Tag Archives: Google

The Router’s Obstacle-Strewn Route to Home IoT Security | Software

It is newly minted conventional wisdom that not a single information security conference goes by without a presentation about the abysmal state of Internet of Things security. While this is a boon for researchers looking to make a name for themselves, this sorry state of affairs is definitely not beneficial for anyone who owns a connected device.

IoT device owners aren’t the only ones fed up, though. Right behind them is Eldridge Alexander, manager of Duo Labs at
Duo Security. Even better, he has a plan, and the experience to lend it some credibility.

Before assuming his current role at Duo Security, Alexander held various IT posts at Google and Cloudflare. For him, the through-line that ties together his past and present IT work is the security gains that accrue from aligning all of a network’s security controls with the principle of zero-trust.

“I’ve basically been living and breathing zero-trust for the last several years,” Alexander told LinuxInsider.

Simply put, “zero-trust” is the idea that to the furthest extent possible, devices should not be trusted to be secure, and they should be treated as such. There are many ways zero-trust can manifest, as it is not so much a singular technique as a guiding principle, but the idea is to leave yourself as invulnerable to the compromise of any one device as possible.

A recurring theme among his past few employers, this understandably has left its mark on Alexander, to the point where it positively permeates his plan for IoT security on home networks. His zeal for zero-trust comes to home networks at just the right time.

Although consumer IoT adoption
has been accelerating, zero-trust has yet to factor into most consumer networking tech, Alexander observed, and we’re getting to the point where we can’t afford for it not to.

“Investigating not really new threats but increased amount of threats in IoT and home networks, I’ve been really interested in seeing how we could apply some of these very enterprise-focused principles and philosophies to home networks,” he noted.

Network Segmentation

In Alexander’s home IoT security schema, which he unveiled at Chicago’s THOTCON hacking conference this spring, zero-trust chiefly takes the form of network segmentation, a practice which enterprise networks long have relied on.

In particular, he advocates for router manufacturers to provide a way for home users to create two separate SSIDs (one for each segment) either automatically or with a simple user-driven GUI, akin to the one already included for basic network provisioning (think your Web GUI).

One would be the exclusive host for desktop and mobile end-user devices, while the other would contain only the home’s IoT devices, and never the twain shall meet.

Critically, Alexander’s solution largely bypasses the IoT manufacturers themselves, which is by design. It’s not because IoT manufacturers should be exempted from improving their development practices — on the contrary, they should be expected to do their part. It’s because they haven’t proven able to move fast enough to meet consumer security needs.

“My thoughts and talk here is kind of in response to our current state of the world, and my expectations of any hope for the IoT manufacturers is long term, whereas for router manufacturers and home network equipment it is more short term,” he said.

Router manufacturers have been much more responsive to consumer security needs, in Alexander’s view. However, anyone who has ever tried updating router firmware can point to the minimal attention these incremental patches often receive from developers as a counterclaim.

Aside from that issue, router manufacturers typically integrate new features like updated 802.11 and WPA specifications fairly quickly, if for no other reason than to give consumers the latest and greatest tech.

“I think a lot of [router] companies are going to be open to implementing good, secure things, because they know as well as the security community does … that these IoT devices aren’t going to get better, and these are going to be threats to our networks,” Alexander said.

So how would home routers actually implement network segmentation in practice? According to Alexander’s vision, unless confident consumers wanted to strike out on their own and tackle advanced configuration options, their router simply would establish two SSIDs on router setup. In describing this scenario, he dubbed the SSIDs “Eldridge” and “Eldridge IoT,” along the lines of the more traditional “Home” and “Home-Guest” convention.

The two SSIDs are just the initial and most visible (to the consumer) part of the structure. The real power comes from the deployment of VLANs respective to each SSID. The one containing the IoT devices, “Eldridge IoT” in this case, would not allow devices on it to send any packets to the primary VLAN (on “Eldridge”).

Meanwhile, the primary VLAN either would be allowed to communicate with the IoT VLAN directly or, preferably, would relay commands through an IoT configuration and management service on the router itself. This latter management service also could take care of basic IoT device setup to obviate as much direct user intervention as possible.

The router “would also spin up an app service such as Mozilla Web Things or Home Assistant, or something custom by the vendor, and it would make that be the proxy gateway,” Alexander said. “You would rarely need to actually talk from the primary Eldridge VLAN over into the Eldridge IoT VLAN. You would actually just talk to the Web interface that would then communicate over to the IoT VLAN on your behalf.”

By creating a distinct VLAN exclusively for IoT devices, this configuration would insulate home user laptops, smartphones, and other sensitive devices on the primary VLAN from compromise of one of their IoT devices. This is because any rogue IoT device would be blocked from sending any packets to the primary VLAN at the data link layer of the OSI pyramid, which it should have no easy way to circumvent.

It would be in router manufacturers’ interests to enable this functionality, said Alexander, since it would offer them a signature feature. If bundled in a home router, it would provide consumers with a security feature that a growing number of them actually would benefit from, all while asking very little of them in the way of technical expertise. It ostensibly would be turned on along with the router.

“I think that’s a valuable incentive to the router manufacturers for distinguishing themselves in a crowded marketplace,” Alexander said. “Between Linksys and Belkin and some of the other manufacturers, there’s not a whole lot of [distinction] between pricing, so offering home assistant and security is a great [distinction] that they could potentially use.”

IoT Security Standards?

There is some promise in these proposed security controls, but it’s doubtful that router manufacturers actually would equip consumer routers to deliver them, said Shawn Davis, director of forensics at
Edelson and adjunct industry professor at the Illinois Institute of Technology.

Specifically, VLAN tagging is not supported in almost any home router devices on the market, he told LinuxInsider, and segmenting IoT from the primary network would be impossible without it.

“Most router manufacturers at the consumer level don’t support reading VLAN tags, and most IoT devices don’t support VLAN tagging, unfortunately,” Davis said.

“They both could easily bake in that functionality at the software level. Then, if all IoT manufacturers could agree to tag all IoT devices with a particular VLAN ID, and all consumer routers could agree to route that particular tag straight to the Internet, that could be an easy way for consumers to have all of their IoT devices automatically isolated from their personal devices,” he explained.

VLAN tagging is not restricted by any hardware limitations, as Davis pointed out, but is merely a matter of enabling the software to handle it. Just because the manufacturers can switch on VLAN tagging in software, that doesn’t mean it will be an easy matter to convince them to do so.

It’s unlikely that router manufacturers will be willing to do so for their home router lines and, unsurprisingly, it has to do with money, he said.

“A lot of the major companies produce consumer as well as corporate routers,” Davis noted. “I think they could easily include VLAN functionality in consumer routers but often don’t in order to justify the cost increase for feature-rich business level hardware.”

Most router manufacturers see advanced functionality like VLAN tagging as meriting enterprise pricing due to the careful development that it requires to meet businesses’ stricter operational requirements. On top of that, considering the low average technical literacy of home users, router manufacturers have reason to think that power user features in home routers simply wouldn’t be used, or would be misconfigured.

“Aside from the pricing tier differences,” Davis said, “they also might be thinking, ‘Well, if we bake in VLANs and other enterprise-based features, most consumers might not even know how to configure them, so why even bother?'”

Beyond cajoling router makers to enable VLAN tagging and any other enterprise-grade features needed to realize Alexander’s setup, success also would hinge on each manufacturer’s implementation of the features, both in form and function, Davis emphasized.

“I think each manufacturer would have different flows in their GUIs for setting up isolated VLANs, which wouldn’t be the easiest for consumers to follow when switching across different brands,” he said. “I think if IoT security was more standards-based or automatic by default between devices and routers, overall security in consumer devices would greatly improve.”

Securing both of these concessions from router manufacturers would likely come down to ratifying standards across the industry, whether formally or informally, as Davis sees it.

“The different standards boards could potentially get together and try to pitch an IoT security standard to the router and IoT device manufacturers, and try to get them to include it in their products,” he said. “Aside from a new standard, there could potentially be a consortium where a few of the major manufacturers include advanced IoT device isolation in the hopes that others would follow suit.”

Risk Reduction

Alexander’s THOTCON presentation touched on the 5G connectivity that
many predict IoT will integrate, but in exploring the viability of alternatives to his setup, Davis quickly gravitated toward Alexander’s proposal.

Connecting to IoT devices via 5G certainly would keep them away from home users’ laptop- and smartphone-bearing networks, Davis acknowledged, but it would present other challenges. As anyone who has ever browsed
Shodan can tell you, always-on devices with seldom-changed default credentials connected directly to the public Internet have their downsides.

“Having your IoT devices isolated with your home-based devices is great, but there is still the possibly of the IoT devices being compromised,” Davis said. “If they are publicly accessible and have default credentials, they could then be used in DDoS attacks.”

Enabling IoT for direct 5G Internet connections doesn’t necessarily improve the security of end-user devices, Davis cautioned. IoT owners will still need to send commands to their IoT devices from their laptops or smartphones, and all 5G does is change the protocol that is employed for doing so.

“IoT devices using cellular 4G or 5G connections are another method of isolation,” he said, “but keep in mind, then the devices are relying even more on ZigBee, Z-Wave or Bluetooth Low Energy to communicate with other IoT devices in a home, which can lead to other security issues within those wireless protocols.”

Indeed, Bluetooth Low Energy

has its share of flaws, and at the end of the day protocols don’t impact security as much as the security of the devices that speak it.

Regardless of how the information security community chooses to proceed, it is constructive to look to other points in the connectivity pipeline between IoT devices and user access to them for areas where attack surfaces can be reduced. Especially when weighed against the ease of inclusion for the necessary software, router manufacturers undoubtedly can do more to protect users in cases where IoT largely hasn’t so far.

“I think a lot of the security burden is falling on the consumer who simply wants to plug in their device and not have to configure any particular security features,” Davis said. “I think the IoT device manufacturers and the consumer router and access point manufacturers can do a lot more to try to automatically secure devices and help consumers secure their networks.”

Jonathan Terrasi has been an ECT News Network columnist since 2017. His main interests are computer security (particularly with the Linux desktop), encryption, and analysis of politics and current affairs. He is a full-time freelance writer and musician. His background includes providing technical commentaries and analyses in articles published by the Chicago Committee to Defend the Bill of Rights.

Source link

Google Developers Are Looking At Creating A New libc For LLVM


As part of Google’s consolidating their different toolchains around LLVM, they are exploring the possibility of writing a new C library “libc” implementation.

Google is looking to develop a new C standard library within LLVM that will better suit their use-cases and likely others within the community too.

This hypothetical libc at this point would support non-PIE and static-PIPE linking, following of all available specifications, and be designed to fit in well with LLVM tooling. At this point they just will be focusing on x86-64 and don’t currently have plans themselves for this new C library to support dynamic loading and linking.

This new C library for LLVM is just in the early planning stages, but those wanting to learn more can do so via this LLVM developer thread.

Firefox Users Warned to Patch Critical Flaw | Cybersecurity

Mozilla is urging users of its Firefox browsers to update them immediately to fix a critical zero-day vulnerability. Anyone using Firefox on a Windows, macOS or Linux desktop is at risk.

The vulnerability, CVE-2019011707, is a type confusion in Array.pop. It has been patched in Firefox 67.0.3 and Firefox ESR 60.7.1.

Mozilla announced the patch Tuesday, but the vulnerability was discovered by Samuel Gro of Google Project Zero on April 15.

Mozilla implemented the fix after digital currency exchange Coinbase reported exploitation of the vulnerability for targeted spearphishing attacks.

“On Monday, June 17, 2019, Coinbase reported a vulnerability used as part of targeted attacks for a spear phishing campaign,” Selena Deckelmann, senior director, Firefox Browser Engineering, told TechNewsWorld. “In less than 24 hours, we released a fix for the exploit.”

The Significance of the Coinbase Hack

Hackers have been going after cryptocurrency with a vengeance. There have been as many
attacks in the first half of this year as there were through the whole of last year, according to Cointelegraph.

So far this year, tens of millions of dollars’ worth of cryptocurrencies been stolen have from exchanges, Cointelegraph said.

00000stole nearly one billion dollars’ worth of cryptocurrency by Q3 last year, Ciphertrace reported.

The attack on Coinbase is in keeping with the trend.

The exchange has been targeted repeatedly. In 2018, a
string of hacks cost it more than 40 bitcoins.

In January, Coinbase temporarily
froze all trading on Ethereum Classic after it detected an attack on the cryptocurrency’s network.

The spearphishing attacks could be an attempt to gain control of the majority of a blockchain network’s power, in what’s called a ”
51 percent attack.”

David Vorick, cofounder of blockchain-based file storaeg platform SIA declared 2019 the
year of the 51 percent attack.

Technical Details of the Flaw

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop, Mozilla said.

An array in JavaScript is a single variable used to store multiple elements. It often is used when devs want to store a list of elements and access them with a single variable.

A type, or data type, is an attribute of data that tells the compiler or interpreter how the programmer intends to use the data. It constrains the values that an expression such as a variable or a function might take, defining the operations that can be carried out on the data, the meaning of the data, and the way values of that type can be stored.

Type confusion occurs when a program uses one type to allocate or initialize a resource, such as an object, pointer or variable, but later uses another type that is incompatible with the first to access that resource. That can trigger logical errors because the resource does not have the expected properties. In some cases, it can lead to code execution.

The pop() method removes the last element from an array, returns that element, and changes the array’s length.

“Array.pop is usually used with Array.push to delete and add new values to the array by developers,” remarked Usman Rahim, digital security and operations manager at The Media Trust.

“This technique is also used by many malicious actors to shuffle obfuscated malicious code during execution,” he told TechNewsWorld.

The Threat Level

Gro said the flaw can be exploited for remote code execution (RCE) and for universal cross-site scripting (UXSS).

Both methods have been used widely in past hack attacks.

RCE “will have the user at an attacker’s mercy by thoroughly compromising the application and the Web server,” Rahim said. Sophisticated attackers who know what they are looking for “can deal a severe blow.”

UXSS is just as dangerous because it opens gates for attackers to inject malicious code and bypass or disable the browser’s security features, he noted. It “can also be used as a first step to disable security in conjunction with other attacks.”

Most exploits reported “are theoretical without evidence of active use,” said Rob Enderle, principal analyst at the Enderle Group.

“This one has evidence of active use, meaning it’s known and already people are taking advantage of it,” he told TechNewsWorld.

“Given it was used in an attack, it’s very dangerous, but it has been fixed,” Enderle said. “This showcases that keeping your software products, particularly browsers, patched and up to date is incredibly important. Patching remains your best defense.”

Richard Adhikari has been an ECT News Network reporter since 2008. His areas of focus include cybersecurity, mobile technologies, CRM, databases, software development, mainframe and mid-range computing, and application development. He has written and edited for numerous publications, including Information Week and Computerworld. He is the author of two books on client/server technology.
Email Richard.

Source link

How to Sync Google Drive on Linux | Software

By Jack M. Germain

Jun 12, 2019 12:16 PM PT

Two of the more commonly used cloud storage services for personal use are
Google Drive and
Dropbox. Both cloud services are simple to set up and use reliably. Either one can be a suitable choice for storing personal files using free or paid plans.

How to Sync Google Drive on Linux

That said, Google Drive, despite long-festering promises by Google to provide a non-browser-based file client for Linux users, requires a manual overhead to manage files through its Web browser-only interface.

Coming to the rescue are a variety of free and low-cost commercial solutions for Linux users to sync files between computers, mobile devices and Google Drive cloud storage automatically. No doubt Google has not made good on its promise to release a Linux syncing client because the private sector already provides that missing feature.

Google provides a client for Windows and macOS users to automate file access and synchronize files.

Dropbox provides a very workable client for all three platforms. However, Dropbox recently limited to three the number of linked devices for its free basic storage plan. If you need to link more than three devices, Dropbox now requires upgrading to a paid plan starting at US$9.99/month that includes larger storage capacity and unlimited device linking.

If you need to link your files to a combination of no more than three desktop and laptop computers, or tablets and mobile smartphone, Dropbox remains an adequate choice. The accompanying syncing software for Linux is effortless and reliable. It might even be worth the steeper price to upgrade your storage plan to get unlimited device linking.

By comparison, Google provides 15 GB of storage for free. Since Linux users can access their files only via a Web browser, there is no limit to the number of devices you can use. Nor is there a limit for linking Windows and macOS computers. You can jump up to 100 GB of storage for $1.99/month or get even more storage for an additional cost.

Quest for the Best

For years I have used both Google Drive and Dropbox for cloud storage. The lack of a syncing client for Google Drive was less important as my Android devices automatically back up to Drive, and the bulk storage of photos and hordes of personal documents needed only occasional access. Viewing them through a Web browser and downloading them to a specific device as needed was a workable tradeoff.

I spend lots of time using multiple computers running Linux OSes and Microsoft Windows to research writing topics and conduct product reviews. So I used Dropbox as a dedicated storage center for current and archived files related to my work assignments. The syncing client integrates into the Windows and Linux file managers for seamless and instant file access.

Thankfully, Dropbox allowed current users with more than three connected devices to maintain that collection of linked devices with no required pricing plan upgrade. Any additional connections would kick the new pricing plan into play. That policy was fine for my standard set of computers and mobile gear, but any changes incurred with testing new devices and Linux distros posed an inconvenience that required manual management of access to needed Dropbox files through a Web browser.

As a result, I spent several weeks on a quest to find an ideal solution for a Google Drive client for Linux to sync all my files with better pricing. To my surprise, I found numerous options to view and download files to my computers without manually visiting my Google Drive account via a Web browser.

I found free offerings with limitations. These were mostly open source packages and Linux options that worked only with a command line interface (CLI). Using them didn’t offer the convenience I needed as I moved among various computers. I also found a few Linux products that used a graphical user interface (GUI), but they were clunky and lacked most of the features I needed.

Winning Solutions

I found at least a dozen paid and free Google Drive clients in my pursuit of a better way to handle my cloud storage and syncing needs among multiple computers. I tried to stay partial to open source applications, but getting the job done hassle-free held considerable weight when it came to choosing my ultimate Google Drive syncing solution.

I am no stranger to using command line tools. However, the convenience of a graphical interface was more compelling.

Overall cost was part of my consideration. My goal was to find an ideal solution rather than limit my syncing chain capabilities or spend more than I had to.

I trimmed my list of suitable Google Drive syncing tools for Linux to three products. All three are available for free download and brief trial periods. All three have premium options. The license for all three allows unlimited use on any combination of computers.

Insync – The Unofficial Google Drive Client for Linux

Insync, developed by a company based in Singapore, is feature-rich and flexible. You can configure it to synchronize specific files or your entire archive within the Linux app user interface. It has a 15-day free trial period. Cost: $29.99

Insync Google Drive contents

Clicking on the Insync icon in the notifications area of the panel bar provides direct access to the entire Google Drivecontents without opening a Web browser tab.

Insync lets you synchronize files either automatically or on demand. You can open and edit files within the app or through the Insync folder integrated in your system’s file manager window. You can back up and share files without using Web browser tabs.

InSync and the next solution, overGrive, are very similar in both appearance and function. overGrive is a newer product, however. Both offer free trials.

One of the most powerful and useful features of Insync is the ability to click on any document and open it with whatever preferred application is enabled on your local computer.

You can modify files, create files, and save updated files in the local Insync folder and have them automatically synced back on Google Drive without having to first convert the file format. You can not do that by opening a file via the Web browser.

Insync runs on distros based on Ubuntu 16.04 and later, Linux Mint 18.x and later, Debian Stretch 9 and later, and Fedora 27 and later. It integrates with these file managers: Caja, Dolphin/Konqueror, Nautilus, Nemo and Thunar.

  • InSync Installation

    Before you install Insync, use your Web browser to visit your Google Drive account. The easiest way to sync specific files and folders is to create a new Google Drive folder and name it something you will identify as the Insync archive.

    Then drag or move all the folders and individual files that you want to synchronize automatically. This is the folder you will indicate as the target Drive folder when you set up the Insync client.

    Follow these steps to install the Insync Google Drive client:

    1. Download the installer from the Insync link above.
    2. Click on the downloaded installer to install the Insync client.
    3. The installer will prompt you to select your Google Account. Click on the account you want to use for syncing. Then grant permission for Insync to access this Google Drive account.
    4. Close the login window. Go to the Insync app window to continue the installation process.
    5. A new window will open asking for permission to integrate Insync into your file manager. You must grant permission.
    6. Click on the Insync file name in the main application menu to start the program. It places an icon on the system’s notification area of the panel bar.

    A two-arrow circle on the Insync icon in the notifications tray indicates that the folder you designated is synchronizing on that computer.

  • Using the Insync App

    You now have two avenues of access to your Google Drive without using your Web browser. The first access method is to open the file manager. The second access method is via the Insync icon in the notification area on the panel bar.

    Go to the file manager. The list of folders and files will include a blue-colored folder showing the Insync insignia. Click on the Insync folder to display all of your synchronized folders and unfoldered files.

    You can not see your other Google Drive content items within this file manager access, but anything you place into the Insync folder on Google Drive will become available in the Insync folder within the file manager display.

    Using the Insync icon in the notification area gives you broader access to all of your Google Drive content.

    Left-click on the Insync icon to open the Insync client app. The three blue dots in the top left corner open the Preferences window, provide a help message center, and let you exit the app. Click the Preferences option to turn on/off the three options.

    Clicking the Insync button on the left edge of the second row of the app window displays the events screen. Hover the mouse pointer over each of the symbols in the left vertical panel to see their function. Click on the symbol to change the information display in the main display area of the app.

  • More Insync App Functions

    Hover the mouse pointer on Your Google Drive photo to see a pop-up list of four Google Drive actions: Files (presents a list of all your Google Drive folders; click to open each item); Account Settings; Go to Folder (opens your Insync folder in a new file manager instance); Go to Drive Web (launches Google Drive in Web browser tab).

    The Account Settings button displays a new panel where you can manage an Ignore List; tell Insync if you want to convert Google Docs, Sheets, Slides and Drawings to desktop format; convert to Microsoft Office; or convert to OpenDocument formats.

    The Stats button in the Accounts Settings panel shows a pie graph of used and remaining storage space for your Google Drive account.

    Other buttons in the app display screen let you modify folder settings and create file sharing with authorized users. You also can pause syncing.

    Right-click on the Insync icon in the notification area of the panel lets you bypass the various app functions detailed above. Use it to directly open the app window, pause syncing, open your synced folder, or quit the client app.

overGrive Drives Google Files

overGrive is a product of the Fan Club, a Web design and development company based in Cape Town, South Africa. It is a complete Google Drive desktop client solution for Linux.

This is a very functional client app with an easy-to-use interface and an impressive list of features. It has a 15-day free trial period. Cost: $4.99

overGrive Google Drivesynched files

The overGrive client puts direct access to synced Google Drive files in its own folder in the desktop’s file manager application.

– click image to enlarge –

This is a more recent entry in the overlapping inventory of Google Drive clients. It replaces two previous products that now are outdated or abandoned. An open source command-line tool named “Grive” became useless when Google changed the Google Drive API. A graphical syncing app called “Grive Tools” no longer is supported.

The developers instead released an updated commercial replacement called “overGrive” and are selling it for $5. It comes with a 14-day free trial.

With overGrive you can access most of the features of Google Drive except for those based on symlink support. It is supported in all major Linux distributions.

Installation downloads and installation instructions are
available here. Packages are available as a free download for DEB (Debian, Ubuntu and Mint), for RPM (Fedora and openSuse), and for XZ (Arch and Manjaro).

  • More About overGrive

    overGrive supports these Linux distributions: Ubuntu, Debian, Mint, Raspbian, Elementary, CentOS, Fedora, openSuse, Arch and Manjaro. You can use it with these Linux desktops in the supported distributions: Gnome, KDE, Xfce, Cinnamon, Pantheon and LXDE.

    Only one license is needed per Google Drive Account. You can use the license on any Linux version. You can use the same license to install overGrive on multiple computers.

    Similar to the feature set with Insync, overGrive is very functional. You can convert Google Docs to Office files for offline editing using Microsoft Word, Microsoft Excel, Microsoft Powerpoint, Open Document and Open Spreadsheet formats.

    overGrive auto syncs Google Drive to your computer and backs up local files to Google Drive. The client app lets you select Google Drive folders to sync.

  • How to Install overGrive

    Much of the installation process and setup routine for overGrive is the same pattern, but the sequencing of the steps varies slightly. Here are the steps:

    1. Download the installer from the overGrive link above.
    2. Click on the downloaded installer to install the overGrive client.
    3. Select your Google account when prompted.
    4. Paste your Google authorization code sent via email into the account entry box provided. Then click the validate button to validate the code.
    5. Grant permission for overGrive to access this Google Drive account. A browser window will open for you to sign in to your Google account.
    6. Click Connect account. Sync options will be available after connecting your account.
    7. Click on the overGrive file name in the main application menu to start the program. It places an icon on the system’s notification area of the panel bar.
    8. When you have completed setting your preferences, click the Start Sync button. Animation on the overGrive icon in the notifications tray indicates that the folders you designated on Google Drive are synchronizing on that computer.
  • Getting the overGrive License

    When the trial period ends, the overGrive app will not start. Instead, a window appears over the app interface asking you to activate the license.

    Click the Get License link to complete the purchase. Then check your email for the activation code.

    Return to the overGrive app window and enter the activation code in the license activation dialog box. Then click the Activate button.

  • How overGrive Syncs

    Before syncing for the first time, clear all Trash files from your Google Drive online. Then start syncing. But make sure that overGrive finishes the first sync completely before closing the client app or turning off the computer.

    If the first sync does not complete it will open the overGrive setup screen again on restart. You can simply select Start Sync again to complete the synchronization process.

    overGrive synchronizes files from your Google Drive online to the Google Drive folder on your computer automatically. Files in your Shared with Me folder will be synced only if you drag them to My Drive on Google Drive online. Only files and folders in your My Drive will be synced.

  • Using the overGrive App

    The overGrive client app is not as multipurpose as the Insync app. overGrive has a much simpler interface.

    There is no difference in the app functions whether you left-click or right-click the overGrive icon in the notification area of the panel bar. Doing either action pops up a list of options.

    The available actions are Sync; Open Google Drive folder (in a new file manager instance); Visit Google Drive on the Web (in a browser tab); Preferences (opens a settings panel of options to apply in handling Google Drive functions); Help; About; and Quit.

    The file manager shows all of the computers files content along with the Google Drive folder. Click the folder to open it. The folder contains all of the synced Google Drive files.

    overGrive lets you open and edit files in the Google Drive synced folder in native apps depending on which applications are installed on your computer. For example, a .docx file opens in LibreOffice Writer. A .gdoc file will open in the Web browser using a Google Docs Web tool.

ODrive: The Appless Wonder Client

ODrive sometimes is referred to as “OpenDrive,” but do not confuse that unofficial name with another commercial cloud service. ODrive is a free open source application to sync or back up files to and from Google Drive. The free version is a very basic option with absolutely no frills or options, but it works effortlessly without fault.

Signing up or registering when you download ODrive gets you full access to premium features for seven days. After that trial period ends, you revert to the no-frills functionality unless you purchase a premium version subscription starting at $8.25/month.

ODrive Settings screenshot

OpenDrive uses a scaled down setup process that is simpler and quicker than most other Google Drive client options.

For non-enterprise or heavy business uses, the free basic version will deliver all that you need to sync and view your Google Drive files with any number of computers. You do not need to open browser tabs or use terminal-based tools.

ODrive integrates a Google File folder within the file manager application. An ODrive icon sits in the notification area on the panel bar, but it has no functions other than to display basic Google Drive connection and file syncing status. You also can check/uncheck a Launch on Startup option and exit the client.

ODrive is available in .deb, Snap and appimage formats. it is also available for macOS and Windows. Its files are housed on GitHub.
Get it here.

  • How-to Setup ODrive Integration

    OpenDrive’s all-or-nothing simplicity makes installing the Google Drive Linux client a shortcut variety of what is the standard process detailed for the above two applications. All that is required is responding to the prompts in a series of dialogue windows.

    1. Download the installation file from the above GitHub link.
    2. Click on the downloaded file. Click the NEXT button in the first dialogue setup box.
    3. In the next dialogue window, click the arrow in the upper right corner of the dialogue box to select your Google Account.
    4. In that same dialogue box, go to the middle of the window to select where on your computer you want to store the Google Drive files.
    5. Click the Synchronize button at the bottom of the same window to advance to the next setup window.
    6. Sign into ODrive by entering your email address and press the NEXT button.
    7. Enter your Google password and press the NEXT button.
    8. At the bottom of the new window, click the ALLOW button to authorize ODrive to access your Google Drive account.
    9. Click the AUTHORIZE button to start the downloading of your Google Drive files.
  • Using OpenDrive

    ODrive has no extra options or app settings to select. The application has no sync controls or integration to enable.

    If you have only a few GBs of content parked on your Google Drive, ODrive is a quick and easy solution. If you have a huge stash of archives, like me, ODrive may not be a suitable choice.

    In my case, I use ODrive in combination with Insync. I don’t need constant access and updating to 90 percent of the archives that I keep on Google Drive, so my Insync folder is all I need to access and sync regularly.

    I use ODrive’s complete mirror of my Google Drive to conveniently view other archives and be able to edit them instantly. That is far more convenient than traipsing through a Web browser all the time.

    ODrive for Linux is available for Ubuntu, Linux Mint and other Linux distributions, as well as macOS and Windows.

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open source technologies. He has written numerous reviews of Linux distros and other open source software.
Email Jack.

Source link

Google Brings Linux to Chromebook » Linux Magazine

Linux-based Chromebooks are not capable of natively running Linux apps and utilities. Last year, Google launched project Crostini to allow Linux apps – primarily command line tools and utilities – to run natively on ChromeOS using containerization.

According to some media reports, at the Google I/O summit this year, Google announced that “all Chromebooks launched in 2019 will be Linux-ready right out of the box.” It means all new Chromebooks will have Crostini enabled by default.

“Crostini is the umbrella term for making Linux application support easy to use and integrating well with Chrome OS. It largely focuses on getting you a Terminal with a container and easy access to install whatever developer-focused tools you might want. It’s the default first-party experience,” said the Project Crostini page.

Both Google and Microsoft are trying to lure developers towards their platforms, and they see a benefit in providing Linux command-line utilities that many developers/sysadmins need to test, build, and run their cloud-native applications.

Source link