Anzeige: Zentrale Benutzerverwaltung mit Keycloak sicher umsetzen
Zugriffssteuerung, Authentifizierung und zentrale Benutzerverwaltung - ein Online-Workshop zeigt, wie sich Keycloak gezielt in bestehende IT-Strukturen integrieren lässt. ( Golem Karrierewelt, Linux)
21 Secret Linux Commands Hackers and Sysadmins Don’t Want You to Know About
Not your usual ‘ls’ and ‘pwd’ — these are the real tools used by professionals.
[Continue reading on InfoSec Write-ups »](https://info … ⌘ Read more
↳
In-reply-to
»
I had a lot of fun with my modems these past few days:
⤋ Read More
SuSE Linux 6.4 and Arachne on DOS also work (with Windows 2000 as a call target):
[$] Nyxt: the Emacs-like web browser
Nyxt is an unusual web
browser that tries to answer the question, “what if Emacs was a
good web browser?”. Nyxt is not an Emacs package, but a full
web browser written in Common Lisp and available under the BSD
three-clause license. Its target audience is developers who want a
browser that is keyboard-driven and extensible; Nyxt is also developed
for Linux first, rather than Linux being an afterthought or just a
sliver of its audience. The philosophy (as described … ⌘ Read more
I Learned Rust In 24 Hours To Eat Free Pizza Morally
This is a satirical tech story. For readers who prefer the text version, it’s provided below.
I Learned Rust in 24 Hours to Eat Free Pizza Morally
This is not just a story about pizza. As a recent Phoronix article explains,
the Linux Rust subsystem got into major drama because of my humble quest.
Well, here’s my side of the story, with every kernel of truth exposed.
A Moral Quest for Pizza
Des … ⌘ Read more
[$] Zero-copy for FUSE
In a combined storage and filesystem session at the 2025 Linux Storage,
Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Keith Busch led
a discussion about zero-copy operations for the Filesystem\
in Userspace (FUSE) subsystem. The session was proposed
by his colleague, David Wei, who could not make it to the summit, so Busch
filled in, though he noted that “I do … ⌘ Read more
[$] Open source and the Cyber Resilience Act
The European Union’s
Cyber Resilience Act (CRA) has caused a stir in the
software-development world. Thanks to advocacy by the Eclipse Foundation, Open
Source Initiative, Linux Foundation, Mozilla, and others, open-source software
projects generally have minimal requirements under the CRA
— but nothing to do with law is ever quite
so simple. Marta Rybczyńska spoke at Linaro Connect 2025 about the impact of the
CRA on the open-source eco … ⌘ Read more
Aus dem Verlag: Golem-Plus-Leser erhalten Rabatt auf digitales Linux-Magazin
Golem-Plus-Leser können 33 Prozent auf ein Linux-Magazin-Jahresabo sparen - für zwölf Ausgaben und Vollzugriff auf ein Archiv für tiefes Open-Source-Wissen. ( Aus dem Verlag, Open Source)
[$] LWN.net Weekly Edition for June 5, 2025
Inside this week’s LWN.net Weekly Edition:
Front: OpenH264 in Fedora; Wallabag; Safety certification; 6.16 Merge window; Bounce buffering; Hardening repository problems; Device-initiated I/O; Faster networking; OSPM 2025; Free software in science.
Briefs: Kea vulnerabilities; Alpine Linux 3.22.0; Fedora strategy; Quotes; …
Announcements: Newsletters, conferences, securi … ⌘ Read more
[$] Device-initiated I/O
Peer-to-peer DMA (P2PDMA) has been part of
the kernel since the 4.20 release in 2018;
it provides a framework that allows devices to transfer data between themselves
directly, without using system RAM for the transfer. At the 2025 Linux
Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Stephen
Bates led a combined storage, filesystems, and memory-management session on
device-initiated I/O, which is perhaps what P2PDMA is … ⌘ Read more
Anzeige: LPIC-1-Zertifizierung - fünf Tage intensive Vorbereitung
Das LPIC-1-Zertifikat gilt international als Nachweis fundierter Linux-Kompetenz. Ein fünftägiger Onlinekurs bereitet gezielt auf die Prüfungen LPI 101 und 102 vor - praxisnah und prüfungsorientiert. ( Golem Karrierewelt, Server-Applikationen) 
Per Coredump: Angreifer können unter Linux Passwort-Hashes abgreifen
Mehrere Versionen von Ubuntu, Fedora und RHEL sind angreifbar. Böswillige Akteure können Anwendungen crashen und vertrauliche Daten erbeuten. ( Sicherheitslücke, Ubuntu)
Alpine Linux 3.22.0 released
Version\
3.22.0 of the Alpine Linux distribution has been released. Notable
changes in this release include the removal of the X11 session for KDE
Plasma, a switch to systemd-efistub, and experimental support
for user\
services with the OpenRC
init system. See the [release\
notes](https://wiki.alpinelinux.org/wiki/Rele … ⌘ Read more
WhisperD: linux voice-to-text using OpenAI whisper-1 transcription
I wrote this as an exercise to learn how to use ioctl & input devices, but I like how it turned out! It does have a hard dependency on pipewire though.
[$] Reports from OSPM 2025, day three
The seventh edition of the Power Management and Scheduling\
in the Linux Kernel Summit (known as “OSPM”) took place on March 18-20,
2025. Topics discussed on the third (and final) day include proxy
execution, energy-aware scheduling, the deadline scheduler, and an
evaluation of the kernel’s EEVDF scheduler. ⌘ Read more
Security updates for Friday
Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, firefox, ghostscript, gstreamer1-plugins-bad-free, libsoup3, mingw-freetype, perl, ruby, sqlite, thunderbird, unbound, valkey, and xz), Debian (chromium, firefox-esr, libavif, linux-6.1, modsecurity-apache, mydumper, systemd, and thunderbird), Fedora (coreutils, dnsdist, docker-buildx, maturin, mingw-python-flask, mingw-python-flit-core, ruff, rust-hashlink, rust-rusqlite, and thunderbird), Red Hat (pcs), SUSE (augeas, … ⌘ Read more
One of the Last Linux Magazines Ends Print Publication
Linux Format Magazine ends publication after 25 years - joining Linux Journal, Ubuntu User, Maximum Linux and many other now-dead Linux publications. ⌘ Read more
[$] Glibc project revisits infrastructure security
The GNU C Library
(glibc) is the core C library for most Linux distributions, so it is a
crucial part of the open-source ecosystem—and an attractive
target for any attackers looking to carry out supply-chain
attacks. With that being the case, securing the project’s
infrastructure using industry best practices and improving the
security of its development practices are a frequent topic among glibc
developers. A recent discussion suggests that improveme … ⌘ Read more
[$] Allowing BPF programs more access to the network
Mahé Tardy led two sessions about some of the challenges that he, Kornilios Kourtis,
and John Fastabend have run into in their work on
Tetragon (Apache-licensed BPF-based security monitoring software)
at the Linux Storage, Filesystem, Memory Management, and BPF Summit. The session
prompted discussion about the feasibility of letting BPF programs
send data over the network, as well as potential new kfuncs to let BPF firewalls
send TCP reset packets. Tardy pre … ⌘ Read more
Security updates for Wednesday
Security updates have been issued by AlmaLinux (gstreamer1-plugins-bad-free and kernel), Arch Linux (bind and varnish), Debian (glibc and syslog-ng), Fedora (microcode_ctl, mozilla-ublock-origin, nodejs20, and nodejs22), Mageia (firefox, nss, rootcerts, open-vm-tools, sqlite3, and thunderbird), Oracle (gstreamer1-plugins-bad-free, kernel, libsoup, nodejs:22, php, php:8.2, php:8.3, python-tornado, redis, and redis:7), Red Hat (libsoup, pcs, and python-tornado), Slackware … ⌘ Read more
Klinge FPGA Computer Targets Secure, Headless Linux Deployments
Klinge is a compact FPGA-based headless computer designed by Lone Dynamics Corporation. It targets secure networking and long-term Linux applications, and can be used as a blade server in modular enclosures or standalone setups. Klinge uses the Lattice ECP5 FPGA (LFE5U-25F), offering 24K LUTs when compiled with open-source tools. The board includes 512MB of DDR3L […] ⌘ Read more
AlmaLinux OS 10.0 released
Version\
10 of the AlmaLinux OS distribution has been released.
The goal of AlmaLinux OS is to support our community, and AlmaLinux
OS 10 is the best example of that yet. With an unwavering eye on
maintaining compatibility with Red Hat Enterprise Linux (RHEL), we
have made small improvements to AlmaLinux OS 10 that target
specific sections of our userbase.
See [the\ release notes](https://wiki.almalinux.org/release-notes/10.0.h … ⌘ Read more
[$] Verifying the BPF verifier’s path-exploration logic
Srinivas Narayana led a remote session about extending
Agni to prove the correctness of
the BPF verifier’s handling of different execution paths as part of the Linux Storage,
Filesystem, Memory Management, and BPF Summit. The problem of ensuring the
correctness of path exploration
is much more difficult than the problem of
ensuring the co … ⌘ Read more
gamado à @aperture@aperture porque há meses/anos que quero escrever um texto sobre esta postura, e esta imagem explica tão bem o problema
(fonte)
The 6.15 kernel has been released
Linus has released the 6.15 kernel, as
expected.
So this was delayed by a couple of hours because of a last-minute
bug report resulting in one new feature being disabled at the
eleventh hour, but 6.15 is out there now.
Significant changes in 6.15 include smarter timer-ID assignment to make
checkpoint/restore operations more reliable, the [ability](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/comm … ⌘ Read more
Hardkernel Introduces Low-Cost Amlogic S905X5M SBC with 4K@60Hz HDMI Output
The ODROID-C5 is a compact single-board computer designed for developers and hobbyists working with Linux or Android platforms. It features improved performance, reduced power consumption, and enhanced memory and storage interfaces over its predecessor, the ODROID-C4. The board is powered by the Amlogic S905X5M processor, which combines a quad-core Arm Cortex-A55 CPU running at 2.5GHz […] ⌘ Read more
How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation
Comments ⌘ Read more
[$] Reports from OSPM 2025, day two
The seventh edition of the Power Management and Scheduling\
in the Linux Kernel Summit (known as “OSPM”) took place on March 18-20,
2025. Topics discussed on the second day include improvements to device
suspend and resume, the status and future of sched_ext, the scx_lavd
scheduler, improving the efficiency of load balancing, and hierarchical
constant bandwidth server scheduling. ⌘ Read more
[$] Formally verifying the BPF verifier
The BPF verifier is an increasingly complex and security-critical piece of code.
When the kinds of people who are apt to work on BPF see a situation like that,
they naturally question whether it’s possible to use formal verification to
ensure that the implementation of the code in question is correct. Santosh
Nagarakatte led the first of two extra-long sessions in the BPF track
of the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit
about his team’s work formally verifying the … ⌘ Read more
Security updates for Friday
Security updates have been issued by Fedora (dotnet9.0, dropbear, ghostscript, nbdkit, openssh, python-watchfiles, rpm-ostree, yelp, yelp-xsl, and zsync), Oracle (firefox and kernel), Red Hat (osbuild-composer), Slackware (aaa_glibc and mozilla), SUSE (chromedriver, open-vm-tools, postgresql14, python-cryptography, and thunderbird), and Ubuntu (linux-aws, linux-hwe-5.4, python, and sqlite3). ⌘ Read more
Home Assistant deprecates the “core” and “supervised” installation modes
Our recent article on Home Assistant
observed that the project emphasizes installations using its own Linux
distribution or within containers. The project has now made that emphasis
rather stronger with this\
announcement of the deprecation of the “core” and “supervised”
installation modes, which allowed H … ⌘ Read more
Security updates for Thursday
Security updates have been issued by AlmaLinux (kernel, kernel-rt, and webkit2gtk3), Fedora (mozilla-ublock-origin and sudo-rs), Oracle (.NET 8.0, compat-openssl10, grafana, osbuild-composer, redis:6, ruby:2.5, and webkit2gtk3), SUSE (dante, firefox-esr, gnuplot, govulncheck-vulndb, grype, postgresql13, postgresql14, postgresql15, postgresql16, postgresql17, python-tornado6, python314, thunderbird, ucode-intel, and xen), and Ubuntu (bind9, libfcgi-perl, linux-ibm-5.4, linux-oracle-5.4 … ⌘ Read more
It’s the Year of the Linux Desktop… IN SPACE! (And Maybe North Korea)
There is one place, in the entire Universe, where Linux has a dominant marketshare on Desktop and Laptop computers: Outer Space. ⌘ Read more
Security updates for Wednesday
Security updates have been issued by AlmaLinux (.NET 8.0, avahi, buildah, compat-openssl10, compat-openssl11, expat, firefox, gimp, git, grafana, libsoup, libxslt, mod_auth_openidc, nginx, nodejs:22, osbuild-composer, php, redis, redis:7, skopeo, thunderbird, vim, webkit2gtk3, xterm, and yelp), Arch Linux (dropbear, freetype2, go, nodejs, nodejs-lts-iron, nodejs-lts-jod, python-django, webkit2gtk, webkit2gtk-4.1, webkitgtk-6.0, and wpewebkit), Debian (mongo-c-driver), Fedora (openssh, … ⌘ Read more
SiFive and Red Hat Collaborate to Bring RHEL 10 to RISC-V Development
SiFive has announced a new collaboration with Red Hat to deliver a developer preview of Red Hat Enterprise Linux 10 for the RISC-V architecture. The initial support is available on the SiFive HiFive Premier P550 development platform, giving developers a path to build and test enterprise and cloud workloads on RISC-V hardware. The HiFive Premier […] ⌘ Read more
[$] An update on continuous testing of BPF kernel patches
Ihor Solodrai has been working on the BPF subsystem’s continuous-integration
(CI) testing for the last six months. At the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit, he remotely shared
an update on his work, and solicited feedback on how the tests could be further
improved. Much of the work he’s done has been specific to the BPF subsystem, but
some is more generic and could potentially be of use to other subsystems. He
also shared some general lessons le … ⌘ Read more
Red Hat Enterprise Linux 10 released
Red Hat has announced
the release of Red Hat Enterprise Linux (RHEL) 10. A blog post
accompanying the release provides details on some of the more notable
features, such as encrypted DNS, a developer preview of RHEL 10
for RISC-V,
and image\
mode for RHEL using [bootc](https://lwn.net/A … ⌘ Read more
Security updates for Tuesday
Security updates have been issued by Debian (firefox-esr, openjdk-11, openjdk-17, and wireless-regdb), Fedora (iputils, open-vm-tools, sfnt2woff-zopfli, and woff), Red Hat (postgresql:12), SUSE (apache2-mod_auth_openidc, brltty, helm, python-maturin, and rubygem-rack), and Ubuntu (linux-azure-fips). ⌘ Read more
Android is a brunch of linux. You only need to install a terminal app. But the termux app on Google Apps will not run on old android. Perhaps connectbot (ssh client) will run.
[$] Reports from OSPM 2025, day one
The seventh edition of the Power Management and Scheduling\
in the Linux Kernel (known as “OSPM”) Summit took place on March 18-20,
2025. It was organized by Juri Lelli, Frauke Jäger, Tommaso Cucinotta, and
Lorenzo Pieralisi, and was hosted by Linutronix at Alte Fabrik,
Uhldingen-Mühlhofen, Germany. The event was sponsored by Linutronix, Arm,
and the Scuola Superiore Sant’Anna in Pisa. ⌘ Read more
斬獲 4-1K star,再見 tcpdump!Kyanos 這款開源神器讓網絡分析快如閃電!
Kyanos 是一款基於革命性 eBPF 技術打造的開源網絡分析工具,專爲解決現代分佈式系統中的網絡疑難雜症而生。它能像 X 光機般透視 Linux 內核的網絡活動,精準定位 HTTP、Redis、MySQL 等協議的性能瓶頸,讓 “服務爲什麼變慢” 這類世紀難題迎刃而解。與傳統抓包工具相比,Kyanos 具備三大殺手鐧:零配置開箱即用:單個二進制文件搞定所有監控需求 內核級透視能力:從 ⌘ Read more
Go 語言中字符串四種拼接方式的性能對比,哪個更勝一籌?
在 Go 語言開發中,字符串拼接是最常見的操作之一。不同的拼接方式在性能上可能有數量級的差異,特別是在高頻調用或大數據量處理的場景下。本文將使用標準基準測試,全面對比四種主流字符串拼接方式的性能表現。測試環境與方法測試環境Go 版本:1.20+ 操作系統:macOS/Windows/Linux CPU:8 核 測試方法我們創建了一個完整的基準測試文件echobenchtest.g ⌘ Read more
Go 語言中字符串四種拼接方式的性能對比,哪個更勝一籌?
在 Go 語言開發中,字符串拼接是最常見的操作之一。不同的拼接方式在性能上可能有數量級的差異,特別是在高頻調用或大數據量處理的場景下。本文將使用標準基準測試,全面對比四種主流字符串拼接方式的性能表現。測試環境與方法測試環境Go 版本:1.20+ 操作系統:macOS/Windows/Linux CPU:8 核 測試方法我們創建了一個完整的基準測試文件echobenchtest.g ⌘ Read more
5 Linux Commands You’ve Probably Never Heard Of
In this article, I will show you five Linux commands you’ve probably never heard of. They’re simple, practical, and designed to make your…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.c … ⌘ Read more
↳
In-reply-to
»
@lyse Nope, this is some random photo. 😅
⤋ Read More
@movq@www.uninformativ.de you need to get a gold chain and hang this little penguin on it, so that nobody can doubt your Linux user status.
Fixing Unix/Linux/POSIX Filenames: Control Characters (such as Newline), Leading Dashes, and Other Problems (2009, 2024)
Comments ⌘ Read more
Hello from my SCHI535, a Samsung Galaxy S3 running Android Kitkat. I want to put Linux on this thing.
Yet Another Linux Distro Ditches Firefox for Brave
First Zorin OS, now the Fedora-based Nobara changes the default web browser. ⌘ Read more
An Asahi Linux 6.15 progress report
The Asahi Linux
project, which supports Linux on Apple Silicon Macs, has published a
progress report ahead of the 6.15 kernel’s release.
We are pleased to announce that our graphics driver userspace API
(uAPI) has been merged into the Linux kernel. This major milestone
allows us to finally enable OpenGL, OpenCL and Vulkan support for
Apple Silicon in upstream Mesa. This is the only time a graphics
driver’s uAPI has been merged into the kernel independent … ⌘ Read more
[$] A new DMA-mapping API
Leon Romanovsky began his session at the 2025 Linux Storage, Filesystem,
Memory Management, and BPF Summit (LSFMM+BPF) by explaining that the improved DMA-mapping API that he has been
working on is a group effort. He, Chaitanya Kulkarni, Christoph Hellwig,
Jason Gunthorpe, and others are proposing to modernize the API and to
“make it more suitable for current kernels”. He told the assembled
storage and filesystem developers that the progress on the proposal has
stalled, but that it was the basis for further … ⌘ Read more
Oniux: kernel-level Tor isolation for Linux applications
The Tor project has announced
the oniux utility which provides Tor network isolation, using Linux
namespaces, for third-party applications.
Namespaces are a powerful feature that gives us the ability to
isolate Tor network access of an arbitrary application. We put each
application in a network namespace that doesn’t provide access … ⌘ Read more
Expose & Explore: Discover misconfigured service protocols and ports using Linux
Internet Assigned Numbers Authority (IANA) is the organisation responsible for managing and assigning port number … ⌘ Read more
[$] The future of Flatpak
At the Linux Application\
Summit (LAS) in April, Sebastian Wick said that, by many metrics, Flatpak is doing great. The Flatpak
application-packaging format is popular with upstream developers, and
with many users. More and more applications are being published in the
Flathub application store, and the
format is even being adopted by Linux distributions like
Fedora. However, he worried that work on the Flatpak project itself
had s … ⌘ Read more
OH MY FUCKING GOD I’M GOING TO CRY I NEED BIG TUX SO BAD https://www.steiner-plueschshop.de/kuscheltiere/arktis-seetiere/pinguin-linux/
Security updates for Wednesday
Security updates have been issued by AlmaLinux (emacs, firefox, gnutls, java-17-openjdk, java-21-openjdk, osbuild-composer, python39:3.9, and thunderbird), Arch Linux (screen), Debian (varnish), Fedora (chromium), Gentoo (Atop, FreeType, and Spidermonkey), Mageia (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-latest-openjdk and postgresql15, postgresql13), Oracle (389-ds-base, emacs, firefox, kernel, libsoup, libtiff, mod_auth_openidc:2.3, nodejs:20, nodejs:22, … ⌘ Read more
[$] A look at what’s possible with BPF arenas
BPF arenas are areas of memory where the verifier can safely relax its checking of
pointers, allowing programmers to write arbitrary data structures in BPF. Emil
Tsalapatis reported on how his team has used arenas in writing
sched_ext schedulers at the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit. His biggest complaint was about the fact that
kernel pointers can’t be stored in BPF arenas — someth … ⌘ Read more
How to install and run Minikube with Rootless Podman on ARM-based MacBooks
minikube provides a local Kubernetes cluster on macOS, Linux, and Windows. minikube’s primary goals are to be the best tool for local Kubernetes application development and to support all Kubernetes features that fit into that environment…. ⌘ Read more
Security updates for Tuesday
Security updates have been issued by Debian (libeconf and rubygems), Fedora (libxmp), Gentoo (glibc), Oracle (java-1.8.0-openjdk, kernel, libxslt, and virtuoso-opensource), SUSE (augeas, git-lfs, kanidm, and tomcat10), and Ubuntu (linux-lts-xenial). ⌘ Read more
Multiple security issues in Screen
The SUSE Security Team has published
an article detailing several security\
issues it has uncovered with GNU Screen. This includes
a local root exploit when Screen is shipped setuid-root, as it is in
some Linux and BSD distributions. The security team also reports [problems\
in coordinating disclosure … ⌘ Read more
VPS troubles and the weekend
This weekend I went to the cottage with P on Friday. I hoped I would
have a nice weekend reading in front of the wood stove, but I had also
planned to spend at least a few hours trying to configure Maddy as the
new mail server for hack.org et al.
Then the web server I moved to the new VPS died. Again. I connected to
the VNC console and, like before, the Linux kernel couldn’t find its
root disk. A simple:
# mount /dev/vda2 /sysroot; exit
in the emergency shell solved thi … ⌘ Read more
[$] A FUSE implementation for famfs
The famfs
filesystem is meant to provide a shared-memory filesystem for large data
sets that are accessed for computations by multiple systems. It was
developed by John Groves, who led a combined filesystem and
memory-management session at
the 2025 Linux Storage, Filesystem, Memory
Management, and BPF Summit (LSFMM+BPF) to discuss it. The session was a
follow-up to [the famfs session at last year’s\
summit](https://lwn.net/Articles … ⌘ Read more
Mastering Linux Part 3: A Beginner’s Guide to APT and YUM Package Management
A Beginner’s Guide to APT and YUM Package Management
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com … ⌘ Read more
[$] Hash table memory usage and a BPF interpreter bug
Anton Protopopov led a short discussion at the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit about amount of memory used
by hash tables in BPF programs. He thinks that the current memory layout is
inefficient, and wants to split the structure that holds table entries into two
variants for different kinds of maps. When that proposal proved
uncontroversial, he also took the chance to talk about a bug in BPF’s call
instruction. ⌘ Read more
Canonical (Ubuntu) Requiring Applicants Take “DEI and Belonging” Class
Want a job working on Ubuntu Linux? ⌘ Read more
Security updates for Wednesday
Security updates have been issued by Fedora (incus and nodejs20), Red Hat (freetype, kernel, kernel-rt, libsoup, libtiff, redis, redis:6, and thunderbird), SUSE (apparmor, chromium, grafana, ImageMagick, java-11-openjdk, java-17-openjdk, libsoup, libsoup2, libxslt, opensaml, rabbitmq-server, rubygem-rack-1_6, sqlite3, and thunderbird), and Ubuntu (kernel, libfcgi, libraw, libsoup2.4, linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ib … ⌘ Read more
A Penetration Tester’s Journey
Part 4 of “Beginner to Master in Linux” — A Penetration Tester’s Journey
A Must-Have Tool for Bug Hunters: Find Open Redirect Vulnerabilities on Linux
Automate open redirection detection, save hours of manual testing, and level up your bug bounty recon game.
[Continue … ⌘ Read more
How to build a fleet of networked offsite backups using Linux, WireGuard and rsync
Comments ⌘ Read more
[$] Filtering fanotify events with BPF
Linux systems can have large filesystems; trying to keep up with the
stream of
fanotify filesystem-monitoring notifications for them can be a struggle.
Fanotify is one of a few ways to monitor accesses to filesystems provided by the kernel.
Song Liu led a discussion
on how to improve in-kernel filtering of fanotify events to a joint
session of the filesystem and BPF tracks at the 2025 Linux Storage, Filesystem,
Memo … ⌘ Read more
[$] Improving FUSE writeback performance
In a combined filesystem and memory-management session at
the 2025 Linux Storage, Filesystem, Memory
Management, and BPF Summit (LSFMM+BPF), Joanne Koong led a discussion on
improving the writeback performance for the Filesystem in\
Userspace (FUSE) layer. Writeback is how data that is written to the
filesystem is actually flushed to the disk; it is the process of writing
dirty pages from the page cache to storage. The current FUSE
imple … ⌘ Read more
also check out anlinux. using termux and PRoot can run multiple linux distros
If you have an android phone, you can download termux app from Google Apps. It is a linux terminal running on android. android is a kind of linux.
↳
In-reply-to
»
Nobody want to be a shitty programmer. The question is: Do you do anything not to not be one?
Reading blogs or social media and watching YouTube videos is fun. After them, your code may be a little better, of course. But you need a lot. You need to study! Read good books and study the code of other programmers, for example. Maybe work with a new language, architectures and paradigms. You need break the routine.
⤋ Read More
You need break the routine.
I haven’t really done that lately. 🤔 Maybe have another go at Rust (given its increasing importance in the Linux kernel)? Or Elixir, yes, I only had some very, very brief contact with it. 🤔
I just came across an old forum posting of mine about Prolog. That brought up some memories. Prolog is pretty alien, but I do miss stuff like that because it’s so different.
Just thinking out loud here. 😅
“Low on Space in Kali Linux? Here’s How I Fixed It and Freed Up GBs”
“I was in the middle of a pentesting session when Kali refused to cooperate.”
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lo … ⌘ Read more
↳
In-reply-to
»
Confession:
⤋ Read More
@movq@www.uninformativ.de @kat@yarn.girlonthemoon.xyz @quark@ferengi.one In 2014 one person created protocol ii. Later it forked in IDEC. Why i said this? Because it’s simple “federated” forum-like protocol where from your station fetch another every 5-10 minutes. Stations has topic-based channels like idec.talks, linux.16, haiku.os, zx.spectrum. In short it’s FIDO but.. more modern? Documentation: https://github.com/idec-net/new-docs (mostly Russian, but you can use translator, also protocol already translated to english)
[$] Flexible data placement
At
the 2025 Linux Storage, Filesystem, Memory
Management, and BPF Summit (LSFMM+BPF) Kanchan Joshi and Keith Busch led a
combined storage and filesystem session on data placement, which concerns
how the data on a storage device is actually written. In a discussion
that hearkened back to previous summits, the idea is to give hints to enterprise-class
SSDs to help them make better choices on where the data should go; hinting
was most recently [discussed at the summit in 2023](https://lwn.net/Articles/932900/ … ⌘ Read more
Confession:
I’ve never found microblogging like twtxt or the Fediverse or any other “modern” social media to be truly fulfilling/satisfying.
The reason is that it is focused so much on people. You follow this or that person, everybody spends time making a nice profile page, the posts are all very “ego-centric”. Seriously, it feels like everybody is on an ego-trip all the time (this is much worse on the Fediverse, not so much here on twtxt).
I miss the days of topic-based forums/groups. A Linux forum here, a forum about programming there, another one about a certain game. Stuff like that. That was really great – and it didn’t even suffer from the need to federate.
Sadly, most of these forums are dead now. Especially the nerds spend a lot of time on the Fediverse now and have abandoned forums almost completely.
On Mastodon, you can follow hashtags, which somewhat emulates a topic-based experience. But it’s not that great and the protocol isn’t meant to be used that way (just read the snac2 docs on this issue). And the concept of “likes” has eliminated lots of the actual user interaction. ☹️
Security updates for Friday
Security updates have been issued by Debian (chromium, nodejs, openjdk-17, and thunderbird), Fedora (firefox, golang-github-nvidia-container-toolkit, and thunderbird), Mageia (kernel), Oracle (ghostscript, glibc, kernel, libxslt, php:8.1, and thunderbird), SUSE (cmctl, firefox-esr, govulncheck-vulndb, java-21-openjdk, libxml2, poppler, python-h11, and redis), and Ubuntu (docker.io, ghostscript, linux-xilinx-zynqmp, and micropython). ⌘ Read more
PewDiePie | I installed linux
All I can say is.. what? I’m not even sure why this popped up in my youtube frontpage. I don’t generally watch PewDiePie, but in all honesty, it’s a pretty glowing review of Linux, Arch, Hyprland and more. He points out some warts and things here and there around compatibility, but all in all, “PewDiePie takes aim at Microsoft” was not on my 2025 Bingo card…
[$] Custom out-of-memory killers in BPF
The out-of-memory (OOM) killer has long been a scary and controversial part
of the Linux kernel. It is summoned from some dark place when the system
as a whole (or, more recently, any given control group) is running so low
on memory that further allocations are not possible; its job is to kill off
processes until a sufficient amount of memory has been freed. Roman
Gushchin has found a way to make the OOM killer even scarier: adding the
ability to [load\
custom OOM killers in BPF](https://lwn.ne … ⌘ Read more
[$] LWN.net Weekly Edition for May 1, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Mailman 2 vulnerabilities; AI in Debian; __nonstring__; Cache-aware scheduling; Freezing filesystems; Socket-level storage; Debugging information; LWN in 2025.
Briefs: Debian election; Kali Linux key; OpenBSD 7.7; Firefox 138.0; GCC 15.1; Meson 1.8.0; Valgrind 3.25.0; FSF review; OSI retrospective; Mastodon; Quotes; …
[Announcements](https://lwn.net/Arti … ⌘ Read more