When KDE Themes Attack

By Venn Stone Mar 27, 2024 / No Comments

Canonical cracks down on malicious Snaps, Red Hat gets into the driver business, a KDE theme wipes a user’s drive, and compiling a Linux kernel with a fanless cooler.

Listen:


Subscribe Google Podcasts | Spotify | Apple | Stitcher | TuneIn | RSS | More

Timestamps:
00:00 Intro
00:42 SCALE
06:13 ARC A310
07:10 Rust NVIDIA kernel driver from Redhat
10:42 KDE theme deletes files
16:03 Snaps getting manual reviews
23:28 Fanless kernel compile

New Nova Graphics

https://9to5linux.com/red-hat-announces-nova-a-rust-based-gsp-only-driver-for-nvidia-gpus

  • A GSP-only driver for Nvidia GPUs, intended as a successor to Nouveau.
  • The primary maintainer for Nouveau resigned so they had to do something.
  • Yes, it’s in Rust. 
  • 20/30/40 series GPUs will be supported. 
  • Red Hat announced something cool coming down the graphics pipeline, a new replacement for Nouveau called Nova.
  • Nova is an open source Rust based GPU System Processor driver for Nvidia GPUs.
  • And Nova is going to be easier to maintain, a lot more simple, and more memory efficient.
  • Also, with the Linux Kernel getting more and more Rust code these days, Red Hat thought it would be in their best interest to develop the Nova driver in Rust, which could make it a lot more attractive to developers.
  • This should help tremendously in making an open source graphics driver for Nvidia cards so you can game on Linux without needing the proprietary Nvidia drivers installed.

KDE Themes 

https://floss.social/@kde/112128243960545659

https://www.reddit.com/r/kde/comments/1bixmbx/do_not_install_global_themes_some_wipe_out_all/

    • Global themes and widgets created by 3rd party developers for Plasma can and will run arbitrary code. 
    • That’s usually not an issue until rm -rf shows up. 
    • That happened to Reddit user JeansenVaars who had all of their user mounted drive data erased. 
    • The KDE is thinking about curating the storefront and tossing in a warning or two. 
    • KDE’s response on Mastodon:
  • “We are calling on the community to help us locate and quarantine defective software by using the “Report” buttons available on each item in the KDE Store.” 
    • And Nate Graham states: 
  • “This particular theme has been removed. Too dangerous to live. We’re discussing a path forward for making sure this kind of thing can’t happen.” 
  • They knew quickly that they had to put measures in place to start auditing and curating the themes and widgets that are uploaded to the KDE store.
  • Good job KDE!

Quiet Computing 

https://interfacinglinux.com/2024/03/22/noctua-nh-p1-digital-audio-workstation/

  • Venn found the perfect use case for a slab of copper without fans.

Manual Snaps 

https://forum.snapcraft.io/t/manual-review-of-all-new-snap-name-registrations/39440

    • After getting hit  with crypto scam apps, again.  
    • Don’t know why they are saying weeks since this problem started well over five months ago. 
    • This resulted in a temporary suspension of automatic snap registration last September. 
    • Six months later they have decided that a manual review is required. 
    • Malicious crypto-wallet apps have been an issue on the Snap store for quite some time.
    • In February, Venn and I talked about $490K worth of crypto that was stolen from someone because of one of these bad actors.
    • In the last few weeks, the number of bad crypto-wallet apps on the Snap store has increased, and the Snap store team has been monitoring new Snaps that are being registered.
    • So for increased security against these malicious actors, Canonical has imposed more strict regulations when registering a new Snap name.
    • And now manual review is required using the following procedures:
      • First you have to go to the website listed in the article in our show notes to register the Snap name before you push it to the store.
      • And then when you enter all the info, the Snap will be submitted for review.
      • The engineering team will then evaluate the data and see if anything looks suspicious.
      • Next Canonical states:
  • “If the name request passes checks, the name will be granted for the Snap Store. If the snap the name request is suspected as being malicious, or is crypto-wallet-related, the name request will be rejected. In both cases, you will receive a notification.” 
  • The Snap store team will be publishing guidelines for how to publish these sensitive Snaps by next week.

Related:

Overkill Pi Cooling And RIP OS/2 OBS Linux Basics: USB HDMI Audio Capture And Webcam Audio Mozilla’s New Firefox Package Atomic Fedoras and pro video on Linux Interfacing Linux: M-Audio ProFire 2626