Language Selection

English French German Italian Portuguese Spanish

DistroWatch

Syndicate content
Latest news on Linux distributions and BSD projects
Updated: 11 hours 47 min ago

DistroWatch Weekly, Issue 821

Monday 1st of July 2019 01:15:27 AM
This week in DistroWatch Weekly: Review: OpenMandriva Lx 4.0News: Improvements to Fedora Workstation, DragonFly BSD shrinks kernel memory usage, Turnkey updates several appliancesQuestions and answers: Ubuntu's plan to drop 32-bit packagesReleased last week: SUSE Linux Enterprise 15 SP1, Linux Kodachi 6.1, Raspbian 2019-06-20Torrent corner: ArchBang, Bluestar, Container, GParted,....

BSD Release: Project Trident 19.06

Friday 28th of June 2019 09:30:47 PM
Project Trident is a rolling release operating system based on TrueOS. The project latest release, Project Trident 19.06, features many application and base package upgrades. "This is a significant package update for the repository, not just for applications, but also for some of the base system packages. There....

Distribution Release: Linux Kodachi 6.1

Friday 28th of June 2019 12:35:16 AM
Warith Al Maawali has announced the release of Linux Kodachi 6.1, the latest stable build of the project's Xubuntu-based distribution and live DVD with built-in privacy and anonymity features: "Version 6.1 based on Xubuntu 18.04 LTS. Changelog: Linux kernel upgrade from 4.19 to 5.0; added Zelcore wallet; added....

Distribution Release: SUSE Linux Enterprise 15 SP1

Monday 24th of June 2019 06:17:14 PM
The SUSE team has announced the release of a new service pack (SP) for SUSE Linux Enterprise (SLE). The new update, SUSE Linux Enterprise 15 SP1, offers security improvements, techniques to reduce downtime during security patches, and a smoother transition from openSUSE Leap to SUSE Linux Enterprise: "Improved....

Distribution Release: Raspbian 2019-06-20

Monday 24th of June 2019 09:33:29 AM
Eben Upton has announced the release of a major new version of Raspbian, a Debian-based distribution for the Raspberry Pi single-board computers. The updated build, version 2019-06-20, is the first image based on the upcoming release of Debian 10 "Buster". Information about the new Raspbian was provided as....

More in Tux Machines

Security Leftovers

  • Use sshuttle to build a poor man’s VPN

    Nowadays, business networks often use a VPN (virtual private network) for secure communications with workers. However, the protocols used can sometimes make performance slow. If you can reach reach a host on the remote network with SSH, you could set up port forwarding. But this can be painful, especially if you need to work with many hosts on that network. Enter sshuttle — which lets you set up a quick and dirty VPN with just SSH access. Read on for more information on how to use it. The sshuttle application was designed for exactly the kind of scenario described above. The only requirement on the remote side is that the host must have Python available. This is because sshuttle constructs and runs some Python source code to help transmit data. [...] Depending on the capabilities of your system and the remote system, you can use sshuttle for an IPv6 based VPN. You can also set up configuration files and integrate it with your system startup if desired. If you want to read even more about sshuttle and how it works, check out the official documentation.

  • Hardening Firefox against Injection Attacks

    Firefox not only renders web pages on the internet but also ships with a variety of built-in pages, commonly referred to as about:pages. Such about: pages provide an interface to reveal internal state of the browser. Most prominently, about:config, which exposes an API to inspect and update preferences and settings which allows Firefox users to tailor their Firefox instance to their specific needs. Since such about: pages are also implemented using HTML and JavaScript they are subject to the same security model as regular web pages and therefore not immune against code injection attacks. More figuratively, if an attacker manages to inject code into such an about: page, it potentially allows an attacker to execute the injected script code in the security context of the browser itself, hence allowing the attacker to perform arbitrary actions on the behalf of the user. To better protect our users and to add an additional layer of security to Firefox, we rewrote all inline event handlers and moved all inline JavaScript code to packaged files for all 45 about: pages. This allowed us to apply a strong Content Security Policy (CSP) such as ‘default-src chrome:’ which ensures that injected JavaScript code does not execute. Instead JavaScript code only executes when loaded from a packaged resource using the internal chrome: protocol. Not allowing any inline script in any of the about: pages limits the attack surface of arbitrary code execution and hence provides a strong first line of defense against code injection attacks.

  • IPFire on AWS: Update to IPFire 2.23 - Core Update 136

    Today, we have updated IPFire on AWS to IPFire 2.23 - Core Update 136 - the latest official release of IPFire. This update includes security fixes for OpenSSL and the Linux kernel, an updated Perl, and of course many other fixes throughout the whole system.

  • Pros and cons of event-driven security

    Great news, everyone! Forrester Research says that 95% of all recorded breaches in 2016 came from only three industries: government, technology, and retail. Everyone else is safe... ish, right? Hold on for a moment. Tech? Retail? What kind of industry diversification is this? We are, after all, living in 2019, where every business is a tech business. And all of us are continuously selling something, whether it’s an innovative product or an amazing service. So what the report should have said is that 95% of all recorded breaches came from attacks on 95% of all businesses both online and offline. And some of the attackers went for the .gov. More on the matter, 43% of attackers target small businesses—and that’s a lot considering that, on average, a hack attempt takes place every 39 seconds. To top things off, the average cost of a data breach in 2020 is expected to exceed $150 million. These stats sound a bit more terrifying out of context, but the threat is still very much real. Ouch.

Programming: Elana Hashman, Red Hat Pushing Microsoft (.NET) and More

  • PyDev of the Week: Elana Hashman

    This week we welcome Elana Hashman (@ehashdn) as our PyDev of the Week! Elana is a director of the Open Source Initiative and a fellow of the Python Software Foundation. She is also the Clojure Packaging Team lead and a Java Packaging Team member. You can see some of her work over on Github. You can also learn more about Elana on her website. Let’s take a few moments to get to know her better!

  • Eclipse Che 7 and the .NET developer

    Eclipse Che 7, an open source in-the-browser development environment, allows you to define custom workspaces for your software development. Think of a workspace as you would think of a development PC: You have an operating system, programming language support, and all the tools necessary to write code. In this article, I’ll introduce the .NET developer to this new world and highlight ways you can use Eclipse Che to your advantage.

  • How to Convert String to Lowercase in Python

    Some times you may require to convert any string to lower case (all letters). This tutorial will help to convert a string (any case) to lower case as showing in the below image.

  • How to fuck up software releases

    I manage releases for a bunch of free & open-source software. Just about every time I ship a release, I find a novel way to fuck it up. Enough of these fuck-ups have accumulated now that I wanted to share some of my mistakes and how I (try to) prevent them from happening twice.

today's howtos

Games: Tangle Tower, Lawgivers, Fertile Crescent and More

  • Odds and ends, the Linux and gaming Sunday Section

    Almost time to begin another week full of news, before we do let's run over a few interesting happenings recently. Let's start with two bits of recent news about Godot Engine, the free and open source game engine. The 3.2 release cycle is going strong, with a second alpha release now available. A massive list of new features and improvements coming to Godot 3.2 can be found here. What's even more exciting though is the Vulkan work coming with Godot Engine 4.0, with another short progress report post up for it. The new visual frame profiler coming certainly looks useful to help developers squeeze out some more performance. More AMD news for you, as it has been reported by Wccftech that AMD now command around 30%+ market share of the CPU market. That's some very impressive growth, pushed forward by the Zen microarchitecture from 2017. As seen in the graph below from cpubenchmark.net, this is the highest they've seen it since 2007.

  • SFB Games to bring Tangle Tower to Linux post-launch if there's enough demand

    British indie studio SFB Games, developer of the highly rated Detective Grimoire are working on a new game called Tangle Tower and with a little push they could bring it to Linux. Tangle Tower is a fully voiced point and click murder mystery adventure, set in a strange and twisted mansion. You will need to interrogate suspects and solve unique puzzles as you progress. Looks and sounds like a great game. Sadly though it's currently scheduled to release later this month only for Windows and macOS on October 22nd, so no Linux support at launch.

  • Turn-based political simulation game 'Lawgivers' adds Linux support with the latest update

    Today I came across Lawgivers, a turn-based political simulation game which recently added Linux support and it looks like it could be a lot of fun. Since it's a political sim, you will be tasked with leading your party into elections. If you manage to get voted in, you will be responsible for approving laws and shaping your country’s destiny.

  • The completely silly fighting game Foreskin Fury is out in Early Access

    After a short delay, you can now jump into Foreskin Fury and have a cock fight. Yes this is a very real game. Made in Unreal Engine, the aptly named Stupid Industries said it started off as a joke and they ended up actually learning Blender and Unreal Engine to turn the joke into something a little more real. Here we are, Foreskin Fury was accepted onto Steam and it supports Linux.

  • The currently free indie RTS 'The Fertile Crescent' should now work better at different resolutions

    The Fertile Crescent is an upcoming in-development indie RTS that feels like a retro Age of Empires and it's really quite good. A new update is out (and it's still free) fixing up the UI for different resolutions. I think more of you need to try this one, it's a wonderful little RTS game that I honestly can't wait to see expand. Hopefully now more of you actually will be able to try it, as they've made it so the interface properly scales with your resolution. Previously, there were problems if you had anything other than 1080p. Not only that, most of the interface was actually redesigned and it gives you more information.

  • Chiaki, the open source and cross-platform PS4 Remote Play client now supports the PS4 7.0 update

    Sony recently upgraded the system software on the PlayStation 4 which broke compatibility with the open source Remote Play client Chiaki. The developer acted quickly and a new release is up. This is the software we tested out recently and came away pretty impressed with it. Allowing you to stream games from a PlayStation 4 to a Linux desktop, seriously handy stuff since Sony don't support it on Linux officially.