by Paul Arnote (parnote)
WireGuard's Linux Kernel Support Likely To Change VPNs Forever
It's a fact: virtually all VPN servers run Linux. But coming as soon as the Linux kernel 5.6.x, Linux users should see full support for WireGuard. It's code, which is released under GPL 2.0, is a mere 4,000 lines ... versus the more than 100,000 lines of code that make up OpenVPN. From a security standpoint, one person can look over and comprehend its use and security, while a whole team of security experts would be hard pressed to make sense of the OpenVPN code base.
One of WireGuard's biggest fans happens to be Linus Torvalds. Via the Linux kernel maintainers mailing list, Linus said, "Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn't perfect, but I've skimmed it, and compared to the horrors that are OpenVPN and IPSec, it's a work of art."
WireGuard's code is already available on Android, Windows, macOS, BSD Unix, and iOS. While being even simpler and more svelte, WireGuard still incorporates state-of-the-art cryptography technologies, such as such as the Noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, and HKD. An academic study has already shown WireGuard to be secure.
Created in 2015, its creator, Jason Donenfeld, is still working out a few rough edges with the code. According to the WireGuard site, "some parts of WireGuard are working toward a stable 1.0 release, while others are already there."
It's expected that WireGuard will be ready for prime time sometime this spring, quickly followed by VPN providers offering WireGuard-based VPN connections to end users soon thereafter.
Intel Clear Linux Distro Outperforms Win10, Ubuntu ... On AMD Hardware
Did you know that Intel has its own Linux distro, tailored to best perform on Intel hardware? No? Well, me neither. It's called the Intel Clear Linux Project.
Here's a real kicker: it outperforms both Windows 10 Home and Ubuntu ... on cheap, budget priced AMD hardware. In benchmark testing performed by Phoronix, Clear Linux outperformed Fedora Workstation 31, the upcoming Ubuntu 20.04, and Windows 10 Home in 78% of the benchmarks on an inexpensive Motile M141 laptop that sells for $199 (U.S.) at Walmart (currently selling for $249 on the Walmart website at the time of this article). The laptop sports an inexpensive AMD Ryzen 3 3200U processor, built-in AMD Vega 3 graphics, with 4GB of RAM.
According to an article from Forbes, Clear Linux is a rolling distro. It captured top honors in every category "from audio + video encoding to OpenGL and graphics benchmarks, to Python and workstation visualization applications." The article goes on to list some of the nice qualities of Clear Linux. "It has built-in Flatpak support, a clean installer, delta-based updates (only the updated bits of a package are downloaded as opposed to an entirely new version), useful software bundles, and rolling release model."
What's most amazing is that this performance superiority came on a cheap computer running an AMD processor! You can read the entire Phoronix article here.
Google Chrome To Start Blocking Downloads
Starting with Chrome 83, Google Chrome will block the download of certain types of files. Starting with Chrome 82, users will get warnings when attempting to download certain types of files, according to an article on Lifehacker.
Yep. Good ol' trustworthy [cough] Google Chrome is doing its level best [cough cough] to keep you safe [cough cough cough]. In October, 2019, Google announced that it was planning to address mixed content on HTTPS pages, where there is HTTP content.
So which "certain" file types will be blocked? Well, this graphic from Google should answer that question ... and probably alarm you, at the same time.
Of course, once you block all of that content, there won't be much left to view on the web. But never fear. These are the file types that will be blocked from HTTP content appearing on HTTPS web pages, or that "mixed content" that Google refers to.
The Android and iOS versions of the Chrome browser will follow one release cycle later than on the desktop.
Of course, there is no replacement/solution for the PEBKAC (Problem Exists Between Keyboard And Chair) problem. You will still have to be careful to not visit unsecure websites, and take measures to ensure that the content you download is safe and secure.
Browser Extension Blocks Websites For Firefox, Google Chrome
There's a new browser extension that will allow you to block certain/select websites from displaying on your computer, unless you enter a master password to override the restriction.
Block Site (two words, so as to not be confused with another extension with the same name but one word) is available for Firefox and Google Chrome. With it, you can enter individual website addresses (e.g., www.mywebsite.com), or load them in from a text file. If choosing the latter, you put a web address you want to block on each line, and then load them into Block Site all at once by pointing it to your text file.
Fortunately, Block Site allows the use of wildcards. Just entering "www.facebook.com" will not block any subdomains, allowing for the block to be easily circumvented. But, entering *.facebook.com will completely block access to all of Facebook. You can also use wildcards like this: *://*facebook*/* and *://*/*facebook* . The first one blocks any domain that has facebook in its name, while the second one blocks all queries with the word facebook.
Once you add a website (or websites), click on the "Save" button in the extension, and the site(s) will be blocked starting immediately.
I'm a bit unsure, though, what happens when you launch Firefox via the command line with the option to start without loading any of the extensions (firefox --safe-mode). Fortunately, this probable eventuality was thought of by the developers. Here's the answer to that question from the Block Site FAQ:
How can I prevent this extension from being removed or disabled from the Firefox browser?
Create a policies.json file with the following content. This file sits in a directory called distribution within the Firefox installation directory. You can use it to control how users have access to the browser features. For more info visit github.com/mozilla/policy-templates.
Of course, any blocked website can be accessed by entering the master password to override the block applied by Block Site.
If you have multiple computers and want to use the same block list for every computer, you can setup one computer, and then export the blocked site list to a USB flash drive, and then load that list into every other computer you want to use it on.
This is probably not the best choice for parental controls, as it is not a net filter. Rather, it merely blocks access to sites you don't want people who might be using your computer going to.
War On IPTV Heats Up
Back in the January 2020 issue of The PCLinuxOS Magazine, we ran an article about IPTV (Internet Protocol TV) being a possible low-cost alternative for cord cutters wanting to free themselves from their monthly cable TV bills.
Well ... less than two months later, news is coming out that the "war" on IPTV is heating up. According to an article on the Cord Cutters News, the Alliance for Creativity and Entertainment (ACE) have been targeting companies that make IPTV possible.
ACE members include Amazon, AMC Networks, BBC Worldwide, Bell Canada and Bell Media, Canal+ Group, CBS Corporation, Channel 5, Charter Communications, Comcast, Constantin Film, Discovery, Foxtel, Fox Corporation, Grupo Globo, HBO, Hulu, Lionsgate, Metro-Goldwyn-Mayer (MGM), Millennium Media, NBC Universal, Netflix, Paramount Pictures, SF Studios, Sky, Sony Pictures Entertainment, Star India, Studio Babelsberg, STX Entertainment, Telefe, Telemundo, Televisa, Univision Communications Inc., Viacom Inc., Village Roadshow, Walt Disney Studios Motion Pictures, and Warner Bros. Entertainment Inc. ... basically a who's who in the entertainment industry.
In the past, ACE has successfully shut down a growing number of IPTV services, and is now targeting Clipwatching and Fembed. ACE is arguing that the two companies host pirate services, making it possible for them to run. ACE has filed a motion in the U.S. courts to force Cloudflare to "hand over the personal information of the associated account holders. If ACE wins, Cloudflare will be forced to hand over the billing and contact information for the accounts linked to Clipwatching and Fembed."
Leave it to the entertainment industry to fight to preserve their old-school marketing tactics, instead of providing what end-users want in a format that fits into the end user's lifestyle, leveraging the long arm of the courts to try and get their way.
Google Asks Samsung To Stop Messing With Linux Kernel On Android Devices
Google has asked Samsung to stop messing with the Linux kernel that powers all Android devices, according to an article on ZDNet. Typically done to help improve hardware support and to provide better security, the downstream additions more often than not introduce other security bugs that were not present when the upstream maintainers released the kernel code.
Samsung, while not alone among vendors of Android devices, is probably one of the largest profile vendors guilty of tinkering with the Linux kernel code. This is exactly the issue when researchers examined the Samsung Galaxy A50 (pictured above).
In a real "stay in your lane, bro" fashion, Google is asking Android hardware vendors to stop tinkering with the Linux kernel that Android is built upon. Despite the vendors' best intentions to improve security or support hardware, most often additional security vulnerabilities are introduced with the modifications.
To help mitigate the security vulnerability nightmare, Google is suggesting that "handset makers use direct hardware access features already supported in Linux, rather than customizing Linux kernel code."
One Of The World's Smallest Nuclear Power Plants OK'd For Idaho
One of the world's smallest nuclear power plants has just received regulatory approval to start construction in Idaho, according to an article in Popular Mechanics. This nuclear power plant design is expected to help reduce nuclear waste products, since it uses that nuclear waste to generate power.
Sitting in the countryside, the 1.5 megawatt power plant occupies no more room than a typical A-frame house. It will be able to power 1,000 homes, while running for 20 years nearly autonomously.
The advantages are huge with this small-scale nuclear power plant. First, because it uses nuclear waste as a fuel, it helps decrease the amount of nuclear waste that has to be disposed of. Second, because of its small size, it can be placed in areas previously unavailable, and they can be clustered closer to the electricity consumers.
Designed by Oklo, the smaller plant is expected to be significantly cheaper to build. Being a nuclear power plant, it's emission-free and relatively clean for the environment.
If you want to read more about Oklo's new vision for small nuclear power plants, Grist did a much larger writeup about the new pint-sized electric plants.
Gmail's Best New Feature Coming Soon To Google Docs
Gmail's best new feature should soon be showing up in Google Docs over the next few weeks.
Back in May, 2018, Google introduced Smart Compose for Gmail, which is called predictive text. Smart compose analyzes the email you are writing, and based on the recipient, the subject line, and the context of your message, and presents what it thinks you're going to say as light gray text. To accept the predictive text as presented, just tap on either the tab key or the right arrow cursor key on your keyboard.
As with most new features that are introduced, they will be rolled out first to G Suite users first, before being migrated over to "non G Suite" users. Still, you should expect to see the new feature within the next few to several weeks.
Just like with autocorrect, the predictive typing feature (which I've personally used some on Gmail) isn't perfect. But then again, all you have to do if you don't like the suggestion(s) of the predictive typing feature is to keep typing what you do mean/want to say. Unless and until you tap either the Tab or right cursor arrow key, that light gray text remains just a suggestion. And, just as with the autocorrect feature, predictive typing can be turned off under Tools > Preferences in Google Docs.
Genius Device Generates Electricity Out Of Thin Air
In news that's somewhat reminiscent of Nikola Tesla's attempts to generate electricity and transmit it wirelessly around the world, a group of scientists have successfully developed a new technology that literally generates electricity out of thin air, according to an article on Science Alert.
I'll try the best I can to boil the technobabble down to something understandable. A bacterium, discovered years ago in sediment along the shores of the Potomac River, has the ability to produce magnetite in the absence of oxygen, as well as bacterial nanowires that are capable of conducting electricity. The bacterium is called Geobacter sulfurreducens.
Exploring possible uses for the bacterial nanowires, researchers have created a device that they call Air-Gen. The device can literally create clean electricity out of thin air.
From the article:
The Air-gen consists of a thin film of the protein nanowires measuring just 7 micrometres thick, positioned between two electrodes, but also exposed to the air.
Because of that exposure, the nanowire film is able to adsorb water vapour that exists in the atmosphere, enabling the device to generate a continuous electrical current conducted between the two electrodes.
The team says the charge is likely created by a moisture gradient that creates a diffusion of protons in the nanowire material.
Air-gen produces a sustained voltage of around 0.5 volts, with a current density of about 17 microamperes per square centimetre. That's not much energy, but the team says that connecting multiple devices could generate enough power to charge small devices like smartphones and other personal electronics -- all with no waste, and using nothing but ambient humidity (even in regions as dry as the Sahara Desert).
The goal is to scale the system up, and to possibly power homes with the nanowires incorporated into the paint on the walls.