt-use-telnet-for-remote-connections/ https://greguti.com/why-you-shouldnt-use-telnet-for-remote-connections/#respond Fri, 18 Jun 2021 19:30:00 +0000 https://greguti.com/why-you-shouldnt-use-telnet-for-remote-connections/

Want to access remote servers but don’t want to risk your online privacy? Use SSH or Mosh instead of Telnet.


Network switch

If you need to connect to a remote computer using the command line, you might be tempted to use Telnet, one of the oldest protocols still in use on the Internet. But you shouldn’t, because it’s not safe for your digital privacy.

This article will discuss the reasons why you shouldn’t use Telnet and other secure protocols you can use to connect to servers remotely.

Telnet is not secure

The main problem with Telnet is that it is not secure. All text sent between computers using Telnet is plain text. This also includes usernames and passwords. If you are using Telnet, someone can easily intercept the connection and will be able to see any credentials you send using a “man-in-the-middle attack”.

WSL Ubuntu Telnet man page

This is an example of the different cultures under which Arpanet, the original network that became the Internet, was developed. As a U.S. government research project in the late 1960s and early 1970s, Arpanet was experimental and had no ambition to become the massive global network that is the modern Internet today.

The developers were academics connecting the country’s leading research universities and they trusted each other. Surely, no one would ever try to break into a computer.

Instead, use SSH and Mosh

One such password theft attack motivated Tatu Ylönen, then at Helsinki University of Technology in Finland, to create Secure Shell or SSH. The OpenBSD project OpenSSH is one of the most widely deployed on modern Unix and Linux systems. Even Windows 10 has a native version of OpenSSH built in.

This is not surprising, because SSH solves the problem that makes Telnet so dangerous. SSH encrypts the connection between two or more computers, which means that even if an attacker manages to gain access to the connection, he will not be able to understand its meaning.

OpenSSH Home Page

Even as useful as SSH is, like Telnet, the main technical assumptions in its development meant that subsequent deployments of the network exposed its shortcomings. SSH assumes the use of always-on wired connections. Try closing your laptop cover while logged in and see what happens. Your SSH connection will freeze.

Another project, Mosh, has arisen to solve problems using SSH on laptops, mobile devices and wireless connections. Mosh keeps you connected even if a Wi-Fi network is down and lets you move between different networks efficiently.

Related: Get Better Remote Sessions on Linux with Mosh and Tmux

Connect to remote servers securely

With SSH and Mosh, you can ditch Telnet altogether, protecting your login credentials while accessing remote computers. To ensure your privacy online, you should be aware of the limitations of any technology or software you use.

Even SSH is no exception. Knowing what the technology is and how attackers can use it against you will help protect your digital security.


ssh letters function
What is SSH and what is it?

Heard of SSH but never knew what it is? Here’s what you need to know.

Read more


About the Author

.


Source link

]]>
https://greguti.com/why-you-shouldnt-use-telnet-for-remote-connections/feed/ 0
Minecraft “JNI Error” or “Java Exception” after Update 1.17? Here is a fix https://greguti.com/minecraft-jni-error-or-java-exception-after-update-1-17-here-is-a-fix/ https://greguti.com/minecraft-jni-error-or-java-exception-after-update-1-17-here-is-a-fix/#respond Fri, 18 Jun 2021 10:10:31 +0000 https://greguti.com/minecraft-jni-error-or-java-exception-after-update-1-17-here-is-a-fix/

New updates are added at the bottom of this story …….

The original story (published June 09, 2021) follows:

Minecraft gamers are finally getting their hands on the latest update 1.17 Caves and Cliffs: Part 1 which brings three new mobs – goats, luminous squids, and axolotls among many other additions.

Of course, it’s a massive update that gamers have been eagerly awaiting for weeks, and now that it’s here, gamers around the world are checking out the new update to see what it has to offer.

Unfortunately, it looks like the new update is off to a bad start. Some people who have installed Minecraft 1.17 report that they get an error message saying “A JNI error has occurred, please check your installation and try again” or “Java exception”.

We’ve shared a few unhappy user reports below for reference:

(Source)

When I try to play 1.17-rc1 or snapshots it gives 2 errors. Error 1: A JNI error has occurred, please check your installation and try again. Error2: A Java exception has occurred (Source)

Is the server file still working? I’m still getting the error code: A JNI error has occurred, please check your installation and try again. (Source)

I installed the files from the Minecraft 1.17 server but they give me a JNI error, maybe it is the launcher? (Source)

According to gamers, they are not able to install and play Minecraft 1.17 because they keep getting “JNI Error” or “Java Exception” error.

The players even confirmed that Java is installed on their computer, but the error persists.

Naturally, this left many players scrambling to find a solution. If you are one of them, well, there is nothing to worry about.

The “JNI error” that started appearing with the latest Minecraft 1.17 update can be fixed by installing Java 16, as confirmed by numerous reports from gamers experiencing the issue.

minecraft-jni-error-fix

(Source)

Minecraft 1.17 requires Java 16 or later to run, so the game will not run on computers that don’t meet the requirements.

That said, in case you need a video guide to help you resolve the issue, we’ve shared one below.

Once you have installed Java 16 on your computer, you should be able to play the Minecraft 1.17 update without worrying about experiencing the “JNI error”.

Please feel free to leave a comment to let us know whether or not this fixed the problem for you.

Update 1 (June 10)

Passing through the bug page for “A JNI error has occurred, please check your installation and try again” to Mojang support, here is something you need to know:

This error occurs when you launch the client (the game) or the server (the .jar) without Java 16 in 21w19 and above. Minecraft has been updated to use Java 16 per changelog 21w19a:

Minecraft now uses a newer version of Java. If you are using a default configuration, the launcher will download and install the correct version. If you are using a custom Java configuration or a third-party launcher, you will need to ensure that your Java installation is version 16 or higher.

And here is how you can fix the problem:

To resolve this issue, download the AdoptOpenJDK and follow the steps below for the client or server.

Client: Make sure your launcher is running Java 16. To do this, change the runtime of the Java executable to target “javaw.exe” in C: Program Files Java jdk-16.0.1 bin javaw. exe or where you have Java 16 installed. Contact those responsible for your launcher if you cannot upgrade or don’t know how to upgrade to Java 16.

Server: If you are running a server on your computer, make sure that AdoptOpenJDK is running the .jar. To make sure on Windows 10, the file properties should look like this:

Try to uninstall Java 8 and restart your computer to make sure you are running Java 16. If you are running a server with a host, contact the host.

If none if it works, please contact Community support.

Update 2 (June 11)

From user reports, those of you facing the problem in Linux, here is a Trick for you:

FIX: FOR LINUX USERS ONLY!

BE SURE TO UPDATE

sudo apt-get update

THEN

sudo apt search jdk

“find openjdk version 17” OR just do this command

sudo apt install openjdk-17-jdk

enjoy the new update 1.17 yall

In case openjdk-17-jdk does not appear by entering “sudo apt search jdk” and entering sudo apt install openjdk-17-jdk, it says “Unable to locate package openjdk-17-jdk”, you will need to add another repository first. This is how a user put he:

sudo add-apt-repository ppa: linuxuprising / java

sudo apt-get update

Optional: sudo apt search jdk

I found openjdk-16-jdk so I installed it; I haven’t seen openjdk-17-jdk, but 16 works

sudo apt install openjdk-16-jdk

Update 3 (June 18)

An individual has Highlighted some important information regarding the availability of Java 16 on the Mojang support website. Check out the information below:

Unlike Java 8, there is no single download provider for Java 16. Here are some of the main ones:

– OpenJDK (from Oracle): https://jdk.java.net/16/
– Oracle: https://www.oracle.com/java/technologies/javase-jdk16-downloads.html
Oracle was historically the main supplier of Java, but their free downloads are now only for developers. Their standard versions are now paid and cost several hundred dollars a year. OpenJDK downloads are not included in this.

– Amazon Corretto (from Amazon): https://docs.aws.amazon.com/corretto/latest/corretto-16-ug/downloads-list.html
– Zulu (from Azul): https://www.azul.com/downloads/#download-openjdk
– AdoptOpenJDK (from Eclipse Foundation, sponsored by many organizations including Amazon, IBM and Microsoft): https://adoptopenjdk.net/?variant=openjdk16&jvmVariant=hotspot
I would personally recommend AdoptOpenJDK, but the choice here is yours.

PiunikaWeb started out as an investigative technology journalism website, focusing primarily on “breaking” or “exclusive” news. In no time at all, our stories were picked up by Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors and many more. Do you want to know more about us? Head here.




Source link

]]>
https://greguti.com/minecraft-jni-error-or-java-exception-after-update-1-17-here-is-a-fix/feed/ 0
Microsoft loves Linux so much that packages.microsoft.com has fallen and can’t get up again • The Register https://greguti.com/microsoft-loves-linux-so-much-that-packages-microsoft-com-has-fallen-and-cant-get-up-again-the-register/ https://greguti.com/microsoft-loves-linux-so-much-that-packages-microsoft-com-has-fallen-and-cant-get-up-again-the-register/#respond Thu, 17 Jun 2021 14:02:00 +0000 https://greguti.com/microsoft-loves-linux-so-much-that-packages-microsoft-com-has-fallen-and-cant-get-up-again-the-register/

Microsoft has shown its deep and meaningful affection for all things penguin overnight in borking packages.microsoft.com and leaving some Linux fans deprived of the company’s products.

For some hardcore people, the lack of Microsoft software on their fiercely open source setups might not be such a bad thing. For others, however, get a 404 of a apt-get is a major workflow blocker.

The problem seems, at first glance, to be related to Ubuntu paths as users struggled with Microsoft’s OpenJDK and his flagship .NET platform.

ODBC packages were also stuck, along with the package link for Visual Studio Code and even poor old Microsoft Edge.

Microsoft has yet to respond to our request for additional information, although a software engineer from Windows giant, Rahul Bhandari, posted on GitHub: “Our infra team is still working to resolve this issue. They encountered space issues but this issue should be resolved quickly. Unfortunately, I don’t have an ETA yet.”

“Space issues.”

If only Microsoft had a super-scalable cloud in which it could store data. Something that could expand to meet user needs. Or just an AWS S3 bucket, otherwise.

The problems seem to be centered on the Debian packages on packages.microsoft.com. Some users reported success using Snap to install .NET while others spotted the missing packages using a VPN to connect to a different regional endpoint.

The latter hints at us that there might be something wrong with the mirroring setup, although we can’t imagine Microsoft changing the configuration of its servers, resulting in a crash.

For now, however, things are still a bit bad, as with us when we tried to apt-get on a sacrificial Ubuntu configuration.

We will update this article if Microsoft in love with Linux responds to us. ®

* Shaky infrastructure for Scupper user programming




Source link

]]>
https://greguti.com/microsoft-loves-linux-so-much-that-packages-microsoft-com-has-fallen-and-cant-get-up-again-the-register/feed/ 0
Rival accused of abusing law to stop Elon’s Starlink expansion • The Register https://greguti.com/rival-accused-of-abusing-law-to-stop-elons-starlink-expansion-the-register/ https://greguti.com/rival-accused-of-abusing-law-to-stop-elons-starlink-expansion-the-register/#respond Wed, 16 Jun 2021 17:15:00 +0000 https://greguti.com/rival-accused-of-abusing-law-to-stop-elons-starlink-expansion-the-register/

SpaceX has accused a satellite telecommunications rival of trying to arm environmental legislation to hamper the expansion of its Starlink Internet service.

Elon Musk’s company said so in a response filed on Monday. [PDF] in an ongoing dispute with Viasat, Dish Network and consulting firm The Balance Group. The trio are challenging SpaceX’s recent Federal Communications Commission (FCC) approval to operate the Starlink satellites at a lower altitude.

In a decision released in late April, the FCC authorized SpaceX to move 2,814 existing satellites from their current orbits from 1,100 km to 1,300 km to between 540 km and 570 km above the Earth’s surface. This would make its satellites more efficient and improve coverage in rural areas, as well as in the polar regions.

Viasat argued that the move would increase the risk of wayward satellite collisions and the increased proliferation of orbital debris. He claimed the approval process was forced and the FCC breached its obligation to review approval under the National Environmental Policy Act (NEPA).

Also on Monday, the Libra group tabled a motion of support to place a stay on order from the FCC [PDF], pending judicial review.

In the case, he supported Viasat’s concerns about potential radio frequency interference, as well as interference with astronomical research.

NEPA legislation requires federal agencies to determine whether a proposal would have a “significant effect on the human environment.” For the sake of efficiency, it allows agencies to identify actions that are unlikely to have a negative effect and to forgo any environmental investigation.

For its part, SpaceX has accused [PDF] Viasat for attempting a “transparent offer to co-opt the National Environmental Policy Act (NEPA) and the extraordinary stay procedure as trade war weapons.”

“Viasat’s new environmentalism is belied by its actions every moment. Viasat has not raised any environmental concerns in connection with any other satellite clearance, including SpaceX’s permission to operate the Starlink satellites at a different altitude and his prior request, “said the attorney for SpaceX.

Also on Monday, the FCC put forward its arguments to oppose the request for suspension of Viasat [PDF], arguing that SpaceX had mitigated the risk of orbital debris, emphasizing the maneuverability of its satellites.

SpaceX’s orbital debris mitigation plan explained that the satellites are able to maneuver to avoid collisions and that the low altitude helps minimize debris by ensuring that satellites descend more quickly into the atmosphere and are destroyed at the end of their useful life, ”the agency wrote. in its own legal file.

He also highlighted the design decisions made by SpaceX to ensure that its Starlink satellites disintegrate upon reentry, thereby reducing the risk of loss of life “to zero”. ®


Source link

]]>
https://greguti.com/rival-accused-of-abusing-law-to-stop-elons-starlink-expansion-the-register/feed/ 0
CloudLinux’s UChecker tool scans Linux servers https://greguti.com/cloudlinuxs-uchecker-tool-scans-linux-servers/ https://greguti.com/cloudlinuxs-uchecker-tool-scans-linux-servers/#respond Tue, 15 Jun 2021 20:57:00 +0000 https://greguti.com/cloudlinuxs-uchecker-tool-scans-linux-servers/

Oracle co-founder Larry Ellison delivers a speech at the Oracle OpenWorld conference in 2006. Kaspersky researchers recently discovered a new file-encryption Trojan designed as an executable and bindable format (ELF ) which encrypts data on machines controlled by Linux-based operating systems. . (Justin Sullivan / Getty Images)

Security teams running Linux servers now have access to UChecker, a new tool from CloudLinux that runs scans on Linux servers to detect obsolete shared libraries both on disk and in memory.

Offered as part of CloudLinux TuxCare security services, UChecker works with all modern Linux distributions and was licensed under the GNU General Public License, version 2.

According to ZDNet, UChecker tells security professionals which application is using which vulnerable library and offers the relevant process ID and process name. With this new information, administrators can see which libraries they need to update.

For security administrators, the tool covers more than one Linux distribution in a scripted fashion. Dirk Schrader, global vice president of security research at New Net Technologies, said that this is certainly a valuable additional element in the cybersecurity toolchain, and that security teams can use in addition to generic vulnerability analyzes.

“Depending on the security workflows in place, administrators may want to run this first to reduce the number of vulnerabilities reported by regular scan activities, or they will use it to validate the results of those scans,” Schrader said. “Either way, it helps meet some of the basic security controls that an organization should have in place, related to inventory and asset control. “

Yaniv Bar-Dayan, co-founder and CEO of Vulcan Cyber, said UChecker is a welcome addition to an already long list of open source vulnerability scanners, such as Vuls or OpenVAS which are available for analysis of the Linux environment.

“The challenge is always to make sure you have scan coverage for the blind spot that you may or may not know exists,” Bar-Dayan said. “We recommend that you start by taking a close look at the IT asset inventories to determine whether or not you have any vulnerable libraries running in memory. If so, UChecker combined with other vulnerability scanners can provide comprehensive and effective coverage.


Source link

]]>
https://greguti.com/cloudlinuxs-uchecker-tool-scans-linux-servers/feed/ 0
Fancy the ultimate no-Air-outside-bnb? NASA ready to lease the ISS for two weeks • The Register https://greguti.com/fancy-the-ultimate-no-air-outside-bnb-nasa-ready-to-lease-the-iss-for-two-weeks-the-register/ https://greguti.com/fancy-the-ultimate-no-air-outside-bnb-nasa-ready-to-lease-the-iss-for-two-weeks-the-register/#respond Tue, 15 Jun 2021 03:35:00 +0000 https://greguti.com/fancy-the-ultimate-no-air-outside-bnb-nasa-ready-to-lease-the-iss-for-two-weeks-the-register/

NASA hopes to welcome more amateur astronauts to the International Space Station, accommodating them for up to two weeks at a time.

Space tourism is taking off and NASA wants to keep enjoying the fun. In January of next year, Axiom Space Ax-1 The mission is to transport a professional astronaut and passengers to the orbiting station for an eight-day stay using a SpaceX rocket and a Crew Dragon capsule. And Blue Origin just auctioned off a seat in space next month for $ 28 million.

“This year is truly a renaissance for both manned spaceflight as we transport astronauts from NASA and international partners aboard a US commercial crew to the International Space Station,” he added. mentionned NASA Commercial Space Flight Development Director Phil McAlister, referring to SpaceX sending astronauts to the station, “and also as we see the expansion of private astronaut missions.

“As more and more people fly into space and do more things on their spaceflight, it attracts even more people to do more activities in low earth orbit, and reflects the growing market we had. envisioned when we launched the commercial crew program ten years ago. “

By people, he mainly means billionaires.

Either way, NASA is hoping to partner with third-party companies to launch two more “private astronaut” missions to the ISS. The first launch will take place no earlier than fall 2022, and the next around mid-2023 if all goes according to plan. The US government’s space agency does not seek to compete with commercial companies; the goal is to work with them.

Private biz will take care of all transportation to and from the orbiting space lab while NASA will provide logistical support, food and other materials and services to space travelers to survive on board. Private astronauts can live in the ISS for up to 14 days, and they are not allowed to interfere with professional astronauts working on board. The launch rocket and the vehicle in which the space travelers will be transported will need to be approved by NASA, which at this point means SpaceX or the Russians.

Be warned it won’t be cheap. The space agency will charge $ 5.2 million as a “base cost” for ISS crew time for each mission and an additional $ 4.8 million for all necessary mission planning and execution. . Add in the costs for feeding private astronauts – that’s $ 2,000 per person per day for freeze-dried food – and up to $ 1,500 per day for other groceries, such as sleeping bags, clothing and clothing. office supplies [office supplies?? – ed.], and the costs add up quickly. Not to mention the mass of the payload and the disposal costs which can reach $ 164,000 per day per person. But, hey, you get 12GB per person per day for free in data downloads for video and email etc.

Money earned from space tourism will help fill NASA’s coffers, giving it an additional source of income to fund its expensive science missions.

“Allowing private astronaut missions to the International Space Station is part of the agency’s goal of developing a strong economy in low earth orbit where NASA is one of many clients and the private sector is leading the way.” , he explained.

“This strategy will provide the services the government needs at a lower cost, allowing the agency to focus on its Artemis missions to the moon and to Mars while continuing to use low earth orbit as a training ground and ‘test for these deep space missions. “®


Source link

]]>
https://greguti.com/fancy-the-ultimate-no-air-outside-bnb-nasa-ready-to-lease-the-iss-for-two-weeks-the-register/feed/ 0
Smart SUSE Linux Enterprise Server moves compatibility goals https://greguti.com/smart-suse-linux-enterprise-server-moves-compatibility-goals/ https://greguti.com/smart-suse-linux-enterprise-server-moves-compatibility-goals/#respond Mon, 14 Jun 2021 09:26:03 +0000 https://greguti.com/smart-suse-linux-enterprise-server-moves-compatibility-goals/

In his most recent release of SUSE Linux Enterprise Server – SLES 15 SP3 – SUSE includes full binary compatibility between SLES and its community Linux distribution, openSUSE Leap. This smart change essentially allows those already using openSUSE Leap to easily migrate to SLES 15 SP3 for enterprise Linux desktop or server requirements. This move is designed to provide users and organizations with increased compatibility while allowing them to take advantage of the synergies that exist between the enterprise and community versions of the technology.

The overall movement is not intended to replace the community version, but rather to strengthen it – the two versions are not the same. The two SUSE open source code streams have been aligned, offering predefined binaries that improve results, but the architecture will not support all of the same platforms. Only openSUSE Leap will support Risc-V and ARMv7, but both will support s390x, aaargh64, x86-64, and ppc64le.

Of course, it’s clear that the switch is designed to encourage users to switch to SLES, but that doesn’t force the issue. Rather, evolution is designed to be as elastic and intuitive as possible while ensuring that both continue to deliver the right results.

In addition to this binary compatibility, SLES introduces many other extras in its code. One of the most interesting is SUSE Linux Enterprise Base Container Images, which provides open, flexible and secure container images and application development tools and an alternative to Docker. This daemonless container engine is designed for the development and management of Open Container Initiative containers and companies using LEAP and SLES can run these containers using Podman, Pod Manager Tool, for enhanced security. The release also includes updates to popular programming languages ​​and applications such as MariaDB 10.5 and PostgreSQL 12 databases.

Tumbleweed

SLES 15 runs on Linux kernel 5.3.18-46.1 and promises users a 13-year lifecycle with 10 years of general support and three years of extended support. The existing version must be maintained and supported for up to six months after the release of SLES 15 SP4, allowing use until December 2022. For users who want to use Linux while staying at the forefront of technological development , SUSE is still running its openSUSE Tumbleweed streaming distribution.

About SUSE
SUSE, the world’s largest independent open source software company, is fueling the digital transformation with true open source business technologies that simplify, modernize and accelerate traditional, cloud and edge solutions. SUSE works with partners, communities and customers to deliver and support solutions that enable critical business results. SUSE’s container and cloud platforms, software-defined infrastructure, and industry-leading artificial intelligence and computing solutions enable customers to build, deploy and manage workloads anywhere – on site, hybrid and multi-cloud. For more information visit www.suse.com.

  • This promoted content has been paid for by the affected party

Source link

]]>
https://greguti.com/smart-suse-linux-enterprise-server-moves-compatibility-goals/feed/ 0