Feed aggregator

Rust Foundation Reports 20% of Rust Crates Use 'Unsafe' Keyword

Slashdot.org - 2 hours 58 min ago
A Rust Foundation blog post begins by reminding readers that Rust programs "are unable to compile if memory management rules are violated, essentially eliminating the possibility of a memory issue at runtime." But then it goes on to explore "Unsafe Rust in the wild" (used for a small set of actions like dereferencing a raw pointer, modifying a mutable static variable, or calling unsafe functions). "At a superficial glance, it might appear that Unsafe Rust undercuts the memory-safety benefits Rust is becoming increasingly celebrated for. In reality, the unsafe keyword comes with special safeguards and can be a powerful way to work with fewer restrictions when a function requires flexibility, so long as standard precautions are used." The Foundation lists those available safeguards — which "make exploits rare — but not impossible." But then they go on to analyze just how much Rust code actually uses the unsafe keyword: The canonical way to distribute Rust code is through a package called a crate. As of May 2024, there are about 145,000 crates; of which, approximately 127,000 contain significant code. Of those 127,000 crates, 24,362 make use of the unsafe keyword, which is 19.11% of all crates. And 34.35% make a direct function call into another crate that uses the unsafe keyword [according to numbers derived from the Rust Foundation project Painter]. Nearly 20% of all crates have at least one instance of the unsafe keyword, a non-trivial number. Most of these Unsafe Rust uses are calls into existing third-party non-Rust language code or libraries, such as C or C++. In fact, the crate with the most uses of the unsafe keyword is the Windows crate, which allows Rust developers to call into various Windows APIs. This does not mean that the code in these Unsafe Rust blocks are inherently exploitable (a majority or all of that code is most likely not), but that special care must be taken while using Unsafe Rust in order to avoid potential vulnerabilities... Rust lives up to its reputation as an excellent and transformative tool for safe and secure programming, even in an Unsafe context. But this reputation requires resources, collaboration, and constant examination to uphold properly. For example, the Rust Project is continuing to develop tools like Miri to allow the checking of unsafe Rust code. The Rust Foundation is committed to this work through its Security Initiative: a program to support and advance the state of security within the Rust Programming language ecosystem and community. Under the Security Initiative, the Rust Foundation's Technology team has developed new tools like [dependency-graphing] Painter, TypoMania [which checks package registries for typo-squatting] and Sandpit [an internal tool watching for malicious crates]... giving users insight into vulnerabilities before they can happen and allowing for a quick response if an exploitation occurs.

Read more of this story at Slashdot.

How A US Hospital is Using AI to Analyze X-Rays - With Help From Red Hat

Linux.Slashdot.org - 3 hours 58 min ago
This week Red Hat announced one of America's leading pediatric hospitals is using AI to analyze X-rays, "to improve image quality and the speed and accuracy of image interpretation." Red Hat's CTO said the move exemplifies "the positive impact AI can have in the healthcare field". Before Boston Children's Hospital began piloting AI in radiology, quantitative measurements had to be done manually, which was a time-consuming task. Other, more complex image analyses were performed completely offline and outside of the clinical workflow. In a field where time is of the essence, the hospital is piloting Red Hat OpenShift via the ChRIS Research Integration Service, a web-based medical image platform. The AI application running in ChRIS on the Red Hat OpenShift foundation has the potential to automatically examine x-rays, identify the most valuable diagnostic images among the thousands taken and flag any discrepancies for the radiologist. This decreases the interpretation time for radiologists. But it also seems to be a big win for openness: Innovation developed internally is immediately transferable to public research clouds such as the Massachusetts Open Cloud, where large-scale data sharing and additional innovation can be fostered. Boston Children's Hospital aims to extend the reach of advanced healthcare solutions globally through this approach, amplifying their impact on patient well-being worldwide. "Red Hat believes open unlocks the world's potential," the announcement concludes, "including the potential to share knowledge and build upon each other's discoveries. Additionally, Red Hat believes innovation — including AI — should be available everywhere, making any application, anywhere a reality. "With open source, enabling AI-fueled innovation across hybrid IT environments that can lead to faster clinical breakthroughs and better patient outcomes is a reality."

Read more of this story at Slashdot.

Categories: Linux

How A US Hospital is Using AI to Analyze X-Rays - With Help From Red Hat

Slashdot.org - 3 hours 58 min ago
This week Red Hat announced one of America's leading pediatric hospitals is using AI to analyze X-rays, "to improve image quality and the speed and accuracy of image interpretation." Red Hat's CTO said the move exemplifies "the positive impact AI can have in the healthcare field". Before Boston Children's Hospital began piloting AI in radiology, quantitative measurements had to be done manually, which was a time-consuming task. Other, more complex image analyses were performed completely offline and outside of the clinical workflow. In a field where time is of the essence, the hospital is piloting Red Hat OpenShift via the ChRIS Research Integration Service, a web-based medical image platform. The AI application running in ChRIS on the Red Hat OpenShift foundation has the potential to automatically examine x-rays, identify the most valuable diagnostic images among the thousands taken and flag any discrepancies for the radiologist. This decreases the interpretation time for radiologists. But it also seems to be a big win for openness: Innovation developed internally is immediately transferable to public research clouds such as the Massachusetts Open Cloud, where large-scale data sharing and additional innovation can be fostered. Boston Children's Hospital aims to extend the reach of advanced healthcare solutions globally through this approach, amplifying their impact on patient well-being worldwide. "Red Hat believes open unlocks the world's potential," the announcement concludes, "including the potential to share knowledge and build upon each other's discoveries. Additionally, Red Hat believes innovation — including AI — should be available everywhere, making any application, anywhere a reality. "With open source, enabling AI-fueled innovation across hybrid IT environments that can lead to faster clinical breakthroughs and better patient outcomes is a reality."

Read more of this story at Slashdot.

VBScript's 'Deprecation' Confirmed by Microsoft - and Eventual Removal from Windows

Slashdot.org - 6 hours 58 min ago
"Microsoft has confirmed plans to pull the plug on VBScript in the second half of 2024 in a move that signals the end of an era for programmers," writes Tech Radar. Though the language was first introduced in 1996, Microsoft's latest announcement says the move was made "considering the decline in VBScript usage": Beginning with the new OS release slated for later this year [Windows 11, version 24H2], VBScript will be available as features on demand. The feature will be completely retired from future Windows OS releases, as we transition to the more efficient PowerShell experiences. Around 2027 it will become "disabled by default," with the date of its final removal "to be determined." But the announcement confirms VBScript will eventually be "retired and eliminated from future versions of Windows." This means all the dynamic link libraries (.dll files) of VBScript will be removed. As a result, projects that rely on VBScript will stop functioning. By then, we expect that you'll have switched to suggested alternatives. The post recommends migirating applications to PowerShell or JavaScript. This year's annual "feature update" for Windows will also include Sudo for Windows, Rust in the Windows kernel, "and a number of user interface tweaks, such as the ability to create 7-zip and TAR archives in File Explorer," reports the Register. "It will also include the next evolution of Copilot into an app pinned to the taskbar." But the downgrading of VBScript "is part of a broader strategy to remove Windows and Office features threat actors use as attack vectors to infect users with malware," reports BleepingComputer: Attackers have also used VBScript in malware campaigns, delivering strains like Lokibot, Emotet, Qbot, and, more recently, DarkGate malware.

Read more of this story at Slashdot.

How to add interface to vnstat to database for monitoring

nixCraft - 9 hours 57 min ago
vnStat is a network traffic monitor for Linux and Unix-like systems. It logs network traffic at different intervals and doesn't require root permissions to run. The implementation involves two commands: vnstat for querying traffic information and vnstatd for data retrieval and storage. Let's see how to add a network interface to vnstat after installation for monitoring purposes. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to add interface to vnstat to database for monitoring appeared first on nixCraft. 2024-05-26T05:56:00Z 2024-05-26T05:56:00Z Vivek Gite

sttr – Awesome Linux & Unix tool for transformation of the string

nixCraft - 9 hours 57 min ago
sttr demo The sttr is a free and open-source command-line tool in Golang that lets you easily change and modify text. You can perform transformation operations on the string, such as hashing text, string manipulation, and more. sttr is beneficial for developers and *nix users requiring swift modification to strings or files directly via the command line or TUI. It is helpful in your scripting, data processing, and automation tasks at the CLI. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post sttr – Awesome Linux & Unix tool for transformation of the string appeared first on nixCraft. 2024-05-24T21:17:45Z 2024-05-24T21:17:45Z Vivek Gite

SSH Authentication refused: bad ownership or modes for file /home/user/.ssh/authorized_keys

nixCraft - 9 hours 57 min ago
I'm trying to login using ssh keys but server is only allows to login me using a password. The following message is logged into my Linux or Unix server /var/log/secure or /var/log/auth.log file: Feb 25 06:36:50 ns5 sshd[26681]: Authentication refused: bad ownership or modes for file /home/user/.ssh/authorized_keys2 Here is another message: May 24 18:28:35 ls-www-1 sshd[531320]: Connection closed by 18.1.2.3 port 43640 [preauth] May 24 18:28:44 ls-www-1 sshd[531322]: Authentication refused: bad ownership or modes for file /home/admin/.ssh/authorized_keys May 24 18:28:44 ls-www-1 sshd[531322]: Connection closed by authenticating user admin 18.1.2.3 port 43650 [preauth] How do I fix this problem? Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post SSH Authentication refused: bad ownership or modes for file /home/user/.ssh/authorized_keys appeared first on nixCraft. 2024-05-24T19:23:28Z 2024-05-24T19:23:28Z Vivek Gite

How to upgrade Alpine Linux 3.19 to 3.20

nixCraft - 9 hours 57 min ago
I am using Alpine Linux v3.18 or v3.19 with my LXD/Incus server. How do I upgrade Alpine Linux v3.19 to Alpine Linux v3.20? How can I upgrade Alpine Linux v3.18 to Alpine Linux v3.20? Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to upgrade Alpine Linux 3.19 to 3.20 appeared first on nixCraft. 2024-05-24T11:25:52Z 2024-05-24T11:25:52Z Vivek Gite

How to uninstall packages marked “rc” on Debian / Ubuntu Linux

nixCraft - 9 hours 57 min ago
In Debian and Ubuntu Linux, an "rc" status package means the package has been uninstalled, but its configuration files remain on the disk and take up space. Sometimes, certain directories are also in the /var/ directory. When you type the sudo apt remove pkg1 command, it deletes most of the data, but config files are left alone in case you reinstall that package again. You can free up disk space by removing unwanted config files. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to uninstall packages marked “rc” on Debian / Ubuntu Linux appeared first on nixCraft. 2024-05-22T09:30:57Z 2024-05-22T09:30:57Z Vivek Gite

How to reload .vimrc file without restarting vim on Linux/Unix

nixCraft - 9 hours 57 min ago
I am a new vim text editor user. I usually load ~/.vimrc using :vs ~/.vimrc for configuration. Once edited my ~/.vimrc file I need to reload it without having to quit Vim session. How do I edit my ~/.vimrc file and reload it without having to restart Vim on Linux or Unix-like system? Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to reload .vimrc file without restarting vim on Linux/Unix appeared first on nixCraft. 2024-05-19T11:03:00Z 2024-05-19T11:03:00Z Vivek Gite

How to temporarily disable IPv6 in Linux

nixCraft - 9 hours 57 min ago
Sometimes, you may need to temporarily disable IPv6 in the Linux using net.ipv6.conf.all.disable_ipv6 kernel variable for testing purposes. You can use the sysctl command to turn IPv6 connectivity on or off without rebooting the system. For example, observe how your app or network reacts when IPv6 connectivity is suddenly lost and only IPv4 is available. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to temporarily disable IPv6 in Linux appeared first on nixCraft. 2024-05-18T20:18:54Z 2024-05-18T20:18:54Z Vivek Gite

TCPDump: Capture and Record Specific Protocols / Port Traffic

nixCraft - 9 hours 57 min ago
How do I capture a specific protocol or port, such as 80 (HTTP) or 443 (HTTPS), using the TCPDump tool under Linux/UNIX? How do I record traffic with TCPDump and find problems later on with my network or server issues? Let's dive into the nitty-gritty of capturing and analyzing your network traffic for trapshooting network and server issues. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post TCPDump: Capture and Record Specific Protocols / Port Traffic appeared first on nixCraft. 2024-05-17T21:00:03Z 2024-05-17T21:00:03Z Vivek Gite

How to find ulimit for user on Linux

nixCraft - 9 hours 57 min ago
How can I find the correct ulimit values for a user account or process on Linux systems? Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to find ulimit for user on Linux appeared first on nixCraft. 2024-05-16T21:57:31Z 2024-05-16T21:57:31Z Vivek Gite

How to Set Up UFW Firewall on Ubuntu 24.04 LTS in 5 Minutes

nixCraft - 9 hours 57 min ago
A Ubuntu 24.04 LTS comes with UFW (uncomplicated firewall) that protects the desktop or server against unauthorized access. UFW is an easy-to-use frontend app for a Linux packet filtering system called Netfilter or nftables. Traditionally, Netfilter/nftables rules are set up or configured using the iptables command or nft command by developers and sysadmins. However, new Ubuntu Linux users and developers unfamiliar with firewall concepts find Netfilter/nft syntax confusing. Hence, the ufw project provides an easy-to-use frontend for Ubuntu 24.04 LTS Linux server and desktop. This quick guide makes setting up UFW on Ubuntu 24.04 LTS extremely simple. It provides step-by-step instructions for developers and sysadmins to secure their servers efficiently. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to Set Up UFW Firewall on Ubuntu 24.04 LTS in 5 Minutes appeared first on nixCraft. 2024-05-15T10:09:51Z 2024-05-15T10:09:51Z Vivek Gite

How to use find command to delete all *.log files created in last 90 days except for last 7 days

nixCraft - 9 hours 57 min ago
I have log files created whenever I patch or rebuild Linux containers. They are taking disk space. The logs are helpful if something fails. Otherwise, after a few weeks, those log files have no usage for me. So here is a quick tip on how to use the find command to delete all *.log files created in the last 90 days except for the previous 7 or 10 days. The commands mentioned in these tips are compatible with the Linux, FreeBSD, and macOS versions of the find command. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to use find command to delete all *.log files created in last 90 days except for last 7 days appeared first on nixCraft. 2024-05-15T06:56:03Z 2024-05-15T06:56:03Z Vivek Gite

How to add an IP alias to an EC2 instance on Debian/Ubuntu Linux

nixCraft - 9 hours 57 min ago
An IP alias on Debian, Ubuntu, or any other Linux distros refers to assigning multiple IP addresses to a single network interface. A single network interface card (NIC) can respond to multiple IP addresses and configurations. IP aliases are commonly used for various purposes, such as network segmentation, virtual hosting, load balancing, VPN, split DNS, network testing, and more. Let us see how to add IPv6 and IPv4 IP addresses to your AWS EC2 or Lightsail instance using the CLI without disturbing the IPv4/IPv6 addresses assigned by the AWS DHCP server. These instructions will also work with all other cloud providers, as most providers use DHCP to give you a public IPv4/IPv6 address. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to add an IP alias to an EC2 instance on Debian/Ubuntu Linux appeared first on nixCraft. 2024-05-14T20:43:57Z 2024-05-14T20:43:57Z Vivek Gite

How to install dnscrypt-proxy on Debian Linux 11/12

nixCraft - 9 hours 57 min ago
DNSCrypt-proxy is an open-source and free software designed to encrypt DNS traffic, thus protecting it from eavesdropping and manipulation. This is also useful to evade DNS censorship when DNSCrypt-proxy is configured correctly with Wireguard or OpenVPN. Further, DNSCrypt-proxy can configured to block malware, trackers, and internet ads. In Debian 11 and 12, using DNSCrypt-proxy can enhance privacy and security by preventing DNS spoofing attacks, DNS hijacking, and surveillance of DNS traffic. It ensures that DNS queries are encrypted, authenticated, and secure, thereby safeguarding users' browsing activities and sensitive information. Let us see how to install dnscrypt-proxy on Debian Linux 11 and 12. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to install dnscrypt-proxy on Debian Linux 11/12 appeared first on nixCraft. 2024-05-13T12:23:14Z 2024-05-13T12:23:14Z Vivek Gite

How to download a file with curl on Linux/Unix command line

nixCraft - 9 hours 57 min ago
I am a new macOS Unix user. I am writing a small bash shell script. How do I download file directly from the command-line interface using curl? How can I download file with cURL on a Linux or Unix-like systems? Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to download a file with curl on Linux/Unix command line appeared first on nixCraft. 2024-05-12T19:41:44Z 2024-05-12T19:41:44Z Vivek Gite

Linux/Unix: pstree Command Examples: See A Tree Of Processes

nixCraft - 9 hours 57 min ago
I am a new Linux user. How do I display the process on the Linux based server or desktop/laptop in easy to read tree format using bash shell prompt? Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post Linux/Unix: pstree Command Examples: See A Tree Of Processes appeared first on nixCraft. 2024-05-12T19:29:49Z 2024-05-12T19:29:49Z Vivek Gite

How to enable Debian 12 Backports repository

nixCraft - 9 hours 57 min ago
The Debian Linux 12 backports repository offers updated versions of software packages for Debian Stable releases. These packages are sourced from Testing (and sometimes Unstable) branches of Debian, and then optimized and recompiled to function on the current Stable release, such as Bookworm. Let us see how to install and use Debian Linux 12 "Bookworm" Backports repository. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to enable Debian 12 Backports repository appeared first on nixCraft. 2024-05-11T11:02:39Z 2024-05-11T11:02:39Z Vivek Gite

Syndicate content
Comment