Category Archives: Stiri iT & C

Where Linux Went in 2018 – and Where It’s Going | Community


For those who try to keep their finger on the Linux community’s pulse, 2018 was a surprisingly eventful year. Spread over the last 12 months, we’ve seen various projects in the Linux ecosystem make great strides, as well as suffer their share of stumbles.

All told, the year wrapped up leaving plenty to be optimistic about in the year to come, but there is much more on which we can only speculate. In the interest of offering the clearest lens for a peek into Linux in 2019, here’s a look back at the year gone by for all things Linux.

Ubuntu Sheds Unity but Sees Silver Lining in Cloud

The last ripples from 2017 into 2018 came from Ubuntu’s decision to phase out the Unity desktop and switch its flagship desktop environment to Gnome. Ubuntu’s first image to ship with Gnome was with its October 2017 release of 17.10, but it was something of a trial run. With April’s 18.04, Ubuntu officially unveiled its first Long Term Support (LTS) track to feature Gnome 3.

With an LTS sporting Gnome and holding up to user testing, the countdown clock began on the eventual switch to the Wayland display server, intended to take over for the aging Xorg server. Think of display servers as the skeletal beams that a desktop is bolted to.

Ubuntu 17.10 tested Wayland waters, but although 18.04 shied away from Wayland, the fact that 18.04 seems to have Gnome under control means the Ubuntu flagship desktop developers can turn their attention to Wayland, hopefully catalyzing its evolution.

Many saw the end of Unity not so much as an admission of defeat in cementing Ubuntu’s own desktop vision, but as evidence of a pivot in Canonical’s focus to cloud computing and IoT. After months in the wild and the update to Ubuntu’s incremental patch, 18.04.1, it is clear by this point that the decision to abandon Unity did not so much as jostle the stability of Ubuntu’s release. In fact, 18.04 has proven exceptionally stable, polished and well-received.

Few are the distributions that can put out as robust and distinct a product as Ubuntu, while also maintaining their own desktop. The only one that might lay claim to this is Linux Mint, but its code base has far fewer deviations from Ubuntu than Ubuntu’s has from Debian. Put another way, Mint’s code base is similar enough to Ubuntu’s (Mint’s upstream) that it can afford to dedicate time and resources to in-house desktops.

Without its own desktop, Ubuntu doesn’t seem worse for wear, but as refined and dependable as ever, especially with the introduction of features like a minimal install option and restart-less kernel updates.

It will be hard to tell how the end of Unity ultimately will impact Ubuntu until its next LTS drops in April 2020 — but for now, Ubuntu fans can breathe a sigh of relief as the distribution continues to shine.

Linux Gamers Won’t Be Steamed at Valve Much Longer

Another major development in desktop Linux computing was Steam Play’s August announcement of
beta testing support for running Windows games on Linux. Steam evidently has been playing the long game (no pun intended) in backing work on the Windows compatibility program Wine, as well as the DirectX translation apparatus Vulkan, over the past couple of years.

This past summer, we saw these efforts coalesce. In a framework called “Proton,” Steam has bundled these two initiatives natively in the Steam Play client. This enables anyone running a Linux installation of Steam Play (who is enrolled in the beta test) to simply download and play a number of Windows games with no further configuration necessary.

A marked lack of access to top-tier games long has been a sticking point for Linux-curious Windows users considering a switch, so Steam’s ambitious embarkation on this project may prove to be the last encouragement this crowd needs to take the penguin plunge.

Steam has been exercising patience, as it has been maintaining a periodically updated list of the number and degree of Linux-compatible Windows games in its library of titles. It hasn’t been afraid to acknowledge that a number of Windows games still need work, another sign of sober expectations on the part of Valve.

Taken together, these steps suggest that Steam is in this for the long haul, rather than throwing together a quick fix to increase revenue from Linux-bound customers. If that weren’t proof enough, Steam even has gone so far as to post the code for Proton on GitHub, which is as good a sign as any that it is invested in the Linux community.

The entire undertaking holds promise to steadily improve the Linux desktop experience as more games reach mature compatibility, and Proton slowly crawls out of beta.

Red Hat Hangs Its Hat on IBM’s Rack

Although the Linux desktop landscape saw modest but undeniable progress, there was much more at play in the enterprise Linux arena.

Perhaps the single biggest Linux headline this year was IBM’s acquisition of Red Hat. IBM and Red Hat have enjoyed a long and fruitful partnership, and IBM’s shrewd tactic in competing with Microsoft more than a decade ago played the leading role in Red Hat’s rise in the first place.

Red Hat popularized, if not pioneered, the practice of selling support and tailored configuration as an open source business model. Fatefully for Red Hat, IBM was the big ticket customer that supercharged its revenue stream and confirmed the profitability of premium support. IBM minted its alliance with Red Hat because it wanted to compete with Microsoft in the server market without having to license an expensive operating system.

In some ways, IBM’s outright purchase of Red Hat may have been inevitable. The two have grown symbiotically for so long that subsuming Red Hat into IBM likely was the only way to squeeze more efficiency and return on investment out of the relationship.

You could even liken it to a couple who’ve been together for years finally announcing their engagement. Whatever else Red Hat’s purchase signifies, it legitimates Linux as an enterprise powerhouse, and lends credence to open source developers who long have touted the profitability of their work.

Amid all the deserved fanfare surrounding this betrothal, little attention has been paid to the reverberations it will send through the bedrock of the entire Linux space. Red Hat spearheads development of systemd, a replacement for the System V Linux init process that already has seen significant adoption among Linux distributions. This is no meager contribution, as the init system is the single most central component of the operating system after the kernel, and it dictates how the OS finishes booting.

Thus, the question on the minds of those who are giving this matter serious consideration is this: How will entrusting a (now) corporate-owned company to build the init process implemented in the vast majority of Linux distributions impact the course of Linux’s development?

Systemd of a Down

This leads perfectly into the next big story from the past year, because it demonstrates both the weight of the responsibility bestowed upon Red Hat in writing an industry standard init system, and the potential for harm, should this responsibility not be approached with proper humility and care.

Recently, a major bug affecting systemd was discovered. It allowed a user with a UID number higher than a certain value to
execute arbitrary “systemctl” commands without authenticating, granting what amounted to full root access to that UID.
The bug in question isn’t in systemd per se, but it pertains to systemd, in that systemd implicitly trusts the program containing the bug, polkit. So, because implicit trust itself is an unwise software development practice, to say the least, it equates to a bug in systemd, in some ways.

When systemd first took hold in the Linux biome, there was more than a little griping in the community. The central issue was that systemd contradicted the Unix philosophy by constructing and relying upon such a monolithic program (moreso than init intrinsically is).

To give a sense for how truly behemoth systemd is, it has swelled beyond the bounds of init’s reasonable purview to encompass DNS server IP assignment and regular task scheduling, relegating such venerable Unix stalwarts as /etc/resolv.conf and cron to (eventual) obsolescence. It seems that these Unix philosophers may have had a compelling, but ultimately unheeded, point.

Microsoft Opens the Open Source Patent Floodgates

IBM was not the only one to stake a claim to Linux: IBM’s perennial foe, Microsoft, made Linux maneuverings of its own in 2018. In October,
Microsoft joined the Open Invention Network (OIN), subsequently open-sourcing more than 60,000 patented pieces of its software.

The OIN is a coalition of partners committed to insulating Linux and Linux-based projects from patent lawsuits. To that end, all members not only are obligated to openly offer patented software for public use, but also are allowed to freely license patents from one another.

Aside from the benefits this obviously confers on Microsoft, especially with companies like Google for fellow members, it puts another power player squarely in Linux’s corner. This may be the final sign of good faith the Linux community needed that Microsoft sincerely has embraced Linux and, moreover, that it has substantial plans for Linux-related projects in its future plans.

Open Source and Open Silicon?

There is one more notable milestone on the desktop Linux front — notable for what it portends for Linux, and computing on the whole. System76, the foremost Linux-focused hardware manufacturer in the U.S. (and maybe the world) has announced a
line of high-end Linux desktops featuring open hardware specifications.

The Thelio line boasts an elegant, premium look that is sure to lure more than the privacy-conscious. Open hardware is the hardware analog to open source software, and while it has been an aim of the security-conscious and freedom-loving tech denizens, it has subsisted as little more than a pipe dream until recently.

The quest for open hardware arguably was accelerated by the Snowden disclosures, and the extent to which they revealed that hardware OEMs may not entirely deserve users’ trust.

Purism was the first consumer-oriented company to take up the charge but, as it will admit, its product is a work in progress, and not as open as the company and its privacy crusader allies envision.

Bringing more open hardware options to consumers, and thereby injecting competition into an otherwise sparse field, is an unalloyed good.

What Next?

While reviews of the year’s events certainly are interesting, if just for a sense of scope, retrospectives aren’t particularly useful unless they are applied. With all of these 2018 milestones in mind, what trajectory do they suggest for 2019?

Last year easily was one of the best years for the Linux desktop sphere since I started using Linux (which admittedly wasn’t very long ago). Alongside big news from Steam and a reassuringly strong LTS release from Ubuntu, came piecemeal strides by distros like Elementary and Solus in solidifying their work and their reputations as just-works, mass-appeal desktop systems.

Along with the production of first-class hardware like System76’s Thelio PCs, and even Manjaro’s Bladebook, desktop Linux has never looked better.

I won’t indulge in the clich and predict that 2019 will be “the year of the Linux desktop,” but I foresee it building on the gains from 2018 to make even sleeker, more modern, and more usable desktops with burgeoning appeal outside the Linux niche. 2018 saw some
high-profile publications giving Linux an open mind and a positive reception, so it wouldn’t be a far-fetched scenario for Linux to see an uptick in first-time users.

The enterprise realm is set to be much more tumultuous, as IBM and Microsoft have planted their respective flags in different corners of the Linux world. This could precipitate a wave of innovation in Linux as established corporate powers poise themselves for cloud supremacy.

On the other hand, this cloud computing contest could lead development of Linux and its satellite projects down a path that is increasingly dissonant — not just with Unix philosophy, but with the free software or open source ethos as well.

The opinions expressed in this article are those of the author and do not necessarily reflect the views of ECT News Network.


Jonathan Terrasi has been an ECT News Network columnist since 2017. His main interests are computer security (particularly with the Linux desktop), encryption, and analysis of politics and current affairs. He is a full-time freelance writer and musician. His background includes providing technical commentaries and analyses in articles published by the Chicago Committee to Defend the Bill of Rights.





Source link

Q4OS: A Diamond in the Rough Gets Some Polish | Reviews


By Jack M. Germain

Dec 20, 2018 11:19 AM PT

Q4OS: A Diamond in the Rough Gets Some Polish

Sometimes working with Linux distros is much like rustling through an old jewelry drawer. Every now and then, you find a diamond hidden among the rhinestones. That is the case with
Q4OS.

I took a detailed first look at this new distro in February 2015, primarily to assess the Trinity desktop (TDE). That was a version 1 beta release. Still, Trinity showed some potential.

I have used it on numerous old and new computers, mostly because of its stability and ease of use. Every few upgrades I check out its progress. Key to this is watching the improvements and additional functionality of Trinity.

Q4OS is a lightweight Linux distro that offers some worthwhile alternatives to more established distros. Do not misunderstand what “lightweight” in Linux means, however.

Q4OS is designed with aging computer hardware in mind, but it does not ignore more modern boxes.

Its main claim to fame is the developing
Trinity project desktop. Trinity was forked in 2008 from the last official release of the K Desktop Environment’s third series (KDE 3), version 3.5.10.


Q4OS simplified KDE 3 design

Q4OS has a simplified KDE 3 design that has useful desktop applets for this alternative to the Trinity desktop. Other desktop options also are built in.

– click image to enlarge –


The Germany-based developers recently issued a significant update to the Q4OS snapshot of the distribution’s Testing branch, code-named “Centaurus.” Q4OS Centaurus 3.4 is based on the current Debian “Buster” and Trinity desktop (TDE) 14.0.6 development branches.

This distro is fast and runs extremely well on low-powered aging computers. Q4OS has superb performance on newer computers. Its design pushes classic style with a modern user interface in a new direction. Plus, it is very applicable for virtualization and cloud use.

From Rough to Polished

When I first started to monitor the Trinity desktop, I thought it had the potential for becoming a new attention-getter among up-and-coming Linux distros. The primary distro developer that implemented TDE was, and still is, Q4OS. The distro primarily is built around TDE as the default desktop.

It is easy to swap TDE into other more popular desktops without removing an easy return path to both TDE and KDE. Supported desktops include LXQT, LXDE, XFCE4, Cinnamon, KDE Plasma, Mate and GNOME. Installing a different desktop does not remove the TDE desktop. Instead, you can select between the alternative you installed and the TDE desktop at the login screen.

To install a different desktop environment, go to the Desktop Profiler tool and click the Desktop environments drop-down in the upper right corner of the window. A new window appears, where you can select your desktop of choice from the drop-down. Once back at the main Profiler Window, select which type of desktop profile you want, and then click Install.

These choices give both business and individual users lots of options. One of the big values in using Q4OS Linux is the add-on commercial support for customizing the distro to meet specific user needs. The name of the developers is not publicized on the website.

However, Q4OS clearly is intended to be more than a community-supported general purpose Linux distro. The website also invites businesses to makes use of Q4OS.org’s commercial support and software customization services.

What’s Inside

Q4OS is designed to offer a classic-style user interface (Trinity) or other alternatives with simple accessories. The distro provides stable APIs for complex third-party applications, such as Google Chrome, VirtualBox and development tools. The system also is ideal for virtual cloud environments, due to its very low hardware requirements.

One of the most important changes in this latest release is the switch to the Calamares installer. Calamares offers nice new installation features. For example, it offers optional full encryption of the target system, as well as easy disk drive partitioning.

Another important change is a move to the new Trinity 14.0.6 development version. All dependencies from the current stable Q4OS Scorpion version have been removed, making Centaurus fully independent, with its own repositories and dependencies.

Secure Boot support has been improved too. This is very handy if you install Q4OS on newer hardware hosting Microsoft Windows.

The Calamares installer detects if Secure Boot is active and adjusts the target system accordingly. If Secure Boot is switched off in the firmware, no Secure Boot files are installed.

Q4OS Centaurus offers the bleeding edge of Linux computing. It will be in development until Debian Buster becomes stable. Centaurus will be supported at least five years from the official release date.

The minimal hardware requirements are ideal for older hardware. The Trinity desktop needs at least a 300-MHz CPU with 128 MB RAM and 3 GB hard disk storage. Most of the other alternative desktops are lightweight and run with ease under the minimum resource requirements. The KDE Plasma desktop — and perhaps the Cinnamon desktop — thrive with at least a 1-GHz CPU, plus 1 GB RAM and 5 GB hard disk storage.

All About Trinity

The TDE project began as a continuation of the K Desktop Environment (KDE) version 3 after the Kubuntu developers switched to KDE Plasma 4. The name “Trinity” reflects that heritage. It means “three,” and TDE was a continuation of KDE 3.

The Trinity desktop design presents the simplified look of KDE applications while eliminating the layers of customization associated with KDE’s Activities and virtual desktop navigation. It displays the Bourbon start menu and taskbar.


Q4OS Trinity environment

Q4OS’s Trinity environment has a simplified desktop with bottom bar, classic menu options, and the ability to add/remove application icons on the desktop.

– click image to enlarge –


Timothy Pearson founded the TDE project and continues to lead it. He is an experienced software developer who was the KDE 3.x coordinator of previous Kubuntu releases.

TDE is both flexible and highly customizable. It has a pleasant visual appeal. Its desktop effects are compatible with older hardware. Trinity fills the gap left open with the other lightweight desktop options, which offer little in the way of desktop visual effects.

The field of new alternative desktop environments has created a clutter that may have blunted more interest in TDE. For instance, choices such as Pantheon, Enlightenment, Budgie and Awesome offer unique lightweight choices. Still, Q4OS levels that playing field by letting you use your desktop choice without undermining the unique system tools and customization opportunities the distro provides.

You will not find the Trinity desktop shipping as an option with most Linux distros. Those that use Trinity include Devuan, Sparky Linux, Exe GNU/Linux, ALT Linux, PCLinuxOS, Slax and Ubuntu Nightly.

TDE’s growth with Q4OS makes the combination a viable alternative to meet individual and small business computing needs. The TDE 14 series has been in development for more than two years. This extended development period has allowed the creation of a better and more stable feature-rich desktop environment than found in previous TDE releases.

Using It

Whether you adopt Q4OS to replace a Microsoft Windows experience or another Linux distribution, you will not have much of a learning curve. Out of the box, this distro works well with the default configurations.

Its simplified interface is intuitive. Whether you are a holdover from Windows XP or Windows 7 or even a disgruntled Window 10 refugee, Q4OS offers an inviting look and feel.

The basic collection of software barely gives you enough applications to get started. You will not find any bloat.

Installed titles include Google Chrome, Konqueror, KWrite text editor and a few system tools. From there, what you want to use is easily available through the software center and the Synaptic Package Manager (after you install it).

The Welcome screen makes it very easy to start setting up the desktop with just a few clicks. It is a good starting point. From that panel, you can add packages conveniently and quick start some of the unique features.

The Desktop Profiler lets you select which desktop environment to use. It also lets you select among a full-featured desktop, a basic desktop or a minimal desktop.

Install Applications installs the Synaptic Package Manager. Install Proprietary Codecs installs all the necessary media codecs for playing audio and video.

Turn On Desktop Effects makes it easy to activate more eye candy without having to wade through more detailed Control Panel options.

Switch to Kickoff Start Menu switches from the default Bourbon menu to either Classic or Kickoff styles. It is easy to try each one. Set Autologin allows you to set login to bypass requiring your password upon boot.


Q4OS desktop

A nice touch is the variety of background images and the right-click menu anywhere on the desktop.

– click image to enlarge –


Bottom Line

Q4OS has a focus on security, reliability, long-term stability and conservative integration of verified new features. This operating system is a proven performer for speed and very low hardware requirements. That performance is optimized for both new and very old hardware. For small business owners and high-tech minded home office workers, Q4OS is well suited for virtualization and cloud computing.

One of the hallmarks of this distro is to be a suitable powerhouse platform for legacy hardware. So the developers continue to resist a trend among Linux devs to drop support for old 32-bit computers.The 32-bit versions work with or without the PAE memory extension technology.

Want to Suggest a Review?

Is there a Linux software application or distro you’d like to suggest for review? Something you love or would like to get to know?

Please
email your ideas to me, and I’ll consider them for a future Linux Picks and Pans column.

And use the Reader Comments feature below to provide your input!


Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open source technologies. He has written numerous reviews of Linux distros and other open source software.
Email Jack.





Source link

How to Use a VPN for Safer Online Shopping | E-Commerce


With the holidays fast approaching, are you looking to buy presents online?

The holiday season has become synonymous with online shopping. This isn’t really surprising as physical stores usually attract crowds of deal hunters. This often conjures up images of throngs of people waiting in line outside the store, some even camping out. This activity is tolerable for some and even fun for others. However, for many others, it’s not worth the hassle.

Why would it be, when there are perfectly legitimate and convenient alternatives online?

Well, for one thing, many people shop online without first thinking about their security. Most people are led to believe — or want to believe — that all e-commerce sites are secure. This isn’t completely true. With so much personal and financial information being exchanged, online shoppers aren’t the only ones enjoying the holiday rush — cybercriminals are too!

Still, it’s possible to add security to your e-commerce transactions by using a virtual private network. A VPN can help you enjoy your online shopping experience without worrying about falling prey to cybercriminals.

The Cybercrime Problem

First, here are some of the pressing reasons for securing e-commerce transactions in the first place.

As you know, e-commerce stores usually require you to register with their site in order to enjoy their services. This involves trusting them with your personal information, usernames, passwords, and credit card details — information that you’d rather did not fall into the wrong hands.

The thing is, cybercriminals know this fact. They will descend to any depth just to get their hands on such information. How exactly do they do this?

KRACK Attacks

A
KRACK (key reinstallation attack) is a severe replay attack on the WiFi Protected Access protocol that secures WiFi connections.

An attacker gradually matches encrypted packets seen before and learns the full keychain used to encrypt the traffic by repeatedly resetting the nonce transmitted in the third step of the WPA2 handshake. This attack works against all modern WiFi networks.

Simply put, KRACK attacks can intercept sent data by infiltrating your WiFi connection, no matter which major platform you’re on (Microsoft Windows, macOS, iOS, Android, Linux, OpenBSD and others). These attacks require the attacker to be within the range of the WiFi connection they’re trying to infiltrate, which means they might lurk somewhere near or inside your home, office or school.

MitM Attacks

In a
MitM (Man-in-the-Middle) attack, the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.

This attack can succeed only when the attacker can impersonate each endpoint to the other’s satisfaction, delivering results as expected from the legitimate ends.

In the context of e-commerce transactions, these attacks are done on unprotected WiFi networks like the ones you find in airports, hotels and coffee shops. This is actually one of the reasons I often suggest that people stay away from public WiFi unless they’re packing some security software.

With this type of attack, you never know if the person sipping coffee at the next table is simply checking up on social media accounts or is actually sifting through the data being sent by other patrons.

Rogue Networks

Imagine yourself going to a downtown hotel to visit a friend. You wait in the lobby and decide to connect to the hotel WiFi while you wait. You find that there seem to be two networks with the same name, so you connect to the one with the stronger signal.

STOP! You may be connecting to a rogue network.

Rogue networks are ones that impersonate legitimate networks to lure unsuspecting users into logging in. This usually is done by setting up near a public WiFi network and then copying that network’s name, or making it appear that it’s an extension of the legitimate network.

The main problem with this is that you never know who set up the rogue network or what data is vulnerable to monitoring and recording.

The Green Padlock’s Trustworthiness

Now, you may have heard that HTTPS sites can give you the security you need while you visiting them. Most, if not all, e-commerce sites are certified and will have a green padlock and an “HTTPS” prefixing their URL to reassure visitors that their transactions are safe and encrypted.

Hypertext Transfer Protocol Secure, HTTPS, is a variant of the standard HTTP Web transfer protocol, which adds a layer of security on the data in transit through a secure socket layer (SSL) or transport layer security (TLS) protocol connection, according to
Malwarebytes.

The thing is, just because your connection to a site is encrypted doesn’t automatically make the site safe. Bad actors actually
can forge SSL certificates and make it appear that their site is safe. Even worse,
anyone can get an SSL certificate — even cybercriminals. The certificate authority simply needs to verify the site owner’s identity and that’s it — the owner gets an SSL certificate.

Now, bringing it all back, I’m not saying that all sites with green padlocks are unsafe. What I am saying is that you shouldn’t rely solely on the presence of these green padlocks to keep your transactions safe.

A VPN Can Provide Security

I’m now getting to the meat of the matter: using a VPN to secure your e-commerce transactions.

A virtual private network, or VPN, is software that routes your connection through a server or servers and hides your online activity by encrypting your data and masking your true IP address with a different one.

Once you activate the client, the VPN will encrypt your data, even before it reaches the network provider. This is better understood if you have basic knowledge of how online searches work.

Let’s say that you’re looking to buy some scented candles to give as emergency gifts. You open your browser and type in “scented holiday candles” and press “search.”

Once you do, your browser will send a query containing your search words. This query first goes through a network provider (your ISP or the owner of the WiFi network you’ve connected to), which can monitor and record the contents of these queries.

After going through the network provider, your query is sent to a DNS (domain name system) server that searches its databanks for the proper IP address corresponding to your query. If the DNS server can’t find the proper IP address, it forwards your query until the proper IP address is found.

The problem with this is that the contents of your query consist of easily readable plain text. This means that hackers or your ISP are able to view and record the information contained therein. If that information is your name, username, password, credit card information, or banking credentials, they’re in danger of being viewed or stolen.

These queries also can be traced (by hackers or your ISP) back to your IP address which usually is traceable to your personal identity. This is how bad actors infiltrating your connection can discover what you’re doing online.

So, with a VPN active, your online transactions and private information will get an extra layer of protection through encryption and IP address masking.

When discussing VPNs, it’s always important to consider the protocols they use. These protocols determine the security level and connection speed. As of this moment, there are five major VPN protocols:

  1. PPTP (Point-To-Point Tunneling Protocol)

    PPTP is one of the oldest protocols still in use today. It originally was designed by Microsoft. The good thing about this protocol is that it still works on old computers. It’s a part of the Windows operating system, and it’s easy to set up. The problem is, by today’s standards, it’s not the most secure. You wouldn’t want a VPN provider that offers this protocol alone.

  2. L2TP/IPsec (Layer 2 Tunneling Protocol)

    L2TP/IPsec is a combination of PPTP and Cisco’s L2F protocol. On paper, this protocol’s concept actually is quite sound: It uses keys to establish a secure connection on each end of your data tunnel. The problem is in the execution, which isn’t very safe.

    While the addition of the IPsec protocol does improve security a bit, there are still reports of
    NSA’s alleged ability to crack this protocol and see what’s being transmitted. Whether the rumors are true or not, the fact that there’s a debate at all should be enough of a warning to anyone relying on this protocol.

  3. SSTP (Secure Socket Tunneling Protocol)

    SSTP is another protocol that traces its roots to Microsoft. It establishes its connection by utilizing SSL/TLS encryption which is the de facto standard for modern day Web encryption. SSL and TLS utilize setups built on symmetric-key cryptography in which only the two parties involved in the transfer can decode the data within. Overall, SSTP is a very secure protocol.

  4. IKEv2 (Internet Key Exchange, Version 2)

    IKEv2 is yet another Microsoft-built protocol. It’s simply a tunneling protocol with a secure key exchange session. Although it is an iteration of Microsoft’s previous protocols, it actually provides you with some of the best security. It requires pairing with IPSec to gain encryption and authentication, which is what most mobile VPNs use because it works well while your VPN reconnects during those brief times of connection loss or network switching.

    Unfortunately, there is also
    strong evidence that the NSA is spying on mobile users using this protocol.

  5. OpenVPN

    This takes what’s best in the above protocols and does away with most of the flaws. It’s an open source protocol based on SSL/TLS, and it is one of the fastest and most secure protocols today. It protects your data by using, among other things, the nigh-unbreakable AES-256 bit key encryption with 2048-bit RSA authentication, and a 160-bit SHA1 hash algorithm.

    One notable flaw it does have is its susceptibility to
    VORACLE attacks, but most VPNs already have solved this problem. Overall, it’s still the most versatile and secure protocol out there.

About Free VPNs and Jurisdictions

Now you’ve learned about the risks you may face with your e-commerce transactions and how you can avoid those risks by using a VPN with the right protocol. However, you may have heard rumors about VPNs not being as safe as they seem to be.

These rumors are partly true.

Not all VPNs can be trusted. There are VPNs that purport to be “free forever” while
you’re actually paying with your personal information. Needless to say, you should avoid these types of VPNs and instead look for trustworthy
VPN services.

Another rumor you may have heard is that trusting VPN companies with your personal data is just as bad as trusting your data to your ISP. This is only true for VPNs that log your data and are situated in a jurisdiction under any of the 14-eyes countries. This is why you should look into your VPN’s logging and privacy policy, as well as the country it is situated in.

In Conclusion

Buying online for the holidays can be an enjoyable and fulfilling experience if your transactions are secure. Protect your private information from KRACK, MitM, and rogue networks by using a VPN to encrypt your data and hide your IP address.

When using a VPN, remember to choose the most secure protocol available, and beware of free VPNs or those that log your data while inside 14-eyes jurisdictions.

Follow these steps, and you’ll be well on your way to more secure e-commerce transactions.


John Mason, an avid privacy advocate, is founder of
TheBestVPN and serves as its chief researcher.





Source link

Deepin Builds a Better Linux Desktop | Reviews


By Jack M. Germain

Dec 5, 2018 1:01 PM PT

Deepin Builds a Better Linux Desktop

Deepin 15.8, released last month, is loaded with more efficient layout tweaks that give the distribution greater functionality and maturity.

Deepin, based in China, shed its Ubuntu base when with the 2015 release of version 15, which favored Debian Linux. That brought numerous subtle changes in the code base and software roots. Ubuntu Linux itself is based on Debian.

The chief distinguishing factor that accounts for Deepin’s growing popularity is its homegrown Deepin Desktop Environment (DDE). One of the more modern desktop environments, it is one of the first Linux distros to take advantage of HTML 5 technology.

Coinciding with the base affiliation change, the developers, Deepin Technology, slightly changed the distro’s name. What was “Deepin Linux” is now “deepin.” That subtle rebranding is an attempt to differentiate previous releases named “Deepin,” “Linux Deepin” and “Hiweed GNU/Linux.”

Regardless of whether the name is rendered as “deepin” or “Deepin Linux,” this distro offers users an eloquent, modern-themed Linux OS. It is easy to use and comes with high-quality software developed in-house.

Desktop Differences

The Deepin Desktop is offered in a widening assortment of popular Linux desktops, but the best user experience is found in this distro.

Other distros running the Deepin Desktop miss much of the unique integration you get in Deepin Linux. DDE elsewhere usually lacks much of the optimization and special optimized software available through the Deepin software store.

Often, you get the software versions provided by the distro you are running. The Linux distros offering the Deepin Desktop are Archlinux, Manjaro, Ubuntu, Gentoo, Fedora, Puppy Linux, SparkyLinux, Antergos, Pardus and openSuse.

Growing Pains Over

I have reviewed earlier versions of Deepin Linux along with other distros running the Deepin Desktop Environment. This latest version is awesome.

Any new desktop environment is a work in progress. DDE started out with lofty goals but mediocre execution. The Deepin desktop is now well designed and very functional.

Desktop shells largely are valued for how simple they are to use and how functional they are for a user’s productivity. For me, the Cinnamon and the Xfce desktops get high marks for both.

DDE offers a third favorite option. I like its modern design. Using it is intuitive. A user guide presentation runs when you first load the desktop. It is very helpful in getting started.

DDE does not yet have every power user feature I would like to see included, but it is packed with enough personalization tweaks and design improvements to make it a very workable alternative.

Digging Into Deepin’s Design

The Deepin Desktop design is snazzy yet simple to use. Add its homegrown applications, and you get an operating system that is tailored to the average user.

The new desktop screen is prettier and less cluttered. Annoying desklets, like a weather module and volume sliders, are gone — either removed or relocated.

I really like the new docking tray and boot theme. In-house developed applications have been a key ingredient in Deepin’s growing popularity. This latest release has some 30 improved native applications that should bring a more beautiful and efficient experience.

Another strong point in Deepin’s design is the new collapsible dock tray. Deepin uses a dock bar instead of the traditional bottom bar. When the dock is set in the macOS-style mode, a button appears that toggles a new dock tray element — embed tray icons in the dock.

The Dock offers a choice of fashion or efficient modes. Fashion mode adds a hide/show button in the dock tray. Click it to hide the icons in tray area and save the dock space. The power button is separated from the tray area to reduce the clicks and avoid function confusion.

In the Efficient mode, the right corner is set to show desktop. The previous ‘Show Desktop’ icon disappears.

Beyond Gnome

At first glance, you might think that DDE is a remake of the refashioned GNOME 3 desktop design. Looks can be deceiving. Click the first icon at the left end of the dock bar to open the applications menu.

That is what starts to look like GNOME — or Android. You see a full-screen spread of rows of applications. Click the second icon to see the multitasking view, aka “virtual workspaces.” In DDE that panel drops down from the top center of the screen, unlike GNOME’s right screen panel.


Deepin multitasking feature thumbnails of virtual workspaces

Deepin’s multitasking feature shows thumbnails of virtual workspaces via a display panel that hides along the top edge of the screen. The main view displays mini images of open windows on the current workspace.


Deepin lets you set a different background image for each virtual workspace These display in the panel view as well. You can drag a running application’s mini image from the multitasking view to another workspace. You also can right-click on the top window border of a displayed app to move it to another virtual workspace.

Clicking the gear icon on the Dock bar slides out the settings panel from the right edge of the screen. The left vertical border of this panel holds a column of icons, one for each settings category.


Deepin Desktop slide-out control panel

The Deepin Desktop has a slide-out control panel that makes finding settings effortless. It uses a dock bar instead of a traditional panel at the bottom of the screen.


Click a vertical icon to open a settings display for the selected category. Or you can click in the panel and scroll down or up for a continuous scrolling through all settings.

Stuffed With Software

Deepin-specific applications separate this distro from most others. The developer has an impressive inventory of in-house generated applications. This release expands that inventory with more new titles and revamps of many others.

Here is a brief selection of what Deepin provides:

  • Deepin File Manager has a new Recent bookmark in its sidebar. The latest release also offers an optional dark theme.
  • Deepin Boot Maker has a simple interface to make a deepin boot disk easily.
  • Deepin Editor is a lightweight text editor with some customized functions for composing text and writing code.
  • Deepin File Manager is an optimized revision with added features.
  • Deepin Font Installer is a new tool for adding/removing font files with simplified operations. It shows font information, such as style, type, version, copyright and description.
  • Deepin Repair is another new tool to fix some issues in Deepin quickly, including hard disk detecting, disk cleaning, DPKG repairing, boot repairing, privilege repairing and password reset.
  • Deepin’s Graphics and Driver Manager app is introduced in this release. It includes graphics card hardware detection, graphics driver installation, graphics driver solution switching, graphics driver automatic recovery, and other functions.
  • Deepin Clone is yet another new tool that makes it safe and easy to backup and restore the system. It supports to clone, backup and restore disk or partition. It works with Deepin Recovery to fix the boot, partition and other problems.

The community-sponsored software store offers about a thousand applications. Also available is a new Deepin Store.

Deepin Store is a high-quality application store to display, download, install, review and rate applications. It includes the selections of popular apps, new updates and hot topics. It supports one-click installing, updating and uninstalling.

Getting It May Be Troublesome

One of the great advantages of many Linux distros is the ability to test the distro in a live session. This lets you try out the distro without making any changes to your hard drive.

Unless you have a spare computer to perform a full installation for testing, not being able to run a live session is very risky. Glitches happen when installing something untried.

That is an issue with Deepin Linux. The ISO does not boot into a live session. It is strictly for installations only.

However, you can download a special boot tool to allow you to install a live-session-capable version of this release to a USB drive. Look for the live session download option on the download page.

However, you also will have to download the installation ISO. That poses yet another inconvenience.

Time Factor Fail

The download time directly from the Deepin website is horrendously slow. Download times posted take as long as 18 hours. I checked back numerous times with no faster delivery times.

A better option is to use one of the streaming mirror sites. The download times are literally minutes instead of hours.

You will find these alternative download sites at the bottom center of the download screen. Hover your mouse pointer over the half-dozen symbols and look at the URL displayed.

Tip: You’ll only find the installation ISO on these secondary download sites. The boot tool is available only from the Deepin website.

Installing It

The installation routine is modern and classy. The process is GUI-based (graphical user interface) rather than text-based or command line-based.

The installer moves right into the desktop environment with a blurred version of its desktop wallpaper overlayed with centered, translucent menus. This creates a pleasant visual effect.


Deepin installer screen

The Deepin installer is a class act. It has a smooth progression of setup steps displayed against a blurred background image of the Deepin Desktop Environment. It provides an easy guide that new Linux users can follow with confidence.


The next screen presents a mandatory End-User Agreement. Its wordiness seems to exceed the usual open source licensing requirements.

It is lengthy to read and has numerous references to intellectual property. Ho-hum! Just scroll to the bottom of the display window to activate the ACCEPT tab to continue the installation process.

Unlike other Linux installation routines, Deepin Linux does not test for an Internet connection. You can install it without an online connection.

Bottom Line

Deepin Linux 15.8 is a solid performer. The developers have not yet provided language support for many languages. This limits who can use this distro.

In Deepin’s earlier years, the only available languages were Chinese and a few related dialects plus English. This latest release has expanded that list to a dozen or so.

In the English language version, it is annoying to see Chinese words and phrases in some of the system displays and software store catalogs. I assume that issue may exist in other language releases of Deepin as well.

Unless you are used to distro hopping, save yourself from the pain of trial-and-error usage discovery. Deepin is easy to operate. However, if you are not familiar with most things Linux, do yourself a big favor and first familiarize yourself with the Deepin Manual that comes with the preinstalled applications.

If security concerns you, especially when using an operating system from a foreign developer, use the full disk encryption feature now available with this release.

Want to Suggest a Review?

Is there a Linux software application or distro you’d like to suggest for review? Something you love or would like to get to know?

Please
email your ideas to me, and I’ll consider them for a future Linux Picks and Pans column.

And use the Reader Comments feature below to provide your input!


Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open source technologies. He has written numerous reviews of Linux distros and other open source software.
Email Jack.





Source link

IT Resume Dos and Don’ts: Formatting for Readability | Developers


In my career as an IT resume writer, I’ve seen a lot of IT resumes cross my desk, and I’d like to share some common of the most common formatting problems that I see regularly. Of course, an IT resume requires more than great formatting. It requires well-written, targeted content, and a clear story of career progression. It needs to communicate your unique brand and value proposition.

Still, if the formatting is off, that can derail the rest of the document and prevent your story being read by the hiring authority.

I’ll start with a few IT resume formatting “don’ts.”

1. Don’t Use Headers

This is an easy fix. Headers and footers made a lot of sense when an IT resume was likely to be read as a printed sheet of paper.

In 2018, how likely is it that a busy hiring authority is going to take the time or the effort to print out the hundreds of resumes that are submitted for every position?

Not terribly.

Your IT resume is going to be read online.

That’s why using a header for your contact information is a bad idea.

It takes a few seconds to click on the header, copy and paste your email and phone number, and then click again in the body of the resume to read the text.

A few seconds doesn’t seem like much, but for someone who is looking through a lot of resumes, every second really does count. A hiring authority who is REALLY busy may just decide it’s too much trouble to get your contact information from the header.

That means your resume may well end up in the “read later” folder.

That’s not a good outcome.

There’s another problem with using the header, related to the one I just discussed.

Headers just look old fashioned. Out of date.

Old fashioned is not the brand you want to present if you’re looking for a job in technology — whether you’re a CIO, an IT director, or a senior developer.

Again, this is an easy fix. Just put your name and contact information in the body of the resume. I suggest using a larger font in bold caps for your name. You want to be certain that your name will stick in the memory of the reader.

2. Don’t Over-Bullet

This is probably the most common mistake I see in the IT resumes that cross my desk.

In my trade, we call it “death by bullets.” The job seeker has bulleted everything.

Everything.

That’s really hard to read. Beyond the fact that it’s just not clear, there’s another big problem with over-bulleting.

To paraphrase The Incredibles, if everything is bulleted, nothing is.

The goal of using bullets — sparingly — is to draw the reader’s eye and attention to your major accomplishments.

If you’ve bulleted everything, the reader doesn’t know what’s critical and what’s not, which defeats the purpose of using bullets in your resume.

In my own work as an IT resume writer, I make a clear distinction between duties and responsibilities and hard, quantifiable accomplishments. I write the duties in paragraph format, and bullet only the accomplishments that demonstrate what my IT resume clients really have delivered.

It’s a clear, straightforward approach that I recommend.

3. Don’t Get Colorful

Happily, this particular problem doesn’t seem as common as it was a few years ago, but every once in a while, I’ll still see a resume with lots of color.

The idea behind that, of course, is to make the resume “eye-catching.”

Rather than catching the reader’s eye, however, a lot of color is just confusing.

“Why is this section blue? Is blue telling me it’s really important? And yellow? Why is this person using yellow? Because it’s mighty hard to read…”

I’m sure you see my point. The colors, rather than giving the reader a map of what to look at first — what to prioritize — just end up looking, well, busy.

That makes your resume harder to read. And if it’s harder to read?

Yeah. As I mentioned above: It’s likely to go into the “read later” folder.

You really don’t want that to happen.

4. Don’t Lead With Education

This is another easy fix, but it’s important.

The only time you want to lead with education is when you’re a new grad. If you’re a professional — whether senior, mid-career or junior — you want to highlight your experience on page one, and not take up that valuable space with your degrees or certifications.

Of course, degrees, training and certifications are important, but they belong at the end of the resume, at the bottom of page two or three.

5. Don’t Use Arial or Times New Roman

I’ll end the “don’ts” with another simple one.

Arial and Times New Roman are, well, so 1990s. Yes, they’re good, clear, readable fonts, which is why they’ve become so popular.

Probably 90 percent of all IT resumes are written in these two fonts. There’s nothing negative in that, but it’s a little boring.

Now, I’m not suggesting you use Comic Sans or Magneto, but there are some great, clean fonts that aren’t as common in the IT resume world.

Personally? I like Calibri for body and Cambria for headings.

So, that gives you a number of things to avoid in formatting your IT resume. I’ll now suggest a few “dos” to concentrate on to ensure that your document is as readable as possible.

1. Keep Things Simple

I’m a strong believer that an IT resume needs to tell a story. The formatting of the document should serve only to clarify that story, and not get in the way.

When the document is finished, take a look. Does the formatting lead your eye to the most important points? Is the formatting clear and clean? Or does it distract from the story you’re trying to tell?

2. Think Mobile

This point gets more important with each passing year. These days, the odds are that the hiring authority will be reading your story on a phone, tablet, or other mobile device.

That’s changed the way I’ve formatted the IT resumes I write for my clients.

I’ve never gone beyond minimal design, but I’ve scaled things back. For example, I used to use shading to draw attention to critical sections of the document.

But now? I think that can be hard to read on a mobile — and readability, to repeat a theme, is the only goal of resume formatting.

3. Use Bold and Italics Sparingly

This point follows directly from the previous one. We don’t want to bold or italicize everything. Bold and italics, used consistently and sparingly, can help signal to the reader what is most important in your IT resume, and provide a framework for a quick read-through.

That enables the hiring authority to get the gist of your career fast, without distracting from a deeper second read.

4. Use Hard Page Breaks

This is pretty simple, but it is important. I always insert hard page breaks in every finished IT resume I write. That helps ensure that the document is going to look consistent across devices and across platforms.

It’s not 100 percent foolproof — Word is a less-than-perfect tool. With hard page breaks, though, the odds are very good that your resume will look the same to each reader — and to the same reader when reviewing the document on different devices. That consistency reinforces the sense of professionalism you’re striving to convey.

5. Write First, Format Later

Professional IT resume writers disagree on this, but I’m going to suggest what I’ve found effective in my practice.

I always write the resume first. I personally use a plain text editor, to make certain that Microsoft Word doesn’t add anything that I’ll have to fight to remove later.

It’s only when I’ve got the text completely finished that I copy and paste into Word, and then add the formatting that I think best supports the client story I’m trying to tell.

If I try to format as I’m writing, the formatting may take over. It’s tempting to insist on keeping the formatting consistent, even when it’s not best supporting the story.

So think about it. I’d strongly recommend writing first, and formatting later, when you’re completely clear on the story you’re trying to tell.

I know that many people struggle with formatting their IT resume, so I hope that these simple ideas will help make the process a little easier and less painful.

Stay tuned for future articles that will dig a bit deeper into the IT resume process, covering content structure, writing style, and branding.


J.M. Auron is a professional resume writer who focuses exclusively on crafting
the best possible IT resume for clients from C-level leaders to hands-on IT professionals. When he’s not working, he practices Fujian Shaolin Kung Fu and Sun Style Tai Chi. He also writes detective fiction and the occasional metrical poem.





Source link