Microsoft Edge browser now has the same Chromium base as Chrome, and offers access from Microsoft account and features like Bing search engine by default; also supports browser add-on and extensions.

While Microsoft Edge is available for desktop and mobile platforms, with the same consistent and powerful web platform and developer tools as on macOS or Windows; but until now, Linux users have been missing in the great fun.

Microsoft Edge for Linux release, currently supports Ubuntu, Debian, Fedora, and openSUSE distributions, with plans to release weekly builds follow up typical of Dev Channel cadence alongside other supported platforms.

Introducing Microsoft Edge for Linux preview builds



Microsoft launched a preview version of its Edge browser for Linux this month, after officially confirming plans for Edge on Linux earlier in the year; now Linux users will be able to download the preview of the browser.



The company maintained that Web platform and developer tools features for Edge on Linux, including the core rendering behaviors, extensions, browser DevTools, and automation features, should be consistent with other platforms like macOS and Windows. And as this is a Dev Channel preview, it'll receive weekly updates in sync with the Dev Channel on other platforms.

This preview is available from Microsoft’s Edge Insider site or through the native Linux package manager and it is specifically meant for developers who want to build and test their sites and apps on Edge for Linux.

How to Install Microsoft Edge on Linux



Microsoft Edge for Linux can be installed in two ways, with the simplest approach as downloading and install a .deb or .rpm package directly from the Microsoft Edge Insider site, which will configure your system to receive any future updates automatically.

And the second approach is to install Microsoft Edge from Microsoft’s Linux Software Repository using your distribution’s standard package management tools, by following the “Command line installation” instructions on the Microsoft Edge Insider site (deb/rpm).

Kindly note that you can share feedback or feature requests or report any issues via the “Send Feedback” tool, either through the “…” (“Settings and More”) menu in Microsoft Edge, or by simply pressing Alt+Shift+I.

Microsoft Edge for Linux: Release date & Update for Chromium Edge browser

Pop!_OS is an Ubuntu-based Linux distribution featuring a custom GNOME desktop, which primarily is bundled with the computers built by System76, but also can be downloaded and installed on other computers.

While System76 has announced the latest release, Pop!_OS 20.10 based on the upstream Ubuntu 20.10 “Groovy Gorilla” - albeit, the new Pop OS includes its own tweaks that make it rather different from just any other Ubuntu variant.

Pop!_OS 20.10 provides full out-of-the-box support for both AMD and Nvidia GPUs, which makes it an easy Linux distribution to set-up for gaming due to its built-in GPU support.

What's New in Pop!_OS 20.10 Release?



Pop!_OS 20.10 is based on Ubuntu 20.10, including all the upstream changes such as updated GNOME 3.38, Linux Kernel 5.8, and several bug fixes. Besides these, the latest Pop OS brought support for deb822 repository format, making the system sources list even more compact and easier to navigate.



The support for Deb822 Repository Format also added a new library for repository management, with features such as the ability to reset mirrors to defaults, change the default system repository mirrors, and change the names of repositories.

Also, Pop OS has introduced an interesting feature called Stacking that makes the OS more resourceful, allowing users to switch between tabs in the web browser, and arrange tiled windows in Pop!_OS 20.10. And for the stacking tiled windows, the below Keyboard shortcuts can be used as follows:

  • Super+/ (Launches an app into the stack).
  • Super+Left or Right Arrows (switch between windows in the stack).
  • Super+Enter+arrow keys (Windows in and out of the stack).
  • Super+S (Converts a window into a stack).


Another notable feature is the tiling, which is no doubt one of the best features that Pop OS offers out-of-the-box. Although, the application windows sometimes are too small to tile efficiently, but with Pop!_OS 20.10 you can set the Floating Window Exceptions to restrict windows from tiling.

Other major features include: Fractional Scaling In Pop OS, and External Monitor Support in Hybrid Graphics mode, which feature allows you to work easily by adding support for external monitors in the Hybrid Graphics mode.

How to Upgrade to Pop!_OS 20.10



For existing Pop OS users, running the old version of the Linux OS, you can upgrade your system to Pop OS 20.10 simply by going to the Settings application, navigate to the OS Upgrades menu, and click “Downloads” to Upgrade. Also, you can run the below single command in your terminal to upgrade to Pop!_OS 20.10:

pop-upgrade release upgrade


The ISO image of Pop!_OS 20.10 can be downloaded from the official page, with two images available as follows: the normal and the proprietary NVIDIA drivers image.

Pop!_OS 20.10 Release: Brings support for Deb822 Repository Format

Adversarial machine learning is a technique that attempts to trick models by supplying deceptive input, of which the most common reason is to cause malfunctions in the machine learning model.

Now, Microsoft in collaboration with IBM, MITRE, NVIDIA, and a host of other tech companies, has launched an open framework called the Adversarial ML Threat Matrix, to help security analysts in detecting, and remediating adversarial attacks against machine learning (ML) systems.

The initiative is perhaps the first attempt to organize the different techniques used by adversarial attackers in subverting ML systems, and even more crucial as AI (artificial intelligence) and ML are being deployed in a variety of novel applications.

What are the Adversarial Attacks and Defenses in Deep Learning?



The rapid developments in AI and deep learning (DL) techniques, makes it critical to ensure the security and robustness of the deployed algorithms. And recently, the vulnerability in DL algorithms to adversarial attack samples has been widely documented, with the fabricated samples leading to various misbehaviors of the DL models.



As such, adversarial attack and defense techniques is beginning to attract increasing attention from both ML and security communities at large. And threat actors not only are able to abuse the technology to run malware, but also leverage it to trick machine learning models, thereby causing the systems to make incorrect decisions, which poses a threat to the safety of AI applications.

Security researchers have also documented what's called model-inversion attacks, which provides access to a model that's abused to infer information about training data. Albeit, most machine learning techniques are designed to work on specific problem sets in which the training data were generated from same statistical distribution (IID).

What Adversarial ML Threat Matrix brings to the table?



Adversarial ML Threat Matrix aims to address the issue of threats against data weaponization with a curated set of vulnerabilities and adversary behaviors which Microsoft and MITRE have vetted to be effective against ML systems.

Thus, organizations can use the Adversarial ML Threat Matrix to test their own AI models' resilience by simulating attack scenarios using a list of known tactics to gain access to the environment, contaminate training data, execute unsafe ML models, and exfiltrate sensitive information via the model stealing attacks.

The overall goal, however, is that the framework will help security analysts to orient themselves in the new and upcoming threats scenarios to stay abreast of the threats actors.

Open Framework to protect Machine Learning (ML) Systems from Adversarial Attacks

Trisquel GNU/Linux is a 100% free operating system that comes with a complete package of programs which can be easily extended using a graphical installer, including several editions like the mini edition for netbooks and old computers and the network-based installer for server installations.

While the latest version, Trisquel 9.0 is based on Ubuntu 18.04.5 LTS, but with all the proprietary software and firmware removed from the codebase, and all supported packages are up-to-date with security patches.

Trisquel GNU/Linux is among the few operating systems directly endorsed and listed under the “Free GNU/Linux Distributions” by the Free Software Foundation (FSF), as such Trisquel is 100% free and contains only free software with Linux-libre kernel, which means that non-free firmware like drivers, and everything deemed non-free by the FSF are completely eliminated.

Trisquel has “Abrowser” as the default web browser, which is Trisquel's version of Mozilla's popular web browser with the trademarked logos removed; it now includes all the latest updates from the upstream Mozilla Firefox. And Trisquel 9.0 has added backports to provide extended hardware support, with latest software like LibreOffice.

What's New in Trisquel 9.0 “Etiona” Release



Trisquel 9.0 runs the lightweight GNOME 2.x fork, known as MATE as the default desktop environment, and under the hood is Ubuntu 18.04 LTS, albeit the Trisquel team added a little tweak to make the Ubuntu-derivative truly unique.



And the Trisquel Mini with the LXDE desktop environment is perfect for those who want a low-resource hungry desktop for older machines and netbooks, but if you’re looking for a modern look and highly customizable desktop, then you should go for the Triskel edition featuring KDE plasma.

Additionally, LibreOffice is added to Trisquel 9.0, also added is GIMP, Icedove (Thunderbird replacement), and other useful tools, and applications, including: VLC, Brasero, Rhythmbox, and the MATE software/tools collection.

How to Download and Install Trisquel 9.0



If you're new to Trisquel and want to give the new Trisquel 9.0 a spin, you can get the ISO image from the official download page. With all the different editions, including: Trisquel MATE, Triskel KDE, Trisquel Mini and Trisquel Sugar Toast, available in both 32-bit and 64-bit versions.

Trisquel 9.0 Etiona as an LTS release, means that the development team has already begun work on the next version, Trisquel 10 and you can join the community forum for help in installing the operating system or to contribute to the project.

Trisquel 9.0 “Etiona” Release: 100% Free Operating System with Linux-libre kernel

Google Vulnerability Reward Program (VRP) classifies the address bar as the most reliable security indicator in validating the authenticity of the website; but not wiith recent discovery about an address bar spoofing vulnerabilities affecting multiple mobile browsers.

According to Rafay Baloch, a cybersecurity researcher, the address bar spoofing vulnerabilities affects multiple mobile browsers, including Apple Safari, Opera Touch, Yandex Browser, UCWeb, Bolt Browser, and RITS Browser, which flaw leaves the door open for spear-phishing and malware attacks.

While UCWeb and Bolt are yet to release patches for their respective browsers, Opera is expected to release a fix for Opera Touch on November 11, 2020.

How the Address Bar Spoofing Vulnerabilities Affects Multiple Mobile Browsers?



The Address Bar Spoofing Vulnerabilities stem from the use of malicious executable JavaScript code in compromised website to force the browser to update the address bar, even while the page is still loading, changing the destination URL to another address of the attacker's choice.



And the vulnerability in Safari occurs due to the browser's preserving of address bar of the URL when requested over an arbitrary port, with the set interval function reloading bing.com:8080 every 2 milliseconds; hence users are unable to recognize the redirection from original URL to the spoofed URL.

Similar issues have also been found in several other major browsers, and once the coordinated disclosure timeline has elapsed, they will be made public. However, what makes the Safari vulnerability more pronounce is that the browser by default doesn't reveal port number in URL unless focus is set via cursor.

How Web users can stay safe from such Address Bar Spoofing Vulnerabilities



It is now pretty easy to coax users into disclosing their personal information which hackers steal and use in distributing malware with the address bar seemingly pointing to a trusted website and giving no indicator of forgery, which exploits a specific flaw in the browser, to evade several anti-phishing solutions.

Therefore, web users are enjoined to always look out for browser-based vulnerabilities such as the address bar spoofing which may exacerbate the success of spear-phishing attacks and hence, could prove to be more dangerous.

Address Bar Spoofing Vulnerabilities In Multiple Mobile Browsers

Similar to Y2K bug, also called Millennium Bug, there is a problem in the coding of computerized systems that's projected to create havoc in computers and server networks around the world in the year 2038.

As computers are programmed to store the last two digits of the year only because it saves storage space, there’s only one day left in the year 1999 (99); which is a day later, therefore the systems would supposedly fail to understand if it’s the Year 2000 (00) or 1900 (00), so was the argument.

While the storage of a combination of date and time within a fixed binary field is often considered the solution, albeit the possibility for software to misinterpret dates still remains as date and time representations are relative to some known origin.

What's the Year 2038 Bug?



The Year 2038 bug is as a result of the original Unix time datatype (time_t) which stores a date and time as a signed long integer on 32-bit systems a 32-bit integer, representing the number of seconds since January 1, 1970. After 2038, this number will exceed 231 − 1, the largest representable by a signed long integer on 32-bit systems.



It will cause the Year 2038 bug, also referred to as the Unix Millennium bug, which unlike 64-bit systems which uses 64 bits, the problem doesn't exist on 64-bit systems as they use the LP64 model.

And the maximum value of a 32-bit interger, which is 2,147,483,647 will starting from 19th January 2038, at exactly 3:14:07, result to the value of stored time since January 1, 1970 to equal the value of a 32-bit integer, that is, 2,147,483,647, thereby causing the issue.

How Linux Kernel 5.10 Solves the Year 2038 Bug



The XFS file system in Linux Kernel 5.10 has been extended to the year 2486, which change fixes the Year 2038 bug. With “Large Timestamps” function that has now fixed this problem by refactoring their timestamp and inode encoding; and the timestamps will now be dealt with as a 64-bit nanosecond counter and bit shifting to extend the measurement.

It is made possible by a brand new XFS file-system with bigtime enabled, which permits the timestamp from December 1901 to July 2486, and for the preservation of backward compatibility, the large timestamps function isn't enabled by default.

Thus, XFS also takes care of the year 2038 problem, whereby the storing of the time since 1970 in seconds will now not slot in a signed 32-bit integer and a wraparound till the year 2486.

Linux Kernel 5.10 Solves Year 2038 Bug with new XFS file system

Digital contents are increasingly available in numerous formats and platforms, and many people are interested in downloading and saving such contents as video or music from YouTube!

While there are several free YouTube downloaders, we've sifted the list to present to you, Snappea which makes it super-easy to download YouTube videos in any format of your choice, the YouTube downloader is perhaps the best free YouTube downloader right now.

The free software comes in both a web version and an Android app, with the YouTube to MP3 online converter putting many paid-for tools to shame, allowing you to download and save videos without any hindrances, and even lets you extract the audio from a video, or downloading an entire playlist.

And coupled with a colorful, easy-to-use interface, you'll definitely love Snappea and the fact that you can get around it in no time. Now, let’s take a look at how to use this wonderful software.

Why should you choose Snappea Online Downloader?



Snappea online downloader is a fully web-based platform that enables users to download and save YouTube videos, even the 1080p videos online. You can easily download as many YouTube 1080p files as you want through the web portal, without having to download any app to your smartphone or desktop system.



It’s unique features are as follows:

  • 100% Free!
  • Fully Online Video downloader with YouTube support.
  • Supports downloading of videos in various formats, such as MP3 and MP4.
  • User-friendly interface, and easy to navigate web portal.


Additionally, there are no download limits as you can download multiple 1080p videos on your smartphone or computer and the best part is that the platform doesn’t charge you anything. It is 100% free for use as long as you want to continue to use it.

Steps to Download YouTube Videos Using Snappea Online Downloader



Step 1: Simply navigate to the Snappea Online Downloader



Start by typing the URL address: www.snappea.com on your web browser and as the platform is extremely simple, you won't be needing any tutorial to get around it, it only needs you to visit the site and start downloading videos right away.



The process involves pasting the YouTube video links you want to download onto the search bar. You can also explore using the search function on the top downloads section to start downloading videos on your smartphone or computer.

Step 2: Search or Paste YouTube Video link to Start Downloading



After successfully accessing the website, once you're on the site, you'll need to either paste a YouTube link or use a keyword to search for any particular YouTube Video.



You don’t necessarily need to go away from the site to get the video link as you can do the search right on the portal. Also, you can search for the video of YouTube and paste the address on Snappea to download it.

Step 3: Start the Downloading of YouTube Video



Once you find the video you want to download, simply click on the downward arrow and wait for the download process to commence. From the next dialog page, select the file format and resolution you want to download it on to your phone or computer.

Then, the website would take only a few seconds, depending on the size of the files to process your video.

Conclusion



Snappea online downloader offers plenty of added extras, such as the ability to convert videos from one format to another, video merging, and disc burning. Isn't it amazing that you get all these for FREE? Visit Snappea.com today to start downloading 1080p YouTube videos right away!

Snappea Online Downloader lets You Download YouTube Videos and Music Easily

The latest release, antiX 19.3 “Manolis Glezo” is the third iteration in the antiX-19 series. It is comparatively lightweight and suitable for older computers, and also provides cutting edge kernel and applications, as well as updates via the apt-get package system and Debian-compatible repositories.

While antiX is a Debian GNU/Linux-based operating system specifically for Intel-AMD x86 compatible systems.

It is available in four versions, namely: Full, Base, Core, and Net with support for both 32-bit and 64-bit computers, and the ISO images of all variants comes with bug fixes, package upgrades, and other major improvements.

What's new in antiX-19.3 Release?



As antiX-19.3 is based on the Debian 10 “Buster” - it supports both SysV and Runit init systems and subsequently, it is backported to the latest firmware from Debian sid with added security upgrades from upstream Debian.



It also included latest software packages such as Libreoffice 7.0.2.2 and Firefox-ESR 78.3.0, and the antiX Wi-Fi switch tool in antiX-19.3 allows you to choose Wi-Fi manager, with ConnMan and Ceni network managers available by default.

Other major core component updates, includes the upgrade of its default window manager IceWM from the previous version 1.6.5 to latest upstream version 1.8.3 and the kernel from version 4.9.212 to the new version 4.9.235.

How to Upgrade to antiX-19.3 Release



If you're a new user and want to try out the new antiX-19.3, you can download the ISO image to download and install on your supported devices. And if you’re an existing user running the antiX-19 series OS already, you can simply initial the command to upgrade your system.

But note that with the inclusion of latest firmware and support for old and new hardware, the size of the ISO images for the latest point version has increased a bit.

Lightweight Linux Distribution antiX-19.3 Released with upgraded IceWM

BlueZ is an open-source protocol stack that offers support for the core Bluetooth layers used in Linux-based systems.

Now, a security researcher at Google, Andy Nguyen, has disclosed a new set of zero-click vulnerabilities in BlueZ, which flaws in the Linux Bluetooth software stack could allow an unauthenticated remote attacker to execute arbitrary code potentially leading to escalation of privilege via adjacent access.

And the most severe of the vulnerabilities is a heap-based type confusion, tracked as CVE-2020-12351, with a CVSS score of 8.3 out of 10, affecting Linux kernel 4.8 and higher, which is present in the Logical Link Control and Adaptation Protocol (L2CAP) that provides multiplexing of data between higher layer protocols.

How the BlueZ Vulnerabilities affects Linux Systems



According to Andy Nguyen, the three flaws collectively are called "BleedingTooth", and resides in the open-source BlueZ protocol stack that offers support for many of the core Bluetooth layers and protocols used for Linux-based systems.



The first flaw is a heap-based type confusion (CVE-2020-12351), which a remote attacker could leverage in a short distance by sending a malicious l2cap packet and cause a DDOS or possibly arbitrary code execution with kernel privileges, knowing the victim's Bluetooth device name.

And the second vulnerability (CVE-2020-12352) is concerned with the stack-based information disclosure flaw affecting Linux kernel 3.6 and higher, which resulted from a 2012 change to the core Alternate MAC-PHY Manager Protocol (A2MP).

Finally, the third flaw trackeed as CVE-2020-24490, was discovered in the Host Controller Interface (HCI), a standardized Bluetooth interface employed for sending commands, and for transmitting data, is a heap-based buffer overflow impacting Linux kernel 4.19 and higher.

The flaw allows a nearby remote attacker to "cause denial of service or possibly arbitrary code execution with kernel privileges on victim machines if they are equipped with Bluetooth 5 chips and are in scanning mode", according to Google security researchers.

How to Mitigate against the BlueZ Vulnerabilities



Intel has issued a security advisory, as it has significant investments in the BlueZ project, warning of the potential security vulnerabilities in BlueZ that may allow escalation of privilege or information disclosure. And BlueZ has released Linux kernel fixes to address these potential vulnerabilities.

Therefore, it is recommended that users should install the latest kernel fixes in order to mitigate the risk associated with these security issues.

BlueZ Vulnerabilities could potentially affect several Linux Systems

Rescuezilla is an Ubuntu-based Linux distribution forked from the erstwhile Redo Backup and Recovery distro, with point-and-click free bare metal restore solution to backup and restore entire computer.

While the previous Rescuezilla 1.0.6 release brought support for booting on EFI-only systems along with Secure Boot enabled for the 64-bit version. Now, the latest release, Rescuezilla 2.0 has switched to creating backups in Clonezilla format with full interoperability to Clonezilla.

The switch means that you can now restore your full backups created using Clonezilla via Rescuezilla and vice versa. Albeit, you can't be able to restore your backups created with Rescuezilla 2.0 using old versions of Rescuezilla.

What's New in Rescuezilla 2.0 Release?



Rescuezilla 2.0 brings the ability to restore individual partition, SD card (mmcblk) and RAID (md) devices. And it also included backup/restore confirmation and summary pages, with filesystem-aware backup/restore of Linux Logical Volume Manager (LVM).



Given that Rescuezilla 2.0 is based on Ubuntu 20.04.1, it is also available as a standalone Debian file for advanced users on Ubuntu 20.04 LTS. Find the other major improvements in Rescuezilla 2.0 below:

  • Addition of nouveau-firmware package.
  • Frontend rewritten in the Python3 programming language.
  • Switched from unmaintained SLiM (Simple Login Manager) to LightDM for reliability.
  • Existing photorec start menu shortcut renamed to “Photograph deep scan”!
  • Separate ‘Safe Mode’ boot menu: namely, “Graphical fallback mode” and “Load USB into RAM”!
  • Disabled Linux time sync to prevent hardware clock modification.


Additionally, Rescuezilla 2.0 has switched from GTK Bluebird theme to Breeze theme, and it is available for use in English (en-US), French/Français (fr-FR), German/Deutsch (de-DE), and Spanish/Español (es-ES).

How to Upgrade to Rescuezilla 2.0



If you're a new user and want to try out the latest Rescuezilla 2.0, you can download the 64-bit ISO image, and write it to a USB stick using a USB bootable tool like balenaEtcher, and run directly from USB without installation.

And for a 32-bit ISO image, you’ll have to wait for the next release because Rescuezilla has disabled support for 32-bit temporarily until the Python virtual environment is fully configured.

Rescuezilla 2.0 Release: Forked from Redo Backup & Recovery distro for system rescue