Feed aggregator

Bash is a command language interpreter compatible with sh. It can execute commands read from a file or keyboard. On Debian Linux, bash-completion is a set of shell functions that uses Bash's programmable completion feature. This page provides instructions on installing and enabling Bash auto-completion on Debian Linux versions 10, 11, and 12 to increase productivity by writing custom bash code. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to add bash auto completion in Debian Linux appeared first on nixCraft. 2024-05-06T15:51:25Z 2024-05-06T15:51:25Z Vivek Gite

Recently, I had a learning experience with cron jobs and acme.sh. acme.sh is an excellent tool that simplifies the management of Let's Encrypt TLS (SSL) certificates. It makes obtaining and renewing these essential security certificates for your web server easier. Recently, I moved my server from Linode to AWS, which was a new environment for me. Initially, everything appeared to be working correctly, and I assumed everything was running smoothly. However, I forgot to migrate the cron job that acme.sh uses to renew the certificate automatically. This oversight caused my Let's Encrypt certificates to expire, resulting in security warnings and potential disruptions for visitors to my website. Opps! Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to add cron job entry for acme.sh appeared first on nixCraft. 2024-05-03T06:43:12Z 2024-05-03T06:43:12Z Vivek Gite

{nixCraft Patreon supporters content}Below is a sneak peek of this content! Ubuntu 24.04 LTS (Noble Numbat) was launched on April 25th, 2024. This new version will be supported for five years until June 2029. The armhf architecture now provides support for the Year 2038 problem. The upgrades include significant updates to core packages like Linux kernel, systemd, Netplan, […]The post How to Upgrade Ubuntu 22.04 to 24.04 LTS: A Complete Guide appeared first on Opensource Flare✨. 2024-04-26T18:25:08Z 2024-04-26T18:25:08Z Vivek Gite

Ubuntu 24.04 LTS (Noble Numbat) was launched on April 25th, 2024. This new version will be supported for five years until June 2029. The armhf architecture now provides support for the Year 2038 problem. The upgrades include significant updates to core packages like Linux kernel, systemd, Netplan, toolchain upgrades for better development support, enhanced security measures, and performance optimizations. It also has an updated GNOME desktop environment and other default applications. Let us see how to upgrade Ubuntu 22.04 LTS to Ubuntu 24.04 LTS using the CLI over ssh-based session. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to Upgrade Ubuntu 22.04 to 24.04 LTS: A Complete Guide appeared first on nixCraft. 2024-04-26T08:33:21Z 2024-04-26T08:33:21Z Vivek Gite

AWS SES (Amazon Simple Email Service) is a cloud-based email-sending service that is both reliable and cost-effective. This service is offered by Amazon Web Services. Postfix is a popular email server for Debian and Unix-like systems. It is an open-source Mail Transfer Agent (MTA) responsible for routing and delivering emails. Debian Linux is a widely used Linux distribution known for its stability and user-friendliness for server usage. Let us see how to integrate AWS SES with the Postfix MTA on Debian Linux version 11/12. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to configure AWS SES with Postfix MTA on Debian Linux appeared first on nixCraft. 2024-04-19T07:04:06Z 2024-04-19T07:04:06Z Vivek Gite

When you run the sudo apt update, you may see the following message or error on a Debian Linux: Err:5 http://deb.debian.org/debian buster-backports Release 404 Not Found [IP: 146.75.34.132 80] Reading package lists... Done E: The repository 'http://deb.debian.org/debian buster-backports Release' no longer has a Release file. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. Here is how to fix this issue. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post The repository ‘http://deb.debian.org/debian buster-backports Release’ no longer has a Release file. appeared first on nixCraft. 2024-04-14T20:42:01Z 2024-04-14T20:42:01Z Vivek Gite

You can find the timezone in Linux using the command line. The easiest way to do this is to type the "timedatectl" command and look for the "timezone" line when using modern Linux distros with systemd. There are other commands and ways to temporarily switch to a new timezone for date calculations. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How do I find out my timezone in Linux? appeared first on nixCraft. 2024-04-06T01:06:44Z 2024-04-06T01:06:44Z Vivek Gite

Synex Server: A New Debian Based Linux Distro With Native ZFS Installation Support  Phoronix

As 2026 begins, MIT Technology Review publishes "educated guesses" on emerging technologies that will define the future, advances "we think will drive progress or incite the most change — for better or worse — in the years ahead." This year's list includes next-gen nuclear, gene-editing drugs (as well as the "resurrection" of ancient genes from extinct creatures), and three AI-related developments: AI companions, AI coding tools, and "mechanistic interpretability" for revealing LLM decision-making. But also on the list is sodium-ion batteries, "a cheaper, safer alternative to lithium." Backed by major players and public investment, they're poised to power grids and affordable EVs worldwide. [Chinese battery giant CATL claims to have already started manufacturing sodium-ion batteries at scale, and BYD also plans a massive production facility for sodium-ion batteries.] The most significant impact of sodium-Âion technology may be not on our roads but on our power grids. Storing clean energy generated by solar and wind has long been a challenge. Sodium-ion batteries, with their low cost, enhanced thermal stability, and long cycle life, are an attractive alternative. Peak Energy, a startup in the US, is already deploying grid-scale sodium-ion energy storage. Sodium-ion cells' energy density is still lower than that of high-end lithium-ion ones, but it continues to improve each year — and it's already sufficient for small passenger cars and logistics vehicles. And another "breakthrough technology" on their list is commercial space stations: Vast Space from California, plans to launch its Haven-1 space station in May 2026 on a SpaceX Falcon 9 rocket. If all goes to plan, it will initially support crews of four people staying aboard the bus-size habitat for 10 days. Paying customers will be able to experience life in microgravity and conduct research such as growing plants and testing drugs. On its heels will be Axiom Space's outpost, the Axiom Station, consisting of five modules (or rooms). It's designed to look like a boutique hotel and is expected to launch in 2028. Voyager Space aims to launch its version, called Starlab, the same year, and Blue Origin's Orbital Reef space station plans to follow in 2030. Thanks to long-time Slashdot reader sandbagger for sharing the article.

Read more of this story at Slashdot.

In December 2024 the Google Threat Intelligence Group published research on the code of the commercial spyware "Predator". But there's now been new research by Jamf (the company behind a mobile device management solution) showing Predator is more dangerous and sophisticated than we realized, according to SecurityWeek. Long-time Slashdot reader wiredmikey writes: The new research reveals an error taxonomy that reports exactly why deployments fail, turning black boxes into diagnostic events for threat actors. Almost exclusively marketed to and used by national governments and intelligence agencies, the spyware also detects cybersecurity tools, suppresses forensics evidence, and has built-in geographic restrictions.

Read more of this story at Slashdot.

Ars Technica reports: Security firm Mandiant [part of Google Cloud] has released a database that allows any administrative password protected by Microsoft's NTLM.v1 hash algorithm to be hacked in an attempt to nudge users who continue using the deprecated function despite known weaknesses.... a precomputed table of hash values linked to their corresponding plaintext. These generic tables, which work against multiple hashing schemes, allow hackers to take over accounts by quickly mapping a stolen hash to its password counterpart... Mandiant said it had released an NTLMv1 rainbow table that will allow defenders and researchers (and, of course, malicious hackers, too) to recover passwords in under 12 hours using consumer hardware costing less than $600 USD. The table is hosted in Google Cloud. The database works against Net-NTLMv1 passwords, which are used in network authentication for accessing resources such as SMB network sharing. Despite its long- and well-known susceptibility to easy cracking, NTLMv1 remains in use in some of the world's more sensitive networks. One reason for the lack of action is that utilities and organizations in industries, including health care and industrial control, often rely on legacy apps that are incompatible with more recently released hashing algorithms. Another reason is that organizations relying on mission-critical systems can't afford the downtime required to migrate. Of course, inertia and penny-pinching are also causes. "By releasing these tables, Mandiant aims to lower the barrier for security professionals to demonstrate the insecurity of Net-NTLMv1," Mandiant said. "While tools to exploit this protocol have existed for years, they often required uploading sensitive data to third-party services or expensive hardware to brute-force keys." "Organizations that rely on Windows networking aren't the only laggards," the article points out. "Microsoft only announced plans to deprecate NTLMv1 last August." Thanks to Slashdot reader joshuark for sharing the news.

Read more of this story at Slashdot.

Friday a federal judge "cleared U.S. power company Dominion Energy to resume work on its Virginia offshore wind project." But a U.S. federal judge also ruled Thursday that another major offshore wind farm is allowed to resume construction, reports the Hill. "The project, which would supply power to New York, was one of five that were halted by the Trump administration in December...." In fact, there were three different court rulings this week each allowing construction to continue on a U.S. wind project: Judge Carl Nichols, a Trump appointee, granted a preliminary injunction allowing Empire Wind to keep building... Another, Revolution Wind, was also allowed to move forward in court this week... The project would provide enough power for up to 500,000 homes, according to its website. The court's decision allows construction to resume while the underlying case against the Trump order plays out. Meanwhile, power company Orsted "is also suing over the pause of its Sunrise Wind project for New York," reports the Associated Press, "with a hearing still to be set." The fifth paused project is Vineyard Wind, under construction in Massachusetts. Vineyard Wind LLC, a joint venture between Avangrid and Copenhagen Infrastructure Partners, joined the rest of the developers in challenging the administration on Thursday. CNN points out that the Vineyard Wind project "has been allowed to send power to the grid even amid Trump's suspension, a spokesperson for regional grid operator ISO-New England told CNN in an email." Residential customers in the mid-Atlantic region, including Virginia, desperately need more energy to service the skyrocketing demand from data centers â" and many are seeing spiking energy bills while they wait for new power to be brought online. CNN notes that president Trump said last week "My goal is to not let any windmill be built; they're losers." The Associated Press adds that "In contrast to the halted action in the US, the global offshore wind market is growing, with China leading the world in new installations. Nearly all of the new electricity added to the grid in 2024 was renewable. The British government said on Wednesday it had secured a record 8.4 gigawatts of offshore wind in Europe's largest offshore wind auction, enough clean electricity to power more than 12m homes."

Read more of this story at Slashdot.

Important AMDGPU & AMDKFD Driver Improvements Readied For Linux 6.20~7.0  Phoronix

Own a Raspberry Pi? You need to download this Raspbian Linux OS update - here's what's new  BetaNews

A new article from Bloomberg says dozens of America's colleges "succumbed to a fundamental problem killing colleges across the US: not enough students. The schools will award their final degrees this spring, stranding students not yet ready to graduate and forcing faculty and staff to hunt for new jobs." The country's tumbling birth rate is pushing schools toward a "demographic cliff," where a steadily dropping population of people in their late teens and early 20s will leave desks and classrooms empty. Many smaller, lesser-known schools like Cazenovia have already hit the precipice. They're firing professors, paring back liberal arts courses in favor of STEM — or closing altogether. Others will likely reach the cliff in the next few years... [T]the US birth rate ticked upward slightly before the 2008 financial crisis, and that brief demographic boost has kept enrollment at larger schools afloat. But the nationwide pool of college-aged Americans is expected to shrink after 2025. Schools face the risk that each incoming class could be smaller than the last. The financial pressure will be relentless... Since 2020, more than 40 schools have announced plans to close, displacing students and faculty and leaving host towns without a key economic engine... Close to 400 schools could vanish in the coming decade, according to Huron Consulting Group. The projected closures and mergers will impact around 600,000 students and redistribute about $18 billion in endowment funds, Huron estimates... Pennsylvania State University, citing falling enrollment at many of its regional branches, plans to shutter seven of its 20 branch campuses after the spring 2027 semester... [C]ampuses in far-flung places, without brand recognition, are falling out of favor with students already questioning the value of a college degree. For example, while Penn State's flagship University Park campus saw enrollment grow 5% from 2014 to 2024, 12 other Penn State campuses recorded a 35% drop, according to a report tasked with determining whether closures were necessary. The article notes that "Less than half of students whose schools shut down before they graduate re-enroll in another college or university, according to a 2022 study." But even at colleges that remain, "The shrinking supply of students has already sparked a frenzied competition for high school seniors..." Some public institutions are letting seniors bypass traditional requirements like essays and letters of recommendation to gain entry automatically... Direct-admission programs, which allow students to skip traditional applications, are one potential response. Some 15 states have them, according to Taylor Odle, assistant professor of educational policy studies at the University of Wisconsin-Madison. He found in a 2022 paper that direct admissions increased first-year undergrad enrollment by 4% to 8%... And they don't require nearly as many paid staff to run, since there are no essays or letters of recommendation to read.

Read more of this story at Slashdot.

Developer Claims Photoshop Installers Now Work on Linux Using Wine  Linuxiac

Podcast #852 - 9850X3D Launch Imminent, RTX SUPER Delay, 8GB GPUs, Zoicware, New SK Hynix Plant, Linux malware and MORE  PC Perspective

You don’t need a gaming distro — these Linux tweaks matter more  MakeUseOf

"A mega rocket set to take astronauts around the Moon for the first time in decades is being taken to its launch pad," the BBC reported this morning. NASA is livestreaming their move of the 11-million-pound "stack" — which includes the Artemis II Space Launch System (SLS) rocket and the Orion spacecraft secured to it, all standing on its Mobile Launch Platform. Travelling at less than 1 mile per hour, the move is expected to take 12 hours. The mission — which could blast off as soon as 6 February — is expected to take 10 days. It is part of a wider plan aimed at returning astronauts to the lunar surface. As well as the rocket being ready, the Moon has to be in the right place too, so successive launch windows are selected accordingly. In practice, this means one week at the beginning of each month during which the rocket is pointed in the right direction followed by three weeks where there are no launch opportunities. The potential launch dates are: — 6, 7, 8, 10 and 11 February — 6, 7, 8, 9 and 11 March — 1, 3, 4, 5 and 6 April "The crew of four will travel beyond the far side of the moon, which could set a new record for the farthest distance humans have ever traveled from Earth, currently held by Apollo 13," reports CNN: But why won't Artemis II land on the lunar surface? "The short answer is because it doesn't have the capability. This is not a lunar lander," said Patty Casas Horn, deputy lead for Mission Analysis and Integrated Assessments at NASA. "Throughout the history of NASA, everything that we do is a bit risky, and so we want to make sure that that risk makes sense, and only accept the risk that we have to accept, within reason. So we build out a capability, then we test it out, then we build out a capability, then we test it out. And we will get to landing on the moon, but Artemis II is really about the crew..." The upcoming flight is the first time that people will be on board the Artemis spacecraft: The Orion capsule will carry the astronauts around the moon, and the SLS rocket will launch Orion into Earth orbit before the crew continues deeper into space... The mission will begin with two revolutions around Earth, before starting the translunar injection — the maneuver that will take the spacecraft out of Earth orbit and on toward the moon — about 26 hours into the flight, Horn said. "That's when we set up for the big burn — it's about six minutes in duration. And once we do this, you're on your way back to Earth. There's nothing else that you need to do. You're going to go by the moon, and the moon's gravity is going to pull you around and swing you back towards the Earth...." Avoiding entering lunar orbit keeps the mission profile simpler, allowing the crew to focus on other tasks as there is no need to pilot the spacecraft in any way. "The Artemis program's first planned lunar lander is called the Starship HLS, or Human Landing System, and is currently under development by SpaceX..."

Read more of this story at Slashdot.

A couple months ago, YouTuber Benn Jordan "found vulnerabilities in some of Flock's license plate reader cameras," reports 404 Media's Jason Koebler. "He reached out to me to tell me he had learned that some of Flock's Condor cameras were left live-streaming to the open internet." This led to a remarkable article where Koebler confirmed the breach by visiting a Flock surveillance camera mounted on a California traffic signal. ("On my phone, I am watching myself in real time as the camera records and livestreams me — without any password or login — to the open internet... Hundreds of miles away, my colleagues are remotely watching me too through the exposed feed.") Flock left livestreams and administrator control panels for at least 60 of its AI-enabled Condor cameras around the country exposed to the open internet, where anyone could watch them, download 30 days worth of video archive, and change settings, see log files, and run diagnostics. Unlike many of Flock's cameras, which are designed to capture license plates as people drive by, Flock's Condor cameras are pan-tilt-zoom (PTZ) cameras designed to record and track people, not vehicles. Condor cameras can be set to automatically zoom in on people's faces... The exposure was initially discovered by YouTuber and technologist Benn Jordan and was shared with security researcher Jon "GainSec" Gaines, who recently found numerous vulnerabilities in several other models of Flock's automated license plate reader (ALPR) cameras. Jordan appeared this week as a guest on Koebler's own YouTube channel, while Jordan released a video of his own about the experience. titled "We Hacked Flock Safety Cameras in under 30 Seconds." (Thanks to Slashdot reader beadon for sharing the link.) But together Jordan and 404 Media also created another video three weeks ago titled "The Flock Camera Leak is Like Netflix for Stalkers" which includes footage he says was "completely accessible at the time Flock Safety was telling cities that the devices are secure after they're deployed." The video decries cities "too lazy to conduct their own security audit or research the efficacy versus risk," but also calls weak security "an industry-wide problem." Jordan explains in the video how he "very easily found the administration interfaces for dozens of Flock safety cameras..." — but also what happened next: None of the data or video footage was encrypted. There was no username or password required. These were all completely public-facing, for the world to see.... Making any modification to the cameras is illegal, so I didn't do this. But I had the ability to delete any of the video footage or evidence by simply pressing a button. I could see the paths where all of the evidence files were located on the file system... During and after the process of conducting that research and making that video, I was visited by the police and had what I believed to be private investigators outside my home photographing me and my property and bothering my neighbors. John Gaines or GainSec, the brains behind most of this research, lost employment within 48 hours of the video being released. And the sad reality is that I don't view these things as consequences or punishment for researching security vulnerabilities. I view these as consequences and punishment for doing it ethically and transparently. I've been contacted by people on or communicating with civic councils who found my videos concerning, and they shared Flock Safety's response with me. The company claimed that the devices in my video did not reflect the security standards of the ones being publicly deployed. The CEO even posted on LinkedIn and boasted about Flock Safety's security policies. So, I formally and publicly offered to personally fund security research into Flock Safety's deployed ecosystem. But the law prevents me from touching their live devices. So, all I needed was their permission so I wouldn't get arrested. And I was even willing to let them supervise this research. I got no response. So instead, he read Flock's official response to a security/surveillance industry research group — while standing in front of one of their security cameras, streaming his reading to the public internet. "Might as well. It's my tax dollars that paid for it." " 'Flock is committed to continuously improving security...'"

Read more of this story at Slashdot.