Debian


Debian 8 “Jessie” reached its end-of-life (EOL) on June 30, 2020 and subsequently, the Debian Team announced the discontinuation of support and security patches or any other updates for Debian 8.

While Debian 8 was released with 5-year long-term support, but after completing its lifetime, it is now an Extended Long Term Support (ELTS) release with extended support for enterprises, who can still extend the support of Debian 8 for another five years under the Extended Long Term Support (ELTS) by paying a fee.

The LTS Team have prepared the transition to Debian 9 "Stretch", as the current stable release and to take over support from the Security Team on July 6, 2020 with the final point update for stretch scheduled for release on July 18, 2020.

Release Timeline for Debian 9 “Stretch” LTS



Debian 8 GNU/Linux was released on April 25, 2015, and it completed its lifetime on June 30, 2020; it now becomes the current ELTS release with extended support for enterprises.

Now, Debian 9 which was released on June 17th, 2017, is the current LTS version, and it's scheduled to receive a final point update on July 18, 2020. With the Debian LTS Team providing long-support for Debian 9 from July 06, 2020, to June 30, 2022.

Debian LTS Timeline


Some major changes expected with the final point update includes: improved APT package manager, the default MariaDB replacing MySQL, and modern branch of GnuPG in the gnupg package.

How to Upgrade to Debian 9



As expected, Debian 9 Stretch will receive a final point update on July 18, 2020. And the Debian LTS Team will provide long-term-support for Debian 9 from July 06, 2020, to June 30, 2022.

You can upgrade from Debian 8 to 9, the next LTS version, by first updating your /etc/apt/sources.list and running the commands:

sudo apt clean
sudo apt update
sudo apt upgrade
sudo apt dist-upgrade
sudo apt autoremove


For futher information and guidance, you can check out the official upgrade guide for Debian 8 Jessie.

Debian 8 ‘Jessie’ GNU/Linux Extended Long Term Support (ELTS) for Enterprises

Joker malware


Joker Malware is a family of prevalent Android malware, notorious for billing fraud and spyware capabilities, that was first discovered in 2017.

Infamously called Joker, the malware has found a new trick to bypass Google's Play Store security by obfuscating the malicious DEX file as Base64 encoded strings, and then decodes and loading it on the compromised devices.

According to Check Point’s researchers, the new variant of Joker is fully capable of downloading additional malware to the compromised device, and stealthingly subscribing the user to premium services.

The malware hides under the guise of legitimate apps to subscribe unsuspecting Android users for premium services without their consent or knowledge.

Joker's earlier Malware Campaigns



Joker was first discovered in 2017, as one of the most prevalent Android malware, notorious for billing fraud and spyware capabilities, including stealing SMSes, contact lists, and device information.

Earlier campaigns involving Joker were uncovered by Trend Micro, with a number of malware-infected Android apps which are repeatedly finding ways to exploit security gaps in Google's Play Store malware checks.

The authors behind the large-scale malware operation have resorted to a variety of ways to avoid detection, like using encryption to hide strings from analysis engines, and fake reviews to lure unsuspecting users into downloading the apps.

The old technique was referred to as versioning that involves initially uploading a clean version of the app, and then later, loading malicious code via app updates.

Joker using Android Manifest to hide Malicious DEX File



The lastest trick by Joker involves using Android Manifest to hide its Malicious DEX File, while the goal remains the same, it leverages the Android app's manifest file, which it uses to load a Base64 encoded DEX file or a similar technique of hiding the .dex file as Base64 strings.

And for subscribing Android users to premium services without their knowledge or consent, the new Joker utilizes two components, namely: the Notification Listener and a dynamic dex file loaded from the C&C server to perform the fraudulent registration.

Therefore, it's recommended that Android users should check their mobile and transaction history to see if there are suspicious payments that they don't recognize. Additionally, they should scrutinize the permissions granted to every app installed on their Android device.

Joker Malware: Notorious for Billing fraud returns bypassing Google's Play Store

Btrfs Filesystem

Fedora Linux release of the latest version 32, means that the development of the next stable Fedora 33 release has started; and with the development cycle of 33 still underway, new proposal has been sent for changes to Fedora desktop variants.

While the proposal is majorly about the transitioning from ext4 to Btrfs filesystem by default for laptop and workstation installs of Fedora, and across x86_64 and ARM architectures; Fedora team has also organized a test day to experiment with the Btrfs filesystem features.

And if the proposed change passes all tests, then it should be expected that the change to Btrfs filesystem by default would arrive for the next Fedora 33.

Why the Switch from EXT4 To Btrfs Filesystem?



Btrfs Filesystem brings a lot of benefits, ranging from resolution of several problems like running out of space, data storage corruption, filesystem resize, and other complex storage setup; also the primary goal of Btrfs Filesystem is for operations that are largely transparent to users.

And the number of modern features that Btrfs support are all marked as stable, which features can be checked out from the wiki list of Btrfs status.

Asides from Fedora Linux, Btrfs filesystem is used by default by openSUSE and Kaisen Linux; and since Fedora is a community distro and an upstream of Red Hat Enterprise Linux (RHEL), it is expected that RHEL may also switch to Btrfs once Fedora adopts it.

What's the Way Forward for Fedora?



Fedora desktop edition/spin variants will switch to using Btrfs as the filesystem by default for new installs. While Labs derived from these variants will also inherit this change, and other editions may opt-in as well.

The change is based on the installer's custom partitioning Btrfs preset, which has been well tested for about 7 years.

Fedora 33 System-Wide Change proposal for Switching EXT4 To Btrfs Filesystem

Firefox ESR


Firefox ESR is the release channel crafted for enterprises, owing to their inability to upgrade browsers for workers every four weeks; but instead, Mozilla issues ESR that is supported until approximately once a year, and its replacement appears with several-week overlap.

Mozilla adopted the concept nearly a decade ago, from concerns by large organizations over the supposedly fast release schedule of Firefox browser, and IT admins balked at testing and switching to a new release every few weeks.

Therefore, ESR tends to address that by allowing only the separate security updates Mozilla releases (and distributed in every-four-week schedule as used by the standard browser channel). While other new features are not introduced to ESR version during its year-long duration.

Enterprise users, however would always "catch up" on feature and functionality changes when next ESR is released.

How Firefox ESR next transition works



Mozilla now uses an eight-week overlap during which it would release both the previous ESR (designated "n") and replacement ("n+1"), in order to give enterprises time to test and roll out the next ERS.

And enterprises that have been using Firefox ESR 68 since the summer of 2019, which end is near, as the next ESR is v. 78; Mozilla will refresh both ESRs starting from July 28 and August 25, to ESRs 68.11 and 78.1 appearing on the first date, and ESRs 68.12 and 78.2 on the second.

The next release cycle, which is slated for September 22, will see only ESR 78.3, while ESR 68's support will come to an end on that same day.

What's next for Firefox 79?



As expected, during an ESR transition, Mozilla usually issues two builds on a three-release cycle to give IT admins ample time to test and deploy the next static-for-a-year browser.

And Firefox 78 also began the culling of OS X 10.9 (Mavericks), 10.10 (Yosemite) and 10.11 (El Capitan) from support, which automatically shift users of those outdated operating systems to the Extended Support Release (ESR). Meanwhile, the next Mozilla upgrade, Firefox 79, will be released on July 28, 2020.

Firefox ESR starts next transition for Enterprises with version 78

Flutter


Google has teamed up with Canonical, developer of the most popular Linux distro, Ubuntu to enable Linux desktop app support within the Flutter UI toolkit with the release of Linux Alpha for Flutter.

While the Linux Alpha for Flutter will allow developers to easily install Flutter SDK via Ubuntu’s universal package manager (Snap), also to develop applications for Linux desktops, and distribute their apps through Snap Store, Canonical’s own app store.

Google initially launched Flutter to build Android and iOS specific apps from single codebase, but later, it expanded Flutter to the Web and desktop application platform. Now, the company is looking to the alpha release, which has now brought Flutter support to Linux distributions.

What Flutter brings to Linux



Google's vision for Flutter is to power all platforms, and also to see others harnessing the power of Flutter. Now, the availability of the Linux alpha for Flutter will help to expand the desktop-class experiences, both for the web and for the desktop OSes, including: macOS, Windows and Linux.

And Flutter’s native cross-platform support will make Linux a first class Flutter platform, while Canonical is already inviting developers to publish their apps to millions of Ubuntu Linux users and broaden the availability of quality applications to the community.

Additionally, Flutter has other exciting features such as fast growing ecosystem of application developers, with multiple platform support, highly optimised native applications, modern UI framework supporting declarative, reactive and composable widgets Rich development platform using Visual Studio Code, IntelliJ and Android Studio.

How to get Started with Linux Alpha For Flutter



Flutter SDK for Linux has been made available as a snap in the Snap Store and it provides everything needed to develop Flutter apps on your favorite Linux distribution.

There is absolutely no need to install bunch of development dependencies; simply install the Flutter SDK snap and your favorite IDE and you've got everything you need to create, build and publish your applications for Linux.

And once you have Flutter SDK installed on your Linux machine, you need to access the Flutter dev (or the master) channel and to enable Linux desktop support to build a desktop app.

Google partners with Canonical to release Linux Alpha For Flutter

Windows 10


Microsoft's Windows 10 recorded a huge again in June haven added more than a percentage point in share, with the now-obsolete Windows 7 falling by almost the same margin.

While Windows 10 added 1.1 percentage points, according to Net Applications, to reach 58.9% of the worldwide OS share last month, which represented 68% of all Windows' editions. The latter percentage for all Windows editions, 68% now puts the operating system on track to reaching a 70% share of Windows within next 60 days.

The percentage of only Windows PCs running Windows 10 was significantly larger than the percentage of all PCs because Windows doesn't power every system.

As at June, Windows OS was running on 86.7% of the world's PCs, with same fraction as in May; but a record low for Microsoft's Windows in the previous month, as Linux surged by a remarkable 1.5 points to end at 2.9% in April, the highest since October 2017, and Windows accounted for 86.9% of global OS share, a decline of 2.3 percentage points.

Why Windows 7 fall doesn't always mean a gain for Windows 10?



Though majority of the world's personal computers are running on Windows, with Net Application stats putting it at 86.7% of the world's PCs in June, the same fraction as in May; but the remaining 13.3% is shared across macOS, Linux or Chrome OS.

Given the so-called zero-sum game, and as operating system share is often perceived, if any OS goes down, another must have gone up, so it could mean major advances by rival operating systems, such as Apple's macOS which climbed by eight-tenths of a percentage point to end at 9.8% in April, its highest mark since 2019.

Now, Windows 7 has for the second straight month lost share, falling in June with nine-tenths of a percentage point, and dropping to 23.4% of all PCs and to 26.9% of all Windows, the lowest since January 2011.

Windows 10 is still on the rise



Windows 10 recorded 1.1 percentage points growth in June to reach 58.9% of global OS share last month, and represented 68% of all Windows' editions. And these numbers were all records for Windows 10, putting the operating system on track to crossing a 70% share of Windows within next 60 days.

Albeit, the two-month run of Windows user share normalcy: where Windows 7 loses share, and Windows 10 picks it up, was in contrast to what's the case earlier this year.

Meanwhile, analysts strongly believes that Windows 10 will pass 70% of all Windows by the end of August 2020 and within a year, will reach nearly 85% share.

Microsoft's Windows 10 on track to reaching a 70% share of all Windows editions

H.266/VCC


Versatile Video Coding (VCC) has been announced by Germany’s Fraunhofer, one of the world's leading developers, which claimed around 50% compression without losing video quality.

Also behind the popular music encoding format, MPEG-3 before the widely used video formats H.264 (AVC) and H.265 (HEVC), Germany’s Fraunhofer is perhaps the world’s most important pioneer in digital media compression. And directly responsible for shrinking media from discs into files that perfectly-fit on smartphones.

VVC has been dubbed H.266, a direct sequel to the “high-efficiency video coding” (HEVC) standard that’s been in use since 2013. While HEVC was considered to be impressive for its time at cutting down file sizes, VVC is perceived as a “quantum leap" in coding efficiency, with around 50% compression without compromising on the visual quality.

How H.266/VCC effect 50% compression of data requirements



H.266/VVC makes transmission of video in mobile networks more efficient, as the previous standard H.265/HEVC requires ca. 10 gigabytes of data to transmit 90-min UHD video, this new technology requires only 5 gigabytes of data to achieve the same quality.

Albeit, H.266/VVC was developed with high-resolution video content in mind, the new standard is more beneficial when streaming 4K or 8K videos on flat screen TV. Though, H.266/VVC is more ideal for all types of moving images; ranging from high-resolution 360° video panoramas to screen sharing contents.

This quantum leap in coding efficiency offered by H.266/VVC, will make the use of video to increase worldwide. And the increased versatility of H.266/VVC makes it more attractive for a broader range of applications within the transmission and storage of video.

What's next for H.266/VVC?



Fraunhofer has planned a uniform and transparent licensing model based on the FRAND principle to be established for the use of standard essential patents related to H.266/VVC.

The chips required for the use of H.266/VVC are currently being designed, and the head of the Video Coding and Analytics department at Fraunhofer HHI, Dr. Thomas Schierl announced that “this autumn Fraunhofer HHI will publish the first software for both encoder and decoder to support H.266/VVC.”

Versatile Video Coding: New Video Encoding Promises 50pct Compression

Project Freta


Microsoft has launched a cloud-based service for free Linux Forensics and Rootkit Malware Detection, dubbed Project Freta, which aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots.

Project Freta, which is an offshoot of Microsoft Research, is a roadmap toward trusted sensing for the cloud that would allow enterprises to engage in regular, and complete discovery sweeps for undetected malware.

While snapshot-based memory forensics is in its second decade, still no commercial cloud has yet provided customers the capability to perform full memory audits of thousands of virtual machines (VMs) without a priori forensic readiness and intrusive capture mechanisms.

Why Project Freta?



Project Freta, which is named after Warsaw's Freta Street, the birthplace of the famous French physicist, Marie Curie, who brought X-ray medical imaging to the battlefield during World War I, is a step toward trusted sensing for the cloud.



It is a project designed from the first principles to render evasion technically infeasible by driving the cost of sensor evasion as high as possible in many cases.

And with modern malware as complex, sophisticated, and designed with non-discoverability as a core tenet, Project Freta intends to help automate and democratize VM forensics whereby every enterprise or user can sweep volatile memory for unknown malware with only the push of a button, without requiring complicated setup.

Getting Started with Project Freta



Project Freta is open to anyone with Azure Active Directory account, or a Microsoft Account, and users are able to submit memory images (.vmrs, .lime, .core, or .raw files) via online portal or an API, with a detailed report generated that delves into different sections (kernel modules, in-memory files, and potential rootkits) which can be exported via JSON format.

It currently supports over 4,000 Linux kernels, with Windows support in the pipeline. While the online analysis portal can be accessed here, with full documentation for Project Freta available here.

Project Freta: Microsoft's Free Linux Forensics and Rootkit Malware Detection

Google Chrome


Google's Chrome browser becomes the third browser ever with over 70% in June, joining the ranks of Netscape Navigator and Microsoft's Internet Explorer, which once dominated the browser landscape.

The data published by analytics company, Net Applications, in their NetMarketShare report for June shows Chrome's share rising to four-tenths of a percentage point to end at 70.2%. The browser added 3.6 percentage points to its share since January, which helped it to set another record held by only two other browsers in the history of the Internet.

Opera browser also became the only other browser to end the first half of 2020 on a positive note haven gained about one-tenth of a point in the period.

Chrome as third browser to reach this Milestone



Chrome has led the industry effort to modernize the web, with Google as the undisputed champion of modern web standards in its effort to make it to work across the different browsers, which dates back to the early days of the browsers when the standards were often ignored.

Now, Chrome is used as Microsoft's Internet Explorer (IE 6) was back in the days, when developers primarily optimize for IE and leave out later tweaking for rivals.

And the breaking of the 70% share bar, makes Chrome the third browser to reach this milestone, after Netscape Navigator and Microsoft's IE in the 1990s. While Microsoft literally controlled the way that millions of people accessed the web back then, but IE ignored the web standards at the time, which set Microsoft and developers on a path of collusion for years to come.

Microsoft makes a comeback with Edge



Microsoft's adoption of the Blink rendering engine forked from WebKit, used by Google Chrome, is perhaps the company's biggest move to improve its market share and position its browser to deliver better performance.

Now, Microsoft's Edge and IE, combined to post a rare increase in share; their combined number climbed one-tenth of a percentage point in June to 12.6%. And the growth was on Edge, recording two-tenths of a point to reach 8.1%, which is a huge gain for the five-year-old browser.

Edge's share for June is the seventh straight month of increase for the new browser. While the month moved the 12-month total to more than 2 percentage points.

Chrome joins the ranks of Netscape Navigator and IE with latest milestone

KDE Plasma desktop


MX Linux is renown as a lightweight, stable, and fast GNU/Linux distro, with Xfce desktop and Debian upstream; though in comparison to popular desktop environment like GNOME or KDE, Xfce edition isn't as customizable and visually appealing.

Now, the MX Linux team is working on a new official KDE Plasma desktop environment edition for the first time, while the team has also released the first Beta of MX Linux 19.2 with KDE 5.14.5 for testing.

The upcoming MX-19.2 KDE will allow users to enjoy the Debian-based, systemd independent MX Linux with beautiful and highly customizable Plasma desktop environment. And MX-19.2 KDE comes as a 64-bit only version with Advanced Hardware Support (AHS) enabled; the KDE Beta includes the usual MX tools, snapshot technology and antiX-live-usb-system.

What's new in MX Linux ISO For KDE Plasma Edition



MX-19.2 KDE is a 64-bit only version with Advanced Hardware Support (AHS), which similar to the standard Xfce release, but KDE Beta also includes the antiX-live-usb-system, usual MX tools, and snapshot technology.

MX Linux KDE customization


Other new applications included are: Firefox 78, GIMP 2.10.12, VLC 3.0.11, Thunderbird 68.9, Clementine 1.3.1,LibreOffice 6.1.5 and many more.

The earlier released MX Linux 19.2 in the ‘Patito Feo’ series is based on Debian Buster 10.4, with Xfce 4.14 desktop environment and some bug fixes and other minor updates.

How to Download the MX Linux ISO For KDE Plasma Edition



The ISO image are available for download here, but if you want to try out MX-19.2 KDE Beta, you should bear in mind that it surely contain bugs. So, you should not install it on you main machine or use this beta edition as a daily driver.

The beta has also some known issues, but which can be configured manually, like the set up for a wireless network connection, where you'll need to edit the connection profile and check “All users may connect to this network” to have it properly setup! If you experience any other bugs, you can report to the MX dev team at bugs.mxlinux.org.

MX Linux 19.2 KDE Plasma Edition: Highly customizable desktop environment