banner
Previous Page
PCLinuxOS Magazine
PCLinuxOS
Article List
Disclaimer
Next Page

Short Topix: Mapping How Facebook Tracks You


by Paul Arnote (parnote)

Assault On Your Privacy: Monthly Update



Kaspersky has discovered a new MALWARE THAT CAN SURVIVE EVEN A REINSTALLATION OF THE OPERATING SYSTEM. According to an article on PCMag, the Windows-based malware installs itself to the UEFI firmware on the computer, isolating it, even in the event of a reinstallation of the operating system. Called MoonBounce, it was designed to retrieve additional malware payloads to be installed on the victim's computer. Hmmm ... and we were told when we were all forced to switch from the old BIOS system to UEFI that it was more secure. Oooops!

In early January, Google rolled out another SECURITY UPDATE TO PATCH ANOTHER 37 SECURITY VULNERABILITIES IN GOOGLE CHROME. According to a Google blog report, only one security vulnerability was classified as critical, with 10 classified as high threat, 10 classified as a medium level threat, and at least three classified as a low level threat. You can read about the security vulnerabilities at the previously linked blog report above. The "Use After Free" (UAF) exploits are maintaining their "favored use" status as hackers' favorite attack vector. If you are a Google Chrome user and have not updated your browser in a while, you might want to take a moment to do so.

RESEARCHERS AT INTEZER DISCOVERED A NEW CROSS-PLATFORM BACKDOOR MALWARE that attacks Windows, Linux and MacOS computers alike. While the methods differ slightly between the platforms, the end result is the same, according to an article on BleepingComputer. The malware, named SysJoker, remains largely undetected by antivirus software. Once installed on its host computer, the backdoor malware can then download additional malware, execute commands on the device, or command the backdoor to remove itself from the device. The last two instructions have yet to be implemented, though. On an infected Linux computer, the files and directories are created under "/.Library/" while persistence is established by creating the following cron job: @reboot (/.Library/SystemServices/updateSystem).

We have a new champion on the block, but I doubt you'll see Google crowing about this distinction. IN 2021, GOOGLE DRIVE TOOK OVER THE TOP SPOT FOR MALICIOUS DOWNLOADS OF MALWARE FROM MICROSOFT'S ONE DRIVE, according to an article on TechRepublic. So, exercise caution when downloading files from Google Drive, and only download files from those you trust (if you really even trust anyone, anyhow).


Mapping How Facebook Tracks You



Facebook tracks people. Facebook tracks EVERYONE. Even non-users. As it tracks you across the web, it vacuums up as much of your private personal data as it can, as fast as it can. Facebook ... er, "Meta" ... tracks your and my movement across the web by embedding small, invisible, 1x1 tracking pixels on web pages. When those pixels are loaded on a web page, they vacuum up all kinds of data that you probably don't want shared, and that you have no idea may even be available.

Well, a group of journalists from The Markup have teamed up with Mozilla researchers to try to map Facebook's pixel-based tracking network. They want to try to gain an understanding of just what of your private personal data is being collected. The journalists from The Markup will use the anonymized data for an investigative report about the kinds of information Facebook, and where it collects it all from. The "study" runs until July 13, 2022.

Facebook's "privacy policy" (there's an oxymoron) states that Facebook may collect information about you as you travel across the web, even if you don't have a Facebook account. Now exactly how that's legal is beyond me, since non-users (hello! ... I'm over here!) never agreed to Facebook's "privacy policy" or data collection mechanisms.

According to the web site, this study will collect:

  • The data sent to Facebook pixels as you browse

  • The URLs of the web pages you browse

  • The time you spend browsing pages

  • The presence of Facebook login cookies in your browser

  • A study survey that the user completes

  • Metadata on the URLs your visit:

    • The full URL of each webpage that you are on

    • Time spent browsing and playing media on each webpage

    • How far down the webpage you scrolled

Additionally, your participation in the project will guarantee you the following protections:

  • This study will not share granular measurements data with third parties.

  • All efforts to aggregate and analyze the data will be done in Mozilla's secure analysis environment. After completion of analysis we will delete all raw data.

  • ll reporting by The Markup will only use aggregated, anonymized data.

Anyone in the U.S. 19 years old or older can join the study. Simply follow this link, read through the page, and click the "Launch Mozilla Rally" button at the bottom of the page. Who knows. Maybe the information that is uncovered could lead to laws and regulations to better protect your private personal data. Wouldn't you feel good to know that you played a role in helping that come about?


Sorry Windows Users. This One Is For Linux Users ONLY.



Thanks to Intel, Linux users will soon experience BIOS/UEFI updates in the background ... without requiring a reboot, according to an article on the HotHardware website. Traditionally, BIOS and UEFI firmware could be updated, but required a reboot for the update to take effect. This can be problematic for servers, which are expected to be up and running 100% of the time ... or as close to 100% as you can get. Couple in the fact that Linux runs the vast majority of the servers, and you have a huge issue.

Intel has been working on a new ACPI specification called Platform Firmware Runtime Update and Telemetry (PFRUT) for a while now. The upcoming "pfr_update" driver is scheduled to make its debut in the Linux kernel 5.17. Once that happens, systems administrators will be able to patch their hardware without the downtime that was formerly required.

It's still not clear if this will be a server-only feature, or if this will find its way into desktop configurations. Keeping in mind the open source nature of Linux, it's quite likely that desktop Linux users could also reap the benefits of PFRUT. And, since PFRUT is a part of the ACPI specification, Windows users may also ... eventually ... see it implemented.


Wine 7: Even Better At Running Windows Programs



There are multiple ways to run Windows programs. You could just dual boot with a version of Windows, with Windows on its own disk partition, and your copy of PCLinuxOS on another. But that's a major hassle. You can't just switch back and forth between Windows and PCLinuxOS. You have to reboot into one or the other. Plus, it's fairly wasteful when it comes to disk space. You could just run a copy of Windows in VirtualBox (or other virtual machine program). That's a little better, since you never really have to leave PCLinuxOS to run your copy of Windows. But, this can be quite resource intensive, consuming a lot of CPU and RAM cycles. Or, you can run Wine, an open source Windows emulator, which allows you to run Windows programs directly on your PCLinuxOS desktop.

On January 18, Wine 7 was released. With the release of the program that allows running Windows programs on Linux computers, comes several improvements. One of the most notable improvements comes in the notably improved 64-bit support.

Other improvements include:

  • Most modules converted to Portable Executable (PE) format.

  • New light theme.

  • WoW64 (Windows on Windows) architecture implemented.

  • Better graphics support.

  • Improved Direct3D support.

  • Support for multiple displays.

  • Improved D3DX support.

  • Improved audio support.

  • Improved joystick support.

  • Better support for Mono/.NET.

  • Improved builtin registry tool.

If you're like most Linux users, you arrived at Linux after wallowing in the Windows mud pit for a while. As a result, you may have some Windows programs that you became fond of. So, if you have a copy of WordPerfect 7.0 that you just can't part with, you should be able to run it on Linux ... via Wine. Typically, Wine is the least resource-intensive way to run Windows programs, compared to either dual booting or running Windows in a virtual machine.

Want to know if any of your Windows programs run on Wine? Never fear, because WineHQ has a database of over 15,700 Windows programs (often, multiple versions of each), with reports on how it runs under Wine. Oddly, some Windows versions of programs are listed that also have Linux versions, such as 0 A.D. and AbiWord. I'm not sure why anyone would run a Windows version of a program that has an equal version in Linux. It would make much more sense to just run the Linux version.


Humble Bundle Dropping Linux, MacOS Support



Since its launch in 2010, Humble Bundle has been a popular source for games on Linux, MacOS and Windows. The concept was pretty simple. Users could pay what they wanted and download the games to their computers. There were also different levels for monthly subscription plans.

Well, starting February 1, 2022, Humble Bundle is dropping support for Linux and MacOS. Starting then and going forward, the Humble launcher will ONLY work for Windows titles. Apparently, the folks at Humble Bundle "listened to their users" and simplified the subscription levels to just one level, and are dropping Linux and MacOS.

It should come as no surprise that Windows users' voices would drown out the voices of Linux and MacOS users. They do make up a considerable part of the gaming market. But that isn't the whole story. Over Humble Bundle's history, Linux users paid, on a pretty steady average, twice the amount of money for the Humble Bundle packages (remember, pay what you want for the games) as Windows users.

Obviously, in dropping support for Linux and MacOS users, Humble Bundle is okay with leaving money on the table, so to speak. Maybe that money will be enough to attract another, new player in the gaming supply world to court Linux and MacOS users. That forthcoming void is still just that, at this point: a void. Hopefully, it's a void that is filled quickly for Linux gamers.


PCLinuxOS Short Topix Roundup



I'm going to try a more brief approach to these this month, just so I can fit more of them in here.

One Linux kernel developer, Ingo Molnar, is trying to clean up the kernel's "dependency hell," according to an article on ZDNet. After 30+ years of development, the Linux kernel has collected its fair share of excess baggage. That's going to mean 2,200 commits to clean up the 10,000 or so header (*.h) files used when compiling the kernel. The cross-dependencies between them all are (in)affectionately known as "dependency hell."

Y'all know the difference between RAM and storage, right? I would certainly hope so, if you've gotten this far in your computing life. Well, according to an article on PCWorld, a recent breakthrough could see RAM and storage merged into a single unit that they are calling UltraRAM.

The new Google Chrome 97 should be out, and it sports some new features for hackers to exploit, according to an article on LifeHacker. Under the "Privacy and Security" settings, you can set for Google Chrome to erase all information stored by websites you visit (but I'm sure not before all of that information is sent home to Google). Web developers will also be able to check to see if your display supports HDR video. Also, web apps can now use a previously verboten piece of real estate: the top app bar. So now, the web apps actually look like they belong in Chrome.

Samsung's new Eco Remote, besides being charged by solar cells, can now recharge itself by harnessing the RF waves of your wifi signal, according to an article on The Verge.

Even though Omicron is the dominant COVID-19 strain circulating around the globe, with declining numbers, you might not want to let your guard down just yet. There just may be yet another variant just around the corner. Researchers in France have identified a new strain, according to an article on the Firstpost website. Officially named B.1.640.2, the new variant has been dubbed the IHU strain, because of where it was discovered. At the time of the article's writing, only about 12 people had been infected with the new variant. The WHO has not labeled the new variant a "variant of concern" yet.

With NetworkManager working so well for so many Linux users, the Linux ifcfg tool that has helped manage network connections for all of these years may have become unnecessary and superfluous. According to an article at Phoronix, Fedora 36 is doing away with ifcfg, and has made a proposal for its elimination altogether. The 130,000 lines of code that comprise ifcfg have been frequent sources of bugs, and consumes valuable system resources. By eliminating the code, you eliminate the bugs and gain back the use of the system resources it consumed.

I bet you thought (like I did) that tape drives were all but dead. But Japanese tape drive vendor Unitex has released a new tape drive -- with a USB connection (USB A 3.0, to be specific) -- that will backup 18TB of data in less time than it takes to back the same amount of data to the cloud, according to an article on TechRadar. The 18TB tapes cost about half of 18TB hard drives. But, the tape drive itself -- the hardware part -- is expected to command a price in excess of $6,000. Backing up 18TB of data over a USB 3.0 connection can be expected to take around 17 hours. But backing up 18TB of data over a broadband connection will take far, far longer, depending on the throughput speed of the broadband connection. Users could always "rent" the expensive tape drive for a day to perform updates, which might help mitigate the high cost of the new tape drive.

Users of a Chromium-based browser (Chromium, Edge, Brave, Chrome, Opera, Vivaldi), will soon lose the ability to remove search engines from the default list of available search engines, according to an article on PCMag.



Previous Page              Top              Next Page