https://guix.gnu.org/en/download/latest/
$ wget https://ci.guix.gnu.org/download/1953
--2024-03-16 17:31:58-- https://ci.guix.gnu.org/download/1953
Resolving ci.guix.gnu.org (ci.guix.gnu.org)... 141.80.181.40
Connecting to ci.guix.gnu.org (ci.guix.gnu.org)|141.80.181.40|:443... connected.
HTTP request sent, awaiting response... 500 Internal Server Error
2024-03-16 17:32:01 ERROR 500: Internal Server Error.
]]>Researchers have unearthed Linux malware that circulated in the wild for at least two years before being identified as a credential stealer that’s installed by the exploitation of recently patched vulnerabilities.
The newly identified malware is a Linux variant of NerbianRAT, a remote access Trojan first described in 2022 by researchers at security firm Proofpoint. Last Friday, Checkpoint Research revealed that the Linux version has existed since at least the same year, when it was uploaded to the VirusTotal malware identification site. Checkpoint went on to conclude that Magnet Goblin—the name the security firm uses to track the financially motivated threat actor using the malware—has installed it by exploiting “1-days,” which are recently patched vulnerabilities. Attackers in this scenario reverse engineer security updates, or copy associated proof-of-concept exploits, for use against devices that have yet to install the patches.
Checkpoint also identified MiniNerbian, a smaller version of NerbianRAT for Linux that’s used to backdoor servers running the Magento ecommerce server, primarily for use as command-and-control servers that devices infected by NerbianRAT connect to. Researchers elsewhere have reported encountering servers that appear to have been compromised with MiniNerbian, but Checkpoint Research appears to have been the first to identify the underlying binary.
“Magnet Goblin, whose campaigns appear to be financially motivated, has been quick to adopt 1-day vulnerabilities to deliver their custom Linux malware, NerbianRAT and MiniNerbian,” Checkpoint researchers wrote. “Those tools have operated under the radar as they mostly reside on edge-devices. This is part of an ongoing trend for threat actors to target areas which until now have been left unprotected.”
]]>With Plasma 6, our technology stack has undergone two major upgrades: a transition to the latest version of our application framework, Qt, and a migration to the modern Linux graphics platform, Wayland. We have done our best to ensure that these changes are as smooth and unnoticeable to the users as possible, so when you install this update, you will see the same familiar desktop environment that you know and love. But these under-the-hood upgrades benefit Plasma's security, efficiency, and performance, and improve support for modern hardware. Thus Plasma delivers an overall more reliable user experience, while paving the way for many more improvements in the future.
We will continue providing support for the legacy X11 session for users who prefer to stick with it for now.
It's not nearly as cool as the ones listed here though.
]]>Last night, for no particular reason, I decided to install KDE Plasma desktop environment on my laptop to try it out again and I've got to say... it's not bad.
Now, I'm an XFCE man through and through. Aside from some very short stints with Cinnamon (w/ Mint), XFCE has more or less been my choice for well over a decade now.
With that said, I'm not switching to KDE full-time, at least not anytime soon. But I was pretty impressed with it after having not even considered it an option for many years. May be worth checking out again: https://kde.org/plasma-desktop/
I'm considering tossing it on my workstation as well to see how it does in multiple monitors and under real use.
]]>Version 1.0 of Slackware was announced on the July 16, 1993, and project lead Patrick Volkerding, who still maintains the distribution today, celebrated with a modest announcement:
Hey folks! It's time to acknowledge another one of those milestones… 30 (!) years since I made the post linked below announcing Slackware's first stable release after months of beta testing. Thanks to all of our dedicated contributors, loyal users, and those who have helped us to keep the lights on here. It's really been a remarkable journey that I couldn't have anticipated starting out back in 1993. Cheers! :-)"
FULL ARTICLE: https://www.theregister.com/2023/07/20/slackware_turns_30
Anyone ever try Slackware?
"
]]>Windows is, of course, the main highway to most PC gaming, but it's also [...] not yet built to work well on a 7-inch gaming handheld. The ROG Ally ships with Windows (Home) installed and a bunch of Asus software, but it is still, at heart, a PC. With effort, you can get into the BIOS, disable Secure Boot, plug in a USB stick, and boot a USB stick with a live Linux distribution on it.
The ROG Ally will not make it easy for you to install a different OS. As with most PCs, you have to head into the BIOS and (at least for now) disable Secure Boot to boot from a USB drive or the resulting OS on your internal drive.
]]>]]>As the CentOS Stream community grows and the enterprise software world tackles new dynamics, we want to sharpen our focus on CentOS Stream as the backbone of enterprise Linux innovation. We are continuing our investment in and increasing our commitment to CentOS Stream. CentOS Stream will now be the sole repository for public RHEL-related source code releases. For Red Hat customers and partners, source code will remain available via the Red Hat Customer Portal.
I had always booted alternate Linux distributions from USB sticks, but I was fairly sure I needed to fully install Parrot OS on my hard drive to see the full picture. I did not, however, want to wipe out Kali, because it runs well, and I have installed various applications that I did not want to re-install if Parrot OS was still problematic. I also did not have an extra hard drive lying around at the time. That left dual booting Kali and Parrot OS. I found this to be harder than expected, but I did learn a few things in the process that some readers may find useful.
]]>Despite the problems, running a home web server is the way to maximize your control of your website while learning the most in the process. When you run a server from home, you are 100% responsible for keeping your website on the Internet. And you learn so much from meeting the challenges that inevitably arise. In my view, the learning experience alone is worth the effort, but you will also feel the pride and confidence that result from overcoming difficult obstacles.
]]>function usage () {
echo "usage: yt"
echo " -h help"
echo " -c channels/subscriptions"
echo " -s query search"
echo " -g / -r gui mode (rofi/dmenu)"
echo " -m music mode (audio only) [dont use with -r]"
echo " nothing use defaults (search from prompt)"
echo
echo "add channel names to the file $sublistpath to show them"
echo "in yt -c option. First word should be channel url, optionally"
echo "followed by tab and then anything else (channel name/description)"
echo "channels not in sublist can be viewed by typing their url in the prompt"
echo
echo "example file format:"
echo "markrober Mark Rober"
echo "vsauce1 VSauce Michael Steven's Channel"
echo "BlackGryph0n Black Gryph0n Gabriel Brown signs stuff"
echo "TomScottGo Tom Scott"
echo "danielthrasher Daniel Thrasher"
exit 0
}
See also: old.reddit.com/r/linux/comments/kl8ig3/commandline_youtube_video_search_and_play_utility/
]]>It can't be software. Software for Windows is generally shit.
It can't be that people like forced updates or having to relearn the GUI for their programs for no good reason frequently.
Support? All the Windows support tickets I had the pleasure of finding through troubles myself ended in "this won't change, you're fucked, deal with it".
Any good reason left why people would stick with Windows other than because that's how it's always been?
]]>find . -iname cover*.* | sxiv -fito
The way it works is I have a media collection inside folders and inside every folder there's a file called "cover.*". Maybe jpg, maybe png. Whatever. I'm using find to get all these and input them into sxiv, which then shows me all my media.
It is then possible to mark one with the 'm' button and quit, which leads sxiv to print out that file.
With some more bash...
#!/bin/bash
file=$(find . -iname cover*.* \
| grep -v -e 'not_interested' -e 'not_working' -e 'boring' \
| sxiv -fito)
if [[ -z "$file" ]]; then
#empty
exit
fi
game_path=$(dirname "$file")
rxvt-unicode -tr -sh 40 -depth 0 -e ranger "$game_path"
...I'll not only ignore some folders (the added grep), but also get the directory name and open a new terminal (rxvt-unicode) with my file-manager (ranger) inside that folder.
I'm using it for my game library, which I've lost track of over the years. But now (and after I added all the covers and changed the structure a little) I can just use this script to get to see the cover of all my games to select one I feel like playing.
And all that in one line of bash plus some extra to make it more comfy.
]]>Stemming from a research paper where researchers from the University of Minnesota intentionally worked to stealthy introduce vulnerabilities into the mainline Linux kernel. They intentionally introduced use-after-free bugs into the kernel covertly for their research paper.
But even after this paper, there has been a new round of patches from University of Minnesota researchers that claim to come from "a new static analyzer" but without any real value to the patches. These new, questionable patches don't appear to have any real value -- for good or bad -- and at the very least are just wasting time by upstream developers. This has led Greg to calling them out and "banning" them from trying to contribute to the Linux kernel in the future.
]]>