Noticias

Linux Preparing To Disable Drivers For Microsoft's RNDIS Protocol

Slashdot -

Phoronix reports: With the next Linux kernel cycle we could see upstream disable their driver support for Microsoft's Remote Network Driver Interface Specification (RNDIS) protocol due to security concerns. RNDIS is the proprietary protocol used atop USB for virtual Ethernet functionality. The support for RNDIS outside of Microsoft Windows has been mixed. RNDIS isn't widely used today in cross-platform environments and due to security concerns the upstream Linux kernel is looking to move the RNDIS kernel drivers behind the "BROKEN" Kconfig option so they effectively become disabled in future kernel builds. Ultimately once marked as "BROKEN" for a while, the drivers will likely be eventually removed from the upstream source tree. Greg Kroah-Hartman wrote in a commit: "The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all rndis drivers to prevent anyone from using them again."

Read more of this story at Slashdot.

Mabox Linux Called 'Throwback to Old-School Linux'

Slashdot -

"If you've been itching to try an Arch Linux distribution and want something outside of the usual GNOME/KDE/Xfce desktop environments, Mabox Linux is an outstanding option...." writes ZDNet's Jack Wallen. "It reminded me of my early days using Linux, only with a bit of a modern, user-centric twist...." Linux was hard in its infancy. So, when I see a Linux distribution that reminds me of those days but manages to make it easy on users without years of experience under their belts, it reminds me how far the open-source operating system has come. Such is the case with Mabox Linux.... It's not that Mabox doesn't make Arch Linux easy...it does. But when you first log into the desktop, you are greeted with something most hard-core Linux users love to see but can be a real put-off to new users. I'm talking about information...and lots of it. You see, Mabox Linux places four information-centric widgets front and center on the desktop, so you can get an at-a-glance look at how the OS is using your system resources and even two widgets that give you keyboard shortcuts for things like opening various apps, menus, and even window management controls. Also on the OpenBox Window Manager desktop, you'll find a single top panel that gives you quick access to all your installed apps, the Mabox Colorizer... and a system tray with plenty of controls.... Once you have the distribution installed, the big surprise comes by way of performance. Mabox Linux is amazingly fast...like faster than most distributions I've used. A big part of that is due to the OpenBox Window Manager, which is very lightweight. Compared to my regular GNOME-based Linux desktop, Mabox is like driving a Lamborgini instead of a Prius. The difference is that obvious. The installation process lets you choose between open-source or proprietary video drivers, the article points out. And "you can easily customize the color of your Mabox desktop, including the theme, side panels, Conky (which creates the desktop widgets), wallpaper, Tint2 Panel, and even the terminal theme."

Read more of this story at Slashdot.

New Linux Malware Downloader for Compromised Servers Spotted in the Wild

Slashdot -

"A new Linux malware downloader created using SHC (Shell Script Compiler) has been spotted in the wild," reports the site Bleeping Computer, "infecting systems with Monero cryptocurrency miners and DDoS IRC bots... "The analysts say the attacks likely rely on brute-forcing weak administrator account credentials over SSH on Linux servers.... " According to ASEC researchers, who discovered the attack, the SHC loader was uploaded to VirusTotal by Korean users, with attacks generally focused on Linux systems in the same country.... When the SHC malware downloader is executed, it will fetch multiple other malware payloads and install them on the device. One of the payloads is an XMRig miner that is downloaded as a TAR archive from a remote URL and extracted to "/usr/local/games/" and executed.... The second payload retrieved, dropped, and loaded by the SHC malware downloader is a Perl-based DDoS IRC bot. The malware connects to the designated IRC server using configuration data and goes through a username-based verification process. If successful, the malware awaits commands from the IRC server, including DDoS-related actions such as TCP Flood, UDP Flood, and HTTP Flood, port scanning, Nmap scanning, sendmail commands, process killing, log cleaning, and more. ASEC warns that attacks like these are typically caused by using weak passwords on exposed Linux servers.

Read more of this story at Slashdot.

Vanilla OS Offers a New Take on Security for the Linux Desktop

Slashdot -

OS News cheers the first official release of Vanilla OS, calling it "an immutable desktop Linux distribution that brings some interesting new technologies to the table, such as the Apx package manager." From the official release announcement: "By default, Apx provides a container based on your Linux distribution (Ubuntu 22.10 for Vanilla OS 22.10) and wraps all commands from the distribution's package manager (apt for Ubuntu). Nevertheless, you can install packages from other package distributions.... Using the --dnf flag with apx will create a new container based on Fedora Linux. Here, apx will manage packages from Fedora's DNF repository, tightly integrating them with the host system. ZDNet calls Vanilla OS "a new take on Linux that is equal parts heightened security and user-friendly." Among other things, "the developers opted to switch to ABRoot, which allows for fully atomic transactions between 2 root partitions." The official release announcement explains: ABRoot will check which partition is the present root partition (i.e A), then it will mount an overlay on top of it and perform the transaction. If the transaction succeeds, the overlay will be merged with the future root partition (i.e B). On your next boot, the system will automatically switch to the new root partition (B). In case of failure, the overlay will be discarded and the system will boot normally, without any changes to either partition. But ZDNet explains why this comes in handy: Another really fascinating feature is called Smart Updates, which is enabled in the Vanilla OS Control Center, and ensures the system will not update if it's either under a heavy load or the battery is low. To enable this, open the Vanilla OS Control Center, click on the Updates tab, and then click the ON/OFF slider for SmartUpdate. Once enabled, updates will go through ABRoot transitions and aren't applied until the next reboot. Not only does this allow the updates to happen fully in the background, but it also makes them atomic, so they only proceed when it's guaranteed they will succeed. The only caveat to this system is that you are limited to either weekly or monthly updates, as there is no daily option for scheduling. However, if you're doing weekly updates, you should be good to go.... Setting aside that which makes Vanilla OS special, the distribution is as stock a GNOME experience as you'll find and does a great job serving as your desktop operating system. It's easy to use, reliable, and performs really well...especially considering this is the first official release. "Every wallpaper has a light and a dark version," adds the release announcement, "so you can choose the one that best suits your needs."

Read more of this story at Slashdot.

Ubuntu Blogger Chooses the 5 Best Linux Distros of 2022

Slashdot -

Long-time Slashdot reader destinyland shares an article listing "the five best Linux distros of 2022" — as chosen by the editor of the blog omg! ubuntu! "Spoiler: they're not all Ubuntu-based!" the article begins, also noting that it's not a ranking of superiority of importance, but rather "giving a shoutout to some of the year's best Linux releases." Its top-listed non-Ubuntu distro? Fedora Workstation 37 Fedora Workstation is a flagship desktop Linux distro for good reason: it's robust, it's reliable, it's impeccably produced — it distills what a lot of folks seek most: a "pure" GNOME experience, delivered as devs intend, atop a strong and stable base. Autumn's offer of Fedora 37 Workstation features GNOME 43 — an update that majorly improves the GNOME Shell user experience with Quick Settings. There's also a more-featured Files rebuilt in GTK4/libadwaita; a revamped Calendar app; a Device Security panel; Raspberry Pi 4 support; GRUB instead of syslinux on BIOS; and more. Folk often overlook Fedora Workstation because, as Linux distros go, it's rather understated, unassuming, and drama-free. Yet, it is a finessed and functional distro that forgoes fancy flourishes to focus entirely on its performance, its integration, and its cohesion. If you've never tried Fedora you're missing out, so sort it! There were two other non-Ubuntu distros on the list: Manjaro 22.0 'Sikaris'. "As Arch-based Linux distros go Manjaro is one of the best.... Everything from the shell to the package manager to bespoke touches and apps are cohesive, considered, and choreographed. Manjaro 22.0 isn't just a distro, it's an experience." Linux Mint 21. "As well as being easy to use, Linux Mint ships with an interesting selection of pre-installed software that aims to cover most users' needs, including some homegrown apps that are rather special."

Read more of this story at Slashdot.

Systemd's Growth Over 2022

Slashdot -

Phoronix checks systemd's Git activity in 2022 (and compares it to previous years): If measuring a open-source project's progress by the commity activity per year, while not the most practical indicator, systemd had a very good year. In 2022 there were 6,271 commits which is under 2021's all-time-high of 6,787 commits. But this year's activity count effectively ties 2018 for second place with the most commits in a given calendar year. This year saw 201k lines of new code added to systemd and 110k lines removed, or just under one hundred thousand lines added in total to systemd in 2022.... Systemd continues to grow and is closing out 2022 at around 1,715,111 lines within its Git repository. Also interesting: "[W]hen it comes to the most commits overall to systemd over its history, Lennart Poettering easily wins the race and there is no competition. As a reminder, this year Lennart joined Microsoft as one of the surprises for 2022."

Read more of this story at Slashdot.

Subscribe to EcuaLUG agregador: Noticias