Language Selection

English French German Italian Portuguese Spanish

February 2014

Tor developing anonymous instant messenger

Filed under
OSS
Security

The instant messenger is still in the early planning stages, but Tor's developers seem to be preparing to turn it around quickly. The messenger will be built on Instantbird, an existing open-source messenger, and development will largely involve adding in Off-the-Record Messaging encryption, making it send its messages over Tor, and stripping it of some automated logging and reporting features. Tor hopes to have its first step of work on the messaging app completed by the end of March, but it doesn't draw a timeline for the project out from there.

Read more ►

Raspberry Pi marks 2nd birthday with plan for open source graphics driver

Filed under
Hardware

That "blob" is the closed source driver code that the Pi requires today. "In common with every other mobile graphics core, using the VideoCore IV 3D graphics core on the Pi requires a block of closed-source binary driver code (a 'blob') which talks to the hardware," Upton wrote. "Our existing open-source graphics drivers are a thin shim running on the ARM11, which talks to that blob via a communication driver in the Linux kernel. The lack of true open-source graphics drivers and documentation is widely acknowledged to be a significant problem for Linux on ARM, as it prevents users from fixing driver bugs, adding features and generally understanding what their hardware is doing."

Read more ►

Linux Video of the Week: Hands-On with the $25 Firefox Phone

Filed under
Linux
Moz/FF

Mozilla has designed a phone that's even more affordable for emerging markets and thus redefines the entry level for smartphones. Mozilla engineers were able to accomplish this by adjusting the hardware requirements of the operating system to run on a 1 GHz CPU, single core Spreadtrum chipset with only 128 MB of RAM. That's only 25 to 50 percent of the RAM found in existing entry-level devices on the market, said Joe Cheng, product manager at Mozilla in this video demonstration of the prototype phone, below.

Read more ►

Arduino-compatible open SBC taps Cortex-A5 SoC

Filed under
Linux
Hardware

Newark Element14′s $79, Linux-ready “SAMA5D3 Xplained” SBC showcases Atmel’s SAMA5D3 processor, with features like dual LAN ports and Arduino compatibility.

Read more ►

Ubuntu smartphones, wearables and going into space: Mark Shuttleworth talks to TNW

Filed under
Ubuntu

t’s the difference between momentary terror and long, drawn out gnawing fear. One of those will kill you and one will just give you a fright.”

That’s the response of Mark Shuttleworth, founder of Canonical and Ubuntu, when quizzed over whether it’s scarier to go into space or try to launch a unified OS platform. As the first citizen of an independent African country to travel to space and the public face of ensuring the Ubuntu OS makes it onto smartphones and tablets, he should know.

Read more ►

Google Android chief: Android may be open, but it is not less secure

Filed under
Android
Google
Security

Does 'open' mean 'lack of security'?

According to Google, no. Instead, an open platform is the best path to take in order to make a platform as impermeable to threats as possible.

On Thursday, FrAndroid reported that Google's head of the Android division, Sundar Pichai, responded in a very candid way when asked about the operating system's security at Mobile World Congress in Barcelona, Spain.

Read more ►

Gnome 3.12 won’t offer full support for Wayland

Filed under
GNOME

Gnome developers have been debating the full support for Wayland in 3.12 for a while. They at one point even considered delaying the Gnome release to keep the development in sync with Wayland. Finally, developers have decided to keep Wayland in ‘preview’ mode as there is still a lot of work to be done.

Read more ►

Putting Tizen in Context

Filed under
Linux
Gadgets

From the very start, Tizen has had the concept of device profiles, where there's a common set of core software components (kernel, coreutils, networking stack, etc.) that are applicable to every type of device, and there are specializations specific to whatever it is you're using. Take your hand and open it flat. Ok? Good. Your palm is the core software stack, and your fingers are the device-specific profiles - handset, IVI, TV, etc. Chances are good that many elements of the core stack will be the same, and in all cases you want to optimize for lower power consumption and better performance, but what a smartphone presents to the user is generally quite different from an IVI system, or a wearable device, or a camera, or a TV, or a refrigerator, or... I'm sure you get the point. One size doesn't fit all, but you certainly can be smart about not reinventing the wheel for each product class.

Read more ►

Linux Gamers Have More Choices Than Ever

Filed under
Linux
Gaming

After a number of years of remaining woefully behind other platforms, Linux is starting to be a gaming platform to take seriously. Late last year, I covered comments from Lars Gustavsson, a creative director for EA Digital Illusions CE (DICE), the Electronic Arts studio that does the Battlefield series, on the topic of Linux games. He had told Polygon that DICE would love to delve into Linux games, and that what Linux really needs is a "killer game." Now, as 2014 is underway, Linux gamers actually have a lot of good choices.

Read more ►

First beta of Kubuntu 14.04 out for testing

Filed under
KDE

Ubuntu derivatives have announced the first beta for 14.04 release. Since ‘daddy’ Ubuntu releases only one beta before final release the images for Unity are not available. Being a KDE user I am definitely looking forward to Kubuntu which will come with KDE Applications 4.12.2 along with newest Muon Software Center. I did notice a bug in Kubuntu beta and that’s freezing of installer if you have more than one hard drive attached to the system. I hope developers will fix this ‘deal breaking’ bug before the final release. Other betas are from Lubuntu, Xubuntu, Ubuntu Gnome and other members of Ubuntu family.

Read more ►

More in Tux Machines

Ubuntu/Debian: Comparison of Memory Usages, Ubuntu 18.10 (Cosmic Cuttlefish) End of Life and More

  • Comparison of Memory Usages of Ubuntu 19.04 and Flavors in 2019

    Continuing my previous Mem. Comparison 2018, here's my 2019 comparison with all editions of Ubuntu 19.04 "Disco Dingo". The operating system editions I use here are the eight: Ubuntu Desktop, Kubuntu, Lubuntu, Xubuntu, Ubuntu MATE, Ubuntu Studio, Ubuntu Kylin, and Ubuntu Budgie. I installed every one of them on my laptop and (immediately at first login) took screenshot of the System Monitor (or Task Manager) without doing anything else. I present here the screenshots along with each variant's list of processes at the time I took them. And, you can download the ODS file I used to create the chart below. Finally, I hope this comparison helps all of you and next time somebody can make better comparisons.

  • Ubuntu 18.10 (Cosmic Cuttlefish) End of Life reached on July 18 2019
    This is a follow-up to the End of Life warning sent earlier this month
    to confirm that as of today (July 18, 2019), Ubuntu 18.10 is no longer
    supported.  No more package updates will be accepted to 18.10, and
    it will be archived to old-releases.ubuntu.com in the coming weeks.
    
    
    
    
    The original End of Life warning follows, with upgrade instructions:
    
    
    
    
    Ubuntu announced its 18.10 (Cosmic Cuttlefish) release almost 9 months
    ago, on October 18, 2018.  As a non-LTS release, 18.10 has a 9-month
    support cycle and, as such, the support period is now nearing its
    end and Ubuntu 18.10 will reach end of life on Thursday, July 18th.
    
    
    
    
    At that time, Ubuntu Security Notices will no longer include
    information or updated packages for Ubuntu 18.10.
    
    
    
    
    The supported upgrade path from Ubuntu 18.10 is via Ubuntu 19.04.
    Instructions and caveats for the upgrade may be found at:
    
    
    
    
    https://help.ubuntu.com/community/DiscoUpgrades
    
    
    
    
    Ubuntu 19.04 continues to be actively supported with security updates
    and select high-impact bug fixes.  Announcements of security updates
    for Ubuntu releases are sent to the ubuntu-security-announce mailing
    list, information about which may be found at:
    
    
    
    
    https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
    
    
    
    
    Since its launch in October 2004 Ubuntu has become one of the most
    highly regarded Linux distributions with millions of users in homes,
    schools, businesses and governments around the world. Ubuntu is Open
    Source software, costs nothing to download, and users are free to
    customise or alter their software in order to meet their needs.
    
    
    
    
    On behalf of the Ubuntu Release Team,
    
    
    
    
    Adam Conrad
    
  • CMake leverages the Snapcraft Summit with Travis CI to build snaps

    CMake is an open-source, cross-platform family of tools designed to build, test and package software. It is used to control the software compilation process and generate native makefiles and workspaces that can be used in any compiler environment.  While some users of CMake want to stay up to date with the latest release, others want to be able to stay with a known version and choose when to move forward to newer releases, picking up just the minor bug fixes for the feature release they are tracking. Users may also occasionally need to roll back to an earlier feature release, such as when a bug or a change introduced in a newer CMake version exposes problems within their project. Craig Scott, one of the co-maintainers of CMake, sees snaps as an excellent solution to these needs. Snaps’ ability to support separate tracks for each feature release in addition to giving users the choice of following official releases, release candidates or bleeding edge builds are an ideal fit. When he received an invitation to the 2019 Snapcraft Summit, he was keen to work directly with those at the pointy end of developing and supporting the snap system. 

  • Ubuntu's Zsys Client/Daemon For ZFS On Linux Continues Maturing For Eoan

    Looking ahead to Ubuntu 19.10 as the cycle before Ubuntu 20.04 LTS, one of the areas exciting us with the work being done by Canonical is (besides the great upstream GNOME performance work) easily comes down to the work they are pursuing on better ZFS On Linux integration with even aiming to offer ZFS as a file-system option from their desktop installer. A big role in their ZoL play is also the new "Zsys" component they have been developing. 

  • Raphaël Hertzog: Freexian’s report about Debian Long Term Support, June 2019

    Like each month, here comes a report about the work of paid contributors to Debian LTS.

European Events: Apache and GStreamer

  • ApacheCon Europe 2019 Schedule Revealed by The Apache Software Foundation

    If you’ve been following Apache Software Foundation (ASF) announcements for ApacheCon 2019, you must be aware of the conference in Las Vegas (ApacheCon North America) from September 9 to September 12. And, recently, they announced their plans for ApacheCon Europe 2019 to be held on 22-24 October 2019 at the iconic Kulturbrauerei in Berlin, Germany. It is going to be one of the major events by ASF this year. In this article, we shall take a look at the details revealed as of yet.

  • GStreamer in Oslo

    Aaron discussed various ways to record RTSP streams when used with playbin and brought up some of his pending merge requests around the closed captioning renderer and Active Format Description (AFD) support, with a discussion about redoing the renderer properly, and in Rust. George discussed a major re-work of the gst-omx bufferpool code that he has been doing and then moved his focus on Qt/Android support. He mostly focused on the missing bits, discussing builds and infrastructure issues with Nirbheek and myself, and going through his old patches.

Latest Openwashing: Amazon, RedMonk/Microsoft/GitHub, Linux Foundation Energy, B2B on Red Hat/IBM Site

Security, DRM and Privacy

  • Security updates for Thursday

    Security updates have been issued by Arch Linux (chromium, firefox, and squid), CentOS (thunderbird and vim), Debian (libonig), SUSE (firefox, glibc, kernel, libxslt, and tomcat), and Ubuntu (libreoffice and thunderbird).

  • EvilGnomes Linux malware record activities & spy on users [Ed: This is something the user actually installs, harming his/her machine. Original post here.]]

    Dubbed EvilGnomes by researchers; the malware was found masquerading as a Gnome shell extension targeting Linux’s desktop users.

  • Mike Driscoll: New Malicious Python Libraries Found Targeting Linux

    They were written by a user named ruri12. These packages were removed by the PyPI team on July 9, 2019. However they were available since November 2017 and had been downloaded fairly regularly. See the original article for more details. As always, when using a package that you aren’t familiar with, be sure to do your own thorough vetting to be sure you are not installing malware accidentally.

  • Latest Huawei 'Smoking Gun' Still Doesn't Prove Global Blackball Effort's Primary Justification

    We've noted a few times now how the protectionist assault against Huawei hasn't been supported by much in the way of public evidence. As in, despite widespread allegations that Huawei helps China spy on Americans wholesale, nobody has actually been able to provide any hard public evidence proving that claim. That's a bit of a problem when you're talking about a global blackballing effort. Especially when previous investigations as long as 18 months couldn't find evidence of said spying, and many US companies have a history of ginning up security fears simply because they don't want to compete with cheaper Chinese kit. That said, a new report (you can find the full thing here) dug through the CVs of many Huawei executives and employees, and found that a small number of "key mid-level technical personnel employed by Huawei have strong backgrounds in work closely associated with intelligence gathering and military activities."

  • No love lost between security specialists and developers

    Unless you've been under a rock, you've noticed hardly a day goes by without another serious security foul-up. While there's plenty of blame to go around for these endless security problems, some of it goes to developers who write bad code. That makes sense. But when GitLab, a DevOps company, surveyed over 4,000 developers and operators, they found 68% of the security professionals surveyed believe it's a programmer's job to write secure code, but they also think less than half of developers can spot security holes.

  • GitLab Survey Surfaces Major DevSecOps Challenges Ahead

    A report based on a survey of 4,071 software professionals published this week by GitLab, a provider of a continuous integration and continuous deployment (CI/CD) platform, found that while appreciation of the potential value of DevSecOps best practices is high, the ability to implement those practices is uneven at best.

  • GitLab Survey Reveals Disconnect Between Developer And Security Teams

    In a survey conducted by GitLab, software professionals recognize the need for security to be baked into the development lifecycle, but the survey showed long-standing friction between security and development teams remain. While 69% of developers say they’re expected to write secure code, nearly half of security pros surveyed (49%) said they struggle to get developers to make remediation of vulnerabilities a priority. And 68% of security professionals feel fewer than half of developers are able to spot security vulnerabilities later in the lifecycle.

  • Cook: security things in Linux v5.2

    Over on his blog, Kees Cook runs through the security changes that came in Linux 5.2.

  • Doctorow's novella "Unauthorized Bread" explains why we have to fight DRM today to avoid a grim future

    Salima has a problem: her Boulangism toaster is locked down with software that ensures that it will only toast bread sold to her by the Boulangism company… and as Boulangism has gone out of business, there's no way to buy authorized bread. Thus, Salima can no longer have toast. This sneakily familiar scenario sends our resourceful heroine down a rabbit hole into the world of hacking appliances, but it also puts her in danger of losing her home -- and prosecution under the draconian terms of the Digital Millennium Copyright Act (DMCA). Her story, told in the novella “Unauthorized Bread,” which opens Cory Doctorow’s recent book Radicalized, guides readers through a process of discovering what Digital Restrictions Management (DRM) is, and how the future can look mightily grim if we don’t join forces to stop DRM now. “Unauthorized Bread” takes place in the near future, maybe five or ten years at most, and the steady creep of technology that takes away more than it gives has simply advanced a few degrees. Salima and her friends and neighbors are refugees, and they live precariously in low-income housing equipped with high-tech, networked appliances. These gizmos and gadgets may seem nifty on the surface, but immediately begin to exact an unacceptable price, since they require residents to purchase the expensive approved bread for the toaster, the expensive approved dishes for the dishwasher, and so on. And just as Microsoft can whisk away ebooks that people “own” by closing down its ebook service, the vagaries of the business world cause Boulangism to whisk away Salima’s ability to use her own toaster.

  • New Linux Malware Called EvilGnome Discovered; First Preview of Fedora CoreOS Now Available; Germany Bans Schools from Using Microsoft, Google and Apple; VirtualBox 6.0.10 Released; and Sparky 5.8 Has New Live/Install Media for Download

    Germany has banned its schools from using cloud-based productivity suites from Microsoft, Google, and Apple, because the companies weren't meeting the country's privacy requirements. Naked Security reports, that the statement from the Hessische Beauftragte für Datenschutz und Informationsfreiheit (Hesse Commissioner for Data Protection and Freedom of Information, or HBDI) said, "The digital sovereignty of state data processing must be guaranteed. With the use of the Windows 10 operating system, a wealth of telemetry data is transmitted to Microsoft, whose content has not been finally clarified despite repeated inquiries to Microsoft. Such data is also transmitted when using Office 365." The HBDI also stressed that "What is true for Microsoft is also true for the Google and Apple cloud solutions. The cloud solutions of these providers have so far not been transparent and comprehensible set out. Therefore, it is also true that for schools, privacy-compliant use is currently not possible."

  • Microsoft, Google and Apple clouds banned in Germany’s schools

    Germany just banned its schools from using cloud-based productivity suites from Microsoft, Google, and Apple. The tech giants aren’t satisfying its privacy requirements with their cloud offerings, it warned. The Hessische Beauftragte für Datenschutz und Informationsfreiheit (Hesse Commissioner for Data Protection and Freedom of Information, or HBDI) made the statement following a review of Microsoft Office 365’s suitability for schools.

  • Microsoft, Google and Apple clouds banned in Germanys schools

    Did you know that Germany just banned its schools from using cloud-based productivity suites from Microsoft, Google, and Apple? The tech giants aren’t satisfying its privacy requirements with their cloud offerings, it warned. What are your thoughts? The Hessische Beauftragte für Datenschutz und Informationsfreiheit (Hesse Commissioner for Data Protection and Freedom of Information, or HBDI) made the statement following a review of Microsoft Office 365’s suitability for schools.