GitHub Archive Program is a project to preserve open source software for future generations, as the world runs on open source software, ensuring the amazing works of the open source community are preserved.

While the idea behind the project is to go back in history to preserve the work of individual developers, students, and lesser known developers and their open source projects. Now, the project has expanded with donations to the Bodleian Library at Oxford University in England, the Bibliotheca Alexandrina in Egypt, and the Stanford Libraries in California; and also, storing a copy in the library at GitHub’s headquarters in San Francisco.

And GitHub will be preserving its most popular repositories by the “stars” given by the community, which include projects like Ruby and Go programming languages, with Linux and Android operating systems.

Open source Archive beyond the GitHub Arctic Code Vault

The Archive program includes the storage of a code archive in the Arctic World Archive in Svalbard, Norway, about one mile away from the famous Global Seed Vault, by storing 21TB of repository data and 186 reels of piqlFilm in a decommissioned coal mine in the permafrost this summer.

In partnership with the Long Now Foundation, the Software Heritage Foundation, the Internet Archive, Arctic World Archive, and Microsoft Research, the program aims to preserve both “warm” and “cold” versions of code to ensure multiple copies and formats are preserved, also known as the Lots Of Copies Keeps Stuff Safe (LOCKSS) approach by archivists.

And the overriding idea is to preserve a moment in time, where open source will become the premier mode of software development, and chart the cultural significance of the movement.

Whom are the Archive Program meant to serve?

The archive program is being meant for two sets of people, namely: historians and future software developers who are curious about how a software was developed.

And each donation is encased using a combination of AI-generated art and 3D printing, with all the archived code having technical guides to QR decoding, character encodings, file formats, and other critical metadata; so that future developers can easily decode it.

GitHub expanding its Archive Program into three Historic World Libraries

EasyOS is an experimental Linux distribution based on Debian GNU/Linux, which uses several of the technologies and package formats pioneered by Puppy Linux.

And following EasyOS 2.4 release, the EasyOS team has announced a new point version EasyOS 2.5 under the current EasyOS 2.0 “buster” series, with this latest release built on top of the Debian GNU/Linux 10.6, and includes the long-term Linux kernel 5.4.78 and updated Debian packages like SeaMonkey 2.53.5.

The creator of EasyOS, Barry Kauler, is the former project lead of Puppy Linux and the erstwhile Quirky Linux, which is more reason it inherits features such as frugal mode, menu-hierarchy, and SFS layered filesystem from both Puppy and Quirky Linux, coupled with custom container technology called Easy Containers.

What’s New in EasyOS 2.5 Release?

EasyOS 2.5 has Blueman replaced with a new BluePup Bluetooth manager, albeit users can still install Blueman from the repository, but BluePup is now the default Bluetooth manager with integrated multiple sound card wizard.

Also, EasyOS 2.5 brings a lightweight game called XLennart, which is a fork of Xbill arcade game built using GTK2 toolkit. Other new changes in EasyOS 2.5 includes:

  • Support for PulseAudio
  • French and German language packs updated
  • CUPS setup added to Erase Exceptions app
  • Internationalized bluetoothctl utility
  • Added xf86-input-wacom

Additionally, there is the hardware profiling feature for Pmcputemp CPU temperature monitor, with the Easy Containers, which can run applications or even the entire desktop environment within a container.

How to Download or Upgrade to EasyOS 2.5?

For existing EasyOS users, you can easily upgrade your current system to EasyOS 2.5 by clicking the “update” icon on the desktop, with the upgrade instructions available here.

And if you're a new user and want to give EasyOS 2.5 a spin, you can download the image, and write it to a USB stick, before installing it to a hard drive.

EasyOS 2.5 Release: A Debian GNU/Linux With custom Container technology

Google's Project Zero bug-hunting team member, Natalie Silvanovich, discovered a bug in Facebook Messenger that could have allowed remote attackers to intercept the voice calls of unsuspecting targets and listen to them even before they picked up the call.

While the flaw was reported to Facebook on October 6 and having fulfilled the mandatory 90-day deadline, is now made public as it impacts Messenger version (and later) for Android.

The Messenger bug could have allowed an attacker to simultaneously initiate a call and send a maliciously crafted message to a target who is signed-in to both the app and other Messenger client such as the web browser.

How the Messenger Bug could allow Hackers intercept Voice Calls before Pick Up?

The Messenger bug resides in WebRTC's Session Description Protocol (SDP), which is a standardized format for the exchange of streaming media between two endpoints, thus allowing an attacker to send a specially crafted message known as "SdpUpdate" that could cause the voice call to connect to the called user's device before being answered.

It would then trigger a scenario where, as the device is ringing, the caller would begin to get the audio until the person called answers or the call eventually times out.

As audio and video calls through WebRTC are typically not transmitted with audio until the recipient clicks the accept button, but if the "SdpUpdate" message is sent to the device on the other end while it is ringing, it will result to transmitting audio immediately, and could allow an attacker to spy the called user's environment.

It is quite similar to the Apple's FaceTime bug that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by simply adding their number as a third person in a group chat before even the person on the other end has accepted the incoming call.

Albeit, in the case of the Messenger bug, the caller would need to already have the permissions to call the specific person, that is, the caller and the called would have to be friends on Facebook to pull it off.

How to Mitigate against the Messenger Bug?

The Messenger bug was promptly reported to Facebook and Facebook has subsequently patched the bug, awarding to Silvanovich a $60,000 bug bounty for reporting the issue, which amount is among Facebook's three highest bug bounties to date, and the Google researcher pledges to donate the bounty to a non-profit named GiveWell.

Therefore, it is highly recommended that all Facebook Messenger users should update their Messenger app installed on Android to the latest version to mitigate the flaws.

Messenger Bug could allow Hackers intercept Voice Calls before Pick Up

Kali Linux 2020.4 has been released by Offensive Security, as the final release of 2020 series, with some exciting new penetration testing improvements and tools.

While the latest release follows after Kali Linux 2020.3, that brough the addition of ZSH shell, as formerly, BASH (Bourne Again Shell) was used by default. It also added updates to its ARM Images for ARM-based devices, such as Raspberry Pi and Pinebook Pro, with the changes including the kali-linux-default metapackages and the size reduction for all new ARM images.

Albeit, Bash remains a default shell for other platform images such as NetHunter, ARM, containers, and WSL, but it is expected to be replaced with ZSH in the upcoming release.

What's New in Kali Linux 2020.4 Release?

Besides the replacement of ZSH shell (or Z Shell) with BASH (Bourne Again Shell) as the default command-line shell in the new Kali Linux 2020.4 for desktop and cloud, Kali Linux 2020.4 also brought uniformity in the cross-shell theme.

As a part of Amazon GovCloud, Kali Linux 2020.4 has a new marketplace entry, with the latest Kali version, users can use the latest instance on their old entry, or switch to a new entry. It has also introduced a new metapackage called kali-linux-headless for AWS Cloud image.

Kali has also officially partnered with byt3bl33d3r, the author of CrackMapExec (CME) tool, which means that Kali Linux users will get access to newest changes in CME even before it is made public as the Kali package of CME will directly pull updates from its private codebase.

Additionally, Kali Linux 2020.4 has its Linux kernel upgraded to the latest stable version 5.9, with GNOME and KDE desktop also upgraded to 3.38, and 5.19 respectively.

How to Upgrade to Kali Linux 2020.4

If you’re an existing Kali Linux user running the previous version, you can upgrade your system by using the following commands:

$ sudo apt update && sudo apt -y full-upgrade

Also, you'll need to set the default shell to ZSH using the following commands:

$ cp -i /etc/skel/.zshrc ~/ $ chsh -s /bin/zsh $ zsh

And for those who are new to Kali Linux and want to give the new release a spin, you can download Kali 2020.4 images available for several platforms from the official page.

Kali Linux 2020.4 Release: ZSH replaced by BASH as default Command-line Shell

Servo is an experimental web engine developed by Mozilla taking advantage of the concurrency features and memory safety properties of the Rust programming language.

While the Servo CSS style engine, was incorporated into Mozilla's open-source web browser, Firefox, giving the browser some advantages in memory safety, speed and parallelism over other web browsers.

Now, the popular and lightning-fast web engine will be hosted by the Linux Foundation, which move to the Linux Foundation is believed will enable Servo continue to thrive and power web-based innovations.

Why Servo Web Engine will be Hosted at Linux Foundation?

Servo Web Engine which made debut in 2012 at Firefox-maker, Mozilla research, but the recent happenings at the company has made significant headcount reductions inevitable, affecting mostly developers working on Servo.

Mozilla announced that it was laying off approximately 250 staff members in a move that will shore up the organization's financial future. And the layoffs which were publicly announced, was intended to strengthen the company's ability to build and invest in products and services that will give people alternatives to conventional technologies.

With Linux Foundation’s track record for hosting and supporting some of the world’s most ubiquitous open source technologies, it became the natural choice of host to grow the Servo community and increase the platform's support, and this cross-industry open source collaboration will enable the acceleration of the highest priorities for web developers.

Mozilla as a champion of the open source movement, has worked tiredlessly to unite passionate communities in building software that have kept the internet open and accessible for all, with the move of Servo on to the Linux Foundation this technology will continue to thrive and power web-based innovations in the future.

Mozilla's Open-source Web Engine, Servo now to be Hosted by Linux Foundation

Ubuntu Web Remix is an open source alternative to Chrome OS that's highly privacy-focused, employing Firefox browser instead of Google Chrome.

While the Ubuntu-based Linux distribution, Ubuntu Web Remix has long been in the works as a potential Chrome OS replacement, and the first stable release has now been announced, Ubuntu Web Remix 20.04.1.

Ubuntu Web Remix is an unofficial Ubuntu remix distro developed by Rudra Saraswat, who is also behind Ubuntu Unity and UbuntuEd; but unlike the two earlier distros, Ubuntu Web Remix is a more web-centric operating system that serves as an alternative to Google’s Chrome OS.

What are the Main features in Ubuntu Web Remix 20.04.1?

Ubuntu Web Remix uses the free and open-source Firefox browser instead of Google’s proprietary browser, Chrome. And it employs an easy wapp (web-app) format to create and package web-apps using wadk tool for desktop and install them using winst tool. It also allows users to create your own web apps and package them for solely for the remix distro.

For the installation of apps, Ubuntu Web offers an Open Web Store to download packaged web applications, though still experimental; it allows users to download packages in original a script, and install it by running the command: sudo sh ./install-instagram for instance, installing Instagram app.

It currently support tons of packaged web applications such as Facebook, Instagram, Twitter, YouTube, SoundCloud, Mastodon, Google drive, Google Classroom, and Opendesktop. And you can also install other Linux applications using apt command line tool. Additionally, Ubuntu Web offers Anbox tool by default for installing Android apps and PlayOnLinux to install Windows apps.

How to Download and Install Ubuntu Web Remix 20.04.1

If you want to give Ubuntu Web Remix a spin, you can download the ISO image or the torrent file, which is available as amd64, the architecture that defines a 64-bit virtual address format.

You can also use /e/ Foundation’s Cloud Services, as Ubuntu Web offers out-of-the-box support for the integration. And Ubuntu Web will have higher integration with the /e/ App Store too with the coming update.

Ubuntu Web Remix 20.04.1: Privacy-focused Linux Alternative to Chrome OS

The Warp update, also known as WarpBuilder, improves the responsiveness and memory usage of the browser by speeding up page loads through changes to JiT (just-in-time) compilers.

Starting with Firefox 83, Firefox users will experience improved JavaScript performance in the browser, with the Warp update to the SpiderMonkey JavaScript engine enabled by default, optimizing JiT to rely solely on the CacheIR simple linear bytecode format.

It specifically rely on the CacheIR data collected by the baseline tiers, with the new architecture also described as being more maintainable and unlocks additional SpiderMonkey improvements.

How the Warp update in Firefox 83 boosts JavaScript performance?

Firefox 83 made debut on November 17, with Warp as shown to be faster than Ion, the SpiderMonkey’s previous optimizing JiT, boasting of a 20 percent improvement on load time.

Although both IonBuilder and WarpBuilder produce Ion MIR, which is an intermediate representation used by the optimizing JiT backend, IonBuilder offered a lot of complex code that are unnecessary in WarpBuilder. And Warp can also do more work off-thread and requires fewer recompilations.

As Warp is based on CacheIR enabled removal of code through the engine that was needed to track globaltype inference data used by IonBuilder, it results in speed boosts for the browser's performance.

What's Next in the Warp update for Firefox?

Warp replacing the front end MIR building phase of the IonMonkey JiT, also means the removing of the old code and architecture, which will most likely happen in Firefox 85.

Therefore, it will result to additional performance and memory usage improvements, which Mozilla also will continue to optimize incrementally via the backend of the IonMonkey JiT, as there is still room for improvement on the JavaScript-intensive workloads. And Mozilla is also building a new tool for developers to explore CacheIR data for JavaScript function.

Mozilla boosts Firefox browser's JavaScript performance with the Warp update

PrimTux is a Debian and Ubuntu-based Linux distribution developed by a team of academia and computer enthusiasts for use in educational environments.

While the PrimTux team has announced the sixth version of the educational Linux operating system, PrimTux 6, and made available in two versions, namely: Ubuntu-based (Ubuntu 18.04.5 or 20.04.1) and the Debian-based (Debian 10), with the later versions for older computers (32-bit).

Albeit, PrimTux is a French-oriented Linux distribution and it is not intended to replace the main operating system of a modern computer, but to serve as an upgrade for obsolete equipment to benefit schools or educational environment as it runs on all types of PC, including the older PCs.

What's New in PrimTux 6 Release?

PrimTux 6 continues to empahsis on the core functionality of PrimTux, which is to cater for students, by using CTParental to ensure that young students are safe while surfing the internet through the provision of search engine with filters like Qwant junior.

It offers multiple configurable settings for different offices, namely: mini, maxi, super, and administrator, which is adaptable to the cycles of primary schooling to protect the systems. PrimTux 6 also introduces a new connection manager with the three student sessions at start-up return.

Additionally, PrimTux menu, which is inspired by the handymenu, is still under development, and the menu will allow users to manage all applications in central location.

How to Download or Upgrade to PrimTux 6

If you're a new user and want to try out PrimTux 6, you can download the ISO image from the official page, which is available for both versions i386 and amd64.

And for installation of PrimTux, you can burn the ISO to a DVD and boot the computer to DVD. To transfer PrimTux to a usb key, it is recommended that you use Ventoy, which allows you to transfer the 3 versions of PrimTux 6 for PC to a USB key and install them. For more information about PrimTux, see the wiki page with guides ranging from installing the OS and software to upgrading the different versions.

PrimTux 6 Release: A Debian and Ubuntu-based Linux distro for Students

Microsoft's CBL-Mariner is an internal Linux distribution used for Azure first-party services and edge appliances, developed by the Linux Systems Group at Microsoft.

While the Linux Systems Group at Microsoft has developed a number of other products, with some meant for customers and partners and others strictly for internal use, such as its work building an optimized Linux kernel for the Windows Subsystem for Linux (WSL). And recently, Microsoft has made CBL-Mariner available on GitHub.

Microsoft initially released CBL-Mariner commit on GitHub four months ago, even though CBL-Mariner remains a public release, it's meant strictly for Microsoft's own use and available under an MIT License.

CBL-Mariner serves as base Linux for Microsoft’s Azure container host

The term "CBL" stands for "Common Base Linux" which meaning underlies Microsoft's use of CBL-Mariner as the base Linux for containers in the Azure Stack HCI implementation of its Kubernetes Service.

It is a lightweight Linux distribution which serves as part of Microsoft's evolving 5G/edge networking services in its Azure for Operators unit, even as Red Hat's CoreOS was formerly used as the preferred host for Linux containers, but recently, has been deprecated, thereby necessitating an alternative service.

Also, Microsoft provides the Flatcar Linux CoreOS-fork for Azure customers as part of a partnership with the developers, Kinvolk, but with its own distribution for own services, CBL-Mariner will ensure that it can update and manage its host and container instances on its own schedule.

Some other projects by Microsoft’s Linux Systems Group

The Linux Systems Group handles much of the Microsoft’s Linux works, which includes the Azure-tuned kernel that is available as patches for many common Linux distributions, helping to optimize them for use with Microsoft’s Hyper-V hypervisor, and a set of other tools to deliver policy-based enforcement of system integrity.

Also, its work building an optimized Linux kernel for the Windows Subsystem for Linux (WSL), which was pushed out through Windows 10 update, is very significant. And some of the other works include the secure Linux for Azure Sphere, the SONiC networking distribution designed for use with the Open Compute Project hardware and many public clouds and online services.

And lastly, CBL-Mariner release as part of the Azure infrastructure, used for Microsoft's edge network services and as part of its cloud infrastructure will ensure a low-overhead, and tightly focused distribution.

CBL-Mariner: Base Linux for Containers in Azure Stack HCI implementation

MX Linux team has released the new third point version in its MX Linux 19 “Patito Feo” series, MX Linux 19.3, as a Debian and antiX Linux distros spinoff, with several bug fixes and updates to the latest applications for all editions, including: Xfce or KDE Plasma.

While the previous version, MX Linux 19.2 brought support for 64-bit KDE edition with Advanced Hardware Support (AHS) enabled, MX Linux 19.3 KDE includes the updated KDE Plasma desktop 5.15 and Linux kernel 5.8.

Albeit, the standard 32-bit and 64-bit editions of MX Linux 19.3 had its Debian kernel updated to version 4.19, which means that the kernel will auto-update by default along with the Debian package sources.

What's New MX Linux 19.3 Release?

MX Linux 19.3 brings the latest updates from upstream Debian Buster 10.6 and the core MX repository and software packages.

The MX-apps and MX PackageInstaller has the kernel entries updated, with MX Installer issue with autoinstall and ESP flat setting on UEFI setups fixed, and MX Snapshot has now received miscellaneous enhancements such as a reset network connection function. Other major changes in MX Linux 19.3 include:

  • GIMP 2.10.12
  • MESA 18.3.6 (20.1.8 for AHS)
  • Debian kernel 4.19 (5.8 for AHS)
  • LibreOffice 6.1.5
  • Thunderbird 68.12.0

Additionally, the antiX live system has been improved, such as the live system will no longer set alt+shift by default for the switching of keyboard.

How to Upgrade to MX Linux 19.3

If you need a fresh installation of MX Linux 19.3 from scratch, you can get the ISO images of all editions from here and the torrent files are available here.

And for those already using the previous MX Linux 19.2, they can easily upgrade to MX-19.3 by manually updating their packages using the MX Updater tool, but if you are using older versions, you can follow the official migration guide.

MX Linux 19.3 Release: A Debian and antiX Linux distros Spinoff