Aggregator

Emacs 26.1 Released, Linux 4.17-rc7, GNOME Foundation Receives Anonymous Donation and More

3 weeks 2 days ago

News briefs for May 29, 2018.

Emacs 26.1 was released yesterday. New features include limited form of concurrency with Lisp threads, support for optional display of line numbers in the buffer, use of double buffering to reduce flicker on the X Window System, redesign of Flymake, support for 24-bit colors on text terminals and lots more.

Linus Torvalds had these remarks over the weekend on Linux 4.17-rc7: "This week we had the whole 'spectre v4' thing, and yes, the fallout from that shows up as part of the patch and commit log. But it's not actually dominant: the patch is pretty evenly one third arch updates, one third networking updates, and one third "rest". He also mentioned "The bulk of it is really pretty trivial one-liners, and nothing looks particularly scary. Let's see how next week looks, but if nothing really happens I suspect we can make do without an rc8."

The GNOME Foundation recently received a pledge for $1,000,000 over the next two years from an anonymous donor. The Foundation plans to use the funds "to increase staff to streamline operations and to grow its support of the GNOME Project and the surrounding ecosystem."

KDE Connect Development Sprint took place last week, and the developers worked on the ability to send SMS from the desktop, making the Run Commands interface more discoverable, improving the functionality of multimedia controls ("now it's possible to display album art from your desktop on your Android devices") and more.

A new desktop environment option has arrived. The Jade Desktop is built on Python, HTML5, CSS and JavaScript and uses GTK with WebKit2, Phoronix reports. For more info, see Sparky Linux, which is offering the new desktop to its users.

The Korora Project and BackSlash Linux are ceasing development due to time constraints and financial issues, respectively, It's FOSS reports. The Korora project is taking a sabbatical (the developers aren't saying how long that will be), and the BackSlash Linux distro is asking for donations to help get started again.

News Emacs GNOME Distributions KDE kernel Mobile Desktop
Jill Franklin

Generating Good Passwords, Part II

3 weeks 2 days ago
by Dave Taylor

Passwords. They're the bane of computer users and a necessary evil, but they have risks and challenges associated with them. None of the choices are great. If it's up to your memory, you'll end up using the same password again and again. Use a password manager like 1Password, and you're reliant on its database security and portability. Two-factor? Um, can I borrow your phone for a minute?

Still, having complex and random passwords is definitely more secure than having a favorite phrase or variation you've been using for years. You know what I mean, just own it; you've been using the same PIN and password forever, right?

Last time, I built a script that could produce a random character from one of a set of character sets. For example, a random uppercase letter can be produced like this:

uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ" ${uppercase:$(( $RANDOM % ${#uppercase} )):1}

Add lowercase and a constrained set of punctuation and some rules on how many of each you want, and you can make some pretty complicated passwords. To start, let's just focus on a random sequence of n uppercase letters.

That's easily done:

while [ ${#password} -lt $length ] ; do letter=${uppers:$(( $RANDOM % ${#uppers} )):1} password="${password}$letter" done

Remember that the ${#var} notation produces the length of the current value of that variable, so this is an easy way to build up the $password variable until it's equal to the target length as specified in $length.

Here's a quick test run or two:

$ sh makepw.sh password generated = HDBYPMVETY password generated = EQKIQRCCZT password generated = DNCJMMXNHM

Looks great! Now the bigger challenge is to pick randomly from a set of choices. There are a couple ways to do it, but let's use a case statement, like this:

while [ ${#password} -lt $length ] ; do case $(( $RANDOM % 4 )) in 0 ) letter=${uppers:$(( $RANDOM % ${#uppers} )):1} ;; 1 ) letter=${lowers:$(( $RANDOM % ${#lowers} )):1} ;; 2 ) letter=${punct:$(( $RANDOM % ${#punct} )):1} ;; 3 ) letter=${digits:$(( $RANDOM % ${#digits} )):1} ;; esac password="${password}$letter" done

Since you're basically weighing upper, lower, digits and punctuation the same, it's not a huge surprise that the resultant passwords are rather punctuation-heavy:

$ sh makepw.sh password generated = 8t&4n=&b(B password generated = 5=B]9?CEqQ password generated = |1O|*;%&A;

These are all great passwords, impossible to guess algorithmically (and, yeah, hard to remember too, but that's an inevitable side effect of this kind of password algorithm).

Go to Full Article
Dave Taylor

How to install Pip on CentOS 7

3 weeks 2 days ago

 Linuxize: Pip is a package management system that simplifies installation and management of software packages written in Python such as those found in the Python Package Index (PyPI).

Linux 4.17 rc7

3 weeks 2 days ago

Linus Torvalds: So this week wasn't as calm as the previous weeks have been, but despite that I suspect this is the last rc.

GDPR Will Change Security and Privacy Everywhere

3 weeks 3 days ago

 eSecurityPlanet: Companies that have separate data protection and privacy policies for non-EU customers will find that solution unworkable; expect standards like Common Criteria and FIPS-140v2 to become global standards.

Privacy Plugins

3 weeks 3 days ago
by Kyle Rankin

Protect yourself from privacy-defeating ad trackers and malicious JavaScript with these privacy-protecting plugins.

Although your phone is probably the biggest threat to your privacy, your web browser is a close second. In the interest of providing you targeted ads, the web is littered with technology that attempts to track each site you go to via a combination of cookies and JavaScript snippets. These trackers aren't just a privacy threat, they are also a security threat. Because of how ubiquitous these ad networks are, attackers have figured out ways to infiltrate some of them and make them serve up even more malicious code.

The good news is that a series of privacy plugins work well with Firefox under Linux. They show up as part of the standard list of approved add-ons and will help protect you against these kinds of threats. Many different privacy plugins exist, but instead of covering them all, in this article, I highlight some of my personal favorites—the ones I install on all of my browsers. Although I discuss these plugins in the context of Firefox, many of them also are available for other Linux browsers. Because all of these plugins are standard Firefox add-ons, you can install them through your regular Firefox add-on search panel.

Privacy Badger

The EFF has done a lot of work recently to improve privacy and security for average users online, and its Privacy Badger plugin is the first one I want to cover here. The idea behind Privacy Badger is to apply some of the tools from different plugins like AdBlock Plus, Ghostery and others that inspect third-party JavaScript on a page. When that JavaScript comes from a known tracking network or attempts to install a tracking cookie on your computer, Privacy Badger steps in and blocks it.

If so many other plugins do something similar, why re-invent the wheel with Privacy Badger? Well, the downside to many of the other tools is that they often require user intervention to tweak and tune. Although it's great for people who want to spend their time doing that, average users probably rather would spend their time actually browsing the web. Privacy Badger has focused on providing similar protection without requiring any special tweaking or tuning. As you browse the web, it keeps track of these different sites, and by observing their behavior, decides whether they are tracking you.

Go to Full Article
Kyle Rankin