document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2024-12-26 21:30:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'LCTT:master' into master

Browse Source
This commit is contained in:
Hans zhao 2022-05-14 16:33:15 +08:00 committed by GitHub
commit 7e8a9e332a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 583 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
published/20210323 WebAssembly Security, Now and in the Future.md Normal file
View File

@ -0,0 +1,87 @@
[#]: subject: (WebAssembly Security, Now and in the Future)
[#]: via: (https://www.linux.com/news/webassembly-security-now-and-in-the-future/)
[#]: author: (Dan Brown https://training.linuxfoundation.org/announcements/webassembly-security-now-and-in-the-future/)
[#]: collector: (lujun9972)
[#]: translator: (hanszhao80)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-14592-1.html)
WebAssembly 安全的现在和未来
======
![](https://img.linux.net.cn/data/attachment/album/202205/14/144316bb8kbwjephjyb427.jpg)
### 简介
正如我们 [最近解释的][1]WebAssembly 是一种用于以任何语言编写的二进制格式的软件旨在最终无需更改就能在任意平台运行。WebAssembly 的第一个应用是在 Web 浏览器中以使网站更快、更具交互性。WebAssembly 有计划推向 Web 之外从各种服务器到物联网IoT其创造了很多机会但也存在很多安全问题。这篇文章是对这些问题和 WebAssembly 安全模型的一篇介绍性概述。
### WebAssembly 跟 JavaScript 很像
在 Web 浏览器内部WebAssembly 模块由执行 JavaScript 代码的同一 <ruby>虚拟机<rt>VM</rt></ruby> 管理。因此WebAssembly 和 JavaScript 一样,造成的危害也是相同的,只是效率更高,更不易被察觉。由于 JavaScript 是纯文本,运行前需要浏览器编译,而 WebAssembly 是一种可立即运行的二进制格式,运行速度更快,也更难被扫描出(即使使用杀毒软件)其中的恶意指令。
WebAssembly 的这种 “代码混淆” 效果已经被用来弹出不请自来的广告,或打开假的 “技术支持” 窗口,要求提供敏感数据。另一个把戏则是自动将浏览器重定向到包含真正危险的恶意软件的 “落地” 页。
最后,就像 JavaScript 一样WebAssembly 可能被用来 “窃取” 处理能力而不是数据。2019 年,[对 150 个不同的 WASM 模块的分析][2] 发现,其中约 _32%_ 被用于加密货币挖掘。
### WebAssembly 沙盒和接口
WebAssembly 代码在一个由虚拟机(而不是操作系统)管理的 [沙盒][3] 中封闭运行。这使它无法看到主机,也无法直接与主机交互。对系统资源(文件、硬件或互联网连接)的访问只能通过该虚拟机提供的 <ruby>WebAssembly 系统接口<rt>WebAssembly System Interface</rt></ruby>WASI 进行。
WASI 不同于大多数其他应用程序编程接口API它具有独特的安全特性真正推动了 WASM 在传统服务器和<ruby>边缘<rt>Edge</rt></ruby>计算场景中的采用,这将是下一篇文章的主题。在这里,可以说,当从 Web 迁移到其他环境时,它的安全影响会有很大的不同。现代 Web 浏览器是极其复杂的软件但它是建立在数十年的经验和数十亿人的日常测试之上的。与浏览器相比服务器或物联网IoT设备几乎是未知领域。这些平台的虚拟机将需要扩展 WASI因此肯定会带来新的安全挑战。
### WebAssembly 中的内存和代码管理
与普通的编译程序相比WebAssembly 应用程序对内存的访问非常受限对它们自己也是如此。WebAssembly 代码不能直接访问尚未调用的函数或变量,不能跳转到任意地址,也不能将内存中的数据作为字节码指令执行。
在浏览器内部WASM 模块只能获得一个连续字节的全局数组(<ruby>线性内存<rt>linear memory</rt></ruby>进行操作。WebAssembly 可以直接读写该区域中的任意位置,或者请求增加其大小,但仅此而已。这个<ruby>线性内存<rt>linear memory</rt></ruby>也与包含其实际代码、执行堆栈、当然还有运行 WebAssembly 的虚拟机的区域分离。对于浏览器来说,所有这些数据结构都是普通的 JavaScript 对象,使用标准过程与所有其他对象隔离。
### 结果还好,但不完美
所有这些限制使得 WebAssembly 模块很难做出不当行为,但也并非不可能。
沙盒化的内存使 WebAssembly 几乎不可能接触到 __外部__ 的东西,也使操作系统更难防止 __内部__ 发生不好的事情。传统的内存监测机制,比如 <ruby>[堆栈金丝雀][4]<rt>Stack Canaries</rt></ruby> 能注意到是否有代码试图扰乱它不应该接触的对象,[但在这里没用][5]。
事实上WebAssembly 只能访问自己的<ruby>线性内存<rt>linear memory</rt></ruby>,但可以直接访问,这也可能为攻击者的行为 _提供便利_。有了这些约束和对模块源代码的访问,就更容易猜测覆盖哪些内存位置可能造成最大的破坏。破坏局部变量似乎也是 [可能的][6],因为它们停留在<ruby>线性内存<rt>linear memory</rt></ruby>中的无监督堆栈中。
2020 年的一篇关于 [WebAssembly 的二进制安全性][5] 的论文指出WebAssembly 代码仍然可以在设定的常量内存中覆盖字符串文字。同一篇论文描述了在三个不同的平台浏览器、Node.JS 上的服务端应用程序,和独立 WebAssembly 虚拟机的应用程序WebAssembly 可能比编译为原生二进制文件时更不安全的其他方式。建议进一步阅读此主题。
通常,认为 WebAssembly 只能破坏其自身沙盒中的内容的想法可能会产生误导。WebAssembly 模块为调用它们的 JavaScript 代码做繁重的工作,每次都会交换变量。如果模块在这些变量中的任意一处写入不安全的调用 WebAssembly 的 JavaScript 代码,就 _会_ 导致崩溃或数据泄露。
### 未来的方向
WebAssembly 的两个新出现的特性:[并发][7] 和内部垃圾收集,肯定会影响其安全性(如何影响以及影响多少,现在下结论还为时过早)。
并发允许多个 WebAssembly 模块在同一个虚拟机中并行。目前,只有通过 JavaScript [web workers][8] 才能实现这一点,但更好的机制正在开发中。安全方面,他们可能会带来 [以前不需要的大量的代码][9],也就是更多出错的方法。
为了提高性能和安全性,我们需要一个 [本地的垃圾收集器][10],但最重要的是,要在经过良好测试的浏览器的 Java 虚拟机之外使用 WebAssembly因为这些虚拟机无论如何都会在自己内部收集所有的垃圾。当然甚至这个新代码也可能成为漏洞和攻击的另一个入口。
往好处想,使 WebAssembly 比现在更安全的通用策略也是存在的。再次引用 [这篇文章][5],这些策略包括:编译器改进、栈/堆和常量数据的 _分离_ 的线性存储机制,以及避免使用 **不安全的语言**(如 C编译 WebAssembly 模块代码。
*本文 [WebAssembly 安全的现在和未来][11] 首次发表在 [Linux 基金会 - 培训][12]。*
--------------------------------------------------------------------------------
via: https://www.linux.com/news/webassembly-security-now-and-in-the-future/
作者:[Dan Brown][a]
选题:[lujun9972][b]
译者:[hanszhao80](https://github.com/hanszhao80)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://training.linuxfoundation.org/announcements/webassembly-security-now-and-in-the-future/
[b]: https://github.com/lujun9972
[1]: https://training.linuxfoundation.org/announcements/an-introduction-to-webassembly/
[2]: https://www.sec.cs.tu-bs.de/pubs/2019a-dimva.pdf
[3]: https://webassembly.org/docs/security/
[4]: https://ctf101.org/binary-exploitation/stack-canaries/
[5]: https://www.usenix.org/system/files/sec20-lehmann.pdf
[6]: https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
[7]: https://github.com/WebAssembly/threads
[8]: https://en.wikipedia.org/wiki/Web_worker
[9]: https://googleprojectzero.blogspot.com/2018/08/the-problems-and-promise-of-webassembly.html
[10]: https://github.com/WebAssembly/gc/blob/master/proposals/gc/Overview.md
[11]: https://training.linuxfoundation.org/announcements/webassembly-security-now-and-in-the-future/
[12]: https://training.linuxfoundation.org/

77
sources/talk/20220513 When open source meets academic publishing- Platinum open access journals.md Normal file
View File

@ -0,0 +1,77 @@
[#]: subject: "When open source meets academic publishing: Platinum open access journals"
[#]: via: "https://opensource.com/article/22/5/platinum-open-access-academic-journals"
[#]: author: "Joshua Pearce https://opensource.com/users/jmpearce"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
When open source meets academic publishing: Platinum open access journals
======
Academics can now publish free, read free, and still stay on track for professional success.
![Stack of books for reading][1]
Image by: Opensource.com
Academics routinely give away their work to companies for free—and then they buy it back! Can you imagine a farmer giving away free food and then paying to get it back for dinner? Probably not. Yet academics like me have been trapped for decades in a scheme where we give free work in exchange for job security and then pay millions of dollars a year to read our own writing.
Fortunately, this is changing. The results from a [study][2] I just finished show that it is possible for academics to get job security without paying for it. My study found hundreds of journals that are *platinum open access* (OA)—that is, they require neither the author nor the readers to pay for peer-reviewed work—yet still carry the prestige and readership to help academics succeed in their careers.
This trend is exploding: The [Directory of Open Access Journals][3] lists over 17,300 journals that offer a means of OA at some level, and over 12,250 have no article-processing charges (APCs). I used a handy open source [Python script][4] to compare this list to a list of journals ranked by the frequency with which their published papers are cited in other articles (The Journal Impact Factor List). It is clear that the last few years have seen a growing trend towards both OA in general and platinum OA specifically. These trends have the potential to accelerate science while helping prevent academic servitude.
### The academic's dilemma
Academics are generally pretty intelligent, so why have they engaged in this disadvantageous system for so long? Simply put, academics have been caught in a trap: In order to keep their jobs and get tenure, they need to publish in journals with a high impact factor. An impact factor is a metric based on the mean number of citations to articles published in the last two years in a given journal, as indexed by the proprietary Web of Science. Impact factors are a prestige metric for academics.
Historically, academic publishing has been dominated by a handful of major publishers that used subscription-based business models. In this model, academic authors write articles, peer-review articles, and often do the editing of these articles—all for free. The articles are published under copyright owned by the major publishing companies. Then either the same academics pay to read these articles on an individual basis (~US $35/article), or their university libraries pay to subscribe to all of the articles in a journal. These costs can be astronomical: often over US $1 million per year for all titles from a single publisher.
This system is senseless for many obvious reasons. Scientific progress is bogged down by restricting access to copyrighted scientific literature squirreled away behind paywalls. It is hard to do state-of-the-art research if you do not know what it is because you cannot read it. Scientists are divided into those who can afford access to the literature and those who cannot. Academics in the developing world often struggle to pay, but even well-endowed [Harvard University][5] has taken action to rein in its yearly journal expenses.
Costs to authors are similarly high. APC values range from a few hundred dollars to jaw-dropping thousands of dollars per article. APCs can be particularly damaging for some disciplines that are less well funded, such as the humanities and social sciences (as compared to physical and medical sciences or engineering). Substantial APCs also reinforce the wealth gap in academia, making professional success dependent on having income to invest in publishing. Is there another profession that asks workers to pay money to make products for others?
### Open access to the rescue!
This problem can be solved by the OA movement, which advocates for making all academic literature freely accessible to everyone. There is an unmistakable rise in OA publishing: It now makes up nearly a third of the peer-reviewed literature.
The benefits of OA are twofold. First, OA is a benefit to science overall, because it provides a frictionless means of reading the state of the art for making significant advancements in knowledge. Second, from an individual academic's point of view, OA provides the pragmatic advantage of enabling the broadest possible audience of their writing by making it freely and easily available on the internet.
Funders have begun to demand OA for these reasons, particularly public funders of science. It is hard to argue that if the public funds research, they should have to pay a second time to read it.
### Where is academic publishing now, and where it is going?
Conventional publishers still have control of this situation, largely because of the perception that they have a monopoly on journals with an impact factor. Despite the disadvantages of publishing the traditional way, many academics continue to publish in subscription-based journals or pay high APCs, knowing that publication in high impact factor journals is vital for demonstrating expertise for grants, tenure, and promotion.
A few years ago, academics simply had no choice: They could either publish in a journal with an impact factor or publish OA. Now they can publish OA and still get the benefits of an impact factor in one of three ways:
* Green OA: Publish in a traditional way and then self-archive by uploading preprints or accepted versions of papers into an open repository or server. Some schools have an institutional repository for this purpose. For example, Western University has [Scholarship@Western][6], where any of their professors can share their work. Academics without their own institutional repos can use servers like [preprints.org][7], [arXiv][8], or  [OSF preprints][9]. I also use social media for academics, like [Academia][10] or [ResearchGate][11], for self-archiving. This can be complex to navigate because publishers have different rules, and it is somewhat time consuming.
* Gold OA: Publish in a growing list of journals with impact factors that make your paper freely available after publication but require an APC. This method is easy to navigate: Academics publish as usual and OA is built into the publishing process. The drawback is that funds going to APCs may be diverted from research activities.
* Platinum OA: Publish in platinum OA journals with an impact factor. No one pays either to read or to publish. The challenge here is finding a journal in your discipline that fits this criterion, but that continues to change.
There are tens of thousands of journals, but only a few hundred platinum OA journals with impact factors. This may make it hard for academics to find a good fit between what they study and a journal that matches their interests. See the Appendix in my [study][12] for the list, or use the Python script mentioned above to run updated numbers for yourself. The number of platinum OA journals is growing quickly, so if you do not find something now you may have some solid journals to choose from soon. Happy publishing!
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/5/platinum-open-access-academic-journals
作者:[Joshua Pearce][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/jmpearce
[b]: https://github.com/lkxed
[1]: https://opensource.com/sites/default/files/lead-images/books_read_list_stack_study.png
[2]: https://doi.org/10.3390/knowledge2020013
[3]: https://doaj.org/
[4]: https://osf.io/mh4bx/
[5]: https://www.theguardian.com/science/2012/apr/24/harvard-university-journal-publishers-prices
[6]: https://ir.lib.uwo.ca/
[7]: https://www.preprints.org/
[8]: https://arxiv.org/
[9]: https://osf.io/preprints/
[10]: https://westernu.academia.edu/JoshuaPearce/Papers
[11]: https://www.researchgate.net/profile/Joshua-Pearce
[12]: https://www.mdpi.com/2673-9585/2/2/13

103
sources/tech/20150712 Fedora Media Writer- World-Class LIVE USB Creator -Tutorial.md → sources/tech/20220513 Fedora Media Writer- World-Class LIVE USB Creator [Tutorial].md
View File

@ -1,7 +1,7 @@
[#]: subject: "Fedora Media Writer: World-Class LIVE USB Creator [Tutorial]"
[#]: via: "https://www.debugpoint.com/2022/05/fedora-media-writer/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lujun9972"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
@ -9,52 +9,46 @@
Fedora Media Writer: World-Class LIVE USB Creator [Tutorial]
======
A TUTORIAL ON INSTALLING AND USING FEDORA MEDIA WRITER TO CREATE LIVE
USB FROM LINUX & WINDOWS.
![Fedora Media Writer][1]
A tutorial on installing and using Fedora Media Writer to create LIVE USB from Linux & Windows.
### Fedora Media Writer
The community and Fedora Linux team develop and maintain the [Fedora Media Writer app][2]. This application writes any ISO image to your flash drive (USB stick). In addition, Fedora Media Writer also has features to download the ISO file directly from the Fedora Mirrors, provided you have a stable internet connection.
The community and Fedora Linux team develop and maintain the [Fedora Media Writer app][1]. This application writes any ISO image to your flash drive (USB stick). In addition, Fedora Media Writer also has features to download the ISO file directly from the Fedora Mirrors, provided you have a stable internet connection.
Moreover, it gives you a list of options for download such as Official Editions, Emerging Editions, Spins and Fedora Labs images.
Not only that, but you can also use this nifty utility to write any other ISO images to your flash drive. It need not be the Fedora ISO always.
Although there are other popular utilities available for creating LIVE USBs, such as [Etcher][3], Ventoy, and Rufus you can still give this utility a try, considering the team develops it from mainstream Fedora Linux with contributors.
Although there are other popular utilities available for creating LIVE USBs, such as [Etcher][2], Ventoy, and Rufus you can still give this utility a try, considering the team develops it from mainstream Fedora Linux with contributors.
So, in summary, here are quick feature highlights of Fedora Media Writer.
#### Features Summary of Fedora Media Writer
* Available for Linux, Windows and macOS
* Directly download + write the images to a USB flash drive
* Official Editions (Workstation, IoT, Server) download
* Emerging Editions (Silverblue, Kinoite) download
* Spins (KDE Plasma, Xfce, etc)
* Labs (Fedora Astronomy, Robotic and other flavours)
* Available as Flatpak for Linux Distros
* Also, can write any other ISO images (non-Fedora) to a USB stick.
* Ability to format USB stick, restore flash drive
* Based on Qt
* Available for Linux, Windows and macOS
* Directly download + write the images to a USB flash drive
* Official Editions (Workstation, IoT, Server) download
* Emerging Editions (Silverblue, Kinoite) download
* Spins (KDE Plasma, Xfce, etc)
* Labs (Fedora Astronomy, Robotic and other flavours)
* Available as Flatpak for Linux Distros
* Also, can write any other ISO images (non-Fedora) to a USB stick.
* Ability to format USB stick, restore flash drive
* Based on Qt
### How to Install
#### Linux
Fedora Media Writer is available as Flatpak for Linux Distributions. To install it in any Linux (such as Fedora, Ubuntu, or Linux Mint) [set up Flatpak by following this guide][4].
Fedora Media Writer is available as Flatpak for Linux Distributions. To install it in any Linux (such as Fedora, Ubuntu, or Linux Mint) [set up Flatpak by following this guide][3].
Then, click on the below link to install. This will launch the official Software application of your Linux Distro (such as Discover, GNOME Software). After installation, you can launch it via Application Menu.
[Install Fedora Media Writer as Flatpak][5]
#### Windows
If you are a Windows user and planning to migrate to Linux (or Fedora), it is a perfect tool. You need to download the exe installer from GitHub (link below) and follow the onscreen instruction for installation.
[Latest Installer for Windows (exe)][6]
[Latest Installer for Windows (exe)][4]
After installation, you can launch it from Start Menu.
@ -70,34 +64,20 @@ Furthermore, you can use this utility for just formatting your USB flash drive a
#### Automatic Download and Write
![First Screen][1]
The automatic Download option gives you the following screen to download any Fedora ISO you want from mirrors. This is useful for many because it eliminates the hassles of separately downloading ISO files, verifying checksum, etc.
![The automatic download options give you these options][1]
After choosing the distribution, the final screen gives you the option for version (Fedora 36, 35, etc.) and architecture (x86, ARM, etc.). Also, you should see the USB destination. Click on Download and Write to start the process.
![The final Write screen][1]
#### Write an existing ISO file from the disk.
When you choose the select iso file option, you can select the file from your system. After that, select the destination USB drive and click Write to start the process.
![Direct ISO write][1]
![Writing is in progress][1]
![Writing Complete][1]
After the write operation is finished, you can see a confirmation message shown above. It took standard time to write a 3GB~ ISO during my test, around 3 to 4 minutes.
### Using Fedora Media Writer to Create LIVE USB in Windows, macOS
The steps are the same to use this utility in Windows and macOS, as shown above for Linux. You can easily find the shortcuts after installation and launch in the same way.
![Running in Windows 11][1]
### Closing Notes
I hope this guide helps you use Fedora Media Writer for your day to day USB writing work. Also, the good thing about this utility is that you can use it for formatting/restoring your USB stick. You do not require GParted or GNOME Disks anymore.
@ -106,59 +86,20 @@ Its such a terrific utility for Linux, Windows and macOS users.
Cheers.
* * *
We bring the latest tech, software news and stuff that matters. Stay in touch via [Telegram][7], [Twitter][8], [YouTube][9], and [Facebook][10] and never miss an update!
#### Share this:
* [Twitter][11]
* [Facebook][12]
* [Print][13]
* [LinkedIn][14]
* [Reddit][15]
* [Telegram][16]
* [WhatsApp][17]
* [Email][18]
*
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/2022/05/fedora-media-writer/
作者:[Arindam][a]
选题:[lujun9972][b]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lujun9972
[1]: data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7
[2]: https://github.com/FedoraQt/MediaWriter
[3]: https://www.debugpoint.com/2021/01/etcher-bootable-usb-linux/
[4]: https://flatpak.org/setup/
[5]: https://dl.flathub.org/repo/appstream/org.fedoraproject.MediaWriter.flatpakref
[6]: https://github.com/FedoraQt/MediaWriter/releases/latest
[7]: https://t.me/debugpoint
[8]: https://twitter.com/DebugPoint
[9]: https://www.youtube.com/c/debugpoint?sub_confirmation=1
[10]: https://facebook.com/DebugPoint
[11]: https://www.debugpoint.com/2022/05/fedora-media-writer/?share=twitter (Click to share on Twitter)
[12]: https://www.debugpoint.com/2022/05/fedora-media-writer/?share=facebook (Click to share on Facebook)
[13]: tmp.hzW8xj7tdm#print (Click to print)
[14]: https://www.debugpoint.com/2022/05/fedora-media-writer/?share=linkedin (Click to share on LinkedIn)
[15]: https://www.debugpoint.com/2022/05/fedora-media-writer/?share=reddit (Click to share on Reddit)
[16]: https://www.debugpoint.com/2022/05/fedora-media-writer/?share=telegram (Click to share on Telegram)
[17]: https://www.debugpoint.com/2022/05/fedora-media-writer/?share=jetpack-whatsapp (Click to share on WhatsApp)
[18]: https://www.debugpoint.com/2022/05/fedora-media-writer/?share=email (Click to email this to a friend)
[b]: https://github.com/lkxed
[1]: https://github.com/FedoraQt/MediaWriter
[2]: https://www.debugpoint.com/2021/01/etcher-bootable-usb-linux/
[3]: https://flatpak.org/setup/
[4]: https://github.com/FedoraQt/MediaWriter/releases/latest

162
sources/tech/20220513 Install Third Party Software Using Fedy In Fedora 36.md Normal file
View File

@ -0,0 +1,162 @@
[#]: subject: "Install Third Party Software Using Fedy In Fedora 36"
[#]: via: "https://ostechnix.com/install-third-party-software-fedy-fedora/"
[#]: author: "sk https://ostechnix.com/author/sk/"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Install Third Party Software Using Fedy In Fedora 36
======
Install third-party software and multimedia codecs with Fedy in Fedora
The Fedora project will not include any package that doesn't comply with [Fedora licensing policies][1] in the official repositories. So, the Fedora users rely on third-party repositories like **RPM Fusion** to install propriety drivers, software and codecs that Fedora doesn't want to ship due to legal and licensing reasons. In this guide, we will see what is **Fedy** and how to install third-party software and multimedia codecs with Fedy in Fedora Linux operating systems.
### What is Fedy?
Fedy is a simple graphical application that allows you to install several third-party applications, development tools, drivers, themes, and utilities in Fedora.
You can install everything with a single mouse click! No need to use DNF/YUM or any other CLI/GUI package managers! Fedy will automatically add the respective repositories and install the selected applications.
Fedy is a perfect post-installer application for Fedora that allows you to quickly install frequently used essential applications after a fresh Fedora installation.
Whether you want to install a new software or a codec or apply a tweak, Fedy lets you do it without much hassle.
Please note that Fedy doesn't have its own repository. It will simply search and add the repository(s) which has the required software and automatically install them. It is just like a GUI front-end to the DNF/YUM package manager.
Fedy is free, open source application released under GPLv3. The source code of Fedy is hosted in GitHub.
### Install Fedy in Fedora Linux
First, you need to add and **enable RPM Fusion repository** in your Fedora system:
```
$ sudo dnf install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
```
Next, add fedy copr repository using command:
```
$ sudo dnf copr enable kwizart/fedy
```
After enabling RPM Fusion and Fedy copr repositories, run the following command to install fedy in Fedora:
```
$ sudo dnf install fedy -y
```
Now let us see how to use Fedy to install/remove third-party applications in Fedora.
### Install essential third-party applications in Fedora using Fedy
Launch Fedy either from the Terminal by using command:
```
$ fedy
```
You can also open Fedy from the Application launcher or Dash or Menu.
![Launch Fedy][2]
The default interface of fedy will look like below:
![Fedy main interface][3]
As you can see, Fedy interface is very simple!
As stated already, Fedy includes a lot of open and closed source applications, drivers and tools. All packages are categorized under six distinct sections as listed below:
1. Apps
2. Development tools
3. Drivers
4. Themes
5. Tweaks
6. Utilities
Just navigate to any section and install the available application(s). There is a search box on the top right-corner, which helps you to easily find a application to install or a tweak to apply.
#### Install and remove applications
The **Apps** section includes popular applications such as 1password, Anydesk, Insync, Microsoft teams, OneDrive, Spotify, Steam, WPS office, Zoom and many.
To install any application, just click on the **Install** button next to the application's name. You will be prompted to enter the `sudo` password. Once the password is entered, Fedy will add the appropriate repository for the application and install it. It's that simple!
![Install applications using Fedy in Fedora][4]
You can also remove the installed applications from the Fedy interface as well. No need to use GNOME software or DNF package manager.
#### Install development tools
From Development tools section, you can install various development tools like Android studio, CUDA toolkit, Eclipse IDE, Google Cloud SDK, JetBrains, MongoDB, Oracle JDK, Pycharm, Rstudio, Sublime text, Visual studio code and more.
#### Install drivers
The Drivers section in Fedy contains drivers and firmware for audio, video, Bluetooth, GPU, and filesystem etc. In this section, you can also install LTS Kernel as well.
Some of the notable drivers included in Fedy are: Broadcom 802.11 STA driver, Fuse exFAT driver, Intel legacy VAAPI driver, Nvidia GPU driver, and a few more.
#### Install themes
Fedy also allows you to change the look and feel of your Fedora desktop. You can make your desktop beautiful by installing popular themes like Flat-remix, Numix, and Papirus themes.
#### Tweak your Fedora system
This is my favorite section in Fedy. From Tweaks section in Fedora, you can tweak various settings, including the following:
* Clean junk files,
* Disable Wayland,
* Disable mouse acceleration,
* Add colors to bash prompt and make it fancy,
* Configure GRUB2,
* Set SELinux to permissive mode,
* Enable system-wide touchpad tap-to-click,
* Fix Intel throttling issues with Lenova notebooks.
![Tweak Fedora system using Fedy][5]
As stated already, all settings can be configured with a single mouse click! No need to edit configuration files and do changes manually. Fedy will set the optimal settings automatically!
#### Fedy utilities section
This is yet another important section in Fedy.
We can do the following from utilities section:
* Adobe flash browser plug-in and player
* Archive utilities to compress and extract different file formats
* Necessary multimedia codecs to encode or decode audio/video streams
* Enable encrypted DVD playback
* Microsoft TrueType fonts such as Arial, Times New Roman, and other core Microsoft fonts
* Oracle JRE to run JAVA applications
* and theme engines used by GTK themes to draw widgets
### Conclusion
As far as I tested, Fedy seems quite useful for Fedora users, especially for the newbies. Using Fedy, you can quickly setup a full-fledged Fedora desktop with all necessary applications for personal as well as professional usage.
**Resource:**
* [Fedy GitHub Repository][6]
--------------------------------------------------------------------------------
via: https://ostechnix.com/install-third-party-software-fedy-fedora/
作者:[sk][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://ostechnix.com/author/sk/
[b]: https://github.com/lkxed
[1]: https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/
[2]: https://ostechnix.com/wp-content/uploads/2022/05/Launch-Fedy.png
[3]: https://ostechnix.com/wp-content/uploads/2021/09/Fedy-main-interface.png
[4]: https://ostechnix.com/wp-content/uploads/2021/09/Install-applications-using-Fedy-in-Fedora.png
[5]: https://ostechnix.com/wp-content/uploads/2021/09/Tweak-Fedora-system-using-Fedy.png
[6]: https://github.com/rpmfusion-infra/fedy

235
sources/tech/20220514 Hidden Features! 25 Fun Things You Can Do With DuckDuckGo Search Engine.md Normal file
View File

@ -0,0 +1,235 @@
[#]: subject: "Hidden Features! 25 Fun Things You Can Do With DuckDuckGo Search Engine"
[#]: via: "https://itsfoss.com/duckduckgo-easter-eggs/"
[#]: author: "sreenath https://itsfoss.com/author/sreenath/"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Hidden Features! 25 Fun Things You Can Do With DuckDuckGo Search Engine
======
DuckDuckGo is one of the alternative search engines that is less privacy intruding than the omnipresent Google.
DuckDuckGo is one of the [alternative search engines that is less privacy intruding][1] than the omnipresent Google.
It has improved a lot lately and works quite satisfactorily for general web search. It is nowhere close to Google when it comes to local search.
However, DuckDuckGo (fondly nicknamed DDG) has some cool features most users are not aware of. If you are an ardent DDG fan, you may enjoy enhancing your search experience with these tricks.
### 1. Jump on a specific website
Type ! before your favorite website name and directly enter the website. This is like the feeling lucky feature of Google but in DDG terms, its called bangs.
There are short forms for the websites, which will be suggested when we start typing.
![duckduckgo bang feature][2]
Entering the search term just after the website name will land you on the required result from that website.
### 2. Convert text to ASCII
Figlet is one of the [fun Linux commands][3]. It converts any text into a decorated ASCII format.
Type **figlet** before any search term; it will print its ASCII output. No need to open the terminal.
![Figlet in DDG][4]
### 3. Check social media status
Use @ in front of the proper twitter name of someone will show their status (followers etc.).
![Itsfoss Twitter][5]
### 4. Generate a strong password
Type password followed by the number of characters to be included and it will generate a strong, unique password for you.
![Generating password in DuckDuckGo][6]
### 5. Generate Random Passphrase
Type random passphrase to generate a passphrase, usually 4 words long.
![Random Passphrase][7]
### 6. Get a cheatsheet
Type cheatsheet after the term whose cheatsheet you want. If there is a cheat sheet for the searched term, it will show it immediately on the search page.
![Vim Cheatsheet][8]
### 7. Get color from the color code
Type color followed by the hex code of the color you want to check and it will show what that color looks like.
![Color][9]
### 8. Generate a random number
Searching random number will output a random number between 0 and 1
![Random Number][10]
You can also specify the range to look for.
![Random Number between 1 and 1000][11]
### 9. Convert to binary and other formats
Type a binary number and append it with binary will convert it from binary to decimal
![Binary to Decimal][12]
Similarly, it works for hexadecimal and oct, but I am confused about their logic.
### 10. Find rhyming words
Type what rhymes with followed by the word you want to get rhymes of. Helps with your poetry skills, no?
![What rhymes with rain][13]
### 11. Get Ramanujan number, Pi, and other constants
Type the name of the constant whose value you want and you get it right in the search result page.
![Ramanujan Number][14]
### 12. Check who is currently in space
Type people in space and get the list of those currently in space. It also shows how long they have been in space.
![People in Space][15]
### 13. Check if a website is down
If you want to know if a particular website is down for you or for everyone, just use the “is xyz.com is down” search query.
![Is down?][16]
### 14. Get quotes on certain topics
Type a word followed by quotes, and it will give quotes related to that word.
![Get quotes in DDG][17]
### 15. Get Placeholder texts
Search for lorem ipsum and get 5 paragraphs of placeholder texts. Useful for web developers perhaps.
![Lorem ipsum][18]
### 16. Get the calendar of any month
Type calendar followed by day, month, and year and it gives you an interactive calendar of that month.
![Calendar][19]
### 17. Generate QR code
Search qr followed by any text, be it a link or anything, will generate the respective QR Code.
![QRCode][20]
### 18. Get some CSS Animations
Search for css animations to get some CSS animation examples.
![CSS Animations][21]
### 19. Expand a shortened link
Got a bitly or some other shortened link but not sure where it takes you. Instead of landing on a spammy website, expand the shortened URL and see the actual website URL.
Use the keyword expand followed by the shortened URL and it will show the actual destination URL.
![Expand Link][22]
### 20. Get HTML codes for special characters
Search html chars and get a very long list of HTML entities and their description, if pressed show more in the result
![HTML Chars][23]
### 21. Why should I use this?
This one is pretty useless. If you enter the term “why should I use this?” it shows “cause its awesome” at the top of the search result page. Clearly, DuckDuckGo is referring to itself.
![Why should I use this?][24]
### 22. Convert case
This works in two cases. lowercase <searchterm in Upper-case> will show the lowered case result
![Lowercase][25]
uppercase <searchterm in lower case> will show an uppercase result.
![Uppercase][26]
### 23. Encode a URL
Search encode followed by a URL will give an encoded result
![URL Encode][27]
### 24. Motherboard
Search for Motherboard, and you can see that the logo of DuckDuckGo on the left side is changed. It shows a random logo from the selection of a few.
![Motherboard][28]
### 25. Get HTML Color Codes
Search for color codes and you get a chart of colors. Again, this one is more for web developers and designers.
![Color Codes][29]
### There are many more…
My teammate Sreenath came up with this post idea. He says there are more such easter eggs in DuckDuckGo and I believe him. But it wont be feasible to list them all here.
If you know more such interesting DDG search features, share them in the comments. If you found your next favorite search feature, do mention that too.
--------------------------------------------------------------------------------
via: https://itsfoss.com/duckduckgo-easter-eggs/
作者:[sreenath][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/sreenath/
[b]: https://github.com/lkxed
[1]: https://itsfoss.com/privacy-search-engines/
[2]: https://itsfoss.com/wp-content/uploads/2022/05/duckduckgo-bang-feature-800x449.png
[3]: https://itsfoss.com/funny-linux-commands/
[4]: https://itsfoss.com/wp-content/uploads/2022/05/figlet-800x272.png
[5]: https://itsfoss.com/wp-content/uploads/2022/05/itsfoss-twitter-800x278.jpg
[6]: https://itsfoss.com/wp-content/uploads/2022/05/password-30-800x185.jpg
[7]: https://itsfoss.com/wp-content/uploads/2022/05/random-pqssphrase-800x179.png
[8]: https://itsfoss.com/wp-content/uploads/2022/05/vim-cheatsheet-800x367.png
[9]: https://itsfoss.com/wp-content/uploads/2022/05/color-800x289.jpg
[10]: https://itsfoss.com/wp-content/uploads/2022/05/random-number-800x235.png
[11]: https://itsfoss.com/wp-content/uploads/2022/05/random-number-between-1-and-1000-800x244.png
[12]: https://itsfoss.com/wp-content/uploads/2022/05/binary-800x184.png
[13]: https://itsfoss.com/wp-content/uploads/2022/05/What-rhymes-with-rain-800x257.png
[14]: https://itsfoss.com/wp-content/uploads/2022/05/ramanujan-number-800x238.png
[15]: https://itsfoss.com/wp-content/uploads/2022/05/people-in-space-800x313.jpg
[16]: https://itsfoss.com/wp-content/uploads/2022/05/is-down-800x204.png
[17]: https://itsfoss.com/wp-content/uploads/2022/05/life-quotes-800x303.png
[18]: https://itsfoss.com/wp-content/uploads/2022/05/lorem-ipsum-800x227.png
[19]: https://itsfoss.com/wp-content/uploads/2022/05/calendar-800x331.png
[20]: https://itsfoss.com/wp-content/uploads/2022/05/qrcode-800x255.png
[21]: https://itsfoss.com/wp-content/uploads/2022/05/css-animations-800x385.jpg
[22]: https://itsfoss.com/wp-content/uploads/2022/05/expand-shortened-link-ddg-800x209.png
[23]: https://itsfoss.com/wp-content/uploads/2022/05/html-chars-800x174.png
[24]: https://itsfoss.com/wp-content/uploads/2022/05/why-should-i-use-this-800x160.png
[25]: https://itsfoss.com/wp-content/uploads/2022/05/lowercase-800x179.png
[26]: https://itsfoss.com/wp-content/uploads/2022/05/uppercase-800x185.png
[27]: https://itsfoss.com/wp-content/uploads/2022/05/url-encode-800x177.png
[28]: https://itsfoss.com/wp-content/uploads/2022/05/motherboard.png
[29]: https://itsfoss.com/wp-content/uploads/2022/05/color-codes-800x554.png

86
translated/tech/20210323 WebAssembly Security, Now and in the Future.md
View File

@ -1,86 +0,0 @@
[#]: subject: (WebAssembly Security, Now and in the Future)
[#]: via: (https://www.linux.com/news/webassembly-security-now-and-in-the-future/)
[#]: author: (Dan Brown https://training.linuxfoundation.org/announcements/webassembly-security-now-and-in-the-future/)
[#]: collector: (lujun9972)
[#]: translator: (hanszhao80)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
WebAssembly 安全的现在和未来
======
### 说明
正如我们 [最近解释的][1]WebAssembly 是一种用于以任何语言编写的软件的二进制格式旨在最终无需更改就能在任意平台运行。WebAssembly 的第一个应用是在 Web 浏览器中,以使网站更快、更具交互性。计划将 WebAssembly 推向 Web 之外,从各种服务器到<ruby>物联网<rt>IoT</rt></ruby>,创造了与安全问题一样多的机会。这篇文章是对这些问题和 WebAssembly 安全模型的介绍性概述。
### WebAssembly 跟 JavaScript 很像
在 Web 浏览器内部WebAssembly 模块由执行 JavaScript 代码的同一 <ruby>虚拟机<rt>VM</rt></ruby> 管理。因此WebAssembly 可用于造成与 JavaScript 相同的危害,只是效率更高,并且不易被察觉。由于 JavaScript 是纯文本,运行前需要浏览器的编译,而 WebAssembly 是一种可立即运行的二进制格式,后者运行速度更快,也更难被扫描出(即使用杀毒软件)其中的恶意指令。
WebAssembly 的这种 **代码混淆** 效果已经被用来弹出不受欢迎的广告或打开要求敏感数据的虚假 **技术支持** 窗口。另一个把戏则是自动将浏览器重定向到包含真正危险的恶意软件的 **登陆** 页面。
最后,就像 JavaScript 一样WebAssembly 可能被用来 **窃取** 处理能力而不是数据。2019 年,[对 150 个不同的 WASM 模块的分析][2]发现,其中约 _32%_ 被用于加密货币挖掘。
### WebAssembly 沙箱和接口
WebAssembly 代码在由 <ruby>虚拟机<rt>VM</rt></ruby>(而不是操作系统)管理的[沙箱][3]中封闭运行。这使它无法看到主机,也无法直接与主机交互。对系统资源(文件、硬件或互联网连接)的访问只能通过该虚拟机提供的 <ruby>WebAssembly 系统接口<rt>WASI</rt></ruby> 进行。
WASI 不同于大多数其他应用程序编程接口,它具有独特的安全特性,真正推动了 WASM 在传统服务器和<ruby>边缘<rt>Edge</rt></ruby>服务器计算场景中的采用,这将是下一篇文章的主题。在这里,可以说,当从 Web 迁移到其他环境时,它的安全影响会有很大的不同。现代网络浏览器是极其复杂的软件,但它是建立在数十年的经验和数十亿人的日常测试之上的。与浏览器相比,服务器或<ruby>物联网<rt>IoT</rt></ruby>设备几乎是未知领域。这些平台的虚拟机将需要扩展 WASI因此肯定会带来新的安全挑战。
### WebAssembly 中的内存和代码管理
与普通的编译程序相比WebAssembly 应用程序对内存的访问非常有限对它们自己也是如此。WebAssembly 代码不能直接访问尚未调用的函数或变量,不能跳转到任意地址,也不能将内存中的数据作为字节码指令执行。
在浏览器内部WASM 模块只能获得一个连续字节的全局数组(<ruby>线性内存<rt>linear memory</rt></ruby>进行操作。WebAssembly 可以直接读写该区域中的任意位置,或者请求增加其大小,但仅此而已。这个<ruby>线性内存<rt>linear memory</rt></ruby>也与包含其实际代码、执行堆栈、当然还有运行 WebAssembly 的虚拟机的区域分离。对于浏览器来说,所有这些数据结构都是普通的 JavaScript 对象,与所有其他使用标准过程的对象隔离。
### 结果很好,但并不完美
所有这些限制使得 WebAssembly 模块很难做出不当行为,但也并非不可能。
沙箱化的内存使 WebAssembly 几乎不可能接触到 __外部__ 的东西,也使操作系统更难防止 __内部__ 发生不好的事情。传统的内存监测机制,比如 [**Stack Canaries**][4] 能注意到是否有代码试图扰乱它不应该接触的对象,[在这里不奏效][5]。
事实上WebAssembly 只能访问自己的<ruby>线性内存<rt>linear memory</rt></ruby>,但可以直接访问,这也可能为攻击者的行为 _提供便利_。有了这些约束和对模块源代码的访问,就更容易猜测覆盖哪些内存位置可能造成最大的破坏。局部变量似乎也 [可能][6] 被破坏,因为它们停留在<ruby>线性内存<rt>linear memory</rt></ruby>中的无监督的堆栈中。
2020年的一篇关于 [WebAssembly 的二进制安全性][5] 的论文指出WebAssembly 代码仍然可以在设定的常量内存中覆盖字符串文字。同一篇论文描述了在三个不同的平台浏览器、Node.JS 上的服务端应用程序和独立 WebAssembly 虚拟机的应用程序WebAssembly 可能比编译为原生二进制文件时更不安全的其他方式。建议进一步阅读此主题。
通常,认为 WebAssembly 只能破坏其自身沙箱中的内容的想法可能会产生误导。WebAssembly 模块为调用它们的 JavaScript 代码做繁重的工作,每次都交换变量。如果模块在这些变量中的任意一处写入不安全的调用 WebAssembly 的 JavaScript 代码,就 _会_ 导致崩溃或数据泄露。
### 未来的方向
WebAssembly 的两个新出现的特性:[并发][7] 和内部垃圾收集,肯定会影响其安全性(如何影响以及影响多少,现在下结论还为时过早)。
并发允许多个 WebAssembly 模块在同一个虚拟机中并行。目前,只有通过 JavaScript [web workers][8] 才能实现这一点,但更好的机制正在开发中。安全方面,他们可能会带来[以前不需要的大量的代码][9],会导致出现更多的错误。
[原生的垃圾收集器][10] 需要提高性能和安全性,但最重要的是在经过良好测试的浏览器的 Java <ruby>虚拟机<rt>VM</rt></ruby> (收集它们自己内部的所有垃圾)之外使用 WebAssembly。当然甚至这个新代码也可能成为漏洞和攻击的另一个入口。
往好处想,使 WebAssembly 比现在更安全的通用策略也是存在的。再次引用 [这篇文章][5],这些策略包括:编译器改进,栈、堆和常量数据 _分离_ 的线性存储机制,以及避免使用 **不安全的语言**(如 C编译 WebAssembly 模块代码。
本文 [WebAssembly 安全的现在和未来][11] 首次发表在 [Linux 基金会 - 培训][12]。
--------------------------------------------------------------------------------
via: https://www.linux.com/news/webassembly-security-now-and-in-the-future/
作者:[Dan Brown][a]
选题:[lujun9972][b]
译者:[hanszhao80](https://github.com/hanszhao80)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://training.linuxfoundation.org/announcements/webassembly-security-now-and-in-the-future/
[b]: https://github.com/lujun9972
[1]: https://training.linuxfoundation.org/announcements/an-introduction-to-webassembly/
[2]: https://www.sec.cs.tu-bs.de/pubs/2019a-dimva.pdf
[3]: https://webassembly.org/docs/security/
[4]: https://ctf101.org/binary-exploitation/stack-canaries/
[5]: https://www.usenix.org/system/files/sec20-lehmann.pdf
[6]: https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
[7]: https://github.com/WebAssembly/threads
[8]: https://en.wikipedia.org/wiki/Web_worker
[9]: https://googleprojectzero.blogspot.com/2018/08/the-problems-and-promise-of-webassembly.html
[10]: https://github.com/WebAssembly/gc/blob/master/proposals/gc/Overview.md
[11]: https://training.linuxfoundation.org/announcements/webassembly-security-now-and-in-the-future/
[12]: https://training.linuxfoundation.org/