Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a variety of Android-based smartphones.

In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device.

Google said it believes the exploit chain for Samsung devices belonged to a “commercial surveillance vendor,” without elaborating further. The highly technical writeup also did not name the malicious app in question.

On Feb. 28, 2023, researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove.

The three Samsung exploits that DarkNavy says were used by the malicious app. In November 2022, Google documented these three same vulnerabilities being used together to compromise Samsung devices.

DarkNavy likewise did not name the app they said was responsible for the attacks. In fact, the researchers took care to redact the name of the app from multiple code screenshots published in their writeup. DarkNavy did not respond to requests for clarification.

“At present, a large number of end users have complained on multiple social platforms,” reads a translated version of the DarkNavy blog post. “The app has problems such as inexplicable installation, privacy leakage, and inability to uninstall.”

On March 3, 2023, a denizen of the now-defunct cybercrime community BreachForums posted a thread which noted that a unique component of the malicious app code highlighted by DarkNavy also was found in the ecommerce application whose name was apparently redacted from the DarkNavy analysis: Pinduoduo.

A Mar. 3, 2023 post on BreachForums, comparing the redacted code from the DarkNavy analysis with the same function in the Pinduoduo app available for download at the time.

On March 4, 2023, e-commerce expert Liu Huafang posted on the Chinese social media network Weibo that Pinduoduo’s app was using security vulnerabilities to gain market share by stealing user data from its competitors. That Weibo post has since been deleted.

On March 7, the newly created Github account Davinci1010 published a technical analysis claiming that until recently Pinduoduo’s source code included a “backdoor,” a hacking term used to describe code that allows an adversary to remotely and secretly connect to a compromised system at will.

That analysis includes links to archived versions of Pinduoduo’s app released before March 5 (version 6.50 and lower), which is when Davinci1010 says a new version of the app removed the malicious code.

Pinduduo has not yet responded to requests for comment. Pinduoduo parent company PDD Holdings told Reuters Google has not shared details about why it suspended the app.

The company told CNN that it strongly rejects “the speculation and accusation that Pinduoduo app is malicious just from a generic and non-conclusive response from Google,” and said there were “several apps that have been suspended from Google Play at the same time.”

Pinduoduo is among China’s most popular e-commerce platforms, boasting approximately 900 million monthly active users.

Most of the news coverage of Google’s move against Pinduoduo emphasizes that the malware was found in versions of the Pinduoduo app available outside of Google’s app store — Google Play.

“Off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect,” a Google spokesperson said in a statement to Reuters, adding that the Play version of the app has been suspended for security concerns.

However, Google Play is not available to consumers in China. As a result, the app will still be available via other mobile app stores catering to the Chinese market — including those operated by Huawei, Oppo, Tencent and VIVO.

Google said its ban did not affect the PDD Holdings app Temu, which is an online shopping platform in the United States. According to The Washington Post, four of the Apple App Store’s 10 most-downloaded free apps are owned by Chinese companies, including Temu and the social media network TikTok.

The Pinduoduo suspension comes as lawmakers in Congress this week are gearing up to grill the CEO of TikTok over national security concerns. TikTok, which is owned by Beijing-based ByteDance, said last month that it now has roughly 150 million monthly active users in the United States.

A new cybersecurity strategy released earlier this month by the Biden administration singled out China as the greatest cyber threat to the U.S. and Western interests. The strategy says China now presents the “broadest, most active, and most persistent threat to both government and private sector networks,” and says China is “the only country with both the intent to reshape the international order and, increasingly, the economic, diplomatic, military, and technological power to do so.”

Configure Logitech or SteelSeries Headset in Ubuntu via This App

Got a Logitech or SteelSeries headset? This app may help to adjust sidetone, get battery state, toggle LED, and set inactive time in Ubuntu Linux.

It’s HeadsetControl, a free and open-source application that supports:

  • Logitech G430, G432, G433, G533, G535, G633, G635, G733, G930, G933, G935, G Pro.
  • Logitech Zone Wired/Zone 750
  • SteelSeries Arctis 1, Arctis 1 for XBox, Arctis (7 and Pro), Arctis 7+, Arctis Nova 7, Arctis 9, Arctis Pro wireless.
  • HyperX Cloud Flight Wireless
  • Corsair Void (Every void-version*, regardless whether Elite, Pro, HS70 Wireless)
  • Roccat Elo 7.1 Air

The application is a command line tool, though it has a graphical interface for GNOME 42+ (Ubuntu 22.04 / Fedora 35 and higher).

Image borrowed from extension web page, as I don’t have a headset at hand

How to Install the HeadsetControl app

The app so far does not have binary package for Ubuntu Linux, though it’s not hard to build it from source. The following steps is tested and works in my case in Ubuntu 22.04 LTS.

1. First, press Ctrl+Alt+T on keyboard to open a terminal window. When it opens, run command to install build dependencies:

sudo apt install build-essential git cmake libhidapi-dev

2. Then, clone the source by running the git command in terminal, and then navigate to the source folder:

git clone https://github.com/Sapd/HeadsetControl && cd HeadsetControl

3. Create ‘build’ sub-folder, navigate to that sub-folder and start building it:

mkdir build && cd build && cmake ../

4. Finally, run make and then make install to build and install the tool:

make -j4
sudo make install

Once successfully installed, it will output that ‘/usr/local/bin/headsetcontrol‘ and ‘/usr/local/lib/udev/rules.d/70-headsets.rules‘ installed.

How to Install the Extension for graphical UI

For Ubuntu 22.04 and higher, first search for and install “Extension Manager” from Ubuntu Software.

Install Extension Manager in Ubuntu 22.04+

Then, use “Extension Manager” to search and install the ‘HeadsetControl’ extension under ‘Browse’ tab.

Once installed, it should show the indicator applet in system tray area immediately with menu options to control your headset! Other Linux can go to this page to use ON/OFF switch to install the extension.

Uninstall:

To remove the extension, either go to the link page above and use ON/OFF switch, or use “Extension Manager” or Gnome Extensions tool.

To remove the command line application, open terminal and run command:

sudo rm /usr/local/bin/headsetcontrol /usr/local/lib/udev/rules.d/70-headsets.rules

Top 5 Tools for Cross-platform app development

Cross-platform app development has become increasingly popular in recent years as businesses seek to build mobile apps that work seamlessly across multiple platforms. It allows these companies to attract a wider audience, which is critical, especially for early-stage startups.

Among the top cross-platform mobile development tools are React Native, Flutter, Xamarin, Ionic, and Cordova.

It is confirmed by Statista, that in 2021, 42% of developers preferred Flutter, 38% – React Native, 16% – Cordova, Ionic – 16%, and 11% – Xamarin.

These tools have been used to build many successful apps, including some of the most popular ones in the world. Among them are Facebook, Instagram, Airbnb, Google’s AdWords app, Coca-Cola, MarketWatch, TripCase, and others.

Benefits of cross-platform app development

Let’s define how cross-platform app development can benefit your business:

  • Budget optimization: Developing separate apps for different platforms (e.g., iOS and Android) can be expensive. Cross-platform development allows businesses to save money by building a single app that works on multiple platforms, reducing development and maintenance costs.
  • Wider audience reach: businesses can reach a wider audience by providing their app on the necessary platforms. This can help increase user acquisition and therefore grow potential revenue.
  • Faster time-to-market: Cross-platform app development can reduce the time-to-market for an app since developers can build an app on various platforms simultaneously. This can help businesses stay ahead of their competitors and capture market share more quickly.
  • Easier maintenance: With cross-platform development, businesses only need to maintain a single codebase rather than separate ones for each platform. You can sync updates across all platforms.
  • Consistent user experience: Businesses can use a cross-platform mobile development approach to keep the same design, functionality, and features for the app on all platforms.

Top 5 tools for cross-platform app development

The apps built with different cross-platform tools are not all the same. You should choose the tool based on your project and goals. We have collected the most popular cross-platform development tools, and we will tell you about their advantages and in which cases you should use them.

Flutter

Flutter is an open-source, cross-platform app development framework for building natively compiled mobile, web, and desktop applications from a single codebase. It was developed by Google. Flutter uses the Dart programming language. It provides a set of ready-made widgets.

Benefits:

  • a hot reloading feature allowing developers to see changes in real-time.
  • it helps to build visually appealing, custom-designed applications.
  • It is also suitable for developing complex applications that require advanced device integration.

Some of the big apps built on Flutter include Google Ads, Alibaba, and Reflectly (a mindfulness and meditation app).

React Native

React Native is a UI software development framework that allows developers to build mobile applications for iOS, Android, and other platforms using JavaScript and React. It was created by Facebook.

“Learn once, write anywhere” is its main principle. React Native uses native components and APIs to provide a high-performance, responsive, and visually appealing user interface. Just like Flutter, it has a hot reloading feature.

It is particularly well-suited for building simple and medium-complexity applications. You can find a React Native developer for hire to build social networking apps, e-commerce apps, and productivity apps. Some of the outstanding apps built on React Native are Facebook, Instagram, and Skype.

Cordova

Apache Cordova, also known as PhoneGap, is a cross-platform mobile app development tool that allows developers to build mobile applications using web technologies such as HTML, CSS, and JavaScript. The apps can run on iOS, Android, and Windows with a single codebase. It was created by Adobe.

Cordova helps to build simple apps quickly and efficiently. However, it can not be used for complex mobile applications requiring a high-performance level.

There are well-known apps built on Cordova such as: TripCase – a travel app that helps users manage their travel plans, and Untappd – a social networking app for beer enthusiasts.

Ionic

Ionic is a popular open-source SDK that allows developers to build mobile and web applications using HTML, CSS, and JavaScript.

It transforms web applications into mobile. The framework supports JavaScript, Angular, Vue, and React. All of the framework’s elements adapt automatically to any platform. The disadvantages are low speed and performance because it uses web technologies instead of native components. However, it allows for quick testing right in a browser.

It is particularly well-suited for building simple to medium-complexity applications.

Some of the big apps built on Ionic include MarketWatch (real-time financial news and market data), JustWatch (movies and TV shows), and Sworkit (customized workout plans and videos).

Xamarin

Xamarin is an open-source platform that allows developers to build cross-platform mobile applications for iOS, Android, and Windows using the .NET framework. It was acquired by Microsoft.

Xamarin provides access to a large number of native device features and helps to speed up the coding process. Almost all the components of this tool are 100% compatible with any platform.

Businesses hire Xamarin developers to build complex, enterprise-level applications such as banking apps, healthcare apps, and social networking apps. Some of the famous apps built on Xamarin include The World Bank, Alaska Airlines, and Olo (an app for restaurants).

Conclusions

In addition to the benefits that we have described above, such as cost-effectiveness and broader audience reach, each tool has its own advantages.

For example, React Native and Flutter have a hot reloading feature allowing developers to see changes in real-time. Almost all Xamarin elements are compatible with any platform. Cordova helps to build simple apps quickly and efficiently, and its apps are often lightweight. All of the Ionic components adapt automatically to each platform, and it speeds up cross-platform app development.

So, you need to define the requirements for your product, choose your preferred tech stack and reach out to a IT staffing agency to hire developers who will help you to implement your idea.

FAQ:

What is cross-platform mobile app development?

Cross-platform mobile app development is the process of building mobile applications that can run on multiple operating systems and devices.

How much does it cost to develop a cross-platform app?

The cost of cross-platform mobile application development varies depending on several factors, such as complexity, number of features, your vendor’s location, etc. On average, the cost can range from $10,000 to $150,000 or more.

What are the most popular tools for cross-platform app development?

Among the most popular tools for cross-platform development are React Native, Flutter, Xamarin, Ionic, and more.

Scrcpy 2.0 is out! How to Install & Use this Android Remote Control App

The free open-source Android screen mirroring and remote control application, Scrcpy, released version 2.0 today!

The new release feature audio forwarding support! Meaning it’s not only mirroring your Android screen, but also sending the sound from Android to your PC speaker. The new feature supports Android 11 and higher. It’s enabled by default, though there’s --no-audio flag available to disable it.

Another big change in the release is that the device screen can now be encoded in H.265, or even AV1 if your device supports AV1 encoding.

The release also includes new --list-encoders option to list audio and video encoders available in the device, and --list-displays to list displays available on the device. For more about Scrcpy 2.0, see the official release note.

How to Install & Use Scrcpy in Ubuntu 22.04 to control your Android Phone Wirelessly or via USB cable

NOTE: This tutorial is tested and works in Ubuntu 22.04, though it should also work in all current Ubuntu releases.

Step 1. Prepare your Android device

To use the software, you need to first enable USB Debugging Mode in Android.

1. First, go to Settings in Android. Navigate to “About Phone”, and tap on “Build Number” several times (usually 7 times). It should prompt you something like “You are now in Developer Mode“.

TIP: there’s NO security issue or performance loss with developer mode enabled.

2. Then navigate to “Developer Options” in Settings menu or ‘Additional Settings’ sub-menu, and turn on the option for “USB Debugging“.

Step 2. Install adb

adb (Android Debug Bridge) package is also required for this software. Just press Ctrl+Alt+T on keyboard to open terminal and run command to install it:

sudo apt install adb

Step 3. Install scrcpy

There are few ways to install scrcpy, choose either one that you prefer.

Option 1: .deb package from system repository

Scrcpy is available in Ubuntu system repository. It’s working good in my case, though a little bit old that lacks new features.

To install the package, open terminal (Ctrl+Alt+T) and run command:

sudo apt install scrcpy

Option 2: Snap package in Ubuntu Software

The snap package in Ubuntu Software can be the easiest way to install the app, though it runs in sandbox.

The snap package at the moment is the last 1.25 version, though it will automatically update to v2.0 once maintainer updated the package.

Scrcpy Snap in Ubuntu Software

Option 3: Install Scrcpy from the source

If you can’t wait to use the latest release, open terminal (Ctrl+Alt+T) and run the command below one by one to install it from source:

  • First, run command to install dependency libraries:
    sudo apt install ffmpeg libsdl2-2.0-0 adb wget gcc git pkg-config meson ninja-build libsdl2-dev libavcodec-dev libavdevice-dev libavformat-dev libavutil-dev libswresample-dev libusb-1.0-0 libusb-1.0-0-dev
  • Then, clone the source code via command:
    git clone https://github.com/Genymobile/scrcpy
  • Finally, navigate to source folder and start the installer script:
    cd scrcpy && ./install_release.sh

    NOTE: After building process it may ask you to type user password for the permission to install files into system directories.

Step 4. Remote control your Android in Ubuntu

Now, connect your Android device into Ubuntu using USB cable. Then, click “Allow” in Android to confirm the “Allow USB Debugging” dialog.

1. First, open terminal (Ctrl+Alt+T) and start adb in your favorite mode:

  • To remote access via USB cable, run command:
    adb usb
  • To remote access using wireless network, run commands:
    adb tcpip 7676
    adb connect 192.168.0.150:7676

    Here, change port number 7676 and the Android’s IP address accordingly! When done successfully, you can then remove the USB cable.

2. If the previous step goes well without any error! You can now start scrcpy:

  • Run scrcpy command in terminal if you installed from system repository.
  • Launch it from start menu (or ‘Activities’ overview) if installed from source. For debugging purpose, use scrcpy(console).

That’s all. Your android screen should appear in the Ubuntu desktop after launching scrcpy. Enjoy!

Uninstall scrcpy

To remove the adb package, open terminal and run command:

sudo apt remove --autoremove adb

To remove Scrcpy installed as .deb package, use command:

sudo apt remove --autoremove scrcpy

For the snap package, just use Ubuntu Software again to remove it.

And, for the package installed from source, navigate to the source folder again in terminal window and run command to uninstall it:

sudo ninja -Cbuild-auto uninstall

Whisper – Simple App to Listen to Microphone in Linux

Want to hear your sound in microphone? Here’s a stupid simple tool to the job in Linux.

It’s Whisper, a new free and open-source GTK4 application, allowing listen to microphone through your speaker. Which, is useful for testing your microphone or for listening to your voice.

As the screenshot shows, the app is quite easy to use. Just select the microphone and speaker from the list, and click ‘Connect’. Then, you can say something or make some noise through microphone to see the magic.

As a GTK4 application, it follow system color scheme by switching between light and dark automatically. However, it needs both PulseAudio and Pipewire to make things work, which is default in Pop! OS 22.04, Ubuntu 22.10, Ubuntu 23.04, Fedora 35/36/37, etc.

How to Install Whisper in your Linux

As mentioned above, this application requires Pipewire audio server. For current Ubuntu 22.04 LTS, it’s NOT the default, though you can enable it by following this tutorial (NOT recommend for beginners).

Whisper is available to install as universal Flatpak package. You can install it by following the steps below one by one:

1. First, press Ctrl+Alt+T on keyboard to open terminal. When it opens, run command to install Flatpak daemon:

sudo apt install flatpak

Other Linux can follow this setup guide to enable Flatpak support.

2. Then, run command to install Whisper as Flatpak package:

flatpak install https://dl.flathub.org/repo/appstream/it.mijorus.whisper.flatpakref

3. After installation, search for and launch it from start menu (Show Applications) like normal app and enjoy!

How to Remove Whisper

To remove the software package, also open a terminal window and run command:

flatpak uninstall --delete-data it.mijorus.whisper

Also run flatpak uninstall --unused to remove useless runtime libraries.

Will Emphasising App Security Lead to More App Installs?

The app industry is incredibly competitive. There are millions of apps available today, with many more being released all of the time. As a developer, making a fantastic app is one thing; ensuring it gets lots of downloads is another.

There are a number of ways in which developers can boost their app’s download numbers. Some choose to buy app installs; others focus on implementing an effective marketing strategy. One important factor that is crucial for boosting download numbers is app security. Let’s find out more.

email security

What are the Threats?

Our modern lives are increasingly dependent on mobile apps. We use them for everything from socialising to financial management, and as a result, apps often hold personal and sensitive information about users. Cybercriminals are well aware of this and have devised various methods to compromise the security of apps and access this data.

Mobile apps functions are executed by a server hosted by the developer. These servers are often a target for cybercriminals, who can exploit weaknesses in the code or structure to access sensitive information. Poor data handling and storage is another way in which user information can be targeted, with mistakes of this kind often coming with serious legal and regulatory ramifications for the developer. How can developers protect their apps and users against threats posed by scammers and hackers? Find out below.

How are Apps Secured?

Protecting the server is a fundamental part of proper app security. The server code should be regularly reviewed and maintained by a dedicated team, allowing for the rapid identification of emerging issues that can be addressed before they develop any further.

All user data must be properly stored and encrypted, and all regulatory rules regarding data storage practices must be strictly adhered to. Writing data to a device’s internal storage can be an effective way of protecting it from external threats.

Your overall security strategy must be regularly reviewed and updated. Cybercriminals are constantly finding new ways to target apps, so you need to be prepared to overhaul your security systems to adapt to new threats.

Why is Security Important?

Why is app security so important? Your users will often divulge incredibly sensitive information when using your app, including things like contact details and financial information. If they feel like their data is not safe and that they could be at risk of identity theft or fraud, they are far less likely to download and use your app. What’s more, unsafe apps can result in bad reviews, which will push your app down the app store charts and seriously impact download figures.

Conclusion

Emphasising your app’s security will almost certainly lead to more installs. Safety is a top priority for many app users. They will not want to use any app that they feel could pose a potential security risk. Make security the number one priority in the development process and watch installs increase and your app rise in the charts. 

The post Will Emphasising App Security Lead to More App Installs? appeared first on IT Security Guru.

$400,000 Fine for Stalkerware App Developer

A fine of over $400,000 has been handed to the developer of several stalkerware apps, alongside an order to modify the software.

A consortium of 16 companies owned by Patrick Hinchy produced apps that snooped users, including DDI Utilities, PhoneSpector, TurboSpy, Surepoint, Easy Spy, and Auto Forward.

These apps enabled customers to secretly monitor a range of activities on other devices, including text messages, photos, location, WhatsApp and Skype. Browsing history and other social media activity was also accessible.

The Stalkerware Problem

The US is among the top three countries in the world for stalkerware downloads. Research by Comparitech found that the US search for apps related to ‘stalkerware’ the most globally. While, generally, “mobile tracker” was the most searched related term overall with 6.3 million global searches each year.

Hinchy promoted the software as legal, despite it being a requirement for users to install it onto other adults’ mobile devices. According to attorney general Leticia James, this breaks federal and New York state laws.

Rooting or jailbreaking devices invalidates the manufacturer’s warranty. Hinchy failed to inform customers of the potential damage that installing the products could cause to a device.

Alongside this, it was found that Hinchy misled customers about refund policies, made false claims about the security of data obtained by the apps, and created fake review sites to convince potential customers, the New York attorney general disclosed.

Likewise, he misled customers by creating multiple sites purporting to provide technology advice, however they were found to have been made with the sole intention of selling products.

The Legality of Stalkerware Apps

The attorney general stated: “Snooping on a partner and tracking their cell phone without their knowledge isn’t just a sign of an unhealthy relationship, it is against the law.”

“These apps and products put New Yorkers at risk of stalking and domestic abuse, and were aggressively promoted by Patrick Hinchy through 16 different companies. Today’s agreement will block these companies from allowing New Yorkers to be monitored without their awareness, and will continue our ongoing fight to protect New Yorkers’ rights, safety and privacy.”

Hinchy was given a $410,000 fine and is legally required to update the apps so that the device owners know that their devices are being monitored.

In 2020, Google placed a ‘formal’ ban on stalkerware apps. Google updated its Developer Programme Policy so that stalkerware apps required ‘adequate notice or consent’ as well as ‘persistent notifications’ if downloaded. There was some concern around large loopholes when this was introduced.

 

The post $400,000 Fine for Stalkerware App Developer appeared first on IT Security Guru.

LibreOffice 7.5 Released with New App Icons, Improved Dark Mode Support

LibreOffice, the default office suite in most Linux, announced the new 7.5 feature release today!

The new release has greatly improved the dark mode support. It now has fully dark appearance, instead of leaving the document background white in dark mode.

LibreOffice 7.5 now has new icons for standard app shortcuts, MIME types, and macOS specific app shortcuts. App start center now includes a filter box for Recent Documents.

A better single-toolbar user interface is available under “View -> User Interface” menu, with context-aware controls and their customization support.

The “Writer” app gains new Plain Text content control and Combo Box content control. And, Content Control now supports titles and tags, as well as exporting to PDF.

For “CALC”, data tables are now supported in charts, the Function Wizard allows to search for descriptions. And, Impress & Draw gets a new set of default table styles.

Other changes in LibreOffice 7.5 include:

  • Much more visible bookmarks in writer.
  • Initial machine translation based on DeepL translate APIs
  • Ability to define a custom color for Grammar mistakes in the Application Colors dialog.
  • “Spell out” number formats in CALC.
  • Ability to crop inserted videos in the slide and still play them
  • Run presenter console can run as a normal window.

See short video about new features of LibreOffice 7.5:

How to Install LibreOffice 7.5 in Ubuntu Linux.

LibreOffice is available to install in 4 different package formats: Deb, Flatpak, AppImage, and Snap.

NOTE: User can install all of them side by side in same machine, meaning have duplicated app icons in start menu (‘Activities’ overview search results).

Option 1: Deb package

Libreoffice website offers official .deb packages, which is however built for supporting all Debian based systems.

For better integration, the LibreOffice Fresh PPA is HIGHLY recommended for Ubuntu Linux. User can press Ctrl+Alt+T on keyboard to open terminal and run command to add it:

sudo add-apt-repository ppa:libreoffice/ppa

Then, run regular updates via Software Updater (Update Manager) app will update the pre-installed LibreOffice packages to the latest!

NOTE: A new feature release usually needs several days testing before made into PPA. Meaning the PPA at the moment is not updated for v7.5.

Option 2: Snap package

Snap is an universal package runs in sandbox. Ubuntu 20.04 and higher can easily search for and install LibreOffice as Snap from Ubuntu Software.

As mentioned, install LibreOffice Snap will cause duplicated app icons to the pre-installed package.

Option 3: Flatpak package

Flatpak is another universal package runs in sandbox. It’s a competitor to Snap. Users can run following commands one by one to install LibreOffice as Flatpak.

  • First, press Ctrl+Alt+T on keyboard to open terminal. Then run command to install Flatpak daemon:
    sudo apt install flatpak
  • Next, install the office suite as Flatpak via command:
    flatpak install https://dl.flathub.org/repo/appstream/org.libreoffice.LibreOffice.flatpakref

Option 4: AppImage

AppImage is an non-install package format runs in most Linux. It’s a good choice to try AppImage until the LibreOffice Fresh PPA updated for the new release packages.

Just grab the package from the official website:

Then, right-click and go file “Properties” dialog, add executable as program permission under Permission tab, and finally click run the AppImage to launch the office suite.

Uninstall:

For the LibreOffice PPA package, open terminal and run command:

sudo apt install ppa-purge && sudo ppa-purge ppa:libreoffice/ppa

It will remove the PPA repository and downgrade the office suite to the pre-installed version.

For the Flatpak package, run the command below to remove it:

flatpak uninstall --delete-data org.libreoffice.LibreOffice

For other two, either uninstall via Ubuntu Software or just remove the package file.

How to Enable Minimize button in Elementary OS 7 App Windows

Elementary OS 7 is finally released! Here’s how to enable the “Minimize” title-bar button in its app windows.

Elementary OS 7 is based on Ubuntu 22.04 LTS. It was released on Tuesday with many improvements on its core applications as well as desktop experience.

Like Fedora workstation, this Linux Distro does not has a ‘Minimize’ button out-of-the-box. But changing the button-layout key via either dconf-editor or gsettings does not function.

Step 1: Install Pantheon Tweaks

Pantheon Tweaks is simple configuration tool adds more options to configure Elementary OS’ Pantheon desktop appearance.

1. First, search for and open a terminal window from top-left ‘Application’ menu.


2. When terminal opens, run command to install the package for the ability to add PPA repositories:

sudo apt install software-properties-common

Run sudo apt update first on a fresh OS to update package index.

3. Next, run command to add the Ubuntu PPA that contains the Pantheon Tweaks package:

sudo add-apt-repository ppa:philip.scott/pantheon-tweaks

4. After adding PPA, install the tool by running command:

sudo apt install pantheon-tweaks

Step 2: Enable Minimize button

After installing Pantheon Tweaks, open or re-open System Settings from the bottom dock launcher. When it opens, you’ll see a new “Tweaks” option under ‘Personal’.

Click on it to open the settings page. There’s a drop-down box for selecting layout of “Window Controls”. Just choose Windows, Ubuntu, macOS, add minimize, or whatever option that you prefer.

The title-bar button layout will change immediately! Done.

This Extension Can Save & Restore All Open App Windows in Ubuntu 22.04

I don’t remember when’s the last time auto-save session feature works correctly in my Ubuntu machine. While, enabling hibernation could be the best choice now to save and restore all open app windows in Ubuntu.

But for those who really like the auto-save session feature, here’s an Gnome Shell extension can do the job partially.

It’s ‘Another Window Session Manager’, an extension which adds an indicator icon on top panel system tray area. It provides an option to manually save all open windows, then allows to restore either manually via menu button or automatically at login.

Save open windows

Not only for classic Xorg, but it also supports Wayland session. Also, it remembers window size, position, and workspace. The downsides are that it does not restore the window workspace correctly sometimes, and restores some apps in empty window rather than last open files or URLs.

The extension is not perfect so far, but anyhow it’s better than nothing!

How to Install this session restore extension:

The extension so far support for Gnome 40, 41, 42 and 43. Meaning not only for Ubuntu 22.04, Ubuntu 22.10, it also works in Fedora 35/36/37 workstation, Rocky Linux 9, Arch, and other Linux with recent GNOME desktop.

For Ubuntu 22.04+, first search for and install “Extension Manager” app from Ubuntu Software.

Install Extension Manager in Ubuntu 22.04+

Then, use the tool to search and install “Another Window Session Manager” under Browse tab.

For Fedora 35/36/37 and other Linux with GNOME, visit the extension web page and use ON/OFF switch to install it.

Enable Restore open windows at login

The feature to restore all open app windows on startup after user login is not enabled by default.

You can need to do following steps one by one to enable the function:

    1. First, go to ‘Installed’ tab in Extension Manager. Then open the configuration dialog for the extension, by clicking on the gear button. (or install Gnome Extensions app and use the tool to open the settings).
    2. Next, navigate to “Restore Sessions” tab and:
      • enable ‘Restore at startup’ toggle option.
      • enable ‘Restore at startup without asking’ to skip the confirm dialog on each login (optional)

Finally, open the indicator menu, and turn on the ON/OFF switch for your saved session, so it will restore automatically at next login.

That’s all. Enjoy!