Replies

Not as safe then, especially without antivirus?

There are lots of independent eyes on Linux Repos. So, safer than a wide-open uncurated collection. As for less safe than S-Mode or various App Stores — you can have one or the other — absolute safety or greater functionality. Not both. It’s the old security vs. liberty argument.

-- rc primak

1 user thanked author for this post.

wdburt1

Be advised, this program has not been updated since 2014.

-- rc primak

1 user thanked author for this post.

Microfix

Maybe the article mentioned this, but there is a setting in Accessibility which reverts the PrtScn button to its original behavior. This can also be done through the Windows 11 Registry. This Bleeping Computer Article shows the details.

 

-- rc primak

1 user thanked author for this post.

Berserker79

In cases like this one sometimes the easiest way to be sure you have the most recent version of the Snipping Tool App is to treat it like any other Windows Store App. Just uninstall it using the Apps section of Settings, and go to the Store, download and install a fresh copy of the app, then restart the Snipping Tool. Here’s a video showing how to do this, or two other ways:

https://www.youtube.com/watch?v=WwBibe8rN3g 

-- rc primak

Just because other cleaners do the same damages does not mean there is no damage. b states there are no damages, but he does not reply to the red flags. Since I did not run the tests my colleague reported, there is no way to know what those red flags were referring to at this point.

Windows update cleaning does remove files and caches which are needed to inform the system of which updates are available. Once this happens, the caches need to be refilled. This is a repair. And it is automatic.

-- rc primak

Not really. The repos are open to software contributed from users of several independent distros, and they are curated independently from individual distros. No one developer team has the authority to declare that software can be added or deleted from the repos. They are not wide open, but they are not as tightly curated as S-Mode or the Android or Apple ecosystems.

No device, and very few distros, will be locked into using just one repo exclusively. Nearly all Linux distros by default allow sideloading by adding new PPAs or other sources to the Software Sources List.

And you do not have to pay anyone money or obtain a license to jailbreak your device and sideload from anywhere you please, if you know how.

So no, this is not S-Mode for Linux.

Just a safety guideline for those who want to have safer, more secure Linux devices.

-- rc primak

1 user thanked author for this post.

wdburt1

Web browser updates are among the most frequent in Linux. Just run the Software Centre updates, not simply the main updater, and all that Firefox nonsense will go away for another ten days or so.

I don’t worry about this type of nag in the Ubuntu flavors — I just do the updates when I’m not too busy using the browser or other apps. LibreOffice (which is neither a Flatpak nor a Snap) has similar nags inside the program for both Linux and Windows. The 14-day window to update simply says that it’s standard practice to expire Flatpaks and Snaps every two weeks. For Flatpaks, this would apply to all distros which can use them.

-- rc primak

1 user thanked author for this post.

wdburt1

 Is it any wonder our last intelligence leak came from a 21 year old gamer?  What I found funny was that Discord and the War Thunder gaming forums have been sharing classified materials for the last ten years (numerous references), as people try to one up each other on a video game.  Yet, the military still allows this to slip through the cracks.

And software developers still put extraneous code inside of certificate .dlls. It isn’t always malice which opens the door to insecurity. Sometimes it’s plain old apathy or laziness. There’s a place for documentation and extra instructions, but inside of a security certificate is not the place. Security leaks out through small cracks in most cases, not gaping holes.

-- rc primak

I also like to have a button at the top of my browsers to automate the cleanup process, should I choose to do so. Tools like Forget Me Not for Firefox and Hotcleaner’s Click And Clean for Chrome and Edge seem to do this trick, once I set them up. Ghostery also seems to help with Chromium based browsers, by not allowing cookies to be set in the first place. Disabling Ghostery for a site which requires more cookies or trackers is pretty easy.

 

-- rc primak

Apparently not.

Too many installers include certificates with extra code in them. All would fail to work if enforcement were made strict with a security patch. The help desk impacts would be large. (per Microsoft, in the fixed reference links I posted in this thread) (Reply #2552719 )

I might consider using VirusTotal to screen all incoming installers before running them. Not a perfect solution, but the best I can imagine with my limited technical skills.

I certainly do not want to introduce yet another reason for my favorite software to fail to update. But I do want to know if something genuinely threatening is being included with any installer. Just getting a warning from the Smart Screen Reputation Service really does not solve the problem for me.

Is there a tool or program which can look at an installer’s certificate(s) and show all extraneous code contained in the certificate(s)?

More details here . Unfortunately, Google Chrome is one offender. That makes the fix suggested impractical for a lot of Windows users. What other installers many of us use which violate certificate rules, no one has said. Brian says there are “many” such installers. Not very encouraging if we really want secure Windows installers.

-- rc primak

2 users thanked author for this post.

ibe98765, geekdom

Microsoft Security Advisory 2915720 

Microsoft Security Bulletin MS13-098 – Critical

Are these the links we need?

 

-- rc primak

2 users thanked author for this post.

Will Fastie, geekdom

Even if a computer could be fitted with a device that would analyze the Laws and assure destruction of a machine gone bad, it’s all in software — a machine without the laws could still run it, or the device could be hacked.

Will, I’m sure you know of firmware chips which are Write Once Read Many times. Takes most of the guesswork out of preventing hacking and self-circumvention. (The human brain also has a few things hard-coded into it which are nearly impossible to overwrite, short of destroying the neural paths they use.)

It is pure anthropomorphism and projection to ascribe emotions to AI machines. They have nothing of the sort. And no ability to actually reason, make decisions or understand anything, let alone a moral or ethical framework. They have rules and other algorithms, nothing more. So how do we expect them to enforce morals or ethics when human societies differ on these points on a monstrous scale.

By the way, Jules Verne did not invent the idea of submarines. Leonardo DaVinci drew a schematic of a submarine, and there may have been references to underwater craft among the ancient Greeks. By the time of Verne, submarines did exist, having been used in the American Civil War, as well as the Turtle from the American Revolutionary War.

… AI-based systems we will encounter over the next few years.

Try the next few decades, if ever. Any sooner will result in the same effects as releasing full self-driving mode into Tesla cars. People will not put up with such nonsense.

We must and will put the guardrails up earlier for General AI than we have done for some expert systems like the self-driving cars.  That was a wake-up call, not just in theory or science fiction.

-- rc primak

1 user thanked author for this post.

b

My first thought, not being familiar with baby clothing:

It’s a saying, and probably plays on the decorations, not the baseball tactic. Or the bird. How fast does ChatGPT 4 catch on to which meaning is being used in such a case? Even I (mostly human) didn’t know of yet another meaning, upon which this saying hinges.

-- rc primak

Kubuntu is a flavor of Ubuntu. Firefox for Ubuntu is not a Flatpak, it is a Snap. Mint does not use Snaps. So your issue probably comes from an out of date Kubuntu version, which now has to be upgraded to regain access to current Snaps. Ubuntu (and Mint) versions are only supported for a fixed number of months or years. After that, some things might not be able to update, including some Snaps.

Flatpak’s framework needs periodic updating, as well as its apps. Do so in CLI terminal by typing sudo flatpak update (and your sudoer password), or by going to Ubuntu Software (if you use that repo) and go to the Update Tab. (The Ubuntu Software Centre handles Flatpak updates, but the Software Updater in Ubuntu does not.)  In Mint there is a Tray item for the updater.

-- rc primak

2 users thanked author for this post.

Microfix, Cybertooth

You make a good point about compressed archives in Linux.

-- rc primak