More HDR work for Linux, Ubuntu revamps PPAs, KeePass security flaw: Linux & Open Source News

50 thoughts on “More HDR work for Linux, Ubuntu revamps PPAs, KeePass security flaw: Linux & Open Source News”

• Check out TuxCare's newsletter for news about Linux security: https://bit.ly/3If3kn0

• 5:15 "Have other issues" should not be an excuse trivialize the exploit.

• From what I understood the statement from Roblox about not supporting WINE was intended to be limited to a beta version, to avoid bad data while they look at every error log created.

• The features being added for Flatpaks have nothing to do with Flatpak specifically. Every "App in a single file" format out there can do what was shown off in this video. Flatpak is a terrible file format for other reasons. Maybe Red Hat and the Gnome team should have finished the Flatpak specification before pushing it so hard and then people wouldn't be so adverse to it, but pushing software before it's ready and forcing the rest of the Linux community to use it by making Gnome depend on it is RHEL's favorite thing to do.

• You keep it simple and explain it well too

• I wish to thank you kindly for the KeePass vulnerability report. My guess as to why the PoC tool exploitation being low when it comes to KeePass probably has something to do with KeePass, just like Linux, may not be widely used among consumers. However, even if someone did create Malware to exploit the PoC tool in such a way to capture a RAM dump, Windows swapfile dump and/or Windows hibernation file dump, my guess is each of these dumps might be huge to transmit which might then send alarms to the Windows end-user since such a huge amount to system resources (disk, memory, cpu) will mostly be used by an unknown process.

• Correction, keyloggers are a thing on wayland. Just a single attack vector isnt an option due to the wayland implementation of gui isolation. This does not cover you from other vectors of keylogging.

• Yotube premium still has adds

• All that Roblox shitshow is a great demonstration on how SteamDeck is shaping Linux gaming space. Drop WINE support is not as easy right now because you automatically will loose "SteamDeck approved" badge with it, and while SteamDeck is still a hot topic nobody wants deliberately doing that. I personally expected Roblox to unwind that controversial WINE decision and here we go…

• I'm so surprised to see people are still using/maintaining KeePass instead of KeePassXC? I thought it was dead actually.

• Security guy here : you really shouldn't worry about the keepass exploit. Honestly, if something has enough access to exploit this, you're already way pas worrying about this : if a malware has full access to another program's memory, that means that basically everything on your computer is totally compromised. Honestly, it's can be a bit tiring when minor exploits like this have so much reach in the media, with so many articles often much less nuanced than your take on this Nick. Thank you for doing your due dilligence on this !

• I heard KeepassXC is not affected by that critical bug.
  Hope that's true.

• Probably my favorite news program.

• Vulnerability just on KeePass but not KeePassXC right?

• So, should I just never use a password manager then?

• Spent a decent amount of time outside lately huh Nicholas? 😊

• Based on my experience of getting permissions worked out under Wayland,
  if somebody manages to install a functioning keylogger on my newer installs they deserve my passwords.
  That's hard work.
  But in all seriousness, KeepassXC is my goto. Guess I'm going beta until July.

• The KeePass vulnerability only affects KeePass 2 clients. The database file itself is unaffected, and the KeePassXC client is unaffected as well.

• Since apt-key got deprecated ppa's have kinda been a mess because ubuntu didn't create a new one-liner command for adding a ppa. Hopefully this will address that

• 11:09 this tool is insane, much needed to me.

• Thank you.

• You should have said whether KeePassXC is vulnerable or not!

• I was shocked when I installed chimera os and saw it had an HDR toggle. Very happy I can use the HDR on my TV while playing on my steam machine.

• Wayland's adoption will create problems with compatibility between desktop environments. You see, unlike X11 (that had its own compositor), each environment needs to develop its own compositor, on top of Wayland. These are different implementations, and they are all subsets. With the advent of 10bit, HDR, etc, gnome apps will look weird (if not crashy) under KDE, and the other way around. Wayland should have made its own compositor, and let environments build on top of that universal level, rather than letting each environment hack its own. Fragmentation yet again, at a different level and scape.

• Nick, do you have a video that could help us decide on a suitable computer for our everyday needs? More I watch videos about new computers, they focus on the gamer angle and not the everyday user. I know Tuxedo, your sponsor, is an option, but what specs should we look for to get the best bang for buck?

• I had NO IDEA Alma Linux had other flavours. I'm gonna take a look at them right now.

• HDR on Linux is starting to come together! Seeing HDR video playback on the KDE desktop brings a tear to my eye. It's getting somewhere! It's happening!

• Does the KeePass vulnerability affect KeePassXC on Linux?

• That's sad news about KeePass. Although, I'm immune due to using a second factor which doesn't type things into a text field. I love my Yubikey!

• If more Windows users knew about Cinnamon, there'd be a lot fewer Windows users.

• thanks Nick, as always

• Always watching your video!

• 10:23 French kicked in all of a sudden 🧑‍🍳

• Rhino Linux sounds really interesting

• "Unicorn" is "Licorne" en francais! Merci beaucoup, Nick, pour vos nouvelles de GNU/Linux.

• That part about Roblox planning to enable Wine would be great. Would finally make me move off (Busybox+Explorer+alot of random libraries not packaged up in winget/)Windows for anything that I can do on Linux.
  Not sure when my daily driving period of Windows again for a few weeks will end.

• I not found Combo or Kombo app. (API tester) Please show the name of new apps in video please.
  What is app before Combo?

• It’s so great for Roblox after that there’s just R6 and fortnite support left to do for Linux gaming to become a really great option !

• It's nice to see Cinnamon getting added to all these different distro's. Gnome and Cinnamon are my favourite DE's, I can't choose one as my #1 but KDE and XFCE are a million miles away in terms of my faves. KDE has it's priorities all wrong, they leave glaring bugs to focus on the visual fidelity of some random icon or panel and it blows my mind that they think it's acceptable. Not many people will keep KDE on their system more than 1 month. Some people yes but it's not hard to see the general consensus from a few Google searches.

• 13:55 Impressive that you can open that laptop just by resting your finger on the lid and pulling up! Took me a second to realize this shot is reversed 😂

• Boycott Roblox

• I'd love to have a system that tells me if I have packages installed from the PPAs I've added – so I remember to remove them.

• Does the exploit affect KeePassXC?

• Is that KeePass vulnerability applicable to KeePass , KeePassX or KeePassXC or all of them?
  Anywhoo ,I use a keyfile as well as a master password so any exploiter needs to find that as well as the password.

  Edit: It is reported to only affect KeePass 2.X branch for Windows:
  Linux users should be using KeepassXC as it is more actively maintained than the other versions

  "KeepassXC – a fork of KeePassX, which is a cross-platform port of KeePass – is not affected."

  "The vulnerability affects the KeePass 2.X branch for Windows, and possibly for Linux and macOS. It has been fixed in the test versions of KeePass v2.54 – the official release is expected by July 2023."

• 2:00 GNOME's Mutter already supports color profiles, at least on Wayland (haven't tried on X) — it's in the Colors panel. Yeah, I know, not the best panel… I tried to move the functionality into other panels, but kind of abandoned the work for now.

• HDR support is essentially the final piece of the puzzle for migrating my desktop gaming rig from Windows 10 to Linux. Currently test driving Nobara for this exact purpose, so glad to see the community working so hard in this.

• 1080p@50? that's probably the first time I've noticed that.

• 8:18 to 8:26 so …the devs for Rhino linux..claim it's based on xfce..but it LOOKS like vanilla gnome wtf? LOL. No thanks.

• You're french, you don't need to make a joke about you being horny, we know you're horny all the time.

• Every weekly gnome update makes me think more and more on how little interest people have on working with kirigami and how KDE really need to rethink it from the ground up to make it as attractive to developers as libadwaita has been (that and to make its HID layout guidelines and widgets not look like heavily themed windows xp/gnome 2 era applications)

Comments are closed.