• chevron_right

      Crafting Minimal Ubuntu Images for Embedded Brilliance

      pubsub.slavino.sk / linuxyournal · 2 days ago - 15:11 · 1 minute

    Crafting Minimal Ubuntu Images for Embedded Brilliance

    Introduction

    In the vast and evolving landscape of technology, embedded systems stand as silent yet powerful pillars supporting an array of applications, from the simplicity of a digital watch to the complexity of autonomous vehicles. These dedicated computing behemoths often operate within constrained environments, necessitating an operating system that is not just robust but also refined in its minimalism. Enter Ubuntu, a versatile and widely acclaimed Linux distribution, which emerges as an unexpected yet fitting candidate for this purpose. This article delves into the art of constructing minimal Ubuntu images tailored for the unique demands of embedded systems, illuminating the pathway towards enhanced performance, fortified security, and streamlined maintenance.

    Understanding the Core of Minimalism in Embedded Systems

    Embedded systems are intricately designed to perform specific tasks, where every millisecond of processing time and every byte of memory counts. In such a landscape, Ubuntu, known for its user-friendly approach and comprehensive support, may not seem like the obvious choice. However, its adaptability and the vast repository of packages make Ubuntu a prime candidate for customization into a lean operating system footprint suitable for embedded applications. The quest for minimalism isn't merely about shedding weight; it's about achieving the pinnacle of efficiency and security.

    The Pillars of Performance Enhancement

    A minimal Ubuntu image, stripped of unnecessary packages and services, boots faster and runs more efficiently, allowing embedded systems to dedicate more resources to their primary functions. This streamlined approach ensures that embedded devices can operate within their limited computational and memory capacities without compromising on their core functionalities.

    The Fortress of Security

    In the realm of embedded systems, where devices often operate in critical and sometimes inaccessible environments, security is paramount. A minimal Ubuntu image inherently possesses fewer vulnerabilities, as each removed package eliminates potential entry points for attackers. This minimalistic approach not only secures the device but also simplifies compliance with stringent security standards.

    The Ease of Updates and Maintenance

    Maintaining embedded systems, particularly those deployed in remote or challenging locations, can be daunting. Minimal Ubuntu images, with their reduced complexity, offer a more manageable solution. Updates are quicker and less intrusive, minimizing system downtime and reducing the risk of update-induced failures.


    Značky: #Linux

    • chevron_right

      Microsoft prépare une interface graphique pour WSL avec Dev Home

      news.movim.eu / Korben · 3 days ago - 16:18 · 1 minute

    Bonne nouvelle si vous utilisez WSL (Windows Subsystem for Linux) , vous devriez bientôt échapper au bon vieux terminal puisque Microsoft travaille actuellement sur une interface qui nous permettra de gérer nos distros Linux adorées directement depuis Windows 11.

    Les petits gars de chez Microsoft ont tout prévu puisqu’il y aura un onglet dédié dans Dev Home qui va permettre de voir vos VM, d’afficher leur conso, de les supprimer, de les mettra par défaut…etc. Bref, de tout gérer en mode click-o-drome comme d’hab chez krosoft.

    Ils ont également pensé à un système pour y monter des disques formatés sous Linux, gérer les mises à jour et nous tenir au jus des dernières nouveautés. C’est pas beau ça ?

    Le but pour Microsoft, c’est surtout de démocratiser WSL et de le rendre accessible au plus grand nombre. Bon, bien sûr pour le moment, tout n’est pas encore parfait et il y a encore du taf pour rendre l’intégration vraiment fluide et trouver le bon équilibre entre simplicité et fonctionnalités. Mais je leur fais confiance ^^.

    Bref, surveillez bien les mises à jour de Dev Home dans les prochains mois, parce que ça va bouger ! Et si vous voulez suivre l’avancée du projet, n’hésitez pas à checker régulièrement le repo GitHub .

    Source

    • chevron_right

      Linux Version Odyssey: Navigating Through Time and Technology

      pubsub.slavino.sk / linuxyournal · 7 days ago - 16:00 edit · 1 minute

    Linux Version Odyssey: Navigating Through Time and Technology

    Linux, the cornerstone of modern computing, powers everything from tiny embedded devices to the world's most formidable supercomputers. Its open-source nature has fostered a rich ecosystem of distributions (distros), each tailored to different needs and preferences. However, this diversity also introduces complexity, especially when it comes to managing different versions of Linux over time. This article will navigate you through the labyrinth of past, present, and future Linux versions, equipping you with the knowledge to manage and utilize these systems effectively.

    Understanding Linux Versioning

    Linux versioning might seem daunting at first glance, but it follows a logical structure once understood. Major Linux distributions like Ubuntu, Fedora, and CentOS have their own versioning schemes, typically involving a mix of numbers and, sometimes, names. For example, Ubuntu versions are numbered based on the year and month of release (e.g., Ubuntu 20.04 was released in April 2020), and LTS (Long Term Support) versions are released every two years, offering five years of support.

    Navigating Past Linux Versions

    Older versions of Linux distros often face compatibility issues with newer hardware, limiting their functionality. Additionally, as software evolves, applications may no longer support outdated versions, complicating tasks that require up-to-date software. Moreover, security is a significant concern; older, unsupported versions do not receive security updates, exposing systems to vulnerabilities.

    Maintaining legacy systems securely requires a strategic approach. One can isolate these systems from the internet or use them in a controlled environment. Furthermore, communities and special-interest groups often support older versions, providing patches or advice on managing these systems.

    Embracing Current Linux Versions

    Regular updates are crucial for security and performance. Most Linux distros offer simple commands or graphical interfaces to check and apply updates, ensuring your system is protected and efficient. Transitioning between versions, although daunting, is made manageable through guides provided by most distributions, detailing steps to upgrade without losing data.

    Transitioning requires careful planning. Always back up your data before upgrading. Understand the changes and new features introduced in the new version to adapt quickly and leverage improvements.

    Preparing for Future Linux Versions

    Staying informed about upcoming releases allows users to anticipate changes and prepare accordingly. Engaging with Linux communities and news sources can provide insights into future developments. Additionally, participating in beta testing offers a glimpse into new features and the opportunity to contribute to the Linux ecosystem.


    Značky: #Linux

    • chevron_right

      Brewintosh – Le Macintosh imprimé en 3D

      news.movim.eu / Korben · 7 days ago - 15:09 · 1 minute

    Vous pensiez que les ordinateurs Macintosh vintage étaient condamnés à prendre la poussière au fond d’un placard ?

    Ah ! Grave erreur !

    Le génial Kevin Noki leur offre une seconde jeunesse grâce à l’ impression 3D et un bon paquet d’huile de coude. En effet, après des mois de labeur acharné, ce passionné (comme vous !!) a réussi l’exploit de donner vie à son « Brewintosh « , une réplique complètement fonctionnelle et aux dimensions exactes du mythique Macintosh 128K . Sous son apparence d’ordinateur tout droit sorti des eighties, cette merveille de rétro-informatique cache des entrailles résolument modernes.

    La vidéo est sympa car sans blabla… Y’a un petit côté contemplation méditative que j’aime bien.

    Fini le processeur Motorola 68000, bonjour le thin client sous Linux !

    L’astuce ? Avoir recréé la coque du Mac en impression 3D pour pouvoir y loger tout un tas de composants dernier cri, comme un écran LCD de caisse enregistreuse ou un lecteur de disquettes USB customisé.

    Grâce à un savant bricolage de cartes Teensy et Arduino, Kevin a même réussi l’exploit de faire tourner Mini vMac , un émulateur Mac, sur son Brewintosh. On peut ainsi y insérer des disquettes virtuelles pour booter le système ou y brancher une carte SD pour partager des fichiers. Classe !

    De quoi vous donner envie de ressusciter votre vieux Mac Plus qui dormait au grenier !

    Source

    • chevron_right

      3D-printed Mac replica is a maker masterwork inside an entirely accurate shell

      news.movim.eu / ArsTechnica · Tuesday, 19 March - 22:24 · 1 minute

    Booted Mac replica with MacPaint open,

    Enlarge (credit: Kevin Noki)

    Have you ever worked on a hobby project where modifying and compiling the source code for a Linux-based emulator was possibly the easiest and most straightforward part of the whole thing?

    Kevin Noki really, really wanted a functioning Macintosh Plus, complete with a functioning, auto-ejecting disk drive that it could boot from. The German maker already had a Mac Plus (1Mb) from eBay, but it had both a busted power supply and floppy drive. Rather than carve out the busted Plus' one-of-a-kind internals and slap a Raspberry Pi in there like some DIY slacker, Noki went … a different path.

    47 minutes and 25 seconds of a tour-de-force of modern maker technology.

    Noki 3D-printed his own Macintosh , the "Brewintosh." I would like you to consider what you think that last sentence means and then wipe your expectations clean. I have watched the entire 48-minute journey of Noki's Brewintosh, which is both very soothing on some ASMR -adjacent gut level and also low-key maddening for the way it plays down all the individual accomplishments along the way. Any one of the Brewintosh's pieces would be my entire weekend, and my spouse would not enjoy my mood while I was sunk into it.

    Read 5 remaining paragraphs | Comments

    • chevron_right

      Integrating Linux and Windows in a Dual-Boot Setup

      pubsub.slavino.sk / linuxyournal · Tuesday, 19 March - 16:00 edit · 1 minute

    Integrating Linux and Windows in a Dual-Boot Setup

    In the realm of computing, the choice between operating systems often feels like a crossroads. Each path—Windows with its widespread application support and user-friendly interface, and Linux with its unparalleled customization and robustness—offers distinct advantages. Yet, why choose one when you can walk both paths? Dual-booting, the practice of hosting Linux and Windows on a single machine, presents a solution. This article delves into the nuanced world of dual-boot systems, unraveling the challenges and laying down step-by-step solutions to integrate Linux and Windows seamlessly.

    Understanding Dual-Boot Systems

    A dual-boot system allows a computer to host two operating systems, giving you the choice of loading one of two (or more) operating systems at startup. This setup is ideal for users who need the robustness and flexibility of Linux for development or programming, alongside the accessibility and application support of Windows. Beyond the versatility, dual-boot systems can also serve as a safety net; if one OS fails, you can boot into the other to troubleshoot or recover data.

    Pre-Installation Considerations

    Before embarking on your dual-boot journey, a few preliminary steps are essential to ensure a smooth setup process.

    Hardware Requirements and Compatibility
    • Check Compatibility: Ensure your hardware is compatible with both Windows and Linux. Most modern hardware supports both, but checking the compatibility lists for your Linux distribution is wise.
    • System Requirements: Verify that your system meets the requirements for both operating systems. Generally, if it can run Windows, Linux won't be a problem.
    Backup Strategies

    Backup your data before proceeding. This can include personal files, application data, and even a full system backup of your current operating system. Tools like Macrium Reflect for Windows or Timeshift for Linux can help.

    Partitioning the Hard Drive

    Partitioning your hard drive is crucial for dual-booting. You'll need separate partitions for each operating system and possibly a shared partition for data accessible by both.

    1. Partition Scheme: Use a tool like GParted to resize your current partitions and create new ones for the second OS.
    2. File Systems: Windows primarily uses NTFS, while Linux favors ext4. For shared data, NTFS is recommended as both systems can access it reliably.
    Installation Order

    Install Windows first, followed by Linux. Windows' bootloader doesn't play nicely with others, whereas Linux's GRUB bootloader can easily add Windows to its boot menu.


    Značky: #Linux

    • chevron_right

      Playtron wants to go way wider than Steam with a gaming OS for “core casuals”

      news.movim.eu / ArsTechnica · Monday, 18 March - 20:36 · 1 minute

    Mock-up of a potential Playtron device

    Enlarge / This isn't what the first PlaytronOS-powered device will look like. That could be your Steam Deck, a 5G device from your cell carrier, or maybe your car. (credit: Playtron)

    The Steam Deck's OS is purpose-built for handheld gaming, but it's confined to one device, unless you're willing to head out to the bleeding edge . Beyond SteamOS, there is Windows, which can let down ambitious Deck-likes, there is the Nintendo Switch, and there are Android-based devices that are a lot like Android phones. This setup has got at least one company saying, in infomercial tones, that there has got to be a better way.

    That company is Playtron, a new software startup that aims to fix that setup with a Linux-based gaming OS that's tied to no particular game store or platform. Playtron has $10 million, coders from open source projects like ChimeraOS and Heroic Games Launcher, and the former CEO of Cyanogen. With that, it aims to have "Playtron-native devices shipping worldwide in 2025," and to capture the 1 billion "core casual" gamers they see as under-served.

    Demo of Playtron running on a Lenovo Legion Go, uploaded by Playtron CEO Kirk McMaster.

    What devices will Playtron use to serve them? Some of them might be Steam Decks, as you will "soon be able to install Playtron on your favorite handheld PC," according to Playtron's ambitious, somewhat scattershot single-page website . Some might be "Playtron-powered 5G devices coming soon to markets around the world." Really, though, Playtron aims to provide a gaming platform to any device with a CPU and a screen, be it desktop or mobile, ARM or x86, TV or car.

    Read 3 remaining paragraphs | Comments

    • chevron_right

      Secure A Multi-Server Security Engine Installation With HTTPS

      pubsub.slavino.sk / linuxyournal · Thursday, 14 March - 16:00 edit · 1 minute

    Secure A Multi-Server Security Engine Installation With HTTPS

    Welcome to the second part of our tutorial on how to set up and secure a multi-server CrowdSec Security Engine installation. In the first part , I walked you through the setup of CrowdSec Security Engines across multiple servers, with one server serving as the parent and two additional machines forwarding alerts to it.

    In this part, I will address security issues posed by clear HTTP communication in the previous multi-server Security Engine installation. To solve this, I propose establishing the communication between Security Engines over encrypted channels. This solution allows server-2 or server-3 to trust the server-1 identity and avoid man-in-the-middle attacks.

    Using self-signed certificates

    Create the certificate

    First, you need to create a certificate. This can be achieved with the following one-liner.

    bash
    openssl req -x509 -newkey rsa:4096 -keyout encrypted-key.pem -out cert.pem -days 365 -addext "subjectAltName = IP:172.31.100.242"
    

    For now, the Security Engine is not able to ask for the passphrase of the private key when starting. So, you have the choice to decipher the private key by hand each time you start or reload the Security Engine or store the key unencrypted. In any way, to strip the passphrase, you can use the following:

    bash
    openssl rsa -in encrypted-key.pem -out key.pem
    

    Then, the unencrypted key file can be safely deleted after the Security Engine is started.

    Configure the Security Engine to use a self-signed certificate

    On server-1 , you need to configure the Security Engine to use the generated certificate. As seen below, the tls.cert_file and tls.key_file options in the api.server section of the following /etc/crowdec/config.yaml excerpt is set to the generated certificate file.

    yaml
    api:
      server:
        log_level: info
        listen_uri: 10.0.0.1:8080
        profiles_path: /etc/crowdsec/profiles.yaml
        online_client: # Crowdsec API credentials (to push signals and receive bad 
    
        tls:
          cert_file: /etc/crowdsec/ssl/cert.pem
          key_file: /etc/crowdsec/ssl/key.pem
    

    On the client side, configuration changes happen in two files. First, modify /etc/crowdec/config.yaml to accept self-signed certificates by setting the insecure_skip_verify to true.

    You also need to change HTTP for HTTPS in the /etc/crowdsec/local_api_credentials.yaml file in order to reflect the changes. This small change has to be done on all three servers ( server-1 , server-2 , and server-3 ).


    Značky: #Linux

    • wifi_tethering open_in_new

      This post is public

      www.linuxjournal.com /content/improve-crowdsec-multi-server-installation-https-between-agents

    • chevron_right

      Setting up a Multi-Server Security Engine Installation

      pubsub.slavino.sk / linuxyournal · Thursday, 14 March - 16:00 edit · 1 minute

    Setting up a Multi-Server Security Engine Installation

    With the launch of Security Engine 1.0.x, we enabled the Security Engine to function as an HTTP REST API, allowing it to gather signals from other Security Engines.

    I will guide you through the steps to set up the CrowdSec Security Engine across multiple servers, where one server will serve as the parent and two additional machines will forward alerts to it.

    Benefits

    Sharing cybersecurity incidents across machines using the CrowdSec Security Engine is a highly effective strategy to enhance collective security defenses. By leveraging CrowdSec's capability to distribute remediations among connected machines, each machine benefits from real-time updates about new threats detected elsewhere in the network.

    Architecture

    CrowdSec Goals Infographic

    In the diagram above, the parent Security Engine, designated as server-1 , will be set up as the HTTP REST API, commonly known as the LAPI (Local API). This engine will be in charge of storing and distributing the gathered signals. Remediation is managed through the Remediation Components , which depend on the LAPI offered by server-1 . It's crucial to understand that mitigation can occur independently from detection.

    Server-2 and server-3 are designated as internet-facing machines that will host services available to the public and will be known as the child Log Processors. On these servers, we will install CrowdSec Security Engine and Remediation Components , which will interact with the server-1 LAPI.

    Note: The phrase child Log Processors refers to a CrowdSec Security Engine that operates with its LAPI turned off. For more information on this, consult our Taxonomy Update Article .

    We strongly encourage you to explore the CrowdSec Hub to learn about the extensive range of services the Security Engine can protect. This platform showcases the diverse capabilities of the Engine in securing everything from web applications to databases against cyber threats.


    Značky: #Linux