But Kodi security is a bad joke anyway. Any addon has full control, so powning any repository that autoupdates these addons with virtually zero security can lead to millions of devices infected pretty quickly.
So, yeah.
Only if you run a canned, lightweight Kodi distribution like LibreElec or OpenElec. You can easily setup Kodi with Fedora for example and it will use a local non-privileged user.
How is this malware? Looks like a simple, automated SSH probe to me for people who don't follow obvious best practices. If you're going to leave SSH open to the world then do at least a few of the below:
1) Change default password 2) Enable keyauth only 3) Change the default listening port.
Besides the KDE4 debacle many years ago, KDE Plasma 5.x has seen a lot of improvement, complete rewrites in some areas and delivers a rather nice desktop experience. Being an XFCE user myself, I opt to use only KDEs windowing/compositor with XFCE to spruce it up with a more modern theme engine, appearance and 3D effects.
By April 2011 you mean Gnome 3, right? Then continue using Gnome 2, it is called XFCE. There are also other equivalent "sane" DEs - like Cinnamon and Mate but I do not see there a difference, XFCE is a safe bet.
It's really come a long way in 5.x, and the themes and compositing are downright beautiful. I do feel it tries to do too much as with most current desktop environments however, or at least it's a bit too much for me. Luckily the KDE Devs made KWIN modular enough to be used with other more classic, lightweight DE's like XFCE - I prefer using KWIN compositing with XFCE. I can get all the theming, graphical enhancements and feel with the simplicity and speed of XFCE.
I've been unfortunate enough to garner a few IoT devices, including a Samsung Smart TV. With a little bit of effort and a decent Asus Router with Tomato firmware I've placed any questionable devices on isolated VLANs so they don't affect the rest of of my trusted network. I can also block or whitelist their outbound traffic if needed.
It's going to heavily depend on the functionality you need. You'd need to explain the needs and usage a bit more. Is there a reason you can't just let someone like wordpress.com run it for you? This alleviates all the headache of tracking down updates to 3rd party plugins, security errata etc. There's enough core functionality with the included plugins (they call them widgets) for most general website/CMS uses. You could try using the free option and if you want a custom domain and other stuff then pay for it.
Since others are mentioning it, on the topic of editors I prefer vim with a few plugins and tweaks.
WTF? I've been a happy t-bird usere since practically day one. I'd be curious to know what other unix/linux users are using for mail clients on the desktop. No, I don't do the web-mail thing and i'm not about to start.
Why would you actually hook these up to a network that has Internet access? Of course you make a separate VLAN or network for your "security" devices and other monitoring, ^H^H^H^H^H IoT devices that can only talk to preapproved connections. That is what a firewall is for.
I put all my untrusted, sketchy IoT devices on their own isolated VLAN via Tomato "Shibby" firmware on an ASUS router. It's fairly trivial to do and worth the effort so they at least can't attack your internal trusted networks. You can also whitelist outbound traffic for an added level of protection.
I find the info quite aggressive agains WP, the plugin indeed has been banned, and before this second post...
So; wordpress reacts to bad publicity not to threats to their users. That's actually worse than if they did nothing because if they did nothing we'd hear about it all the time whereas now the questions are, "What else did Wordpress manage to close down just before it got written about on Slashdot? What else is Wordpress hiding?"
Somewhere there are wordpress users who have installed this and either have not yet had their credentials stolen or have not yet had them used against them. Notifying their users should be the top priority. This should be front page on their site. This should be the top news on their blog. There is nothing there. Wordpress is still hiding things and letting down their users. This posting is not nearly aggressive enough.
Wordpress.com is very different than the community wordpress.org, one is a commercial entity that offers free and paid hosted wordpress services and the latter is the upstream/open source wordpress community that offers wordpress for self-hosting.
Neither of these entities are responsible for or have any control over 3rd party plugins like the one mentioned in the article. This would be like blaming Microsoft for someone releasing Win32 shareware that hijacked credentials.
I've switched back and forth to just about every *NIX Desktop Environment since I started using Linux in 1999, loved KDE 3.x, loathed KDE 4.x until it became stable and used KDE 5.x on and off. The good thing about KDE is that the windowing and 3D effects subsystem is modular.
I'm pretty much settled on using XFCE but I'm using KWIN KDE compositing/3D effects with XFCE for a nice compromise between a 'classic' desktop that's rock solid but with the nice themes, windowing effects and features that KWIN (KDE's compositor) brings to the table.
I've been on this setup the past 6years or so. If mutt isn't your thing this approach is modular so you could simply sync with offlineimap and index/search with notmuch.
I don't see many large, high profile sites running an entire Microsoft Windows stack nowadays (IIS/SQL Server, etc) but Stack Exchange is one of them.
What were the reasons behind choosing a full Microsoft stack versus any of the Open Source alternatives which seem much more prevalent, especially in start-ups and smaller businesses for web presence?
I've always liked Thinkpad (Lenovo) laptops, they generally ship Linux-friendly hardware and are tough and durable, it's the company default where I work. If you were unfortunate enough to procure the second to last model the touchpad needs some work
Regardless of the make/model you use, be sure to implement hybrid suspend so you'll never lose your work should you run out of battery while suspended. I'm currently using a Lenovo x240 on Fedora 22 with great results, regardless of the spyware shipped on the lower-end models I'll still stick with them for the excellent durability and hardware support until something better comes along.
Smooth talking sales people and golf course nudges always override common sense and the squelched cries of underlings who have to support bad decisions made around vendor software, news at 11.
KDE5/Plasma5 has been very solid for me, but I use KWIN with XFCE only as the compositor/window manager.
A lot of the instability people discuss around KDE5 is actually an Intel bug which features in Plasma 5 seem to trigger on Intel chipsets. If you're using an Intel chipset and have weird issues, artifacts or instability you might want to try switching to the older UXA driver instead of SNA that's shipped with more recent distributions.
There's still probably some substantial revenue coming in from forgotten AOL subscriptions from elderly folks who thought they needed it to access the internet, but probably not 4.4B worth.
I don't have so many desktop applications that anyhting is more than a few clicks away in my organized XFCE doc though on Linux or the old start menu wasn't pretty efficient with the mouse.
Thing is keyboard shortcuts really are probably better and the search function saves the steps of actually defining all those shortcuts.
Which of course sucks... American individuals have to pay taxes on money they earn living outside the border. Why shouldn't these people? Don't answer, the question is rhetorical. If they want to be an American corporation, they should pay American taxes. But... we will do nothing to elect people that would write the appropriate laws. Therefore this article is meaningless. Nothing will come of it, except some advertising revenue.
Not necessarily, if you live abroad and pay taxes elsewhere you can claim the foreign income tax credit and forego paying up to $97K or so of taxable income in the U.S.
"If you are a U.S. citizen or a resident alien of the United States and you live abroad, you are taxed on your worldwide income. However, you may qualify to exclude from income up to $97,600 of your foreign earnings. In addition, you can exclude or deduct certain foreign housing amounts. See Foreign Earned Income Exclusion and Foreign Housing Exclusion and Deduction, later. "
Slashdot Mirror
But Kodi security is a bad joke anyway. Any addon has full control, so powning any repository that autoupdates these addons with virtually zero security can lead to millions of devices infected pretty quickly.
So, yeah.
Only if you run a canned, lightweight Kodi distribution like LibreElec or OpenElec. You can easily setup Kodi with Fedora for example and it will use a local non-privileged user.
How is this malware? Looks like a simple, automated SSH probe to me for people who don't follow obvious best practices. If you're going to leave SSH open to the world then do at least a few of the below:
1) Change default password
2) Enable keyauth only
3) Change the default listening port.
There's a plethora of off-the-shelf password managers out there that support encryption but you can also create an easy, DIY distributed/encrypted solution with GPG, git and vim.
There's really no excuse to be storing sensitive credentials in office documents or spreadsheets.
Besides the KDE4 debacle many years ago, KDE Plasma 5.x has seen a lot of improvement, complete rewrites in some areas and delivers a rather nice desktop experience. Being an XFCE user myself, I opt to use only KDEs windowing/compositor with XFCE to spruce it up with a more modern theme engine, appearance and 3D effects.
By April 2011 you mean Gnome 3, right? Then continue using Gnome 2, it is called XFCE. There are also other equivalent "sane" DEs - like Cinnamon and Mate but I do not see there a difference, XFCE is a safe bet.
You can make XFCE look even better by using KWIN as the compositor
It's really come a long way in 5.x, and the themes and compositing are downright beautiful. I do feel it tries to do too much as with most current desktop environments however, or at least it's a bit too much for me. Luckily the KDE Devs made KWIN modular enough to be used with other more classic, lightweight DE's like XFCE - I prefer using KWIN compositing with XFCE. I can get all the theming, graphical enhancements and feel with the simplicity and speed of XFCE.
I've been unfortunate enough to garner a few IoT devices, including a Samsung Smart TV. With a little bit of effort and a decent Asus Router with Tomato firmware I've placed any questionable devices on isolated VLANs so they don't affect the rest of of my trusted network. I can also block or whitelist their outbound traffic if needed.
It's going to heavily depend on the functionality you need. You'd need to explain the needs and usage a bit more. Is there a reason you can't just let someone like wordpress.com run it for you? This alleviates all the headache of tracking down updates to 3rd party plugins, security errata etc. There's enough core functionality with the included plugins (they call them widgets) for most general website/CMS uses. You could try using the free option and if you want a custom domain and other stuff then pay for it.
Since others are mentioning it, on the topic of editors I prefer vim with a few plugins and tweaks.
WTF? I've been a happy t-bird usere since practically day one. I'd be curious to know what other unix/linux users are using for mail clients on the desktop. No, I don't do the web-mail thing and i'm not about to start.
I've been very happy with mutt with offlineimap and notmuch for many years now.
Why would you actually hook these up to a network that has Internet access? Of course you make a separate VLAN or network for your "security" devices and other monitoring, ^H^H^H^H^H IoT devices that can only talk to preapproved connections. That is what a firewall is for.
I put all my untrusted, sketchy IoT devices on their own isolated VLAN via Tomato "Shibby" firmware on an ASUS router. It's fairly trivial to do and worth the effort so they at least can't attack your internal trusted networks. You can also whitelist outbound traffic for an added level of protection.
Isn't Unity just a compiz plugin?
I find the info quite aggressive agains WP, the plugin indeed has been banned, and before this second post...
So; wordpress reacts to bad publicity not to threats to their users. That's actually worse than if they did nothing because if they did nothing we'd hear about it all the time whereas now the questions are, "What else did Wordpress manage to close down just before it got written about on Slashdot? What else is Wordpress hiding?"
Somewhere there are wordpress users who have installed this and either have not yet had their credentials stolen or have not yet had them used against them. Notifying their users should be the top priority. This should be front page on their site. This should be the top news on their blog. There is nothing there. Wordpress is still hiding things and letting down their users. This posting is not nearly aggressive enough.
Wordpress.com is very different than the community wordpress.org, one is a commercial entity that offers free and paid hosted wordpress services and the latter is the upstream/open source wordpress community that offers wordpress for self-hosting.
Neither of these entities are responsible for or have any control over 3rd party plugins like the one mentioned in the article. This would be like blaming Microsoft for someone releasing Win32 shareware that hijacked credentials.
I've switched back and forth to just about every *NIX Desktop Environment since I started using Linux in 1999, loved KDE 3.x, loathed KDE 4.x until it became stable and used KDE 5.x on and off. The good thing about KDE is that the windowing and 3D effects subsystem is modular.
I'm pretty much settled on using XFCE but I'm using KWIN KDE compositing/3D effects with XFCE for a nice compromise between a 'classic' desktop that's rock solid but with the nice themes, windowing effects and features that KWIN (KDE's compositor) brings to the table.
Have a look at mutt with offlineimap and notmuch.
You can use lynx to dump HTML into text for reading message from the miserable people that use HTML email as a built-in.
I use a combination of mutt + offlineimap + notmuch for mail, local archiving and a very powerful search.
I've been on this setup the past 6years or so. If mutt isn't your thing this approach is modular so you could simply sync with offlineimap and index/search with notmuch.
I don't see many large, high profile sites running an entire Microsoft Windows stack nowadays (IIS/SQL Server, etc) but Stack Exchange is one of them.
What were the reasons behind choosing a full Microsoft stack versus any of the Open Source alternatives which seem much more prevalent, especially in start-ups and smaller businesses for web presence?
I've always liked Thinkpad (Lenovo) laptops, they generally ship Linux-friendly hardware and are tough and durable, it's the company default where I work. If you were unfortunate enough to procure the second to last model the touchpad needs some work
Regardless of the make/model you use, be sure to implement hybrid suspend so you'll never lose your work should you run out of battery while suspended. I'm currently using a Lenovo x240 on Fedora 22 with great results, regardless of the spyware shipped on the lower-end models I'll still stick with them for the excellent durability and hardware support until something better comes along.
Smooth talking sales people and golf course nudges always override common sense and the squelched cries of underlings who have to support bad decisions made around vendor software, news at 11.
KDE5/Plasma5 has been very solid for me, but I use KWIN with XFCE only as the compositor/window manager.
A lot of the instability people discuss around KDE5 is actually an Intel bug which features in Plasma 5 seem to trigger on Intel chipsets.
If you're using an Intel chipset and have weird issues, artifacts or instability you might want to try switching to the older UXA driver instead of SNA that's shipped with more recent distributions.
Section "Device"
Identifier "Intel Graphics"
Driver "intel"
Option "AccelMethod" "uxa"
EndSection
... the PM translates the coders and works between them and the business.
So basically the PM is the new "take the specifications from the customers and bring them down to the software engineers."
There's still probably some substantial revenue coming in from forgotten AOL subscriptions from elderly folks who thought they needed it to access the internet, but probably not 4.4B worth.
Lots of conclusions drawn from a very small sampling size, there may be some truth to these generalizations but I'd prefer to see more data.
I don't have so many desktop applications that anyhting is more than a few clicks away in my organized XFCE doc though on Linux or the old start menu wasn't pretty efficient with the mouse.
Thing is keyboard shortcuts really are probably better and the search function saves the steps of actually defining all those shortcuts.
You can use the "type to run" dialog in XFCE to via Whiskermenu Plugin
You can also easily hotkey it to whatever you like
In 2012 CISO reports that it blocked 257 billion unauthorized attempts to access the USPS network
Post Office Zone Alarm alerts for Windows 98SE sitting on public IP address space shouldn't be counted in my opinion.
Which of course sucks... American individuals have to pay taxes on money they earn living outside the border. Why shouldn't these people? Don't answer, the question is rhetorical. If they want to be an American corporation, they should pay American taxes. But... we will do nothing to elect people that would write the appropriate laws. Therefore this article is meaningless. Nothing will come of it, except some advertising revenue.
Not necessarily, if you live abroad and pay taxes elsewhere you can claim the foreign income tax credit and forego paying up to $97K or so of taxable income in the U.S.
"If you are a U.S. citizen or a resident alien of the United States and you live abroad, you are taxed on your worldwide income. However, you may qualify to exclude from income up to $97,600 of your foreign earnings. In addition, you can exclude or deduct certain foreign housing amounts. See Foreign Earned Income Exclusion and Foreign Housing Exclusion and Deduction, later. "
http://www.irs.gov/Individuals...
http://www.irs.gov/publication...