A Raspbian desktop update with some new programming tools

Today we’ve released another update to the Raspbian desktop. In addition to the usual small tweaks and bug fixes, the big new changes are the inclusion of an offline version of Scratch 2.0, and of Thonny (a user-friendly IDE for Python which is excellent for beginners). We’ll look at all the changes in this post, but let’s start with the biggest…

Scratch 2.0 for Raspbian

Scratch is one of the most popular pieces of software on Raspberry Pi. This is largely due to the way it makes programming accessible – while it is simple to learn, it covers many of the concepts that are used in more advanced languages. Scratch really does provide a great introduction to programming for all ages.

Raspbian ships with the original version of Scratch, which is now at version 1.4. A few years ago, though, the Scratch team at the MIT Media Lab introduced the new and improved Scratch version 2.0, and ever since we’ve had numerous requests to offer it on the Pi.

There was, however, a problem with this. The original version of Scratch was written in a language called Squeak, which could run on the Pi in a Squeak interpreter. Scratch 2.0, however, was written in Flash, and was designed to run from a remote site in a web browser. While this made Scratch 2.0 a cross-platform application, which you could run without installing any Scratch software, it also meant that you had to be able to run Flash on your computer, and that you needed to be connected to the internet to program in Scratch.

We worked with Adobe to include the Pepper Flash plugin in Raspbian, which enables Flash sites to run in the Chromium browser. This addressed the first of these problems, so the Scratch 2.0 website has been available on Pi for a while. However, it still needed an internet connection to run, which wasn’t ideal in many circumstances. We’ve been working with the Scratch team to get an offline version of Scratch 2.0 running on Pi.

Screenshot of Scratch on Raspbian

The Scratch team had created a website to enable developers to create hardware and software extensions for Scratch 2.0; this provided a version of the Flash code for the Scratch editor which could be modified to run locally rather than over the internet. We combined this with a program called Electron, which effectively wraps up a local web page into a standalone application. We ended up with the Scratch 2.0 application that you can find in the Programming section of the main menu.

Physical computing with Scratch 2.0

We didn’t stop there though. We know that people want to use Scratch for physical computing, and it has always been a bit awkward to access GPIO pins from Scratch. In our Scratch 2.0 application, therefore, there is a custom extension which allows the user to control the Pi’s GPIO pins without difficulty. Simply click on ‘More Blocks’, choose ‘Add an Extension’, and select ‘Pi GPIO’. This loads two new blocks, one to read and one to write the state of a GPIO pin.

Screenshot of new Raspbian iteration of Scratch 2, featuring GPIO pin control blocks.

The Scratch team kindly allowed us to include all the sprites, backdrops, and sounds from the online version of Scratch 2.0. You can also use the Raspberry Pi Camera Module to create new sprites and backgrounds.

This first release works well, although it can be slow for some operations; this is largely unavoidable for Flash code running under Electron. Bear in mind that you will need to have the Pepper Flash plugin installed (which it is by default on standard Raspbian images). As Pepper Flash is only compatible with the processor in the Pi 2.0 and Pi 3, it is unfortunately not possible to run Scratch 2.0 on the Pi Zero or the original models of the Pi.

We hope that this makes Scratch 2.0 a more practical proposition for many users than it has been to date. Do let us know if you hit any problems, though!

Thonny: a more user-friendly IDE for Python

One of the paths from Scratch to ‘real’ programming is through Python. We know that the transition can be awkward, and this isn’t helped by the tools available for learning Python. It’s fair to say that IDLE, the Python IDE, isn’t the most popular piece of software ever written…

Earlier this year, we reviewed every Python IDE that we could find that would run on a Raspberry Pi, in an attempt to see if there was something better out there than IDLE. We wanted to find something that was easier for beginners to use but still useful for experienced Python programmers. We found one program, Thonny, which stood head and shoulders above all the rest. It’s a really user-friendly IDE, which still offers useful professional features like single-stepping of code and inspection of variables.

Screenshot of Thonny IDE in Raspbian

Thonny was created at the University of Tartu in Estonia; we’ve been working with Aivar Annamaa, the lead developer, on getting it into Raspbian. The original version of Thonny works well on the Pi, but because the GUI is written using Python’s default GUI toolkit, Tkinter, the appearance clashes with the rest of the Raspbian desktop, most of which is written using the GTK toolkit. We made some changes to bring things like fonts and graphics into line with the appearance of our other apps, and Aivar very kindly took that work and converted it into a theme package that could be applied to Thonny.

Due to the limitations of working within Tkinter, the result isn’t exactly like a native GTK application, but it’s pretty close. It’s probably good enough for anyone who isn’t a picky UI obsessive like me, anyway! Have a look at the Thonny webpage to see some more details of all the cool features it offers. We hope that having a more usable environment will help to ease the transition from graphical languages like Scratch into ‘proper’ languages like Python.

New icons

Other than these two new packages, this release is mostly bug fixes and small version bumps. One thing you might notice, though, is that we’ve made some tweaks to our custom icon set. We wondered if the icons might look better with slightly thinner outlines. We tried it, and they did: we hope you prefer them too.

Downloading the new image

You can either download a new image from the Downloads page, or you can use apt to update:

sudo apt-get update
sudo apt-get dist-upgrade

To install Scratch 2.0:

sudo apt-get install scratch2

To install Thonny:

sudo apt-get install python3-thonny

One more thing…

Before Christmas, we released an experimental version of the desktop running on Debian for x86-based computers. We were slightly taken aback by how popular it turned out to be! This made us realise that this was something we were going to need to support going forward. We’ve decided we’re going to try to make all new desktop releases for both Pi and x86 from now on.

The version of this we released last year was a live image that could run from a USB stick. Many people asked if we could make it permanently installable, so this version includes an installer. This uses the standard Debian install process, so it ought to work on most machines. I should stress, though, that we haven’t been able to test on every type of hardware, so there may be issues on some computers. Please be sure to back up your hard drive before installing it. Unlike the live image, this will erase and reformat your hard drive, and you will lose anything that is already on it!

You can still boot the image as a live image if you don’t want to install it, and it will create a persistence partition on the USB stick so you can save data. Just select ‘Run with persistence’ from the boot menu. To install, choose either ‘Install’ or ‘Graphical install’ from the same menu. The Debian installer will then walk you through the install process.

You can download the latest x86 image (which includes both Scratch 2.0 and Thonny) from here or here for a torrent file.

One final thing

This version of the desktop is based on Debian Jessie. Some of you will be aware that a new stable version of Debian (called Stretch) was released last week. Rest assured – we have been working on porting everything across to Stretch for some time now, and we will have a Stretch release ready some time over the summer.

The post A Raspbian desktop update with some new programming tools appeared first on Raspberry Pi.

Source: RaspberryPi – IOT Anonimo

Source: Privacy Online

Source: Zologic

TekThing 130 – Cheap Mesh Routers? Focal Spark In Ear Headphone, Latency vs. Bandwidth, Solar Photography Tips!

Are there cheap mesh routers??? Focal Spark In Ear Review, Latency vs. Bandwidth, Solar Photography with Binoculars!
00:57 Affordable Mesh Routers???
@sanbornVR tweets, “When are mesh routers going to be affordable? They are the cost of game consoles, this is impossible.” We answer in the video!

04:33 Focal Spark In Ear Headphone
Focal’s first in ear, the Sphear, delivered delightfully spacious sound, but launched at hefty $180… today we review Focal’s new $69 Spark earbuds! (Related Gear: Amber Rubarth’s Sessions from the 17th Ward, JDS Labs The Element.)

10:52 Wireless ISP Latency???
@tomprossima tweets “Regarding the wireless ISP you mentioned earlier. You never mentioned the latency. Have you tried online gaming?” We have, and we have our Common Netwoks latency info, along with a discussion of what latency means in the video!

13:01 OnePlus 5, Dell Ultrawide Deal, ProtonVPN!
The OnePlus 5 has been officially announced, and ProtonVPN left beta this week, full reviews coming next week. Dell’s awesome Dell U3415w is on close out and at a great price, and Dell has a new 38″ UltraSharp 38 Curved Monitor!

15:55 First Budget Solar Photo Tip!
Normally we tell ya to close the laptop and put down the phone when it’s time to Do Something Analog, but our first suggestions for getting photos o’ the August 21st eclipse arrived from @shuman_projects, @OceanPlanet4546, and @RamRiot! Thanks!!!
Thank You Patrons! Without your support via patreon.com/tekthing, we wouldn’t be able to make the show for you every week!
Amazon Associates: http://amzn.to/2gm9Egf
Subscribe: https://www.youtube.com/c/tekthing
Website: http://www.tekthing.com
RSS: http://feeds.feedburner.com/tekthing
HakShop: https://hakshop.myshopify.com/
Twitter: https://twitter.com/tekthing
Facebook: https://www.facebook.com/TekThing
Reddit: https://www.reddit.com/r/tekthingers

Source: Security news

Source: Zologic

Proactively monitor your network against attacks using our FREE Threat Intelligence in Splunk

A few weeks ago I showed how to use the Anomali ThreatStream Splunk App to hunt known actors that had been observed trying to access your environment, and in some cases where they were already inside.

For those who are not yet ThreatStream customers, do not fear. Our free ThreatStream Community Splunk App can get you started with Anomali’s powerful Threat Intelligence, allowing you to proactively monitor your network and protect against attacks.

View our Weekly Threat Bulletin reports

You might have seen the weekly Threat Briefings our labs team posts on the blog. Many ThreatStream and non-ThreatStream customers alike use these posts to stay on-top what’s happening in the cyber security world (attackers, malware outbreaks, threats, etc).

If you’re a Splunk user you can view these Threat Briefings without ever leaving Splunk in the ThreatStream Community App. 

Automated Threat Bulletin Matches

Not only can you view the downloaded Threat Bulletins, the ThreatStream Community App will also match your Splunk against the Indicators of Compromise (IOCs) linked to each Bulletin. IOCs include IPs, URLs, file hashes (malware), and compromised emails, for example. If you see one of these IOCs match against your Splunk logs, it can indicate a further investigation is needed.

Match Against Millions of IOCs

If you choose, you can also forward your Splunk logs into Anomali Reports to have them analysed against millions more IOCs. If you choose to upgrade to our ThreatStream Commercial Splunk App you can download these indicators directly into Splunk, and use with other Splunk Apps.

See the App in Action

Free Download on Splunkbase

The Anomali Community App for Splunk combines the quality of Anomali’s threat intelligence with the depth of Splunk’s analytics to help organizations identify and respond to external security threats.

Download the ThreatStream Community Splunk App on Splunkbase here.

Source: Honeypot Tech

CoderDojo Coolest Projects 2017

When I heard we were merging with CoderDojo, I was delighted. CoderDojo is a wonderful organisation with a spectacular community, and it’s going to be great to join forces with the team and work towards our common goal: making a difference to the lives of young people by making technology accessible to them.

You may remember that last year Philip and I went along to Coolest Projects, CoderDojo’s annual event at which their global community showcase their best makes. It was awesome! This year a whole bunch of us from the Raspberry Pi Foundation attended Coolest Projects with our new Irish colleagues, and as expected, the projects on show were as cool as can be.

Coolest Projects 2017 attendee

Crowd at Coolest Projects 2017

This year’s coolest projects!

Young maker Benjamin demoed his brilliant RGB LED table tennis ball display for us, and showed off his brilliant project tutorial website codemakerbuddy.com, which he built with Python and Flask. [Click on any of the images to enlarge them.]

Coolest Projects 2017 LED ping-pong ball display
Coolest Projects 2017 Benjamin and Oly

Next up, Aimee showed us a recipes app she’d made with the MIT App Inventor. It was a really impressive and well thought-out project.

Coolest Projects 2017 Aimee's cook book
Coolest Projects 2017 Aimee's setup

This very successful OpenCV face detection program with hardware installed in a teddy bear was great as well:

Coolest Projects 2017 face detection bear
Coolest Projects 2017 face detection interface
Coolest Projects 2017 face detection database

Helen’s and Oly’s favourite project involved…live bees!

Coolest Projects 2017 live bees


Its creator, 12-year-old Amy, said she wanted to do something to help the Earth. Her project uses various sensors to record data on the bee population in the hive. An adjacent monitor displays the data in a web interface:

Coolest Projects 2017 Aimee's bees

Coolest robots

I enjoyed seeing lots of GPIO Zero projects out in the wild, including this robotic lawnmower made by Kevin and Zach:

Raspberry Pi Lawnmower

Kevin and Zach’s Raspberry Pi lawnmower project with Python and GPIO Zero, showed at CoderDojo Coolest Projects 2017

Philip’s favourite make was a Pi-powered robot you can control with your mind! According to the maker, Laura, it worked really well with Philip because he has no hair.

Philip Colligan on Twitter

This is extraordinary. Laura from @CoderDojo Romania has programmed a mind controlled robot using @Raspberry_Pi @coolestprojects

And here are some pictures of even more cool robots we saw:

Coolest Projects 2017 coolest robot no.1
Coolest Projects 2017 coolest robot no.2
Coolest Projects 2017 coolest robot no.3

Games, toys, activities

Oly and I were massively impressed with the work of Mogamad, Daniel, and Basheerah, who programmed a (borrowed) Amazon Echo to make a voice-controlled text-adventure game using Java and the Alexa API. They’ve inspired me to try something similar using the AIY projects kit and adventurelib!

Coolest Projects 2017 Mogamad, Daniel, Basheerah, Oly
Coolest Projects 2017 Alexa text-based game

Christopher Hill did a brilliant job with his Home Alone LEGO house. He used sensors to trigger lights and sounds to make it look like someone’s at home, like in the film. I should have taken a video – seeing it in action was great!

Coolest Projects 2017 Lego home alone house
Coolest Projects 2017 Lego home alone innards
Coolest Projects 2017 Lego home alone innards closeup

Meanwhile, the Northern Ireland Raspberry Jam group ran a DOTS board activity, which turned their area into a conductive paint hazard zone.

Coolest Projects 2017 NI Jam DOTS activity 1
Coolest Projects 2017 NI Jam DOTS activity 2
Coolest Projects 2017 NI Jam DOTS activity 3
Coolest Projects 2017 NI Jam DOTS activity 4
Coolest Projects 2017 NI Jam DOTS activity 5
Coolest Projects 2017 NI Jam DOTS activity 6

Creativity and ingenuity

We really enjoyed seeing so many young people collaborating, experimenting, and taking full advantage of the opportunity to make real projects. And we loved how huge the range of technologies in use was: people employed all manner of hardware and software to bring their ideas to life.

Philip Colligan on Twitter

Wow! Look at that room full of awesome young people. @coolestprojects #coolestprojects @CoderDojo

Congratulations to the Coolest Projects 2017 prize winners, and to all participants. Here are some of the teams that won in the different categories:

Coolest Projects 2017 winning team 1
Coolest Projects 2017 winning team 2
Coolest Projects 2017 winning team 3

Take a look at the gallery of all winners over on Flickr.

The wow factor

Raspberry Pi co-founder and Foundation trustee Pete Lomas came along to the event as well. Here’s what he had to say:

It’s hard to describe the scale of the event, and photos just don’t do it justice. The first thing that hit me was the sheer excitement of the CoderDojo ninjas [the children attending Dojos]. Everyone was setting up for their time with the project judges, and their pure delight at being able to show off their creations was evident in both halls. Time and time again I saw the ninjas apply their creativity to help save the planet or make someone’s life better, and it’s truly exciting that we are going to help that continue and expand.

Even after 8 hours, enthusiasm wasn’t flagging – the awards ceremony was just brilliant, with ninjas high-fiving the winners on the way to the stage. This speaks volumes about the ethos and vision of the CoderDojo founders, where everyone is a winner just by being part of a community of worldwide friends. It was a brilliant introduction, and if this weekend was anything to go by, our merger certainly is a marriage made in Heaven.

Join this awesome community!

If all this inspires you as much as it did us, consider looking for a CoderDojo near you – and sign up as a volunteer! There’s plenty of time for young people to build up skills and start working on a project for next year’s event. Check out coolestprojects.com for more information.

The post CoderDojo Coolest Projects 2017 appeared first on Raspberry Pi.

Source: RaspberryPi – IOT Anonimo

Source: Privacy Online

Source: Zologic

CyberSecurity4Rail Conference: Helping European Railways to Build Digital Security through Cooperation

This conference will bring together experts in cybercrime and digital security, plus leaders in ICT and representatives from transport and railway companies. They will discuss the threats and set out a vision for safer, more secure digital communications and data networks in the transport industry.
Source: Cybersecurity and digital privacy newsletter

Source: Privacy Online

Source: Zologic

Political Parties as Critical Infrastructure?


United States

Former Secretary of Homeland Security Jeh Johnson testified Wednesday before the House Intelligence Committee as part of the House investigation into Russian interference in the 2016 election. Much of the hearing focused on Johnson’s decision, announced on January 6, to designate election infrastructure as “critical infrastructure.” Both Rep. Mike Conaway (R-TX) and Rep. Joaquin Castro (D-TX) questioned whether that designation includes political parties, and Johnson repeatedly clarified that it does not.

It might seem obvious that political parties and campaigns should be covered as critical infrastructure. After all, it was the hack of the Democratic National Committee (DNC) that started the Russian hacking scandal. But the question of whether to include political parties and related entities as critical infrastructure is tied into the broader, ongoing debate about how to treat information operations designed to influence democratic elections. That’s a harder question than simply whether political entities are critical infrastructure or not.

When asked why designating election infrastructure as critical infrastructure was important, Johnson gave three reasons. He explained first that “critical infrastructure receives a priority in terms of the assistance [DHS] give[s] on cybersecurity,” and second that communications between critical infrastructure and DHS receive “a certain level of . . . confidentiality.” Johnson’s third reason goes to the international implications of the designation. He explained, “[W]hen you’re part of critical infrastructure, you get the protection of the international cyber norms. Thou shalt not attack critical infrastructure in another country.” 

Johnson is right to emphasize that the designation isn’t purely a domestic issue, but rather one with international implications. As I argued last summer, specifying what counts as critical infrastructure is an important step toward adding substance to the broad peacetime norm against attacking critical infrastructure that the United States, Russia, China, and other members of the U.N. Group of Governmental Experts (GGE) agreed to in 2015. Announcing that the United States considers election infrastructure to be critical infrastructure is a way of telling foreign governments to back off, making clear that the United States will consider interference with election infrastructure to be a violation of the norm that could bring political or possibly legal consequences.

Given this implication of designating infrastructure as “critical,” designating political parties and campaigns as critical infrastructure has some intuitive appeal. Political parties and campaigns have been the victims of hacks that then facilitate influence operations. And this has happened not just in the United States, but also in France. On the eve of the French presidential election, now-President Emmanuel Macron’s campaign suffered a massive hack, resulting in the release of actual and fraudulently altered campaign documents in the days immediately preceding the vote.

Read the full post at Just Security

Focus Area: 
Related Topics: 
Publication Type: 
Other Writing
Publication Date: 
June 22, 2017

Source: Cyber Law

Source: Privacy Online

Source: Zologic

Hak5 2214 – Kid in a candy store – Hack Across the Planet

Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

Source: Security news

Source: Zologic

Anomali Limo – Free Intelligence Feeds

If today’s threat landscape were a road, it would be marred with all kinds of obstacles- potholes of malware, a flat tire of phishing emails, and maybe even a stolen car/computer through a botnet. It’s treacherous to navigate- particularly if you don’t have a mature security program. Even the smallest of organization stands to benefit from threat intelligence though, and a lack of expertise, time, or budget shouldn’t exclude them from improved security.

That’s why we’ve created Limo, a free TAXII service made up of a variety of threat intelligence feeds. Anomali’s Limo service provides a luxurious and smooth ride through this threat landscape- luxurious in the quality of information, and smooth in how simple it is to set up.

The information for these feeds is harvested from a variety of sources such as Anomali Labs research, our Modern Honey Net, open source feeds, and more. These feeds are fully STIX/TAXII compliant, making it easy to collect and share. These feeds are also updated regularly to provide users with the most relevant threat information.

Here’s where the comparison to a limousine service ends though. Accessing Limo is far easier a process than its real-life counterpart, and completely free. For Anomali STAXX users, Limo is preconfigured so that all data and preferences remain the same and intelligence from Limo’s feeds is available to be used immediately.

Anomali Limo isn’t as exclusive as a real-life limo either. If you’d like to use another TAXII client, you can configure it to point towards https://limo.anomali.com/api/v1/taxii/taxii-discovery-service/ and use guest/guest as the username and password.

Cybersecurity Talent Shortage Infographic

Get STAXX Free

The simplest way to buckle in for a deluxe threat intelligence experience.


If you have any other questions about Limo, STAXX, or other Anomali products, join the conversation on the Anomali Forum.

Source: Honeypot Tech

The Folly of Vulnerability & Patch Management for ICS Networks

Yes, such efforts matter. But depending on them can give a false sense of security.
Source: Vulnerabilitys & Threats

Is your product “Powered by Raspberry Pi”?

One of the most exciting things for us about the growth of the Raspberry Pi community has been the number of companies that have grown up around the platform, and who have chosen to embed our products into their own. While many of these design-ins have been “silent”, a number of people have asked us for a standardised way to indicate that a product contains a Raspberry Pi or a Raspberry Pi Compute Module.

Powered by Raspberry Pi Logo

At the end of last year, we introduced a “Powered by Raspberry Pi” logo to meet this need. It is now included in our trademark rules and brand guidelines, which you can find on our website. Below we’re showing an early example of a “Powered by Raspberry Pi”-branded device, the KUNBUS Revolution Pi industrial PC. It has already made it onto the market, and we think it will inspire you to include our logo on the packaging of your own product.

Powered by Raspberry Pi logo on RevPi

Using the “Powered by Raspberry Pi” brand

Adding the “Powered by Raspberry Pi” logo to your packaging design is a great way to remind your customers that a portion of the sale price of your product goes to the Raspberry Pi Foundation and supports our educational work.

As with all things Raspberry Pi, our rules for using this brand are fairly straightforward: the only thing you need to do is to fill out this simple application form. Once you have submitted it, we will review your details and get back to you as soon as possible.

When we approve your application, we will require that you use one of the official “Powered by Raspberry Pi” logos and that you ensure it is at least 30 mm wide. We are more than happy to help you if you have any design queries related to this – just contact us at info@raspberrypi.org

The post Is your product “Powered by Raspberry Pi”? appeared first on Raspberry Pi.

Source: RaspberryPi – IOT Anonimo

Source: Privacy Online

Source: Zologic