The New Features of macOS Sonoma

Apple has released macOS Sonoma, an update packed with new features aimed at enhancing productivity and entertainment. With a focus on interactive widgets, performance improvements, and new personalization options, Sonoma makes the Mac experience even more intuitive and efficient.

1. Widgets Everywhere
Widgets take center stage in macOS Sonoma. You can now place them directly on the desktop and interact with them without opening the Notification Center. Thanks to continuity with iOS devices, you can also use your iPhone widgets seamlessly on your Mac.

2. Game Mode
One of the most anticipated features is Game Mode, which optimizes system resources to enhance gaming performance. This mode reduces Bluetooth peripheral latency and prioritizes CPU and GPU usage for games.

3. Advanced Video Calls
For those using FaceTime or other video call apps, Sonoma introduces features like the ability to overlay your video on top of a presentation. This is perfect for professional presentations or training sessions.

4. Safari and Privacy
Safari gets significant improvements, including Profiles to separate personal and professional browsing data. Additionally, new privacy lock features make browsing even more secure.

5. Other Improvements
Animated Screensavers: Sonoma adds dynamic screensavers with stunning scenery, similar to Apple TV.
Performance Enhancements: macOS Sonoma optimizes system efficiency, ensuring faster response times and better battery usage.
Enhanced Accessibility: New features like live text pronunciation and better integration with assistive devices.

macOS Sonoma is a step forward for Apple, bringing new features that improve both productivity and the user experience. It’s an update worth installing, especially for those who use their Mac for work, entertainment, or both.

Posted in Mac Os | Comments Off on The New Features of macOS Sonoma

finally .. telescope

Finally, after months of thoughts, doubts, research and discussions on various forums, I made my choice and ordered the Celestron 6 SE (,Schmidt-Cassegrain,150mm, f10)
Premise, I absolutely wanted an automated telescope, that is, a scope that can point and above all track the object: this has inevitably increased the budget.
I initially started with the idea of ​​a Dobson 200 mm (collapsible with Go-to), but then I realized that I would need space in the house and above all moving it would not have been easy due to the considerable weight
I then shifted my interest to equatorial mounts, which are ideal for astrophotography: I was thinking of a 200 Newtonian (Skywatcher) with a NEQ5 mount, but I was told by many experts that the mount would be undersized with that  tube, very long and not at all light .. although obviously in the shops they sell them (i mean mount+scope) coupled.
So either I took a smaller diameter tube (150 mm) or I would have had to invest in a more performing mount (and much much more expensive, also considering that as i said, i wanted a goto motorized one).
Regardless of this, I would have had space problems anyway (keeping it mounted was not an option,  since it would take up much more space than the Dobson): in addition, I’ve imagined myself in the garden, able to mount everything, balance the weights etc, and I told myself (and my laziness) that knowing myself I don’t know if I would always have wanted to.

At that point the choice paradoxically became simpler, towards a short tube: between a Makutsov (127mm, more would have been a drain) or … a 150 SC, which is precisely the Celestron tube I bought.
This telescope (Schmidt-Cassegrain type) is excellent for planetary viewing (and also photography, why not).
Furthermore, if I feel like taking professional deep sky photos, I can “transform” stock azimutal mount into equatorial by buying a special wedge and buying a focal reducer.

You can see my astro-pictures in photogallery

Posted in Astronomy | Comments Off on finally .. telescope

FireEye has been hacked

FireEye (cybersecurity firm) said it was hacked and that the attackers stole the tools the company uses to test the defenses of its customers’ computer networks to find potential vulnerabilities

The hacking was discovered in recent weeks, when suspicious access was detected that had exceeded the two-factor authentication requirement on their virtual private network, according to the company.
The attackers hacked from two dozen U.S.-based IP addresses, none of which were detected before as part of a cyberattack: the kind of sophisticated tactics that led FireEye to believe that a foreign intelligence service was behind the incident. (“a nation with high-level offensive capabilities”)

Unfortunately this shows that even a famous cybersecurity company can be compromised and… we are all potential victims.

Useful link:
https://github.com/fireeye/red_team_tool_countermeasures

Source: FireEye Webpage

Posted in Cybersecurity | Comments Off on FireEye has been hacked

Venus

Lately I’ve been interested in astronomy; I am absolutely a beginner
Here is the hottest planet in the solar system: Venus!
(photo taken with an Iphone).

Posted in Astronomy | Comments Off on Venus

New mac osx vulnerabilities

A new patch , the Security Update 2018-003, has recently been released on 1st june, which would fix some vulnerabilities afflicting Mac OS X High Sierra, Sierra, El Capitan.
Such vulnerabilities would allow, for example, a local attacker to gain elevated privileges on the system ,another one could allow a local user to bypass security restrictions.
There was also mentioned about of a non-specified validation defect in the kernel that an authenticated user could exploit to perform Ddos attacks.
You can refer to Apple security document HT208849

Posted in Mac Os, Tech news - tutorials | Comments Off on New mac osx vulnerabilities

How long ago your Linux system has been installed?

Do you need to know when your Linux has been installed?
here you have one way
i used tune2fs on Arch linux
basically command is”
sudo tune2fs -l /dev/YOURPARTITION | grep ‘Filesystem created:’
This useful command checking file system data creation and consequently, operating system installation date (unless you are checking  an empty partition:-)
In my case, partition is /dev/sda6, where i have installed Arch linux almost one year ago

If you don’t remember your partition , you can execute sudo fdisk-l , partition is obviously “Linux filesystem”

Posted in Gnu-Linux | Comments Off on How long ago your Linux system has been installed?

Spectre – Meltdown checker (linux)

I have just tried on my not so new pc this interesting script: Specter-Meltdown-Checker , as specified also in instructions, it is not a bible, but surely it is something could give you very useful informations – this script give you the possibility to check your pc vulnerability to  Spectre (2 variants) and Meltdown.
Pc features:
Intel I5-3470 (ivy bridge) 3.20 GHz
Kernel: 4.14.13-1-ARCH
8 GB ram
Arch Linux
Nvidia Geforce Gt-630
full Hardware details are here , (i have used lshw command)
i downloaded  and extracted .zip file ,
then i applied execute permission to .sh file through chmod +x

Then i have executed the script (Is recommended to execute script being root)
after password insertion, the script can run:below results:
Spectre Variant 1 (CVE-2017-5753 bounds check bypass)
final result is
 
Spectre Variant 2 (CVE-2017-5715 branch target injection)
as you can see, script try to check if in my machine are some mitigations 

final result is
 
 
Meltdown (CVE-2017-5754 rogue data cache load)
In that case result was positive, thanks Kernel 🙂


 Just for curiosity i have also executed script without root permission (i know, have no sense but i wanted see differences) below you can see what happens:
Obviously script will warn you, then will start



Spectre (Variant 1)
only differences are B^B^B^checking LFENCE while outcome (UNKNOWN) and especially final result (VULNERABLE) are exactly the same you can see executing script as root

Spectre (Variant 2)
during mitigation 1 check there is a read permission error (predictable considering we don’t have root permission) on /dev/cpu/0/msr , so script can’t check cpu microcode

Rest of other checks (IBRS kernel support,kernel space,user space etc) were identical as reported above , included final result (VULNERABLE)
Meltdown
Identical result as reported above (NOT VULNERABLE)

Posted in Gnu-Linux, Tech news - tutorials | Comments Off on Spectre – Meltdown checker (linux)

How to install Debian 9 on Macbook (end 2009) – dual boot

Here how i installed Debian 9 stretch on my old macbook 6,1 (mid 2009)
NB: where you’ll see a # before command, means you should be root or need to use sudo.
Hardware:
Video card NVIDIA  GeForce 9400M with 256 MB of SDRAM shared with main memory
Screen size 13″
Wireless card Broadcom BCM4360
Disk 256 Gb Serial ATA (5400 RPM) hard drive
Ram 8 gb SODIMM 1600MHz
Wi-fi controller Broadcom Corporation BCM43224 802.11a/b/g/n (rev 01)
Ethernet controller NVIDIA Corporation MCP79 Ethernet (rev b1)
USB 2.0 ports (2x)
Audio in/out port NVIDIA Corporation MCP79 High Definition Audio (rev b1)
Mini DisplayPort that supports an external display at 2560×1600
Procedure :
1)From mac OS , using utility disk, i resized Osx partition freeing up space for Linux ( i did not format this empty space)
2) i ‘ve downloaded a debian image (i used netinst ) and put in a usb pen (i used unetbootin)
3) i have connected wired cable (wi-fi will not work at first time)
4) inserted usb pen, turned on mac holding down the Option key while booting
5) I have installed Debian – i formatted free space as ext4,  i choose Mate as display manager, because is light (Kde would have been unfeasible)- LightDM was selected automatically as login manager.
After reboot, MBR will be overwritten by Grub, so only Debian will start (for now)
Fix Reboot
Shutdown, suspend and hibernate all work out of the box. For reboots, a modification should be made.
# /nano/etc/default/grub
adding  “reboot=pci” in GRUB_CMDLINE_LINUX DEFAULT row
if e.g. you have
GRUB_CMDLINE_LINUX_DEFAULT=”quiet splash”
will become GRUB_CMDLINE_LINUX_DEFAULT=”quiet splash reboot=pci
Now, on the terminal run sudo update-grub, shutdown macbook and power it on again.
Reboot should works at the end.
Refind Bootloader installation
Since i have Mac Osx in the other partition, i need to install Refind boot manager, that will allow to choose between Debian/Mac during system startup, therefore :
# apt-get install refind
After installation, at startup time you will have in addition to Mac, 2 (?) Debian icons, each of which respectivaly run initrd (initial ramdisk) and vmlinuz (kernel).
Leaving aside initrd/vmlinuz explanation, (is not the scope of this post) , important thing to know is that if we will boot using initrd we’ll use Grub, while if we will boot choosing kernel we’ll not use Grub
/boot/initrd.img-4.9.0.3-amd64 –> start with grub
/boot/vmlinuz-4.9.03-amd64 –> start without grub
Since as i described in Grub section, reboot works thanks to grub modification (reboot=pci); therefore clearly we need to start image that uses grub (unless you want to reboot the macbook by turning it off and then turning it back on with the button 🙂
Only option is to use initrd.img, so we have to modify refind configuration in order to hide vmlinux image in refind startup menu:
# nano /boot/efi/EFI/refind/refind.conf
and we add:
dont_scan_files vmlinuz-4.9.0-3-amd64
scan_all_linux_kernels false
Save and Exit.
Video drivers
i am not a nouveau lover:basically, in my opinion Nvidia drivers working better, so i don’t see any reason to not use them; furthermore, i needed to have possibility to work also with an external monitor and this is perfectly working using nvidia drivers
Therefore i installed nvidia-drivers (340) and  nvidia-settings (optional but strongly suggested)
# apt-get install nvidia-legacy-340xx-driver nvidia-settings-legacy-340xx
Nvidia-settings-legacy is a GUI with all settings, useful especially if you need to use an external monitor (but not only, as you can see later).
After reboot you will see nvidia logo before login-manager (obviously you can remove it).
NB i tried to install drivers with version > 340 but did’nt work out , so don’t waste your time:-)
Wi-fi
At first boot,Wi-fi will be not recognized
we have to install broadcom drivers
# apt-get install linux-image-$(uname -r|sed ‘s,[^-]*-[^-]*-,,’) linux-headers-$(uname -r|sed ‘s,[^-]*-[^-]*-,,’) broadcom-sta-dkms
let’s avoid that other wifi modules would be in conflict with my broadcoam
# modprobe -r b44 b43 b43legacy ssb brcmsmac bcma
now  we add our wl module
# modprobe wl
at reboot you should have your working Wi-fi.
Audio
Work out of the box, Nvidia audio card was recognizes, however checking alsamixer*configurations i noticed that pulseaudio was present as additional sound card, so i decided to remove it
# apt-get remove pulseaudio
After reboot , default card will be HDA Nvidia

Headphone as default are set to zero volume; with alsamixer you can active them (headphone section)
*i strongly suggest to install alsamixer and alsamixer-gui
Isight (webcam)
Work out of the box , i suggest to make a first check doing (being root) dmesg | grep iSight 

to see cam in action you can also install cheese, and guvcview to change settings.
# apt-get install cheese guvcview
Optional ( isight-firmware-tools)
this part is optional (if cam works, skip this part)
i installed isight-firmware-tool
I wanted to try isight-firmware tool extracting original firmware directly from Mac Osx partition : In order to avoid boring useless permission problems, instead to specify Mac Osx path in tool i prefered to copy in advance the file AppleUSBVideoSupport from Mac Osx partition to my Desktop , so path was /home/fafa/Scrivania/AppleUSBVideoSupport
Then i have execute command:
root@MacDebian:/home/fafa/Scrivania#
ift-extract -a /home/fafa/Scrivania/AppleUSBVideoSupport
As result:
** Message: Found firmware signature at offset 0x1998.
** Message: Firmware extracted successfully in /lib/firmware/isight.fw
………………………………………….
** Message: Firmware patched successfully
Now, looking in /lib/firmware you can see isight.fw
I must say i did’nt notice any difference after installation of this firmware, so if your webcam will immediatly works , you can avoid to install isight-firmware-tools
NB: Scrivania is Desktop in italian language :-).
f1-f2  buttons( backlights)
At beginning will not work, i fixed problem adding in /etc/X11/xorg.conf following row, under Device section
Option “RegistryDwords” “EnableBrightnessControl=1”

if xorg.conf is not present, you can easily edit/save it trough nvidia-settings tool:
Go to Server Display Configuration , then on the bottom right corner clickbutton “save toX configuration file” , before save, click “show preview” and addOption “RegistryDwords” “EnableBrightnessControl=1” under Device section
After reboot , f1-f2 should work – in order to preserve backlight level after reboot, i strongly suggest to add string in grub
# /nano/etc/default/grub
then in GRUB_CMDLINE_LINUX_DEFAULT section i added
acpi_backlight=vendor
so (if you followed my previous suggestion ) will have situation below

NB: i have also removed from grub “quiet-splash ” cause i like to see loading services (of course you can leave it.

f10-f12 buttons (sound level regulation )
Work out of the box.
Bluetooth
It seems working; i wrote “seems” because i did not tested it with other bluetooth devices.
as default is enabled, to disable it:
nano /etc/bluetooth/main.conf
Then look for a row named Initially powered =true and replace “true” with “false”
Save, exit and reboot: Afterthat Bt should be off.

Final result 
(click image below for enlarge)
Debian 9 stretch + Mate+Docky on macbook 6.1

Posted in Gnu-Linux, Mac Os | Comments Off on How to install Debian 9 on Macbook (end 2009) – dual boot

Linux boot speed-up removing slow/useless services

Today, after upgrade to Debian Stretch i was looking startup loaded services and system boot-up performances through systemd-analyze* command.

Looking results , excluding kernel time(4,5 sec), system took 1 minute and 42 seconds for start; OK , i don’t have an SSD, there are a lot of services like tor, virtualbox , Plasma,etc but boot time seems really too long.
This situation deserves a more detailed check, so i executed systemd-analyze blame* for understand if there is a particular slow service or if there are just so many

As you can see , outcome show that racoon.service takes 1minute and 32 secs to start.. this service (ipsec) for my needs it is useless. Therefore i typed (with sudo, or being root) Systemctl disable racoon.service

Afterthat, i restarted system and i typed again command System-analyze to see results:

Nice, we cut 1 minute and 17 seconds ; from 1 minute and 47 sec to .. 30 seconds 🙂
Probably this is a not-standard case, but with this example you can easily understand how even a single service can affect startup time.
In general,  making a check  to verify and identify which services taking time (and especially if are necessary for our needs)  it is something that ,as in this case, is really useful
*Despite my screenshots, you can execute systemd-analyze and systemd-analyze blame whitout root privileges.

Posted in Gnu-Linux | Comments Off on Linux boot speed-up removing slow/useless services

Mamp: a local web server (and not only) with few clicks

I needed a local web server for make some .php experiments whitout transfer data to my website and make them in remote.
I did not have time for install and configure Apache and Php so i was looking for something already configured ready to go application working with few clicks: MAMP
where:
Mac OS X :operating syste, Apache as web server , MySQL – database management system; while P is for  PHP, Python or Perl, (applications web developement languages)
MAMP is basically the equivalent of LAMP platform on Linux servers
Installation is very trivial, at the end will have:
, choose MAMP and click mamp
Once opened, it is enough to click on start icon  startmamp and everything will start.
mampconsole_mini
From here prefmamps  it is possible to change Mamp settings :
Start/stop section:
You can choose if automatically start  server when you’ll start Mamp, if open web start page, if stop service when you’ll quit Mamp
startstopmamp
Sezione Ports:
You can modify port number: default port are:Apache : 8888 – Nginx : 7888- MySQL : 8889, but nothing prevents for example to use classic port 80 for Apache (unless it is already used from other service in your machine.
portsettingsmamp
Therefore your website will have this address: https://localhost:8888, clearly if you want use port 80, address will be https://localhost
Php Section
You can choose which Php version to be used
phpmamp
Urls
phpInfo
: http://localhost:8888/MAMP/index.php?language=English&page=phpinfo
phpMyAdmin : https://localhost:8888/phpMyAdmin/?lang=en
Web Server section:
You can choose between Apace and Nginx and you can modify root folder (where you have to put your website)
webservermamp
Sezione MySql:
Show Mysql current version
mysqlmamps

Posted in Tech news - tutorials | Comments Off on Mamp: a local web server (and not only) with few clicks