July 5, 2025
Keeping tech free
The Pi Podcast was able to get an exclusive interview with Raspberry Pi founder Eben Upton on what exactly is the Raspberry Pi 3 and how it stacks up to the rest of the Raspberry Pi lineup. Here’s the takeaway from the interview.
Photo source: FCC
What a week in the FOSS world. So much has happened since our last Week in Review that I think I’ll skip the idle chitchat about the weather and such and get straight to business. Well, I will take the time to tell you that it’s been damned cold in these parts and I’m more than ready for spring…
The Great 2016 Linux Mint Hack: The hack at one of the crown jewels of Linux distros has undoubtedly been the biggest story this week. I’ll not bore you by repeating details which most of you have probably already read by now, but will direct those of you who don’t know to FOSS Force’s coverage on Sunday, and to our report on Monday in which Freedom Penguin Matt Hartley helps me take a look at the nature of the crack/hack.
The good news is that things are slowly — very slowly — returning to normal for the Mint team. By midweek, things were under control enough that the switch could be flipped on Mint’s server, putting the website back online. On Thursday I had a very brief email discussion with the distro’s project leader Clem Lefebvre — “very brief” because Lefebvre was more than little busy at the time. He and his team are in up to their elbows, working to make sure that everything works and plays well with the hardening they’ve done to Mint’s server, as well as working overtime to find any niggling security issues. In other words, they have it all under control, even as they work to get it more under control.
Back on February 15 when we ran an article calling for a ban on advertisers’ practice of tracking users who just happen to drive by an ad, much less click on it, we ran a poll to find out what you think. Actually, we were pretty sure we already knew what you thought. You tell us everyday, either in the comments section to our articles or by blocking ads here on FOSS Force. The poll was mainly to put some numbers to what we already knew.
The poll was pretty straight forward. “Should advertisers and ad agencies be forbidden to track users as they surf the web?” we asked. There were three answers offered, “Yes,” “No” and “With exceptions.”
As far as FOSS Force polls go, the numbers were pretty low on this one. In all, 143 of you took the poll, a minuscule sampling by any measure, but with conclusive results: You’re completely against having your journeys through cyberspace tracked.
After answering various calls for presentations to a few upcoming shows, it stands to reason that Tom Petty is right: The waiting is the hardest part.
Because I now use PC-BSD on a daily basis, the idea going forward is to pitch talks about the conversion from one side of the Free/Open Source Software street to the other; the uplifting situations and occasional hurdle such a conversion brings, and to outline the similarities (lots) and differences (few, but relatively significant) between Linux distros and BSD variants.
“Free and open source software has many advantages over proprietary software,” Karen Sandler, the executive director of the Software Freedom Conservancy, testified Tuesday before the New York City Council Committee on Contracts. “Studies show that, over time, free software is safer from vulnerabilities. Free software is auditable — security and functionality can be verified upon inspection. Anyone can independently assess the software and its risks. Developers can more easily and quickly repair discovered vulnerabilities or bugs (and bugs are very common in all software – the Software Engineering Institute estimates that an experienced software engineer produces approximately one defect for every 100 lines of code). Free software removes dependence on a single party, as anyone can make changes to their version of the software. And municipalities can hire any contractor on the open market to work on the software.”
This past Sunday I had scheduled a Reglue installation for a young lady a couple of towns east of Taylor. This part of Central Texas is dotted with small towns. Some towns flourished during the golden age of the railroad, some grew to support miners for a local aluminum mine, and even others gathered as a farming and cotton textile hub. I like spending some time in these places, since my small town is much like these. They are barely a shadow of their former selves, their industries having dwindled or disappeared, but for some reason they remain.
The upside to these small towns is almost always the presence of extremely good school systems. The class sizes are at most 20 kids, but most often, in the mid teens. Some teachers who began their teaching careers here remain until they retire, at least those who do not have to move away due to spousal employment circumstances. It is not rare to have a fifth grade teacher attending his or her student’s high school graduation.
When I visit kids from these heartland towns, I feel like I’ve stepped into an alternate time. Not of time past, but a different kind of time. A time where grade school kids are challenged by their homework assignments and look forward to that challenge, high school kids take food orders on roller skates evenings and weekends at the local Sonic drive-in, farm kids work the land with their parents, and almost every boy learns how to turn wrenches with his dad on Saturday mornings. A time where being referred to as “Sir” or “Ma’am” is the norm.
Here’s a sneak preview of a poll that will go up in a front page article in the next day our two. Feel free to…
Everybody understands that none of a stage magician’s tricks are real. The one thing that is real, and which a successful illusionist must practice to perfection, is the art of misdirection — which evidently turned out the be the trick under the sleeves of the cracker/hackers who were responsible for compromising ISO downloads of Linux Mint 17.3 Cinnamon on Saturday.
In the FOSS Force news article on the hack which ran Sunday, we said “the hackers modified the ISO of the Cinnamon edition of Linux Mint 17.3 (Rosa).” We now know that’s not quite true, or at least not in the way we meant. The hackers didn’t bust into the Mint server and modify the binaries waiting to be grabbed by the mirror sites for downloads. Instead, this was a case of misdirection.
The hackers had a copy of Mint with their malicious payload in place, packaged as an ISO image and sitting on a Bulgarian server they controlled, waiting to serve downloads of what is arguably the worlds most popular version of GNU/Linux. The intrusion at Mint was a quick in-and-out to change the URLs in the anchor tags on Mint’s download page for the 64-bit Cinnamon version of Linux Mint 17.3 “Rosa.” Afterwards, users who clicked on a link to download from, say, the Internet Solutions mirror in South Africa, were taken to the hackers’ server in Bulgaria. Let the download begin. Wham, bam, thank you mam.
Linux Mint project leader Clem Lefebvre revealed in a blog post today that the popular Linux distribution’s servers were hacked on Saturday. During the “brief” intrusion, the hackers modified the ISO of the Cinnamon edition of Linux Mint 17.3 (Rosa) and also gained access to the distro’s forum database. Only this particular ISO is affected; other editions or releases are considered safe. Only ISO’s downloaded Saturday are potentially vulnerable.
The good news this week is that the latest Linux vulnerability finally scared me enough to take the time to fix the issues I’ve been having with the updater on the Linux box we use here at the office and get our machine up-to-date with all the latest patches. Other than that, it’s just been the usual, which can be summed-up as waiting for Godot, who so far remains a no show…
Now for this weeks roundup:
Often the best place to find hope is in the middle of despair. I think somebody famous once said that; if not, I’ll take credit for it. Anyway, there’s been an example of that adage this week which has me feeling…well, full of hope, and at the same time, concerned for someone I’ve never met.
