Tag Archives: VNC

Security updates for Friday

Post Syndicated from ris original https://lwn.net/Articles/744175/rss

Security updates have been issued by Arch Linux (intel-ucode), Debian (gifsicle), Fedora (awstats and kernel), Gentoo (icoutils, pysaml2, and tigervnc), Mageia (dokuwiki and poppler), Oracle (kernel), SUSE (glibc, kernel, microcode_ctl, tiff, and ucode-intel), and Ubuntu (intel-microcode).

A hedgehog cam or two

Post Syndicated from Helen Lynn original https://www.raspberrypi.org/blog/a-hedgehog-cam-or-two/

Here we are, hauling ourselves out of the Christmas and New Year holidays and into January proper. It’s dawning on me that I have to go back to work, even though it’s still very cold and gloomy in northern Europe, and even though my duvet is lovely and warm. I found myself envying beings that hibernate, and thinking about beings that hibernate, and searching for things to do with hedgehogs. And, well, the long and the short of it is, today’s blog post is a short meditation on the hedgehog cam.

A hedgehog in a garden, photographed in infrared light by a hedgehog cam

Success! It’s a hedgehog!
Photo by Andrew Wedgbury

Hedgehog watching

Someone called Barker has installed a Raspberry Pi–based hedgehog cam in a location with a distant view of a famous Alp, and as well as providing live views by visible and infrared light for the dedicated and the insomniac, they also make a sped-up version of the previous night’s activity available. With hedgehogs usually being in hibernation during January, you mightn’t see them in any current feed — but don’t worry! You’re guaranteed a few hedgehogs on Barker’s website, because they have also thrown in some lovely GIFs of hoggy (and foxy) divas that their camera captured in the past.

A Hedgehog eating from a bowl on a patio, captured by a hedgehog cam

Nom nom nom!
GIF by Barker’s Site

Build your own hedgehog cam

For pointers on how to replicate this kind of setup, you could do worse than turn to Andrew Wedgbury’s hedgehog cam write-up. Andrew’s Twitter feed reveals that he’s a Cambridge local, and there are hints that he was behind RealVNC’s hoggy mascot for Pi Wars 2017.

RealVNC on Twitter

Another day at the office: testing our #PiWars mascot using a @Raspberry_Pi 3, #VNC Connect and @4tronix_uk Picon Zero. Name suggestions? https://t.co/iYY3xAX9Bk

Our infrared bird box and time-lapse camera resources will also set you well on the way towards your own custom wildlife camera. For a kit that wraps everything up in a weatherproof enclosure made with love, time, and serious amounts of design and testing, take a look at Naturebytes’ wildlife cam kit.

Or, if you’re thinking that a robot mascot is more dependable than real animals for the fluffiness you need in order to start your January with something like productivity and with your soul intact, you might like to put your own spin on our robot buggy.

Happy 2018

While we’re on the subject of getting to grips with the new year, do take a look at yesterday’s blog post, in which we suggest a New Year’s project that’s different from the usual resolutions. However you tackle 2018, we wish you an excellent year of creative computing.

The post A hedgehog cam or two appeared first on Raspberry Pi.

RDPY – RDP Security Tool For Hacking Remote Desktop Protocol

Post Syndicated from Darknet original https://www.darknet.org.uk/2017/11/rdpy-rdp-security-tool-hacking-remote-desktop-protocol/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

RDPY – RDP Security Tool For Hacking Remote Desktop Protocol

RDPY is an RDP Security Tool in Twisted Python with RDP Man in the Middle proxy support which can record sessions and Honeypot functionality.

RDPY is a pure Python implementation of the Microsoft RDP (Remote Desktop Protocol) protocol (client and server side). RDPY is built over the event driven network engine Twisted. RDPY support standard RDP security layer, RDP over SSL and NLA authentication (through ntlmv2 authentication protocol).

RDPY RDP Security Tool Features

RDPY provides the following RDP and VNC binaries:

  • RDP Man In The Middle proxy which record session
  • RDP Honeypot
  • RDP Screenshoter
  • RDP Client
  • VNC Client
  • VNC Screenshoter
  • RSS Player

RDPY is fully implemented in python, except the bitmap decompression algorithm which is implemented in C for performance purposes.

Read the rest of RDPY – RDP Security Tool For Hacking Remote Desktop Protocol now! Only available at Darknet.

Security updates for Tuesday

Post Syndicated from corbet original https://lwn.net/Articles/731678/rss

Security updates have been issued by Debian (extplorer and libraw), Fedora (mingw-libsoup, python-tablib, ruby, and subversion), Mageia (avidemux, clamav, nasm, php-pear-CAS, and shutter), Oracle (xmlsec1), Red Hat (openssl tomcat), Scientific Linux (authconfig, bash, curl, evince, firefox, freeradius, gdm gnome-session, ghostscript, git, glibc, gnutls, groovy, GStreamer, gtk-vnc, httpd, java-1.7.0-openjdk, kernel, libreoffice, libsoup, libtasn1, log4j, mariadb, mercurial, NetworkManager, openldap, openssh, pidgin, pki-core, postgresql, python, qemu-kvm, samba, spice, subversion, tcpdump, tigervnc fltk, tomcat, X.org, and xmlsec1), SUSE (git), and Ubuntu (augeas, cvs, and texlive-base).

Security updates for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/730338/rss

Security updates have been issued by Mageia (atril, mpg123, perl-SOAP-Lite, and virtualbox), openSUSE (kernel and libzypp, zypper), Oracle (authconfig, bash, curl, gdm and gnome-session, ghostscript, git, glibc, gnutls, gtk-vnc, kernel, libreoffice, libtasn1, mariadb, openldap, openssh, pidgin, postgresql, python, qemu-kvm, samba, tcpdump, tigervnc and fltk, and tomcat), Red Hat (kernel, kernel-rt, openstack-neutron, and qemu-kvm), and SUSE (puppet and tcmu-runner).

Security updates for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/729616/rss

Security updates have been issued by Debian (varnish), Fedora (gcc, gcc-python-plugin, libtool, mingw-c-ares, and php-PHPMailer), Red Hat (bash, curl, evince, freeradius, gdm and gnome-session, ghostscript, git, glibc, golang, GStreamer, gtk-vnc, kernel, kernel-rt, libtasn1, mariadb, openldap, openssh, pidgin, postgresql, python, qemu-kvm, qemu-kvm-rhev, samba, tigervnc and fltk, tomcat, and X.org X11 libraries), Slackware (gnupg), and Ubuntu (apache2, lxc, and webkit2gtk).

Security updates for Friday

Post Syndicated from jake original https://lwn.net/Articles/723927/rss

Security updates have been issued by CentOS (kernel), Debian (graphicsmagick, imagemagick, kde4libs, and puppet), Fedora (FlightCrew, kernel, libvncserver, and wordpress), Gentoo (adobe-flash, smb4k, teeworlds, and xen), Mageia (kernel, kernel-linus, kernel-tmb, and perl-CGI-Emulate-PSGI), openSUSE (GraphicsMagick and rpcbind), Oracle (kernel), Red Hat (kernel and kernel-rt), and Scientific Linux (kernel).

Security updates for Tuesday

Post Syndicated from ris original https://lwn.net/Articles/720301/rss

Security updates have been issued by Debian (feh, freetype, and radare2), Fedora (kernel and libsndfile), openSUSE (audiofile, dracut, gstreamer, gstreamer-plugins-bad, jasper, libpng15, proftpd, and tigervnc), Oracle (qemu-kvm), Red Hat (kernel, libreoffice, and qemu-kvm-rhev), and SUSE (bind and tiff).

Acrophobia 1.0: don’t drop the ball!

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/acrophobia/

Using servomotors and shadow tracking, Acrophobia 1.0’s mission to give a Raspberry Pi a nervous disposition is a rolling success.

Acrophobia 1.0

Acrophobia, a nervous machine with no human-serving goal, but with a single fear: of dropping the ball. Unlike any other ball balancing machine, Acrophobia has no interest in keeping the ball centered. She is just afraid to drop it, getting trapped in near-infinite loops of her own making.

How to give a Raspberry Pi Acrophobia

Controlling the MDF body and 3D printed wheels, the heart of Acrophobia contains a Raspberry Pi 2 and a Camera Module. The camera tracks a shadow across a square of semi-elastic synthetic cloth, moving the Turnigy S901D servomotors at each corner to keep it within a set perimeter.

Acrophobia Raspberry Pi

Well-placed lighting creates the perfect shadow for the Raspberry Pi to track

The shadow is cast by a small ball, and the single goal of Acrophobia is to keep that ball from dropping off the edge.

Acrophobia, a nervous machine with no human-serving goal, but with a single fear: of dropping the ball.

Unlike any other ball-balancing machine, Acrophobia has no interest in keeping the ball centered. She is just afraid to drop it, getting trapped in near-infinite loops of her own making.

To set up the build, the Raspberry Pi is accessed via VNC viewer on an iPad. Once the Python code is executed, Acrophobia is stuck in its near-infinite nightmare loop.

Acrophobia Raspberry Pi

This video for Acrophobia 1.0 has only recently been uploaded to Vimeo, but the beta recording has been available for some time. You can see the initial iteration, created by George Adamopoulos, Dafni Papadopoulou, Maria Papacharisi and Filippos Pappas for the National Technical University of Athens School of Architecture Undergraduate course here, and compare the two. The beta video includes the details of the original Arduino/webcam setup that was eventually replaced by the Raspberry Pi and Camera Module.

Team Building

I recently saw a similar build to this, again using a Raspberry Pi, which used tablet computers as game controllers. Instead of relying on a camera to track the ball, two players worked together to keep the ball within the boundaries of the sheet.

Naturally, now that I need the video for a blog post, I can’t find it. But if you know what I’m talking about, share the link in the comments below.

And if you don’t, it’s time to get making, my merry band of Pi builders. Who can turn Acrophobia into an interactive game?

The post Acrophobia 1.0: don’t drop the ball! appeared first on Raspberry Pi.

Security updates for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/718385/rss

Security updates have been issued by CentOS (icoutils and openjpeg), Debian (eject, graphicsmagick, libytnef, and tnef), Fedora (drupal8, firefox, kernel, ntp, qbittorrent, texlive, and webkitgtk4), Oracle (bash, coreutils, glibc, gnutls, kernel, libguestfs, ocaml, openssh, qemu-kvm, quagga, samba, samba4, tigervnc, and wireshark), Red Hat (curl), Slackware (mariadb), SUSE (samba), and Ubuntu (apparmor).

Security updates for Tuesday

Post Syndicated from ris original https://lwn.net/Articles/717702/rss

Security updates have been issued by Debian (sitesummary), Fedora (jasper, knot-resolver, R, rkward, rpm-ostree, rpy, w3m, and xen), openSUSE (firefox), Red Hat (bash, coreutils, glibc, gnutls, kernel, libguestfs, ocaml, openssh, qemu-kvm, quagga, samba, samba4, subscription-manager, tigervnc, and wireshark), and Ubuntu (eglibc, glibc, firefox, freetype, gnutls26, NVIDIA graphics, and nvidia-graphics-drivers-375).

P.A.R.T.Y.

Post Syndicated from Philip Colligan original https://www.raspberrypi.org/blog/p-a-r-t-y/

On 4 and 5 March 2017, more than 1,800 people got together in Cambridge to celebrate five years of Raspberry Pi and Code Club. We had cake, code, robots, explosions, and unicorn face paint. It was all kinds of awesome.

Celebrating five years of Raspberry Pi and Code Club

Uploaded by Raspberry Pi on 2017-03-10.

It’s hard to believe that it was only five years ago that we launched the first Raspberry Pi computer. Back then, our ambitions stretched to maybe a few tens of thousands of units, and our hope was simply that we could inspire more young people to study computer science.

Fast forward to 2017 and the Raspberry Pi is the third most successful computing platform of all time, with more than twelve and a half million units used by makers, educators, scientists, and entrepreneurs all over the world (you can read more about this in our Annual Review).

On 28 February, we announced the latest addition to our family of devices, the Raspberry Pi Zero W, which brings wireless connectivity and Bluetooth to the Pi Zero for an astonishing $10. You seemed to like it: in the four days between the product launch and the first day of the Birthday Party, we sold more than 100,000 units. We absolutely love seeing all the cool things you’re building with them!

Raspberry Pi Zero W

Celebrating our community

Low-cost, high-performance computers are a big part of the story, but they’re not the whole story. One of the most remarkable things about Raspberry Pi is the amazing community that has come together around the idea that more people should have the skills and confidence to get creative with technology.

For every person working for the Raspberry Pi Foundation, there are hundreds and thousands of community members outside the organisation who advance that mission every day. They run Raspberry Jams, volunteer at Code Clubs, write educational resources, moderate our forums, and so much more. The Birthday Party is one of the ways that we celebrate what they’ve achieved and say thank you to them for everything they’ve done.

Over the two days of the celebration, there were 57 workshops and talks from community members, including several that were designed and run by young people. I managed to listen to more of the talks this year, and I was really impressed by the breadth of subjects covered and the expertise on display.

All About Code on Twitter

Big thanks to @Raspberry_Pi for letting me run #PiParty @edu_blocks workshop and to @cjdell for his continuing help and support

Educators are an important part of our community and it was great to see so many of our Certified Educators leading sessions and contributing across the whole event.

Carrie Anne Philbin on Twitter

Thanks to my panel of @raspberry_pi certified educators – you are all amazing! #piparty https://t.co/0psnTEnfxq

Hands-on experiences

One of the goals for this year’s event was to give everyone the opportunity to get hands-on experience of digital making and, even if you weren’t able to get a place at one of the sold-out workshops, there were heaps of drop-in and ask-the-expert sessions, giving everyone the chance to get involved.

The marketplace was one of this year’s highlights: it featured more than 20 exhibitors including the awesome Pimoroni and Pi Hut, as well as some great maker creations, from the Tech Wishing Well to a game of robot football. It was great to see so many young people inspired by other people’s makes.

Child looking at a handmade robot at the Raspberry Pi fifth birthday weekend

Code Club’s celebrations

As I mentioned before, this year’s party was very much a joint celebration, marking five years of both Raspberry Pi and Code Club.

Since its launch in 2012, Code Club has established itself as one of the largest networks of after-school clubs in the world. As well as celebrating the milestone of 5,000 active Code Clubs in the UK, it was a real treat to welcome Code Club’s partners from across the world, including Australia, Bangladesh, Brazil, Canada, Croatia, France, New Zealand, South Korea, and Ukraine.

Representatives of Code Club International at the Raspberry Pi fifth birthday party

Representatives of Code Club International, up for a birthday party!

Our amazing team

There are so many people to thank for making our fifth Birthday Party such a massive success. The Cambridge Junction was a fantastic venue with a wonderful team (you can support their work here). Our friends at RealVNC provided generous sponsorship and practical demonstrations. ModMyPi packed hundreds of swag bags with swag donated by all of our exhibitors. Fuzzy Duck Brewery did us proud with another batch of their Irrational Ale.

We’re hugely grateful to Sam Aaron and Fran Scott who provided the amazing finales on Saturday and Sunday. No party is quite the same without an algorave and a lot of explosions.

Most of all, I want to say a massive thank you to all of our volunteers and community members: you really did make the Birthday Party possible, and we couldn’t have done it without you.

One of the things we stand for at Raspberry Pi is making computing and digital making accessible to all. There’s a long way to go before we can claim that we’ve achieved that goal, but it was fantastic to see so much genuine diversity on display.

Probably the most important piece of feedback I heard about the weekend was how welcoming it felt for people who were new to the movement. That is entirely down to the generous, open culture that has been created by our community. Thank you all.

Collage of Raspberry Pi and Code Club fifth birthday images

 

 

The post P.A.R.T.Y. appeared first on Raspberry Pi.

Security updates for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/716538/rss

Security updates have been issued by Debian (texlive-base), Fedora (cacti, drupal7-metatag, freeipa, mingw-gtk-vnc, suricata, and xen), Oracle (kvm), Red Hat (java-1.8.0-ibm and kvm), Scientific Linux (kvm), Slackware (firefox and thunderbird), SUSE (qemu), and Ubuntu (firefox, imagemagick, kernel, linux, linux-gke, linux-raspi2, linux-snapdragon, linux, linux-raspi2, linux, linux-ti-omap4, linux-hwe, linux-lts-trusty, linux-lts-xenial, and network-manager-applet).

Security updates for Monday

Post Syndicated from ris original https://lwn.net/Articles/716356/rss

Security updates have been issued by Arch Linux (curl), CentOS (ipa, kernel, and qemu-kvm), Debian (munin, ruby-zip, and zabbix), Fedora (bind99, gtk-vnc, jenkins, jenkins-remoting, kdelibs, kf5-kio, libcacard, libICE, libXdmcp, and vim), openSUSE (php5), Oracle (kernel), Red Hat (ansible and openshift-ansible and rpm-ostree and rpm-ostree-client), and Ubuntu (munin).

Security updates for Tuesday

Post Syndicated from ris original https://lwn.net/Articles/715160/rss

CentOS has updated openssl (C7; C6: two vulnerabilities).

Debian-LTS has updated gtk-vnc (two vulnerabilities).

Fedora has updated kernel (F25; F24: two
vulnerabilities), mingw-gstreamer1 (F25:
denial of service), mingw-gstreamer1-plugins-bad-free (F25: two
vulnerabilities), mingw-gstreamer1-plugins-base (F25: multiple
vulnerabilities), mingw-gstreamer1-plugins-good (F25: multiple
vulnerabilities), mingw-wavpack (F25; F24:
multiple vulnerabilities), and xen (F25: denial of service).

Gentoo has updated adobe-flash
(multiple vulnerabilities), dropbear
(multiple vulnerabilities), firefox
(multiple vulnerabilities), libass
(multiple vulnerabilities), libvncserver
(two vulnerabilities), mariadb (multiple
vulnerabilities), mysql (multiple
vulnerabilities), nagios-core (multiple
vulnerabilities, one from 2008), ocaml
(information leak), opus (code execution),
php (multiple vulnerabilities), pycrypto (denial of service), qemu (multiple vulnerabilities), redis (three vulnerabilities), tcpdump (multiple vulnerabilities), thunderbird (multiple vulnerabilities), tigervnc (code execution), and xen (code execution).

Mageia has updated ruby-archive-tar-minitar (file overwrites).

openSUSE has updated libplist
(42.1: multiple vulnerabilities) and nodejs
(42.1: three vulnerabilities).

Oracle has updated openssl (OL7; OL6: two vulnerabilities).

SUSE has updated flash-player
(SLE12-SP1: multiple vulnerabilities).

Ubuntu has updated gtk-vnc
(14.04, 12.04: two vulnerabilities), spice
(16.10, 16.04, 14.04: two vulnerabilities), and tomcat6, tomcat7 (14.04, 12.04: denial of service).

Monday’s security advisories

Post Syndicated from jake original https://lwn.net/Articles/715034/rss

Debian-LTS has updated gst-plugins-bad0.10 (two vulnerabilities), gst-plugins-base0.10 (two vulnerabilities), gst-plugins-good0.10 (two vulnerabilities), gst-plugins-ugly0.10 (two vulnerabilities),
and wireshark (denial of service).

Fedora has updated bind (F24:
denial of service), python-peewee (F25; F24:
largely unspecified), sshrc (F25:
unspecified), and zoneminder (F25;
F24: information disclosure).

Gentoo has updated glibc (multiple vulnerabilities,
most from 2014 and 2015), mupdf (three
vulnerabilities), and ntfs3g (privilege escalation).

Mageia has updated gnutls (multiple vulnerabilities),
gtk-vnc (two vulnerabilities), iceape (multiple vulnerabilities), jitsi (user spoofing), libarchive (denial of service), libgd (multiple vulnerabilities), lynx (URL spoofing), mariadb (multiple vulnerabilities, almost all unspecified), netpbm (multiple vulnerabilities), openjpeg2 (multiple vulnerabilities), tomcat (information disclosure), and viewvc (cross-site scripting).

openSUSE has updated chromium
(42.2, 42.1: multiple vulnerabilities), firebird
(42.2, 42.1: access restriction bypass), java-1_7_0-openjdk (42.2, 42.1: multiple vulnerabilities), mcabber (42.2: user spoofing), mupdf (42.2, 42.1: multiple vulnerabilities), open-vm-tools (42.1: CVE with no description
from 2015), opus (42.2, 42.1: code
execution), tiff (42.2, 42.1: code
execution), and vim (42.1: code execution).

Red Hat has updated openssl
(RHEL7&6: two vulnerabilities).

Scientific Linux has updated openssl (SL7&6: two vulnerabilities).

SUSE has updated kernel (SLE12: denial of service) and kernel (SLE11:
multiple vulnerabilities, some from 2004, 2012, and 2015).

Ubuntu has updated python-crypto
(16.10, 16.04, 14.04: regression in previous update).