Podcast appearances and mentions of Kali Linux

video: https://youtu.be/5xKRqsWp46M On this episode of Destination Linux, we celebrate Flathub's stunning climb to 3 billion app downloads, explore how the new Kali Linux 2025.2 release can turn your Raspberry Pi into a powerhouse for ethical hacking, and unpack Fedora's controversial proposal to drop 32-bit support in Fedora 44. All of this and much more on Destination Linux! Forum Discussion Thread (https://destinationlinux.net/forum) Download as MP3 (https://aphid.fireside.fm/d/1437767933/32f28071-0b08-4ea1-afcc-37af75bd83d6/820d6060-43be-47b4-ba2d-d4b96c2d0f06.mp3) Support the show by becoming a patron at tuxdigital.com/membership (https://tuxdigital.com/membership) or get some swag at tuxdigital.com/store (https://tuxdigital.com/store) Hosted by: Ryan (DasGeek) = dasgeek.net (https://dasgeek.net) Jill Bryant = jilllinuxgirl.com (https://jilllinuxgirl.com) Michael Tunnell = michaeltunnell.com (https://michaeltunnell.com) Chapters: 00:00:00 Intro 00:01:39 Community Feedback 00:11:38 Sandfly Security 00:14:35 3 Billion Reasons Flathub Matters 00:37:02 Is i686 Support on the Fedora Chopping Block? 00:46:58 Meet Jasmine: The Launcher You Didn't Know You Needed 00:50:20 Michael's Secret Talent: Raptor LARPing 00:52:05 USB Wi-Fi Dongles: Choose Wisely 00:57:17 Ryan Recruits His Boss for Linux 00:58:38 Ubuntu's Problem: It Looks Amazing 01:00:19 Support the Show 01:02:13 Outro 01:02:32 Post Show Links: Community Feedback Ladybird video = https://www.youtube.com/watch?v=9YM7pDMLvr4 (https://www.youtube.com/watch?v=9YM7pDMLvr4) https://destinationlinux.net/comments (https://destinationlinux.net/comments) https://destinationlinux.net/forum (https://destinationlinux.net/forum) Sandfly Security, agentless Linux security https://destinationlinux.net/sandfly (https://destinationlinux.net/sandfly) 3 Billion Reasons Flathub Matters https://flathub.org/statistics (https://flathub.org/statistics) https://ostechnix.com/flathub-3-billion-downloads/ (https://ostechnix.com/flathub-3-billion-downloads/) Kali Linux for Raspberry Pi https://www.kali.org/blog/kali-linux-2025-2-release/ (https://www.kali.org/blog/kali-linux-2025-2-release/) https://www.techradar.com/pro/security/kali-linux-gets-a-major-upgrade-with-more-than-10-new-hacking-tools-plus-vpn-ip-extension-great-for-ethical-hackers-and-pentest-pros (https://www.techradar.com/pro/security/kali-linux-gets-a-major-upgrade-with-more-than-10-new-hacking-tools-plus-vpn-ip-extension-great-for-ethical-hackers-and-pentest-pros) Is i686 Support on the Fedora Chopping Block? https://discussion.fedoraproject.org/t/f44-change-proposal-drop-i686-support-system-wide/156324 (https://discussion.fedoraproject.org/t/f44-change-proposal-drop-i686-support-system-wide/156324) Meet Jasmine: The Launcher You Didn't Know You Needed https://flathub.org/apps/io.github.alamahant.Jasmine (https://flathub.org/apps/io.github.alamahant.Jasmine) USB Wi-Fi Dongles: Choose Wisely https://amzn.to/3ZZozSG (https://amzn.to/3ZZozSG) Support the Show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/)

This week we ask the question, when is it okay to leverage technology you don't understand, and when should you work to acquire the underlying domain knowledge? -- During The Show -- 00:52 Intro Cut from the same cloth 02:12 When to Leverage Tools Will always be jobs for deep understanding Lets Encrypt shortening life of certs AWX story Why AWX Short term damage control Advice for someone else You have to understand the manual process Is it still possible to dig down? Clicking through UI skill set How much time do you spend down the rabbit hole 23:09 News Wire Open ZFS 2.3.3 - phoronix.com (https://www.phoronix.com/news/OpenZFS-2.3.3) Open ZFS 2.2.8 - phoronix.com (https://www.phoronix.com/news/OpenZFS-2.2.8-Released) Darktable 5.2 - darktable.org (https://www.darktable.org/2025/06/darktable-5.2.0-released/) QtCreator 17 - qt.io (https://www.qt.io/blog/qt-creator-17-released) Nano 8.5 - gnu.org (https://lists.gnu.org/archive/html/info-gnu/2025-06/msg00003.html) MKVToolNix 93.0 - mkvtoolnix.download (https://mkvtoolnix.download/windows/releases/93.0/) Linux 6.14 EOL - endoflife.date (https://endoflife.date/linux) Plasma 6.4 - kde.org (https://kde.org/announcements/plasma/6/6.4.0/) KDE Frameworks 6.15 - kde.org (https://kde.org/announcements/frameworks/6/6.15.0/) IceWM 3.8 - phoronix.com (https://www.phoronix.com/news/IceWM-3.8-Released) Sway 1.15 - github.com (https://github.com/swaywm/sway/releases/tag/1.11) WSL 2.6 Open Source - phoronix.com (https://www.phoronix.com/news/Microsoft-WSL-2.6-Open-Source) PostmarketOS 25.06 - postmarketos.org (https://postmarketos.org/blog/2025/06/22/v25.06-release/) Rocky Linux 10.0 - rockylinux.org (https://rockylinux.org/news/rocky-linux-10-0-ga-release) Kali Linux 2025.02 - kali.org (https://www.kali.org/blog/kali-linux-2025-2-release/) Amazon Linux 2023 FIPS 140-3 - aws.amazon.com (https://aws.amazon.com/blogs/compute/amazon-linux-2023-achieves-fips-140-3-validation/) PAM & Udisks Flaws - thehackernews.com (https://thehackernews.com/2025/06/new-linux-flaws-enable-full-root-access.html) Mistral 3.2 - venturebeat.com (https://venturebeat.com/ai/mistral-just-updated-its-open-source-small-model-from-3-1-to-3-2-heres-why/) MiniMax M1 - theregister.com (https://www.theregister.com/2025/06/17/minimax_m1_model_chinese_llm/) 24:40 AI vs Privacy Users don't want sensitive data retained Claims order creates "mass surveillance program" If it's on the internet, it's public Expectation of using AI Will this change the way people use these tools Responsibility is on the professional Approaching 50/50 AI/Human internet data Data mining and model training ARSTechnica (https://arstechnica.com/tech-policy/2025/06/judge-rejects-claim-that-forcing-openai-to-keep-chatgpt-logs-is-mass-surveillance/) 41:00 Framework 12 inch Laptop Designed to be repaired Framework presenter pulled off the keyboard live 13 inch vs 15 inch laptops Touch screen 2 in 1 Productivity on the plane Phoronix (https://www.phoronix.com/review/framework-laptop-12) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/447) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

video: https://youtu.be/XZXpfvmlo9g Comment on the TWIL Forum (https://thisweekinlinux.com/forum) This week in Linux, we have a jam packed episode for you. The KDE team have released a brand new version of the Plasma desktop. We're also going to talk about some big changes coming to Arch Linux and the pentesting distro, Kali Linux. Plus we got a trifecta of great news from Valve this week related to Steam & Proton that is bound to be exciting for Linux gamers. Then we're going to check out a major update to the OpenMoonRay renderer from DreamWorks Animation... yea that DreamWorks. All of this and more on This Week in Linux, the weekly news show that keeps you up to date with what's going on in the Linux and Open Source world. Now let's jump right into Your Source for Linux GNews! Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/534de706-33b5-4fa3-81fb-04a076e6e899.mp3) Support the Show Become a Patron = tuxdigital.com/membership (https://tuxdigital.com/membership) Store = tuxdigital.com/store (https://tuxdigital.com/store) Chapters: 00:00 Intro 00:50 KDE Plasma 6.4 Desktop Released 07:56 Arch Linux switches to WoW64 Wine 10:51 Kali Linux 2025.2 Released 14:40 Sandfly Security, agentless Linux security [ad] 16:37 Valve hits 20,000 playable Steam Deck games and flips Proton on by default 19:36 DreamWorks Animation's OpenMoonRay adds NUMA Support 22:26 20 Years of the Open Invention Network 24:19 SDL Implements the Pointer Warp Protocol 29:31 Outro Links: KDE Plasma 6.4 Desktop Released https://kde.org/announcements/plasma/6/6.4.0/ (https://kde.org/announcements/plasma/6/6.4.0/) Arch Linux switches to WoW64 Wine https://archlinux.org/news/transition-to-the-new-wow64-wine-and-wine-staging/ (https://archlinux.org/news/transition-to-the-new-wow64-wine-and-wine-staging/) https://www.phoronix.com/news/Arch-Linux-WoW64-Wine (https://www.phoronix.com/news/Arch-Linux-WoW64-Wine) https://ostechnix.com/arch-linux-wine-wow64-transition/ (https://ostechnix.com/arch-linux-wine-wow64-transition/) Kali Linux 2025.2 Released https://www.kali.org/blog/kali-linux-2025-2-release/ (https://www.kali.org/blog/kali-linux-2025-2-release/) GNOME 48 on TWIL 303 - https://thisweekinlinux.com/303 (https://thisweekinlinux.com/303) My GNOME 48 video - https://tuxdigital.com/videos/gnome-48-released/ (https://tuxdigital.com/videos/gnome-48-released/) Plasma 6.3 on TWIL 298 - https://thisweekinlinux.com/298 (https://thisweekinlinux.com/298) Sandfly Security, agentless Linux security [ad] https://thisweekinlinux.com/sandfly (https://thisweekinlinux.com/sandfly) Valve hits 20,000 playable Steam Deck games and flips Proton on by default https://www.gamingonlinux.com/2025/06/steam-deck-and-steamos-hit-20000-playable-games/ (https://www.gamingonlinux.com/2025/06/steam-deck-and-steamos-hit-20000-playable-games/) https://www.gamingonlinux.com/2025/06/steam-beta-finally-enables-proton-on-linux-fully-making-linux-gaming-simpler/ (https://www.gamingonlinux.com/2025/06/steam-beta-finally-enables-proton-on-linux-fully-making-linux-gaming-simpler/) https://www.gamingonlinux.com/2025/06/steam-gets-a-new-steam-deck-like-performance-monitor-now-in-beta-replacing-the-fps-counter/ (https://www.gamingonlinux.com/2025/06/steam-gets-a-new-steam-deck-like-performance-monitor-now-in-beta-replacing-the-fps-counter/) DreamWorks Animation's OpenMoonRay adds NUMA Support https://openmoonray.org/ (https://openmoonray.org/) https://github.com/dreamworksanimation/openmoonray/releases/tag/openmoonray-2.15.0.1 (https://github.com/dreamworksanimation/openmoonray/releases/tag/openmoonray-2.15.0.1) https://www.phoronix.com/news/OpenMoonRay-Goes-NUMA (https://www.phoronix.com/news/OpenMoonRay-Goes-NUMA) https://www.cgchannel.com/2025/06/dreamworks-animation-releases-moonray-2-15/ (https://www.cgchannel.com/2025/06/dreamworks-animation-releases-moonray-2-15/) 20 Years of the Open Invention Network https://openinventionnetwork.com/open-invention-network-celebrates-20-years/ (https://openinventionnetwork.com/open-invention-network-celebrates-20-years/) SDL Implements the Pointer Warp Protocol https://www.libsdl.org/ (https://www.libsdl.org/) https://github.com/libsdl-org/SDL/pull/10922 (https://github.com/libsdl-org/SDL/pull/10922) SDL 3 on TWIL 295 - https://tuxdigital.com/podcasts/this-week-in-linux/twil-295/ (https://tuxdigital.com/podcasts/this-week-in-linux/twil-295/) Support the show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/)

If you like what you hear, please subscribe, leave us a review and tell a friend!

¿Estás pensando en pasarte a Linux pero no sabes por dónde empezar? En este episodio te explico, con humor y claridad, qué distribución de Linux se adapta mejor a ti según tu perfil: uso personal, profesional, si eres principiante o quieres trastear como un pro. Hablamos de Ubuntu, Linux Mint, Debian y Kali Linux, todo sin tecnicismos ni rollos raros. ¡Prepárate para descubrir que Linux no es solo para expertos y que tú también puedes lanzarte a probarlo!

Hauke, Jean und Micha sind heute dabei und reden über 20 Jahre Proxmox, PweDiePies Linux Video, SUSE ohne YAST und Kali-Linux verliert den Reposchlüssel. Und dabei wird natürlich der ein oder andere Umweg genommen.

We hit a milestone today as this is our 50th Podcast Episode! A Big thank you to You, our listeners for your continued support!* Kali Linux Users Face Update Issues After Repository Signing Key Loss* CISOs Advised to Secure Personal Protections Against Scapegoating and Whistleblowing Risks* WhatsApp Launches Advanced Chat Privacy to Safeguard Sensitive Conversations* Samsung Confirms Security Vulnerability in Galaxy Devices That Could Expose Passwords* Former Disney Menu Manager Sentenced to 3 Years for Malicious System AttacksKali Linux Users Face Update Issues After Repository Signing Key Losshttps://www.kali.org/blog/new-kali-archive-signing-key/Offensive Security has announced that Kali Linux users will need to manually install a new repository signing key following the loss of the previous key. Without this update, users will experience system update failures.The company recently lost access to the old repository signing key (ED444FF07D8D0BF6) and had to create a new one (ED65462EC8D5E4C5), which has been signed by Kali Linux developers using signatures on the Ubuntu OpenPGP key server. OffSec emphasized that the key wasn't compromised, so the old one remains in the keyring.Users attempting to update their systems with the old key will encounter error messages stating "Missing key 827C8569F2518CC677FECA1AED65462EC8D5E4C5, which is needed to verify signature."To address this issue, the Kali Linux repository was frozen on February 18th. "In the coming day(s), pretty much every Kali system out there will fail to update," OffSec warned. "This is not only you, this is for everyone, and this is entirely our fault."To avoid update failures, users are advised to manually download and install the new repository signing key by running the command: sudo wget https://archive.kali.org/archive-keyring.gpg -O /usr/share/keyrings/kali-archive-keyring.gpgFor users unwilling to manually update the keyring, OffSec recommends reinstalling Kali using images that include the updated keyring.This isn't the first time Kali Linux users have faced such issues. A similar incident occurred in February 2018 when developers allowed the GPG key to expire, also requiring manual updates from users.CISOs Advised to Secure Personal Protections Against Scapegoating and Whistleblowing Riskshttps://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1727392520218001o5wvhttps://www.theregister.com/2025/04/28/ciso_rsa_whistleblowing/Chief Information Security Officers should negotiate personal liability insurance and golden parachute agreements when starting new roles to protect themselves in case of organizational conflicts, according to a panel of security experts at the RSA Conference.During a session on CISO whistleblowing, experienced security leaders shared cautionary tales and strategic advice for navigating the increasingly precarious position that has earned the role the nickname "chief scapegoat officer" in some organizations.Dd Budiharto, former CISO at Marathon Oil and Philips 66, revealed she was once fired for refusing to approve fraudulent invoices for work that wasn't delivered. "I'm proud to say I've been fired for not being willing to compromise my integrity," she stated. Despite losing her position, Budiharto chose not to pursue legal action against her former employer, a decision the panel unanimously supported as wise to avoid industry blacklisting.Andrew Wilder, CISO of veterinarian network Vetcor, emphasized that security executives should insist on two critical insurance policies before accepting new positions: directors and officers insurance (D&O) and personal legal liability insurance (PLLI). "You want to have personal legal liability insurance that covers you, not while you are an officer of an organization, but after you leave the organization as well," Wilder advised.Wilder referenced the case of former Uber CISO Joe Sullivan, noting that Sullivan's Uber-provided PLLI covered PR costs during his legal proceedings following a data breach cover-up. He also stressed the importance of negotiating severance packages to ensure whistleblowing decisions can be made on ethical rather than financial grounds.The panelists agreed that thorough documentation is essential for CISOs. Herman Brown, CIO for San Francisco's District Attorney's Office, recommended documenting all conversations and decisions. "Email is a great form of documentation that doesn't just stand for 'electronic mail,' it also stands for 'evidential mail,'" he noted.Security leaders were warned to be particularly careful about going to the press with complaints, which the panel suggested could result in even worse professional consequences than legal action. Similarly, Budiharto cautioned against trusting internal human resources departments or ethics panels, reminding attendees that HR ultimately works to protect the company, not individual employees.The panel underscored that proper governance, documentation, and clear communication with leadership about shared security responsibilities are essential practices for CISOs navigating the complex political and ethical challenges of their role.WhatsApp Launches Advanced Chat Privacy to Safeguard Sensitive Conversationshttps://blog.whatsapp.com/introducing-advanced-chat-privacyWhatsApp has rolled out a new "Advanced Chat Privacy" feature designed to provide users with enhanced protection for sensitive information shared in both private and group conversations.The new privacy option, accessible by tapping on a chat name, aims to prevent the unauthorized extraction of media and conversation content. "Today we're introducing our latest layer for privacy called 'Advanced Chat Privacy.' This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy," WhatsApp announced in its release.When enabled, the feature blocks other users from exporting chat histories, automatically downloading media to their devices, and using messages for AI features. According to WhatsApp, this ensures "everyone in the chat has greater confidence that no one can take what is being said outside the chat."The company noted that this initial version is now available to all users who have updated to the latest version of the app, with plans to strengthen the feature with additional protections in the future. However, WhatsApp acknowledges that certain vulnerabilities remain, such as the possibility of someone photographing a conversation screen even when screenshots are blocked.This latest privacy enhancement continues WhatsApp's long-standing commitment to user security, which began nearly seven years ago with the introduction of end-to-end encryption. The platform has steadily expanded its privacy capabilities since then, implementing end-to-end encrypted chat backups for iOS and Android in October 2021, followed by default disappearing messages for new chats in December of the same year.More recent security updates include chat locking with password or fingerprint protection, a Secret Code feature to hide locked chats, and location hiding during calls by routing connections through WhatsApp's servers. Since October 2024, the platform has also encrypted contact databases for privacy-preserving synchronization.Meta reported in early 2020 that WhatsApp serves more than two billion users across over 180 countries, making these privacy enhancements significant for a substantial portion of the global messaging community.Samsung Confirms Security Vulnerability in Galaxy Devices That Could Expose Passwordshttps://us.community.samsung.com/t5/Suggestions/Implement-Auto-Delete-Clipboard-History-to-Prevent-Sensitive/m-p/3200743Samsung has acknowledged a significant security flaw in its Galaxy devices that potentially exposes user passwords and other sensitive information stored in the clipboard.The issue was brought to light by a user identified as "OicitrapDraz" who posted concerns on Samsung's community forum on April 14. "I copy passwords from my password manager all the time," the user wrote. "How is it that Samsung's clipboard saves everything in plain text with no expiration? That's a huge security issue."In response, Samsung confirmed the vulnerability, stating: "We understand your concerns regarding clipboard behavior and how it may affect sensitive content. Clipboard history in One UI is managed at the system level." The company added that the user's "suggestion for more control over clipboard data—such as auto-clear or exclusion options—has been noted and shared with the appropriate team for consideration."One UI is Samsung's customized version of Android that runs on Galaxy smartphones and tablets. The security flaw means that sensitive information copied to the clipboard remains accessible in plain text without any automatic expiration or encryption.As a temporary solution, Samsung recommended that users "manually clear clipboard history when needed and use secure input methods for sensitive information." This stopgap measure puts the burden of security on users rather than providing a system-level fix.Security experts are particularly concerned now that this vulnerability has been publicly acknowledged, as it creates a potential "clipboard wormhole" that attackers could exploit to access passwords and other confidential information on affected devices. Users of Samsung Galaxy devices are advised to exercise extreme caution when copying sensitive information until a more comprehensive solution is implemented.Former Disney Menu Manager Sentenced to 3 Years for Malicious System Attackshttps://www.theregister.com/2025/04/29/former_disney_employee_jailed/A former Disney employee has received a 36-month prison sentence and been ordered to pay nearly $688,000 in fines after pleading guilty to sabotaging the entertainment giant's restaurant menu systems following his termination.Michael Scheuer, a Winter Garden, Florida resident who previously served as Disney's Menu Production Manager, was arrested in October and charged with violating the Computer Fraud and Abuse Act (CFAA) and committing aggravated identity theft. He accepted a plea agreement in January, with sentencing finalized last week in federal court in Orlando.According to court documents, Scheuer's June 13, 2024 termination from Disney for misconduct was described as "contentious and not amicable." In July, he retaliated by making unauthorized access to Disney's Menu Creator application, hosted by a third-party vendor in Minnesota, and implementing various destructive changes.The attacks included replacing Disney's themed fonts with Wingdings, rendering menus unreadable, and altering menu images and background files to display as blank white pages. These changes propagated throughout the database, making the Menu Creator system inoperable for one to two weeks. The damage was so severe that Disney has since abandoned the application entirely.Particularly concerning were Scheuer's alterations to allergen information, falsely indicating certain menu items were safe for people with specific allergies—changes that "could have had fatal consequences depending on the type and severity of a customer's allergy," according to the plea agreement. He also modified wine region labels to reference locations of mass shootings, added swastika graphics, and altered QR codes to direct customers to a website promoting a boycott of Israel.Scheuer employed multiple methods to conduct his attacks, including using an administrative account via a Mullvad VPN, exploiting a URL-based contractor access mechanism, and targeting SFTP servers that stored menu files. He also conducted denial of service attacks that made over 100,000 incorrect login attempts, locking out fourteen Disney employees from their enterprise accounts.The FBI executed a search warrant at Scheuer's residence on September 23, 2024, at which point the attacks immediately ceased. Agents discovered virtual machines used for the attacks and a "doxxing file" containing personal information on five Disney employees and a family member of one worker.Following his prison term, Scheuer will undergo three years of supervised release with various conditions, including a prohibition on contacting Disney or any of the individual victims. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com

Gimp 3 is finally here, after 7,10, 13, or 20 years of waiting, depending on who you ask. Blender 4.4 and Calibre 8 are out, Fedora 42 goes Beta, and Gnome 48 is available. Firefox finally brings back PWA, Linux 6.15 fixes a de-randomized security misfeature, and Asahi Lina has stepped back from Linux GPU development. For tips, we have the ifne command for if not empty, pw-metadata for getting and setting options in Pipewire, Lutris and Gamescope for running old Wine games on high resolution displays, and talk for old school text chatting in a terminal. You can find the show notes at https://bit.ly/41QPaBp and have a great week! Host: Jonathan Bennett Co-Hosts: Rob Campbell, Jeff Massie, and Ken McDonald Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

video: https://youtu.be/DVABDjehaWM Comment on the TWIL Forum (https://thisweekinlinux.com/forum) This week in Linux, there is just so much to talk about that we couldn't fit it all in the show. It is just a stacked week. And we're going to be starting things off with GNOME 48. That was released this week. Also, GIMP 3.0 was released. There's a new version of Kali Linux that's out. SteamOS 3.7.0 Preview has been released from Valve. And Pebble Watches are back. All of this and more on This Week in Linux, the weekly news show that keeps you up to date with what's going on in the Linux and open source world. So let's jump right into Your Source for Linux GNews. Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/5fb98f6c-a929-481f-8957-84b4ebecfb7f.mp3) Support the Show Become a Patron = tuxdigital.com/membership (https://tuxdigital.com/membership) Store = tuxdigital.com/store (https://tuxdigital.com/store) Chapters: 00:00 Intro 00:41 GNOME 48 Released 06:08 GIMP 3.0 Released 12:08 Enlightenment 0.27.1 Released 14:31 Sandfly Security, agentless Linux security [ad] 16:26 elementary OS 8.0.1 Released 19:34 Two New PebbleOS Watches 24:00 Kali Linux 2025.1a Released 28:11 SteamOS 3.7.0 Preview Released 32:06 Support the show Links: GNOME 48 Released https://release.gnome.org/48/ (https://release.gnome.org/48/) https://youtu.be/F_JSFOo1LKQ (https://youtu.be/F_JSFOo1LKQ) GIMP 3.0 Released https://www.gimp.org/ (https://www.gimp.org/) https://www.gimp.org/news/2025/03/16/gimp-3-0-released/ (https://www.gimp.org/news/2025/03/16/gimp-3-0-released/) https://github.com/Diolinux/PhotoGIMP (https://github.com/Diolinux/PhotoGIMP) https://youtu.be/BQrW3hdrzH0 (https://youtu.be/BQrW3hdrzH0) Enlightenment 0.27.1 Released https://www.enlightenment.org/ (https://www.enlightenment.org/) https://www.enlightenment.org/news/2025-03-14-enlightenment-0.27.1 (https://www.enlightenment.org/news/2025-03-14-enlightenment-0.27.1) Sandfly Security, agentless Linux security [ad] https://thisweekinlinux.com/sandfly (https://thisweekinlinux.com/sandfly) elementary OS 8.0.1 Released https://blog.elementary.io/os-8-0-1-available-now/ (https://blog.elementary.io/os-8-0-1-available-now/) Two New PebbleOS Watches https://ericmigi.com/blog/introducing-two-new-pebbleos-watches (https://ericmigi.com/blog/introducing-two-new-pebbleos-watches) https://store.repebble.com/ (https://store.repebble.com/) Kali Linux 2025.1a Released https://www.kali.org/blog/kali-linux-2025-1-release/ (https://www.kali.org/blog/kali-linux-2025-1-release/) Xfce 4.20 https://thisweekinlinux.com/291 (https://thisweekinlinux.com/291) KDE Plasma 6.2 https://thisweekinlinux.com/281 (https://thisweekinlinux.com/281) 6.1 https://thisweekinlinux.com/268 (https://thisweekinlinux.com/268) 6.0 https://thisweekinlinux.com/255 (https://thisweekinlinux.com/255) SteamOS 3.7.0 Preview Released https://steamcommunity.com/games/1675200/announcements/detail/529841158837240757 (https://steamcommunity.com/games/1675200/announcements/detail/529841158837240757) Support the show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/)

This week Eric Hendricks joins us to help us solve problems, and bring some insight to RHEL 10 beta! -- During The Show -- 00:52 Intro Eric Hendricks ITGuyEric Red Hat Technical Marketer Fedora Podcast Host Steve's PSA - Spook (https://spook.boo/) Entities Other problems Help Steve Out - Firefox and authenticated proxy Mac OS breaking open source Gatekeeper 20:05 Threema for Messaging - Michael Technology is a tool for relationships Paid app Designed for private communication Checks a lot of boxes Network effect threematrix (https://github.com/bitbetterde/Threematrix) not updated recently Beeper 31:30 7 Inch Touch Screen Make the touch screen the primary display USB cable emulates a mouse Crash cart tech 35:07 News Wire Gnome 46.7 - gnome.org (https://discourse.gnome.org/t/gnome-46-7-released/25560) KDE Frameworks 6.9 - kde.org (https://kde.org/announcements/frameworks/6/6.9.0/) KDE Gear 24.12 - kde.org (https://kde.org/announcements/gear/24.12.0/) XFCE 4.20 - github.io (https://alexxcons.github.io/blogpost_14.html) QEMU 9.2 - qemu.org (https://wiki.qemu.org/ChangeLog/9.2) CentOS Stream 10 - centos.org (https://blog.centos.org/2024/12/introducing-centos-stream-10/) Red Hat has announced that CentOS Stream 10 is available. Kali Linux 2024.4 - bleepingcomputer.com (https://www.bleepingcomputer.com/news/security/kali-linux-20244-released-with-14-new-tools-deprecates-some-features/) Fedora Asahi 41 - forbes.com (https://www.forbes.com/sites/jasonevangelho/2024/12/17/fedora-asahi-remix-41-released-linux-on-your-apple-silicon-mac/) Fedora Asahi Remix 41 Released Pumakit - bleepingcomputer.com (https://www.bleepingcomputer.com/news/security/new-stealthy-pumakit-linux-rootkit-malware-spotted-in-the-wild/) Open Source Malware - helpnetsecurity.com (https://www.helpnetsecurity.com/2024/12/11/open-source-malware/) Boltz-1 - mit.edu (https://news.mit.edu/2024/researchers-introduce-boltz-1-open-source-model-predicting-biomolecular-structures-1217) 36:30 Self Hosting Hiccups SwiftFin app Jellyfin (https://jellyfin.org/) Nextcloud photo sync PhotoSync app Infuse app had to update the server side infuse plugin Immich (https://immich.app/) 47:10 RHEL 10 Public Beta Do Not install in production Relation between RHEL 10 Beta and CentOS 10 Special Interest Groups (SIGs) Get it for free with a developer account -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/420) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed) Special Guest: Eric Hendricks.

Sponsor by ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠SEC Playground⁠ --- Support this podcast: https://podcasters.spotify.com/pod/show/chillchillsecurity/support

video: https://youtu.be/ow1S0hWk0E0 On this weeks episode we're going to discuss malware that's so ruthless it's ready for a street fight. Welcome to Destination Linux, where we discuss the latest news, hot topics, gaming, mobile, and all things Open Source & Linux. Also this week, we're going to discuss Pentesting distro tools and running full Linux on your Android. Plus we got some Linux Gaming, and our Software Spotlight, and more. Now let's get this show on the road toward Destination Linux! Download as MP3 (https://aphid.fireside.fm/d/1437767933/32f28071-0b08-4ea1-afcc-37af75bd83d6/cb8b3a9a-06a5-438a-ab07-08c5f227e4ba.mp3) Support the show by becoming a patron at tuxdigital.com/membership (https://tuxdigital.com/membership) or get some swag at tuxdigital.com/store (https://tuxdigital.com/store) Hosted by: Ryan (DasGeek) = dasgeek.net (https://dasgeek.net) Jill Bryant = jilllinuxgirl.com (https://jilllinuxgirl.com) Michael Tunnell = michaeltunnell.com (https://michaeltunnell.com) Chapters: 00:00:00 Intro 00:01:02 Community Feedback 00:06:08 Kali Linux 00:22:25 News: New Malware Street Fighter Style 00:31:28 Hackers Target Teens 00:35:25 Spying Cars 00:38:02 Mobile News: Apple Gives Up On Pegasus Lawsuit 00:46:07 Gaming: Sword and Shield Idle 00:48:39 Software Spotlight: CSI Linux 00:56:01 Tip of the Week: Lindroid 01:00:16 Support the Show Links: Community Feedback https://tuxdigital.com/comments (https://tuxdigital.com/comments) https://tuxdigital.com/forum (https://tuxdigital.com/forum) Kali Linux https://www.kali.org/ (https://www.kali.org/) News: New Malware Street Fighter Style https://www.bleepingcomputer.com/news/security/new-linux-malware-hadooken-targets-oracle-weblogic-servers/ (https://www.bleepingcomputer.com/news/security/new-linux-malware-hadooken-targets-oracle-weblogic-servers/) https://www.scmagazine.com/news/akira-takes-in-42-million-in-ransom-payments-now-targets-linux-servers (https://www.scmagazine.com/news/akira-takes-in-42-million-in-ransom-payments-now-targets-linux-servers) Mobile News: Apple Gives Up On Pegasus Lawsuit https://www.moneycontrol.com/technology/apple-seeks-to-withdraw-legal-case-against-pegasus-spyware-creator-heres-why-article-12821708.html (https://www.moneycontrol.com/technology/apple-seeks-to-withdraw-legal-case-against-pegasus-spyware-creator-heres-why-article-12821708.html) Gaming: Sword and Shield Idle https://store.steampowered.com/app/2882710/SwordandShield_Idle/ (https://store.steampowered.com/app/2882710/Sword_and_Shield_Idle/) Software Spotlight: CSI Linux https://csilinux.com/ (https://csilinux.com/) https://hackernoon.com/csi-linux-linux-distribution-for-cyber-and-osint-investigation (https://hackernoon.com/csi-linux-linux-distribution-for-cyber-and-osint-investigation) Tip of the Week: Lindroid https://gist.github.com/AngelaCooljx/14ba722346da0479050be924d96e8c5e (https://gist.github.com/AngelaCooljx/14ba722346da0479050be924d96e8c5e) https://hackaday.com/2024/06/18/lindroid-promises-true-linux-on-android/ (https://hackaday.com/2024/06/18/lindroid-promises-true-linux-on-android/) Support the Show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://tuxdigital.com/store (https://tuxdigital.com/store) https://tuxdigital.com/discord (https://tuxdigital.com/discord)

video: https://youtu.be/_ZlIPhB-Fws Forum Discussion Thread (https://forum.tuxdigital.com/t/277-gnome-looks-for-leader-ubuntu-adds-snap-permissions-kali-linux-new-release-more-linux-news/6398) This week in Linux, we have a lot of cool news from the Ubuntu team announcing that they're going to have new Snap Permissions for users in 24.10. Also, the GNOME Foundation is doing a open search for their new Executive Director. And we have a lot of new releases, as well as some Linux gaming news with the Lutris creator joining the Playtron team. And we have a lot of Steam updates. All of this and more on This Week in Linux, the weekly news show that keeps you up to date with what's going on in the Linux and Open Source world. So let's jump right into Your Source for Linux GNews. Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/99876260-1a1e-4b3e-b854-8ca3334b7322.mp3) Support the Show Become a Patron = tuxdigital.com/membership (https://tuxdigital.com/membership) Store = tuxdigital.com/store (https://tuxdigital.com/store) Chapters: 00:00 Intro 00:44 Ubuntu 24.10 to Enhance Snap Permissions Handling 06:27 GNOME Foundation Opens Search for New Executive Director 10:08 Linux Mint Tease ‘Improved' Default Cinnamon Theme 21:04 Kali Linux 2024.3 Released 25:53 Hyprland 0.43.0 Released 29:29 Lutris Creator joins Playtron for PlaytronOS 41:44 Steam Updates for Linux Gamers 46:30 Support the show Links: Ubuntu 24.10 to Enhance Snap Permissions Handling https://discourse.ubuntu.com/t/ubuntu-desktop-s-24-10-dev-cycle-part-5-introducing-permissions-prompting/47963 (https://discourse.ubuntu.com/t/ubuntu-desktop-s-24-10-dev-cycle-part-5-introducing-permissions-prompting/47963) GNOME Foundation Opens Search for New Executive Director https://foundation.gnome.org/2024/09/13/search-for-new-executive-director/ (https://foundation.gnome.org/2024/09/13/search-for-new-executive-director/) Linux Mint Tease ‘Improved' Default Cinnamon Theme https://blog.linuxmint.com/?p=4740 (https://blog.linuxmint.com/?p=4740) https://www.omgubuntu.co.uk/2024/09/linux-mint-new-default-cinnamon-theme-more (https://www.omgubuntu.co.uk/2024/09/linux-mint-new-default-cinnamon-theme-more) Kali Linux 2024.3 Released https://www.kali.org/blog/kali-linux-2024-3-release/ (https://www.kali.org/blog/kali-linux-2024-3-release/) Hyprland 0.43.0 Released https://hyprland.org/news/update43/ (https://hyprland.org/news/update43/) Lutris Creator joins Playtron for PlaytronOS https://www.patreon.com/posts/playtron-ubuntu-111705494 (https://www.patreon.com/posts/playtron-ubuntu-111705494) https://www.playtron.one/ (https://www.playtron.one/) Steam Updates for Linux Gamers https://steamcommunity.com/games/593110/announcements/detail/4599952112537386541 (https://steamcommunity.com/games/593110/announcements/detail/4599952112537386541) https://store.steampowered.com/news/app/593110/view/4605582245626919823 (https://store.steampowered.com/news/app/593110/view/4605582245626919823) https://www.gamingonlinux.com/2024/09/steam-families-has-officially-launched-with-a-big-steam-client-update/ (https://www.gamingonlinux.com/2024/09/steam-families-has-officially-launched-with-a-big-steam-client-update/) Support the show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://tuxdigital.com/store (https://tuxdigital.com/store)

Closed Network podcast Episode 37 -Surveillance, KYC, Data Breaches and Shennanigans * * * Show Notes Click Here! - https://forum.closednetwork.io/t/episode-37-collect-it-all-so-we-can-know-it-all/106 Website / Donations / Support - https://closednetwork.io Thank You Patreons! - Michael Bates - Privacy Bad Ass Richard G. - Privacy Bad Ass Support / Patreon / Donations: https://closednetwork.io/support/ BTC Lightning Donations - closednetwork@getalby.com TOP LIGHTNING BOOSTERS !!!! THANK YOU !!! - @bon - @wartiime - @sircussmedia - @lumor - @02zx - @sebas Thank You To Our Moderators: Unintelligentseven MaddestMax Join Our Matrix Channels! Main - https://matrix.to/#/#closedntwrk:matrix.org Off Topic - https://matrix.to/#/#closednetworkofftopic:matrix.org Join Our Mastodon server! https://closednetwork.social Follow Simon On The Socials Mastodon - https://closednetwork.social/@simon NOSTR - Public Address - npub186l3994gark0fhknh9zp27q38wv3uy042appcpx93cack5q2n03qte2lu2 Twitter - @ClosedNtwrk Email - simon@closednetwork.io * * * -- TOPICS -- Thomas Drake - NSA Whistleblower Exposing the NSA's Mass Surveillance of Americans | Cyberwar https://www.youtube.com/watch?v=tYVm62oEyWA News: - Federal Appeals Court Finds Geofence Warrants Are “Categorically” Unconstitutional https://www.eff.org/deeplinks/2024/08/federal-appeals-court-finds-geofence-warrants-are-categorically-unconstitutional Continued fallout from Snowflake hack - The biggest data breaches in 2024: 1 billion stolen records and rising https://techcrunch.com/2024/08/12/2024-in-data-breaches-1-billion-stolen-records-and-rising/?guccounter=1 Google Breaks Promise to Block Third-Party Cookies https://www.eff.org/deeplinks/2024/08/google-breaks-promise-block-third-party-cookies Switching from Windows to Linux https://ente.io/articles/switch-to-linux/ IT'S FOSS ! Open source tools to boost your productivity https://techcrunch.com/2024/08/11/a-not-quite-definitive-guide-to-open-source-alternative-software/ RockYou2024: 10 billion passwords leaked in the largest compilation of all time https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/ F*ck FireFox https://lunduke.locals.com/post/5871895/mozilla-firefox-goes-anti-privacy-pro-advertising https://www.mozilla.org/en-US/firefox/128.0/releasenotes/ Signal under fire for storing encryption keys in plaintext https://stackdiary.com/signal-under-fire-for-storing-encryption-keys-in-plaintext/ https://www.bleepingcomputer.com/news/security/signal-downplays-encryption-key-flaw-fixes-it-after-x-drama/ GrapheneOS Duress PIN/Password https://grapheneos.org/features#duress ChatGPT for Mac app flaw left users' chat history exposed https://www.bitdefender.com/blog/hotforsecurity/chatgpt-mac-app-flaw-left-users-history-exposed/ Windows Recall Remains Insecure, Researcher Says; Google Developing Similar Feature Latest Windows Recall preview remains vulnerable to cyberattacks, researcher says; Google plans similar feature for Pixel 9 devices. https://thecyberexpress.com/windows-recall-preview-remains-insecure/ Telecom Act Partially Notified: Govt to Get More Powers to Intercept and Stop Messages https://thewire.in/government/telecom-act-notified-partially-govt-to-get-more-powers-to-intercept-and-stop-messages On a brand new installation of Kali Linux, you can find the RockYou password list under: /usr/share/wordlists/rockyou.txt.gz To extract this list: gzip -d rockyou.txt.gz When the file is finished extracting, we should end up with: rockyou.txt https://www.sevenlayers.com/index.php/202-pentesting-101-passwords-and-wordlists

Welcome to Compromising Positions!The award-winning tech podcast that asks non-cybersecurity professionals what we in the industry can do to make their lives easier and help make our organisations more prepared to face ever-changing human-centric cyber threats! This Episode we are joined by Simon Painter a senior software engineer with nearly 20 years of experience in the industry and author of the book Functional Programming with C#.In this episode, There is no perfect cybersecurity but you could at least put a padlock on it! we look at how to get your first technical book published, what developers really need from the cybersecurity team (hint - its probability more than you are giving!) and what developers really think of security reviews!Key Takeaways:Everyone Has A Book In Them: Simon shares the 101 on how to get published with tech publishing legend, O'ReillyLearning Never Stops: Simon's MSc in Cybersecurity taught him that continuous learning is essential. If you're in a career rut, consider picking up a new skillBeyond Hackers: Infosec isn't just about thwarting hackers, sometimes it's about knowing what to do when someone ‘does a stupid!'No Padlocks, One Padlocks, 100 Padlocks, When Is it Enough?: Make yourself the ‘un-easy' target through automation tools like OWASP Zap, Burp Suite, and playing around with Kali Linux.Visibility And Collaboration For Happy Devs: Cybersecurity teams, step into the spotlight! Get involved in the code, engage with other teams, and demystify your work. Let's build bridges, not just firewalls!Links to everything we discussed in this episode can be found in the show notes and if you liked the show, please do leave us a review.Follow us on all good podcasting platforms and via our YouTube channel, and don't forget to share on LinkedIn and in your teams.It really helps us spread the word and get high-quality guests, on future episodes. We hope you enjoyed this episode - See you next time, keep secure, and don't forget to ask yourself, ‘Am I the compromising position here?' Keywords: cybersecurity, devsecops, pentesting, kali linux, owasp, devs, software developmentSHOW NOTESSimon's Book, Functional Programming with C#Jeff's Book Recommendation, Grokking Artificial Intelligence AlgorithmsHow To Get The Community Edition of Immersive Labs (Try And Get Your Boss To Pay For The Full Thing - So Worth It!)Play Around With Hacking In a Safe Environment with HACK THE BOX and TRY HACK MEABOUT SIMON PAINTERWith nearly 20 years of software engineering experience across various industries, Simon is a Senior Software Developer at Müller UK & Ireland, one of the leading dairy companies in Europe. Simon is also a Microsoft Most Valuable Professional (MVP) since 2023, an O'Reilly technical book author, and a public speaker at IT events worldwide.His core competencies include C#, JavaScript, React.js, and Microsoft Azure, as well as ITIL and computer security.LINKS FOR SIMON PAINTERSimon's WebsiteSimon's Linkedin

https://youtu.be/VrAzEHPodrs Forum Discussion Thread (https://forum.tuxdigital.com/t/266-future-of-kde-kali-linux-kaspersky-virus-removal-more-linux-news/6257) This Week in Linux, we've got some exciting updates to share with you, from the growth of Linux in the gaming world to many new distro releases. We'll take a look at how you can shape the future of KDE and there's a new virus removal tool for Linux from the folks at Kaspersky. All of this and more on this episode so let's dive into Your Source for Linux GNews! Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/cce7f00b-a186-4af4-ad72-06ff7cf593cf.mp3) Sponsored by: LINBIT - thisweekinlinux.com/linbit (https://thisweekinlinux.com/linbit) Want to Support the Show? Become a Patron = https://tuxdigital.com/membership (https://tuxdigital.com/membership) Store = https://tuxdigital.com/store (https://tuxdigital.com/store) Chapters: 00:00 Intro 00:30 Linux Over 2% on Steam Survey 02:14 You can help shape the Future of KDE 05:26 Kaspersky Virus Removal Tool for Linux 06:47 blendOS 4 Released 10:03 Kali Linux 2024.2 Released 11:58 Parrot OS 6.1 Released 13:36 Linux Mint will hide Unverified Flatpaks 17:20 NixOS 24.05 Released 19:22 Purism is “Profitable” . . . somehow

This Week in Linux, we've got some exciting updates to share with you, from the growth of Linux in the gaming world to many new distro releases. We'll take a look at how you can shape the future of KDE and there's a new virus removal tool for Linux from the folks at Kaspersky. All […]

We're breaking down the attack: how it works, how it was hidden, and why time was running out for the attacker.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!Kolide: Kolide is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:

Neste episódio, exploramos o dinâmico campo da cibersegurança, comparado a um jogo de xadrez onde equipes de Red e Blue desempenham papéis críticos na defesa e simulação de ataques cibernéticos. O Red Team foca em testar as defesas, utilizando uma gama de métodos e ferramentas, como phishing e Kali Linux, para identificar vulnerabilidades e aprimorar as medidas de segurança. Por outro lado, o Blue Team é responsável pela detecção, resposta e mitigação de ameaças, empregando tecnologias como inteligência artificial para melhorar a eficácia de suas estratégias. Jogos de guerra cibernéticos são destacados como exercícios essenciais, permitindo que as equipes simulem ataques em ambientes controlados, identifiquem lacunas nas defesas e aprimorem suas habilidades de detecção e resposta. A colaboração e o aprendizado contínuo entre as equipes, juntamente com o uso de tecnologias avançadas e o compromisso com a educação contínua, são enfatizados como elementos críticos para fortalecer a segurança digital e proteger os ativos digitais contra ameaças cibernéticas emergentes e futuras.

Stephen Sims shares his years of experience with us and shows us how we can make money hacking. But be careful - some of the options are not recommended. // Stephen's Social // YouTube: https://www.youtube.com/@OffByOneSecu... Twitter: / steph3nsims // Stephen Recommends // Programming Tools: Online Compiler, Visual Debugger, and AI Tutor for Python, Java, C, C++, and JavaScript: https://pythontutor.com/ PyCharm – Python IDE with Great IDA Pro Support:https://www.jetbrains.com/pycharm/ VS Code:https://code.visualstudio.com/ Patch Diffing: Windows Binary Index for Patch Diffing:https://winbindex.m417z.com/ BinDiff Tool for IDA Pro, Ghidra, or Binary Ninjahttps://www.zynamics.com/bindiff.html Diaphora Diffing Tool for IDA Prohttp://diaphora.re/ PatchExtract for Extracting MS Patches from MSU Formathttps://gist.github.com/wumb0/306f97d... Vulnerable Things to Hack HackSys Extreme Vulnerable Driver:https://github.com/hacksysteam/HackSy... WebGoat – Deliberately Insecure Application:https://owasp.org/www-project-webgoat/ Damn Vulnerable Web App:https://github.com/digininja/DVWA Buggy Web App:http://itsecgames.com/ Gruyere Cheesy Web App:https://google-gruyere.appspot.com/ Metasploitable:https://sourceforge.net/projects/meta... Damn Vulnerable iOS App:https://resources.infosecinstitute.co... OWASP Multillidae:https://github.com/webpwnized/mutillidae Online CTF's and Games: SANS Holiday Hack 2023 and Prior:https://www.sans.org/mlp/holiday-hack... https://www.holidayhackchallenge.com/... CTF Time – A great list of upcoming and previous CTF's!:https://ctftime.org/ YouTube Channels: / @davidbombal / @nahamsec / @offbyonesecurity / @_johnhammond / @ippsec https://www.youtube.com/@LiveOverflow... Free Learning Resources: SANS Free Resources – Webcasts, Whitepapers, Posters & Cheat Sheets, Tools, Internet Storm Center:https://www.sans.org/security-resources/ Shellphish - Heap Exploitation:https://github.com/shellphish/how2heap Exploit Database - Downloadable Vulnerable Apps and Corresponding Exploits:https://www.exploit-db.com/ Google Hacking Database (GHDB):https://www.exploit-db.com/google-hac... Google Cybersecurity Certificate:https://grow.google/certificates/cybe... Phrack Magazine:http://www.phrack.org/ Kali Linux:https://www.kali.org/get-kali/#kali-p... Slingshot Linux:https://www.sans.org/tools/slingshot/ Books & Articles: Gray Hat Hacking Series: https://amzn.to/3B1FeIK Hacking: The Art of Exploitation: https://amzn.to/3Us9Uts A Guide to Kernel Exploitation: https://amzn.to/3vfY8vu Smashing the Stack for Fun and Profit – Old, but a classic:https://inst.eecs.berkeley.edu/~cs161... Understanding Windows Shellcode – Old, but still good:https://www.hick.org/code/skape/paper... Great list of exploitation paper links from Shellphish!:https://github.com/shellphish/how2hea... // Stephen's previous videos with David // Free Exploit development training (beginner and advanced) • How to make Millions $$$ hacking zero... Buffer Overflow Hacking Tutorial (Bypass Passwords): • Buffer Overflow Hacking Tutorial (Byp... // David's SOCIAL // Discord: / discord X / Twitter: / davidbombal Instagram: / davidbombal LinkedIn: / davidbombal Facebook: / davidbombal.co TikTok: / davidbombal // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos: sponsors@davidbombal.com apple ios android samsung exploit exploit development zero day 0day 1day dark web microsoft macos apple linux kali linux Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #android #ios #hacker

On this episode of TWIL (245), there is a new version of the Cinnamon desktop. KDE have announced the first Beta release of Plasma 6. Kali Linux has their end of the year release out. There is a new organization to further the development of AI in an open way. All of this and more […]

https://youtu.be/smYYJoiBe9s Forum Discussion Thread (https://forum.tuxdigital.com/t/245-cinnamon-desktop-kde-plasma-6-kali-linux-ai-alliance-23andme-hacked-amp-more-linux-news/6098) On this episode of TWIL (245), there is a new version of the Cinnamon desktop. KDE have announced the first Beta release of Plasma 6. Kali Linux has their end of the year release out. There is a new organization to further the development of AI in an open way. All of this and more on this episode of This Week in Linux, Your Source for Linux GNews! Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/6e78761f-ceb7-4e63-a3d2-7293df1dd637.mp3) Supported by: LINBIT = https://thisweekinlinux.com/linbit Want to Support the Show? Become a Patron = https://tuxdigital.com/membership Store = https://tuxdigital.com/store Chapters: 00:00 TWIL 245 Intro 00:28 Cinnamon 6.0 Desktop Released - [ link (https://blog.linuxmint.com/?p=4604) ] 02:11 KDE Plasma 6 Beta 1 Released - [ link (https://kde.org/announcements/megarelease/6/beta1/) ] 05:01 Kali Linux 2023.4 Released - [ link (https://www.kali.org/blog/kali-linux-2023-4-release/) ] 06:36 Global AI Alliance Announced - [ link (https://thealliance.ai/) ] 08:22 LINBIT - [ link (https://thisweekinlinux.com/linbit) ] 09:47 Zorin OS 17 Beta Released - [ link (https://blog.zorin.com/2023/12/04/a-sneak-peek-at-zorin-os-17/) ] 12:52 NixOS 23.11 Released - [ link (https://nixos.org/blog/announcements) ] 14:07 Red Hat's Work to Improve XWayland - [ link (https://www.phoronix.com/news/xwayland-run) ] 16:14 23AndMe Hacked - [ link (accessed-significant-number-of-files-about-users-ancestry/) ] 18:22 Steam Linux Marketshare Surges to Nearly 2% in November - [ link (https://store.steampowered.com/hwsurvey/Steam-Hardware-Software-Survey-Welcome-to-Steam) ] 20:25 Outro

Can we save an old Arch install? We'll attempt a live rescue, then get into our tips for keeping your old Linux install running great.

In dieser Folge des c't uplink erzählen die Redakteure Niklas Dierking und Ronald Eikenberg, was man für Möglichkeiten hat, um mit Raspis eigene Hacking-Gadgets zu bauen. Denn: Damit hat man nicht nur Bastelspaß, sondern lernt und versteht auch ganz nebenbei, wie diverse Angriffstechniken eigentlich funktionieren. Die Palette reicht dabei vom selbstgebauten Hotspot mit Captive Portal auf Basis eines Raspberry Pi Pico W über individuell konfigurierbare BadUSB-Dongles mit Raspi Zero W bis hin zum Raspi 400 als Universalwerkzeug mit Kali Linux. Hilfreich sind diese Projekte nicht nur, um die eigenen (und nur die eigenen!) Systeme auf Lücken abzuklopfen, sondern auch für Mitarbeiterschulungen und Vorträge. Unser Titelthema "Hacker-Projekte mit Raspi" finden Sie in c't 27/2023.

In dieser Folge des c't uplink erzählen die Redakteure Niklas Dierking und Ronald Eikenberg, was man für Möglichkeiten hat, um mit Raspis eigene Hacking-Gadgets zu bauen. Denn: Damit hat man nicht nur Bastelspaß, sondern lernt und versteht auch ganz nebenbei, wie diverse Angriffstechniken eigentlich funktionieren. Die Palette reicht dabei vom selbstgebauten Hotspot mit Captive Portal auf Basis eines Raspberry Pi Pico W über individuell konfigurierbare BadUSB-Dongles mit Raspi Zero W bis hin zum Raspi 400 als Universalwerkzeug mit Kali Linux. Hilfreich sind diese Projekte nicht nur, um die eigenen (und nur die eigenen!) Systeme auf Lücken abzuklopfen, sondern auch für Mitarbeiterschulungen und Vorträge. Mit dabei: Niklas Dierking, Ronald Eikenberg Moderation: Jan Schüßler Unser Titelthema "Hacker-Projekte mit Raspi" finden Sie in c't 27/2023.

In dieser Folge des c't uplink erzählen die Redakteure Niklas Dierking und Ronald Eikenberg, was man für Möglichkeiten hat, um mit Raspis eigene Hacking-Gadgets zu bauen. Denn: Damit hat man nicht nur Bastelspaß, sondern lernt und versteht auch ganz nebenbei, wie diverse Angriffstechniken eigentlich funktionieren. Die Palette reicht dabei vom selbstgebauten Hotspot mit Captive Portal auf Basis eines Raspberry Pi Pico W über individuell konfigurierbare BadUSB-Dongles mit Raspi Zero W bis hin zum Raspi 400 als Universalwerkzeug mit Kali Linux. Hilfreich sind diese Projekte nicht nur, um die eigenen (und nur die eigenen!) Systeme auf Lücken abzuklopfen, sondern auch für Mitarbeiterschulungen und Vorträge. Mit dabei: Niklas Dierking, Ronald Eikenberg Moderation: Jan Schüßler Unser Titelthema "Hacker-Projekte mit Raspi" finden Sie in c't 27/2023.

US most breached country last quarter OpenAI blames DDoS attacks for ongoing ChatGPT outages Clop exploits SysAid vulnerability Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is hosting a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. During the event, you'll learn how to attract and assess top talent, how to craft positioning for budget conversations, why CISOs make great board members, and more.  Hear from forward-thinking infosec leaders from companies like CISCO, Amazon, and Salesforce. Save your seat and equip yourself with actionable takeaways to help shape the future of your organization's security. Register now at offsec.com/evolve For the stories behind the headlines, head to CISOseries.com.

Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Sean Kelly with guest Howard Holton, CTO, GigaOm Thanks to today's episode sponsor, OffSec OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is hosting a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. During the event, you'll learn how to attract and assess top talent, how to craft positioning for budget conversations, why CISOs make great board members, and more. Hear from forward-thinking infosec leaders from companies like CISCO, Amazon, and Salesforce. Save your seat and equip yourself with actionable takeaways to help shape the future of your organization's security. Register now at offsec.com/evolve All links and the video of this episode can be found on CISO Series.com  

US launches “Shields Ready” campaign Microsoft and Meta announced AI imagery rules App Defense Alliance moves under the Linux Foundation Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is running a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. Attend Evolve and get insider insights from a former bank hacker. Discover strategies on stretching your security budget and get tips to attract the crème de la crème of talent. It's more than just an event – it's a masterclass helping you elevate your cybersecurity leadership game. Hear from forward-thinking cybersecurity leaders from companies like CISCO, Amazon, Salesforce and more. Register today and get the insights you need to help shape the future of your company's security. Sign up now at offsec.com/evolve

Singapore's Marina Bay Sands customer data stolen in cyberattack Atlassian bug escalated to 10.0 severity Fake Ledger Live app steals over $700,000 in crypto Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is hosting a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. During the event, you'll learn how to attract and assess top talent, how to craft positioning for budget conversations, why CISOs make great board members, and more.  Hear from forward-thinking infosec leaders from companies like CISCO, Amazon, and Salesforce. Save your seat and equip yourself with actionable takeaways to help shape the future of your organization's security. Register now at offsec.com/evolve For the stories behind the headlines, visit CISOseries.com.

Android Dropper-as-a-Service Bypasses Google's Defenses Increase in zero-day exploits worries CISA Google Calendar as a C2 infrastructure Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is running a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. Attend Evolve and get insider insights from a former bank hacker. Discover strategies on stretching your security budget and get tips to attract the crème de la crème of talent. It's more than just an event – it's a masterclass helping you elevate your cybersecurity leadership game. Hear from forward-thinking cybersecurity leaders from companies like CISCO, Amazon, Salesforce and more. Register today and get the insights you need to help shape the future of your company's security. Sign up now at offsec.com/evolve For the stories behind the headlines, head to CISOseries.com.

Okta explains hack source and response timeline Looney Tunables now being exploited Lazarus Group uses KandyKorn against blockchain engineers Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is hosting a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. During the event, you'll learn how to attract and assess top talent, how to craft positioning for budget conversations, why CISOs make great board members, and more.  Hear from forward-thinking infosec leaders from companies like CISCO, Amazon, and Salesforce. Save your seat and equip yourself with actionable takeaways to help shape the future of your organization's security. Register now at offsec.com/evolve For the stories behind the headlines, head to CISOseries.com.

Support the show

On This Week in Linux (231), we've got a jam-packed show for you. Libre Office 7.6 and Bodhi Linux 7.0 have been announced. Hold onto your hats, whatever color they may be, because Kali Linux 2023.3 is out. Then in desktop news, Budgie Desktop 10.8 has been released and we got some news for the […]

SHOW NOTES ►► https://tuxdigital.com/podcasts/this-week-in-linux/twil-231/

Today, sadly, might be the last episode of DIY pentest dropbox tips for a while because I found (well, ChatGPT did actually) the missing link to 100% automate a Kali Linux install! Check episode #449 for more info on building your Kali preseed file, but essentially the last line in my file runs a kali.sh script to download/install all the pentest tools I want. The "missing link" part is I figured out how to get Kali to reboot and then run a script one time to complete all the post-install stuff. So at the bottom of my kali.sh is this: sudo wget https://somesite/kali-docker.sh -O /opt/kali-docker.sh sudo chmod +x /opt/kali-docker.sh sudo touch /flag sudo wget https://somesite/docker.service -O /etc/systemd/system/mydocker.service sudo systemctl daemon-reload sudo systemctl enable mydocker.service The contents of docker.service are: [Unit] Description=Docker install [Service] Type=simple ExecStart=/opt/kali-docker.sh [Install] WantedBy=multi-user.target The beginning and end snippets of kali-docker.sh are: #!/bin/bash flag_file="/flag" if [ -e "$flag_file" ]; then # get bbot sudo docker run -it blacklanternsecurity/bbot:stable --help # Do a bunch of other install things... rm "$flag_file" else echo "Script already ran before. Exiting" fi So essentially the work flow is: kali.sh runs, downloads and installs kali-docker.sh, and also installs a service that runs kali-docker.sh on each reboot. But when kali-docker.sh runs, it checks for the presence of a file called /flag. If /flag exists, all the post-install commands will run. If it does not exist, those commands won't run. Simple, yet genius I think!

This week Lamine Lachhab the Chief technical officer for the Scottish government joins the Ask Noah Show and we discuss open source and open data with the Scottish government. -- During The Show -- Last Week Electrical storm took out the studio Telos (https://www.telosalliance.com/) was amazing! Sorry about last week 01:50 Secure Phone and Apps - Larry Unplugged Up Phone (https://www.unplugged.com/upphone/) Great website Say the right things No details Start with GrapheneOS (https://grapheneos.org/) or LineageOS (https://lineageos.org/) 07:30 Kdenlive Snaps vs DEB - Rick Snap version of Kdenlive Unstable Similar experiences Altispeed has largely switched to Flatpak Like the idea of sandboxing Possible advantages of universal packages Please report upstream 16:48 Zyxel Switch - Charlie Zyxel Switch No support contracts Good "budget brand" Zyxel went down "cloud rabbit hole" TP Link makes good stuff Amazon Link (https://www.amazon.com/12-Port-Gigabit-Managed-Multi-Gig-XGS1210-12/dp/B084MH9P8Q/) 20:48 News Wire Wine 8.9 Gaming On Linux (https://www.gamingonlinux.com/2023/05/wine-89-released-with-more-pe-work-mono-80-and-more-wayland-updates/) GCC 11.4 GCC (https://gcc.gnu.org/pipermail/gcc/2023-May/241698.html) Linux 6.3.5 6.3.5 (https://www.phoronix.com/news/Linux-6.3.5-Released) MicroOS Desktop Open Suse (https://microos.opensuse.org/blog/2023-05-27-microOS-Desktop-is-changing-names/) Kali Linux 2023.2 Kali Blog (https://www.kali.org/blog/kali-linux-2023-2-release/) Fedora Onyx Gaming On Linux (https://www.gamingonlinux.com/2023/05/fedora-onyx-voted-in-as-a-new-official-fedora-linux-immutable-variant/) Qubes Fedora Templates Qubes OS (https://www.qubes-os.org/news/2023/05/26/fedora-38-templates-available/) CIQ Support HPC Wire (https://www.hpcwire.com/off-the-wire/ciq-extends-enterprise-grade-support-for-rocky-linux-9-2-and-8-8/) GobRAT The Hacker News (https://thehackernews.com/2023/05/new-gobrat-remote-access-trojan.html) Falcon LLM Reuters (https://www.reuters.com/technology/abu-dhabi-makes-its-falcon-40b-ai-model-open-source-2023-05-25/) SambaNOVA SambaNova (https://sambanova.ai/blog/introducing-bloomchat-176b-the-multilingual-chat-based-llm/) 22:48 Lemine Lemke Interview Chief Technical Officer for the Scottish Government Funding agriculture How data and technology play a role How does open source play a role? Is open source an advantage or disadvantage in government? Open Data Examples of open data success What did open data enable the citizens to do? Where there issues with false data? Open source and education Oil to Wind NIMBYism Scottish Space Port 41:41 Podman Desktop Who is the target? Discover-ability is better in a UI Man Pages Container "long view" Containers and universal packaging overlap Red Hat Blog (https://www.redhat.com/en/blog/podman-desktop-10-next-gen-container-management-solution-streamlining-developers-container-operations) South East Linux Fest June 9th - 11th Join the Matrix Space Still looking for volunteers! -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/338) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

SHOW NOTES ►► https://tuxdigital.com/podcasts/this-week-in-linux/twil-220/

On this episode of This Week in Linux, we talk about my SCALE 20x Experience, the release of GNOME 44, Red Hat celebrating their 30th Anniversary, Kali Linux also celebrating a milestone and so much more on Your Weekly Source for Linux GNews! Chapters

Joe and Ray discuss how OSINT is used in offensive security scenarios, focusing on the importance of doing in-depth research. In order to properly use OSINT, Ray explains that it is essential to identify and map out the risks associated with an organization, as well as to do research to understand the company's structure, assets, and resources. He emphasizes that it is important to look at where the information lies, in order to get an idea of who the key people are within an organization. This could include looking for patterns in social media accounts, websites, and other sources to uncover insight on those individuals. Ray also advises that when doing the legwork, it is important to not only look at public sources, but to dig deeper. By using OSINT, companies can better understand their adversaries and develop a more effective security strategy. He further explains that it is important to constantly monitor the situation, as adversaries often change their tactics or target different areas. With the right tools and strategies in place, organizations can stay one step ahead of potential threats and be better prepared to respond. Links Discussed: Dehashed: https://www.dehashed.com HaveIBeenPwned: https://www.haveibeenpwned.com SecurityTrails: https://www.securitytrails.com View DNS: https://www.viewdns.info DNS Dumpster: https://www.dnsdumpster.com Snapchat Map: https://map.snapchat.com Trace Labs Kali: https://www.tracelabs.org/initiatives/osint-vm Raspberry Pis: https://www.raspberrypi.com/ Free Digital Ocean Credit: https://m.do.co/c/ab5f75969c8a Phone Infoga: https://github.com/sundowndev/phoneinfoga CSI Linux: https://csilinux.com/ Flare VM: https://github.com/mandiant/flare-vm Parrot OS: https://www.parrotsec.org/ Kali Linux: https://www.kali.org/ Axiom: https://github.com/pry0cc/axiom SANS SIFT: https://www.sans.org/tools/sift-workstation/ Volatility Framework: https://www.volatilityfoundation.org/ Shodan: https://www.shodan.io Michael Bazzell's Extreme Privacy: https://inteltechniques.com/book7.html Michael Bazzell's Website: https://inteltechniques.com/ Joe's Podcast with Michael Bazzell: https://osint.mobi/michael-bazzell-podcast Joe's Podcast with Justin Seitz: https://osint.mobi/justin-seitz-podcast Justin Seitz's Hunchly: https://www.hunchly.com Justin Seitz's Python for OSINT Training: https://www.automatingosint.com Imagga: https://imagga.com/ Infoga: https://github.com/The404Hacking/Infoga Joe's Podcast with Joe Vest: https://osint.mobi/red-team-podcast Contacting Rey: Twitter: https://twitter.com/reybango The OSINTion Links: https://linktr.ee/TheOSINTion Twitch: https://twitch.tv/theosintion YouTube: https://osint.mobi/youtube The OSINTion Training: On-Demand: https://academy.theosintion.com Live Training: https://www.theosintion.com/courses --- Send in a voice message: https://podcasters.spotify.com/pod/show/the-osintion/message Support this podcast: https://podcasters.spotify.com/pod/show/the-osintion/support

This hour we dig into Apple's encryption plan, a new version of KdenLive is out, Tor Bundled for Ukraine, and a new open source platform connects those in need with resources in their area. -- During The Show -- 00:45 Dakota's Weather Roads are ice rinks 02:15 2 Questions: IR Remote & Waking From Sleep - Gary IR Remote $150 or less buy used Used URC 450 Remote RF Base Mouse/Keyboard Waking up computer Different levels of sleep Reach out to System76 08:05 Email Management? - Heath Filter email as it comes in 11:40 Managing Multiple Online Accounts - Brandon Podman run per client podman run -d --name=client1-browser --security-opt seccomp=unconfined `#optional` -e PUID=1000 -e PGID=1000 -p 3000:3000 -v /path/to/config:/config --shm-size="1gb" --restart unless-stopped lscr.io/linuxserver/firefox:latest Multi Account Containers (https://support.mozilla.org/en-US/kb/containers) Noah's System 20:26 Minetest Feedback - Heidi Mine Test Liberapay (https://liberapay.com/celeron55/) Mine Test Mastodon (https://fosstodon.org/@Minetest) 22:40 News Wire Open Source on the Rise Yahoo (https://finance.yahoo.com/news/finos-survey-87-financial-services-140000199.html) ChatGPT can Hallucinate ARS Technica (https://arstechnica.com/information-technology/2022/12/openais-new-chatbot-can-hallucinate-a-linux-shell-or-calling-a-bbs/) CIQ Hires 2 People PR Web (https://www.prweb.com/releases/ciq_expands_open_source_expertise_with_two_new_hires_as_a_part_of_continued_growth/prweb19068971.htm) CERN & Fermilab Adopt Alma Linux The Register (https://www.theregister.com/2022/12/08/cern_fermilab_almalinux/) Komodo IDE EOL but Released as Open Source Its Foss (https://news.itsfoss.com/komodo-ide-open-source/) Homebrew Raises $9M for Tea Tech Crunch (https://techcrunch.com/2022/12/06/from-the-creator-of-homebrew-tea-raises-8-9m-to-build-a-protocol-that-helps-open-source-developers-get-paid/) New Crypto Jacking Malware Duo (https://duo.com/decipher/new-chaos-malware-targets-windows-and-linux-devices) New CXL Code submitted to Linux 6.2 Phoronix (https://www.phoronix.com/news/CXL-Linux-6.2) Unciv headed to Steam Gaming on Linux (https://www.gamingonlinux.com/2022/12/unciv-the-open-source-remake-of-civilization-v-is-heading-to-steam/) Kali Linux 2022.4 Bleeping Computer (https://www.bleepingcomputer.com/news/security/kali-linux-20224-adds-6-new-tools-azure-images-and-desktop-updates/) OpenShot 3.0 Open Shot (https://www.openshot.org/blog/2022/12/10/new_openshot_release_300/) Blender 3.4 Blender (https://wiki.blender.org/wiki/Reference/Release_Notes/3.4) Digikam 7.9 Digikam (https://www.digikam.org/news/2022-12-05-7.9.0_release_announcement/) KDE Gear 22.12 KDE (https://kde.org/announcements/gear/22.12.0/) Tor Browser 12.0 Tor Project (https://blog.torproject.org/new-release-tor-browser-120/) QT 6.5 David's Blog (https://blog.david-redondo.de/qt/kde/2022/12/09/wayland-native-interface.html) KaOS 2202.12 Linux IAC (https://linuxiac.com/kaos-2022-12/) Rocky Linux 9.1 Rocky Linux (https://rockylinux.org/news/rocky-linux-9-1-ga-release/) Linux 6.1 LTS Its Foss (https://news.itsfoss.com/linux-kernel-6-1-release/) New System76 Launch Keyboard System76 (https://system76.com/accessories/launch_heavy_sa_1/configure) 26:10 St. Vincent de Paul Web Site (https://stdepaul.org/) Web site to help homeless people Entire site is FOSS Invites people to make changes Reddit Post (https://www.reddit.com/r/opensource/comments/zkn7fa/an_attempt_to_significantly_reduce_homelessness/) Actively looking for help 100% of donations go to those in need Do you have a FOSS project that helps people? 36:25 Kdenlive 22.12 Release Announcement (https://kdenlive.org/en/2022/12/kdenlive-22-12-released/) OMG Ubuntu Article (https://www.omgubuntu.co.uk/2022/12/kdenlive-22-12-released) New Guide Marker System Remove white space feature Lots of other upgrades and features 43:14 Linux Libre 6.1 9 to 5 Linux (https://9to5linux.com/gnu-linux-libre-6-1-arrives-as-a-100-free-kernel-for-software-freedom-lovers) Completely "free" Linux Adjusts several drivers Deblobs several drivers Write in on why you use this 47:30 Tor Bundled for Ukraine Tor Project (https://blog.torproject.org/new-release-tor-browser-120/) EFF Cover Your Tracks (https://coveryourtracks.eff.org/) The Register (https://www.theregister.com/2022/12/12/tor_browser_12_released/) Albanian and Ukrainian support Tor vs VPN 53:11 Apple Rolls Encryption for iCloud EFF (https://www.eff.org/deeplinks/2022/12/victory-apple-commits-encrypting-icloud-and-drops-phone-scanning-plans) Do you trust Apple? -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/316) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

It's 5:05, on Monday, December 12 , 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Katy Craig in california gives highlights from Fiscal Year 2023, The National Defense Authorization Act, Edwin Kwan in Australia reporting on Australia's largest telecommunication suggers privacy breach, Olimpiu Pop in Romania on Kali Linux newest released.We will start today with Mark Miller in New York city on why CVE and NVD do not workLet's get to it!

Coming up in this episode 1. Releasing it when it's ready 2. Exploitation Remotely 3. Exploitation Locally 4. Name Changes and Mergers 5. And Kali as we see it today The Video Version https://youtu.be/_ITBw2c3XaQ 0:00 Cold Open 1:04 Releasing When It's Ready 12:16 WHoppix vs. Auditor 14:40 WHAX, a Merger and Backtrack 17:50 Backtrack 4, 5 and Kali 23:09 Kali 2 Rolls Right Along 28:30 2020 to the Present 34:51 Kali as a Daily Driver? 1:03:25 Next Time: A Few Things Banter Fedora 37 is still in the works (https://fedoramagazine.org/fedora-linux-37-update/) Elementary 7 is still on the way too (https://blog.elementary.io/updates-for-october-2022/) Announcements Give us a sub on YouTube (https://linuxuserspace.show/youtube) You can watch us live on Twitch (https://linuxuserspace.show/twitch) the day after an episode drops. If you like what we're doing here, make sure to send us a buck over at https://patreon.com/linuxuserspace Kali Linux the History remote-exploit.org (https://web.archive.org/web/20011103174848/http://www.remote-exploit.org/) mutsonline (https://web.archive.org/web/20041204031803/http://www.whoppix.net/muts.html) whitehat.co.il - "This site (https://web.archive.org/web/20040408014912/http://whitehat.co.il/news.php) aims to create a repository of tools and information for Penetration testers and ethical hackers." Max Moser releases (https://web.archive.org/web/20040602170909/http://www.remote-exploit.org/) from his company's website, moser-informatik.ch (https://web.archive.org/web/20040609013958/http://www.moser-informatik.ch/?page=products&lang=eng) Whoppix based on Knoppix is released (https://web.archive.org/web/20041204023530/http://www.whoppix.net/index.html) with thanks from muts (https://web.archive.org/web/20041204035804/http://www.whoppix.net/thanks.html) muts announces (https://web.archive.org/web/20050709141020/http://www.whoppix.net/muts.html) that Whoppix has evolved into a new project - WHAX Max Moser's Auditor Security Collection had structure and stability (http://www.remote-exploit.org/articles/backtrack/) The merger of WHAX and Auditor Security Collection was put to the community (https://web.archive.org/web/20060108153041/http://forum.remote-exploit.org/viewtopic.php?p=5488#5488) The two projects finished the merger and became Backtrack (https://web.archive.org/web/20100114211335/http://www.backtrack-linux.org/) and were based on Slax (https://web.archive.org/web/20061013072357/http://www.remote-exploit.org/index.php/BackTrack). Offensive-Security.org was born (https://web.archive.org/web/20061027172140/http://www.offensive-security.com/about.html) and is the company backing Backtrack. Essentially a spinoff (https://web.archive.org/web/20061101034051/http://www.offensive-security.com/faq.html) of Moser's remote-exploit.org Backtrack 2 is released (https://web.archive.org/web/20070315153750/http://forums.remote-exploit.org/showthread.php?t=5681) Backtrack 3 is released (https://web.archive.org/web/20090529075045/http://www.remote-exploit.org/backtrack_devlog.html) Backtrack 4 was released (https://web.archive.org/web/20100114220541/http://www.backtrack-linux.org/backtrack/backtrack4-release/) Backtrack 5 dropped the Slax base and is now based on Ubuntu (https://web.archive.org/web/20110515012740/http://www.backtrack-linux.org:80/backtrack/backtrack-5-release/) Backtrack 5 R3 was released (https://web.archive.org/web/20120816161818/http://www.backtrack-linux.org/backtrack/backtrack-5-r3-released/) and was the last release of Backtrack ever. The Kali Teaser (https://web.archive.org/web/20130401012801/http://www.backtrack-linux.org/backtrack/kali-a-teaser-into-the-future/) Kali 1.0 (https://www.kali.org/blog/kali-linux-1-0-0-release/) Bleeding Edge Kali (https://www.kali.org/blog/bleeding-edge-kali-repositories/) Using the Linux Deploy app in Android, Kali could be installed (https://www.kali.org/blog/kali-linux-android-linux-deploy/) Kali gets a self destruct button (https://www.kali.org/blog/kali-linux-1-0-6-release/) Kali soars among the cloud. Amazon's cloud, anyway. (https://www.kali.org/blog/kali-linux-amazon-ec2-ami/) Metapackages are introduced (https://www.kali.org/blog/kali-linux-metapackages/) EFI boot capabilities are added (https://www.kali.org/blog/kali-linux-1-0-8-release/) Kali NetHunter was released (https://www.kali.org/blog/kali-linux-1-0-9a-release/) Official Docker images (https://www.kali.org/blog/official-kali-linux-docker-images/) Kali gets another rebase (https://www.kali.org/blog/kali-linux-2-0-release/) Windows Subsystem for Linux (https://www.kali.org/blog/kali-on-the-windows-subsystem-for-linux/) Wireguard VPN (https://www.kali.org/blog/wireguard-on-kali/) support is official Support for Vagrant (https://www.kali.org/blog/announcing-kali-for-vagrant/) Raspberry Pi 4 support (https://www.kali.org/blog/raspberry-pi-4-and-kali/) Revamp of the metapackages (https://www.kali.org/blog/major-metapackage-makeover/) Running Kali as non-root user (https://www.kali.org/blog/kali-default-non-root-user/) Kali Linux is spotted in the TV show Mr. Robot (https://www.kali.org/blog/mr-robot-arg-society/) kids.kali.org (https://web.archive.org/web/20210402010342/https://kids.kali.org/) was launched! Yes, it was for April fools. Unkaputtbar (https://www.kali.org/blog/unkaputtbar/) 2022.2 (https://www.kali.org/blog/kali-linux-2022-2-release/) brought Hollywood-Activate 2022.3 (https://www.kali.org/blog/kali-linux-2022-3-release/) is the latest release at the time of the recording More Announcements Want to have a topic covered or have some feedback? - send us an email, contact@linuxuserspace.show Kali Linux Links Kali Linux Web Page (https://www.kali.org/) Kali Linux Docs (https://www.kali.org/docs/) Kali Tools Docs (https://www.kali.org/tools/) Kali Forums (https://forums.kali.org/) Kali Discord (https://discord.kali.org/) Kali Blog (https://www.kali.org/blog/) About Kali Linux page (https://www.kali.org/features/) Kali for Arm (https://arm.kali.org/) Kali NetHunter (https://nethunter.kali.org/) Housekeeping Catch these and other great topics as they unfold on our Subreddit or our News channel on Discord. * Linux User Space subreddit (https://linuxuserspace.show/reddit) * Linux User Space Discord Server (https://linuxuserspace.show/discord) * Linux User Space Telegram (https://linuxuserspace.show/telegram) * Linux User Space Matrix (https://linuxuserspace.show/matrix) * Linux User Space Twitch (https://linuxuserspace.show/twitch) * Linux User Space Mastodon (https://linuxuserspace.show/mastodon) * Linux User Space Twitter (https://linuxuserspace.show/twitter) Next Time We will discuss a couple of topics and some feedback. Our next distro is Linux Lite (https://www.linuxliteos.com/) Come back in two weeks for more Linux User Space Stay tuned and interact with us on Twitter, Mastodon, Telegram, Matrix, Discord whatever. Give us your suggestions on our subreddit r/LinuxUserSpace Join the conversation. Talk to us, and give us more ideas. All the links in the show notes and on linuxuserspace.show. We would like to acknowledge our top patrons. Thank you for your support! Producer Bruno John Dave Co-Producer Johnny Tim Super User Advait Bjørnar CubicleNate Eduardo S. Jill and Steve LiNuXsys666 Nicholas Paul sleepyeyesvince

Coming up in this episode 1. Dropping out of the fediverse 2. The tiny text 3. Mozilla Watch 4. The community holds us ransom 5. Our app is faster than light 0:00 Cold Open 2:26 Press 'F' to Pay Respects 9:47 The Elm Mail System 10:56 Enter, PINE 11:44 PICO, the PIne COmposer 13:17 TIP Is not PICO 14:23 NANO's ANOther editor 14:57 "Lightning and the rest of 2000 17:37 2001, and the release of 1.0 18:49 2002-2015, Allegretta's gone and back again 21:37 The Drama in 2016 24:17 2016 to 2022, and my, how boring things got 25:13 About nano, and What's Next 31:26 Mozilla Watch 38:44 Feedback! 46:59 Community Focus: The Ransomware Files 48:57 App Focus: Warp 53:39 Next Time: Kali Linux 56:31 Stinger Banter Dan moves on Mastodon because the instance he is on is going away (https://ashfurrow.com/blog/mastodon-technology-shutdown/). So long, and thanks for all the fish. Announcements Give us a sub on YouTube (https://linuxuserspace.show/youtube) You can watch us live on Twitch (https://linuxuserspace.show/twitch) the day after an episode drops. History Series on Text Editors - GNU Nano GNU Nano (https://nano-editor.org) Dave Taylor's Elm Mail System (https://web.archive.org/web/20130417002359/http://www.intuitive.com/bio.shtml) Laurence Lundblade (https://web.archive.org/web/20110607212819/http://www.island-resort.com/pine.htm) and his cohorts were looking for something that had ease-of-use written all over it. Enter, Pine. The freeware-like (wayback.archive.org/web/20001201215500/http://www.washington.edu/pine/overview/legal.html) answer. "freeware-ish" label wasn't good enough. So, in 1999 (https://www.nano-editor.org/dist/v2.2/faq.html#1.3), Chris Allegretta, made changes to address that. TIP, which stood for TIP Is not Pico, 0.5.0 README (https://nano-editor.org/dist/old/). 2016 Looking for a new maintainer (https://lists.gnu.org/archive/html/nano-devel/2016-05/msg00012.html). Still looking (https://lists.gnu.org/archive/html/nano-devel/2016-05/msg00013.html) Nano leaves GNU in 2.6.0 (https://www.asty.org/whats-up-with-nano/) Debian acknowledged and accepted the change (https://packages.qa.debian.org/n/nano/news/20160620T181841Z.html). Come back to GNU in 2.7.0 (https://nano-editor.org/news.php). Latest release August 2, 2022 (https://nano-editor.org/news.php). More Announcements Want to have a topic covered or have some feedback? - send us an email, contact@linuxuserspace.show Mozilla Watch Firefox 106 is out! (https://www.mozilla.org/en-US/firefox/106.0/releasenotes/) .pdf support keeps getting better and better (https://9to5linux.com/mozilla-firefox-106-is-now-available-for-download-with-pdf-annotation-firefox-view) private browsing shortcut (https://blog.mozilla.org/en/mozilla/privacy-online-just-got-easier-with-todays-firefox-release/) Firefox view (https://support.mozilla.org/en-US/kb/how-set-tab-pickup-firefox-view) Housekeeping Catch these and other great topics as they unfold on our Subreddit or our News channel on Discord. * Linux User Space subreddit (https://linuxuserspace.show/reddit) * Linux User Space Discord Server (https://linuxuserspace.show/discord) * Linux User Space Telegram (https://linuxuserspace.show/telegram) * Linux User Space Matrix (https://linuxuserspace.show/matrix) Feedback Menno (Email) EViL keybindings could be an option for Emacs if you are used to Vi/Vim. Thanks for the tip! JonG (Email) Glad you caught your shout out and are enjoying the podcast. We're still fans of the SK Hynix stuff too. Ryan (Email) Thanks for the Gentoo tips. I am sure we will get to it sometime soon-ish. We appreciate your feedback and are glad you are enjoying the show. Community Focus The Ransomware Files (https://anchor.fm/ransomwarefiles) App Focus Warp (https://apps.gnome.org/app/app.drey.Warp/) Next Time We will discuss Kali Linux (https://www.kali.org) and the history. Come back in two weeks for more Linux User Space Stay tuned and interact with us on Twitter, Mastodon, Telegram, Matrix, Discord whatever. Give us your suggestions on our subreddit r/LinuxUserSpace Join the conversation. Talk to us, and give us more ideas. All the links in the show notes and on linuxuserspace.show. We would like to acknowledge our top patrons. Thank you for your support! Producer Bruno John Dave Co-Producer Johnny Sravan Tim Contributor Advait CubicleNate Eduardo S. Jill and Steve LiNuXsys666 Nicholas Paul sleepyeyesvince

Picture of the Week. Apple's Passkeys presentation at WWDC 2022. WebAuthn. FREE Penetration Testing course with Kali Linux. Proof of Simulation. A valid use for facial recognition: The Smart Pet Door! Closing The Loop. The PACMAN Attack. We invite you to read our show notes at https://www.grc.com/sn/SN-875-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit NetFoundry.io/TWIT canary.tools/twit - use code: TWIT

Picture of the Week. Apple's Passkeys presentation at WWDC 2022. WebAuthn. FREE Penetration Testing course with Kali Linux. Proof of Simulation. A valid use for facial recognition: The Smart Pet Door! Closing The Loop. The PACMAN Attack. We invite you to read our show notes at https://www.grc.com/sn/SN-875-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit NetFoundry.io/TWIT canary.tools/twit - use code: TWIT

Picture of the Week. Apple's Passkeys presentation at WWDC 2022. WebAuthn. FREE Penetration Testing course with Kali Linux. Proof of Simulation. A valid use for facial recognition: The Smart Pet Door! Closing The Loop. The PACMAN Attack. We invite you to read our show notes at https://www.grc.com/sn/SN-875-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit NetFoundry.io/TWIT canary.tools/twit - use code: TWIT

Picture of the Week. Apple's Passkeys presentation at WWDC 2022. WebAuthn. FREE Penetration Testing course with Kali Linux. Proof of Simulation. A valid use for facial recognition: The Smart Pet Door! Closing The Loop. The PACMAN Attack. We invite you to read our show notes at https://www.grc.com/sn/SN-875-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit NetFoundry.io/TWIT canary.tools/twit - use code: TWIT

Picture of the Week. Apple's Passkeys presentation at WWDC 2022. WebAuthn. FREE Penetration Testing course with Kali Linux. Proof of Simulation. A valid use for facial recognition: The Smart Pet Door! Closing The Loop. The PACMAN Attack. We invite you to read our show notes at https://www.grc.com/sn/SN-875-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit NetFoundry.io/TWIT canary.tools/twit - use code: TWIT

Picture of the Week. Apple's Passkeys presentation at WWDC 2022. WebAuthn. FREE Penetration Testing course with Kali Linux. Proof of Simulation. A valid use for facial recognition: The Smart Pet Door! Closing The Loop. The PACMAN Attack. We invite you to read our show notes at https://www.grc.com/sn/SN-875-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit NetFoundry.io/TWIT canary.tools/twit - use code: TWIT