Language Selection

English French German Italian Portuguese Spanish

January 2019

Microsoft Entryism/EEE: Latest Examples

Filed under
Microsoft

Programming and Licensing: Debconf, DevConf.CZ, Debian, SALT, Eclipse GlassFish Java EE 8 Certified and HMD's GPL Compliance

Filed under
Development
  • Debconf Video Team Sprint – Day 3

    Today has mostly been spent in conversation.

    Jonathan has started to scratch an itch that I share, we need a better tally light solution. When we were using DV switch we had a simple tally light system using (iirc DTR on a) serial port to turn on or off an LED. This was fine because there was always a PC available at each camera running DVCapture.

    Since the move to Voctomix, each camera no longer has it’s own dedicated PC. Instead we have long 50R co-ax cables (remember the days of cheaper-net 10 base-2?) going directly to a PC running VoctoCore…. Yes we still use a serial port to drive a tally light (all be it these days from a USB to serial converter) but we could do so much better.

  • DevConf.CZ 2019 Recap

    DevConf.CZ 2019 wrapped up last weekend and it was a great event packed with lots of knowledgeable speakers, an engaging hallway track, and delicious food. This was my first trip to any DevConf and it was my second trip to Brno.

  • Scott Kitterman: Rise and fall of libclamav

    Because I was bored and needed to procrastinate, I decided to look at the history of packages using libclamav over the last several releases.

  • SALT is a third-party alternative to LG UP

    Although, currently flashing KDZ files is currently unsupported. You can check out the thread at the link below to download the software, and to leave feedback for the developer as the tool is refined. It works for both GNU/Linux and Windows operating systems, though the developer recommends you use the tool in his FWUL GNU/Linux environment.

  • Eclipse GlassFish Java EE 8 Certified

    GlassFish, and its associated Technology Compatibility Kit (TCK) code, has been fully migrated to Eclipse Foundation stewardship. The new release, Eclipse GlassFish 5.1.0, is now fully Java EE 8 certified, which represents a key step to ensuring backward compatibility of Jakarta EE.

    GlassFish is the reference implementation of Java EE, in other words, the standard from which all other implementations and corresponding customizations are derived. GlassFish was initially created by Sun Microsystems for the Java EE platform and is now sponsored by Oracle, who have a supported version called Oracle GlassFish Server.

  • How to cast a function pointer to a void*
  • HMD publishes Nokia 2 V kernel source code

    Like any other company, HMD Global is required to release the kernel source code for any phones and major updates that it releases by the GPL. Today the company has published the source code for the Nokia 2 V, which is Verizon's version of the affordable Nokia 2.1 that is beginning sales tomorrow.

OpenSUSE/SUSE: Tumbleweed, Events and SUSE Linux Enterprise Server for SAP Applications 11 SP4

Filed under
SUSE
  • Introducing The Linux Community Challenge #2: openSUSE Tumbleweed
  • May we live in interesting times

    In 1966, Robert F Kennedy gave his famous Day of Affirmation Address in Cape Town, which included the allegedly Chinese curse “may you live in interesting times”. This has been widely used since, but is it really an ancient Chinese curse? Much research has been carried out into the origins of this phrase, and while it can be traced back to a speech given by Sir Austen Chamberlain in England in 1936, it has been generally confirmed and accepted by many to not be of Chinese origin. As a result, I’m quite happy to live in interesting times – preferably working in an interesting role, in an interesting company, in an interesting industry and surrounded by interesting people. Working at SUSE, as part of the OpenStack industry, I get to tick all of these boxes daily! Incidentally, at the time of writing this, there were 155 roles open on the SUSE careers page – why not take a look and see if any are interesting to you?

  • Is time running out for your SAP Linux support?

    In 60 days, SUSE Linux Enterprise Server for SAP Applications 11 SP4 will reach the March 31, 2019 end date for General Support. This means that it’s no longer possible to purchase a Priority Support subscription with the updates, proactive fixes for bugs and security vulnerabilities, and unlimited technical support that you depend on. More than likely, your SAP systems and services are critical to your business operations, so it’s equally critical that you maintain Linux support for those systems.
    If you’re no longer running your systems on SUSE Linux Enterprise Server for SAP Applications 11 SP4, or have a plan to maintain support with Long Term Service Pack Support (LTSS) then you’re already ahead of the game. Just skip the rest of this blog and enjoy your day. If, on the other hand, you’re wondering what to do next then read on to understand your options.

Games: Graywalkers: Purgatory, Thrusty Ship, Unity, Slay the Spire, Night of the Blood Moon, MachiaVillain, Mage's Initiation

Filed under
Gaming
  • Graywalkers: Purgatory, an upcoming supernatural post-apocalyptic turn-based strategy RPG

    Graywalkers: Purgatory from developer Dreamlords Digital has me itching to try it out with a blending of turn-based XCOM-like combat with a supernatural post-apocalyptic theme.

  • In Thrusty Ship your main enemy is yourself and your throttle finger

    Thrusty Ship takes the basic gameplay of classics like Lunar Lander (and many others) with you fighting against gravity and turns it into a challenging and fun battle against your fuel gauge.

  • Unity 2019.1 Beta Deprecates Linux x86, Offers Up Many Vulkan & Linux Improvements

    Unity Tech has put out their first public beta of the upcoming Unity 2019.1 game engine update. There's some notable work on both the Linux and Vulkan fronts.

    Unity 2019.1 beta headlining features include incremental garbage collection support, implementing more GPU lightmapper functionality, particle improvements, and a number of enhancements to the Android platform support. For game developers making use of Unity there are also editor improvements with a number of new features as well as H.265 video transcode, NVIDIA OptiX AI denoiser, and other bits

  • Slay the Spire Now Available for Linux and Windows

    Slay the Spire has been available in Early Access for quite a while, but the game has finally been released in its full form - and stands out compared to pretty much anything else on the market. Roguelikes have been a giant part of the industry for a decade now too, but you don't really see these things combined in a mini-game - let alone in a full-fledged game. The game combines a bit of JRPG mechanics with it as well thanks to its turn-based nature and allows you to build new decks and learn as you go. If you find that a certain attack type is weak against one enemy type, you'll want to switch it up - but maybe find that your new attack setup isn't much more effective. Then you find that by combining various cards together, you get a more effective turn and wind up unlocking the mystery behind a certain enemy.

  • Night of the Blood Moon Now Available on Steam For Linux and Windows PC

    With the rise of rogue-like games over the past decade, the sub-genre has become oversaturated to many. Most games have aimed at making them more accessible, but Blood Moon aims to do things a bit differently. The goal of the developers is to make things challenging and more rewarding. The game's premise is unique too in that it has you fighting in a dream world and destroying all of the cute and sometimes terrifying creatures you see in the dream realm. You can kill as many of them as you want and unlock items, skills, or even helper pets. They act a bit like a third non-playable character in a fighting game in that they can help you briefly and save your bacon, but aren't going to give you a game-breaking adventure.

  • Major Update Released for MachiaVillain on PC, Mac and Linux

    Good Shepherd Entertainment and independent developer Wild Factor have released a shocking new content update for the evil mansion management strategy game MachiaVillain on Windows PC, Mac and Linux.

    MachiaVillain’s new update adds electric fields to your hellish homestead that can be used to power new tools and abilities. Set up alarms, jam mobile phones to keep victims from calling for help, and wield the Finger of Evil to zap enemies or give a boost to your minions.

  • Mage's Initiation adventure/RPG out now for Win / Mac / Linux

    After ten years of development, Himalaya Studios is excited to announce that Mage's Initiation: Reign of the Elements - a hybrid adventure/RPG in the tradition of the classic King's Quest and Quest for Glory series - is now available for $13.49 USD on Steam, GOG, and the Humble Store.

Desktops, Laptops and Distros: Lenovo Thinkpad T480s Business Laptop, Clear Linux, Chromebooks

Filed under
GNU
Linux
  • Reviewed: The Lenovo Thinkpad T480s Business Laptop
  • Clear Linux Outlines How You Can Build Your Own Linux Distro In 10 Minutes

    While Intel's Clear Linux is known to the most of you for its speed, it's also a distribution that is very easy to build off of for specific use-cases should you want your own pre-configured Linux OS. 

    Clear Linux tweeted out this week that with their mixer software you can build your own Clear Linux distribution in "less than 10 minutes" using its mixing software. Spinning your own Clear Linux distribution is done using their Mixer tool that is built around their package management concept of bundles with swupd.

  • 19 days of productivity in 2019: The fails

    There seems to be a mad rush at the beginning of every year to find ways to be more productive. New Year's resolutions, the itch to start the year off right, and of course, an "out with the old, in with the new" attitude all contribute to this. And the usual round of recommendations is heavily biased towards closed source and proprietary software. It doesn't have to be that way.

    Part of being productive is accepting that failure happens. I am a big proponent of Howard Tayler's Maxim 70: "Failure is not an option—it is mandatory. The option is whether or not to let failure be the last thing you do." And there were many things I wanted to talk about in this series that I failed to find good answers for.

    So, for the final edition of my 19 new (or new-to-you) open source tools to help you be more productive in 2019, I present the tools I wanted but didn't find. I am hopeful that you, the reader, will be able to help me find some good solutions to the items below. If you do, please share them in the comments.

  • Lenovo’s 4K Yoga Chromebook C630 Is Available to Order

    While certain Chrome OS devices already come with high-resolution displays—like the Pixelbook and Pixel Slate—there’s hasn’t been one with a 4K display. Until the Lenovo Yoga Chromebook C630, that is. And now you can buy one.

    We can talk about whether you need a 4K display in your Chromebook (read: you probably don’t), but at the end of the day, there’s always an argument for just how damn good a display looks when it’s absolutely packed with pixels. I’m sure this one is no exception.

  • Native backup and restoring of Linux containers in Crostini targeted for Chrome OS 74

    While using Linux on a Chromebook is helpful, if something happens to the Linux container, you could easily lose all of your installed apps, data, and settings. There is a manual method to import and export a container if you’re familiar with LXD in Linux, but Crostini in Chrome OS is getting a native function to do the same according to the Chromium commit log.

Linux Kernel Getting New Option So SSBD Isn't Over-Protective - Helping Performance

Filed under
Linux
Security

For the Linux kernel's Speculative Store Bypass Disable (SSBD) handling for Spectre Variant 4 protection is support for processes opting into force disabling of speculation via a prctl() interface. Currently when speculation is disabled, that is carried through to new processes started via the execve() system call. But a new bit will allow clearing that state when a new program is started by a process otherwise relying upon PR_SPEC_DISABLE, in what will help the performance in such cases.

Queued for introduction to the mainline Linux kernel is a new PR_SPEC_DISABLE_NOEXEC option for prctl as part of the Speculative Store Bypass Disable options but where the state is cleared on execve() calls. The premise is that programs opting into disabling speculation are doing so, but programs that aren't vulnerable to the speculation-related misfeatures normally aren't checking to see that the PR_SPEC_ENABLE bit is set rather just assuming the status quo. Thus with the current PR_SPEC_DISABLE behavior, programs spawned via execve() may be protected when they really don't need to be and carrying with that the added performance overhead.

Read more

Also: A new Linux Foundation effort for the edge

The D in SystemD stands for Danger, Will Robinson! Defanged exploit code for security holes now out in the wild

Filed under
Linux
Security

Those who haven't already patched a trio of recent vulnerabilities in the Linux world's SystemD have an added incentive to do so: security biz Capsule8 has published exploit code for the holes.

Don't panic, though: the exploit code has been defanged so that it is defeated by basic security measures, and thus shouldn't work in the wild against typical Linux installations. However, Capsule8 or others may reveal ways to bypass those protections, so consider this a heads-up, or an insight into exploit development. Google Project Zero routinely reveals the inner magic of its security exploits, if you're into that.

Back to SystemD.

In mid-January, Qualys, another security firm, released details about three flaws affecting systemd-journald, a systemd component that handles the collection and storage of log data. Patches for the vulnerabilities – CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 – have been issued by various Linux distributions.

Exploitation of these code flaws allows an attacker to alter system memory in order to commandeer systemd-journal, which permits privilege escalation to the root account of the system running the software. In other words, malware running on a system, or rogue logged-in users, can abuse these bugs to gain administrator-level access over the whole box, which is not great in uni labs and similar environments.

Nick Gregory, research scientists at Capsule8, in a blog post this week explains that his firm developed proof-of-concept exploit code for testing and verification. As in testing whether or not computers are at risk, and verifying the patches work.

Read more

Also:

  • Linux Kernel hid_debug_events_read() Function Local Denial of Service Vulnerability [CVE-2019-3819]

    A vulnerability in the hid_debug_events_read() function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.The vulnerability exists in the hid_debug_events_read() function, as defined in the drivers/hid/hid-debug.c source code file of the affected software. The vulnerability is due to an infinite loop condition that may occur when user-supplied input with certain parameters is passed from a userspace. An attacker with root privileges could exploit this vulnerability by executing a program that submits malicious input to the targeted system. A successful exploit could cause the system to lock, resulting in a DoS condition.Kernel.org has not confirmed the vulnerability, and software updates are not available.

PinePhone Linux smartphone to sell for $149, dev kits coming soon

Filed under
Linux
Gadgets

The smartphone world is basically a duopoly at the moment. Android is the dominant operating system and iOS comes in a distant second place, while competing platforms such as Windows, BlackBerry OS, Symbian, FireFox OS have largely been abandoned.

There are still a few holdouts — Jolla continues to develop its Sailfish OS, but its market share is virtually nil.

[...]

Niche hardware and software isn’t cheap… but maybe it can be. Pine64 has announced that its developing a cheap Linux phone called the PinePhone that could sell for as little as $149.

[...]

The goal is to also provide physical switches that can disable or enable the wireless components, cameras, and speaker for privacy.

Read more

Want a bit of privacy? Got a USB stick? Welcome to TAILS 3.12

Filed under
Security
Debian

The Linux distro for the security-conscious has been updated with a fresh USB installation method.

Hot on the heels of Apple's latest privacy blunder, The Amnesic Incognito Live System (TAILS) has emitted version 3.12.

The big news this time around is the arrival of a USB image alongside the usual ISO. ISOs, handy for burning to a DVD or spinning up a virtual machine, are not so good when it comes to one of TAILS' strengths – running Linux without a trace.

The faff of needing a couple of USB sticks and around three hours of spare time is gone with this release. A single 8GB USB stick is sufficient to handle the 1.2GB download and TAILS reckons that the whole process should take an hour and a half.

A swift download and burn to USB using Etcher and a user is up, running and able to enjoy the discretion afforded by the Debian-based distro and the Tor network.

Read more

PineTab Linux tablet coming in 2019 for $79 and up

Filed under
GNU
Linux

Pine64 has big plans for 2019. The company, which produces low-power, low-cost computers capable of running GNU/Linux and BSD software, plans to release its first smartphone this year, as well as a $199 laptop that will be its most powerful model to date.

Also on the horizon? A dirt cheap Linux tablet.

Read more

More in Tux Machines

today's leftovers

  • Ubuntu Weekly Newsletter Issue 678

    Welcome to the Ubuntu Weekly Newsletter, Issue 678 for the week of April 4 – 10, 2021.

  • Ubuntu Blog: Design and Web team summary – 12 April 2021

    The web team at Canonical run two-week iterations building and maintaining all of Canonical websites and product web interfaces. Here are some of the highlights of our completed work from this iteration. This iteration has seen many of the team out of the office as schools are out in the UK. This has not limited the exciting new features and developments from the team.

  • Enabling Rapid Decision Making with SUSE Linux Enterprise Server and NVIDIA Virtual GPU (vGPU)
  • SUSECON Digital 2021: a Behind-the-Scenes Look at a Space Oddity | SUSE Communities

    It’s been almost a year since we unveiled SUSECON Digital 2020 – our first virtual SUSECON event. No lies, that event was pulled off in a frenzied whirlwind of pandemic onslaughts, virtual session recordings, and bandwidth battles. Frankly, I was amazed that we met our production schedule in the wake of the Covid-cancellation of our live event in Dublin. And I was even more amazed at our SUSECON audience reaction to the virtual event. You loved it! As one of the first virtual conferences of the Covid era, your feedback told us that we had delivered exactly what was needed at the time. What an exceptional opportunity for us to include thousands of friends from all over the world who normally can’t join us at the big event!

  • JK Tyre & Industries improves operating efficiency and drives future innovation with SUSE
  • Top 3 Linux Server Operating Systems in 2021

    In this article we will look at several Linux distributions, which are an excellent choice if we want to use them as servers. We chose them precisely because they have an excellent level of security, regular patch maintenance and updates, and huge communities. In addition, there are thousands of tutorials on the Internet for every single thing on how to do it and last but not least they are easy to use. [...] Although we have not put them in the top three, not because they are not unique server operating systems, but because they require more patience, knowledge and time, we must mention FreeBSD, Red Hat, Cent OS and Fedora.

  • Element Keeps conversations in your control

    You are probably using chat applications like Slack, WhatsApp, Discord, Facebook Messenger, Telegram, and another chat app. These are all great to have but in using them you are making a trade-off; you are trading security and privacy for a service that easy to use. Matrix is an open standard for communication messages. It is not a server so much as a standard way for clients and servers to talk with each other. The clients and server are open sources. With Matrix, you are not giving your data away to a company that is going to profile you and target advertising at you. This provides a degree of transparency you can look at the code, and you can be confident that it is behaving itself. Many developer love Matrix because it let them build on it like Lego bricks and write their clients and servers bots or anything else you can self-host your Matrix server and that means you can create a private community where it knows that your communications are not being intercepted by anybody else. Matrix also has the option for end-to-end encryption, so you know that your messages are private. Let’s take a look at a Matrix client known as Element (Riot and Vector) and it is pretty much the reference messaging client.

  • RSS Guard 3.9.2

    RSS Guard is a simple (yet powerful) feed reader. It is able to fetch the most known feed formats, including RSS/RDF and ATOM. It's free, it's open-source. RSS Guard currently supports Czech, Dutch, English, French, German, Italian. RSS Guard will never depend on other services - this includes online news aggregators like Feedly, The Old Reader and others.

  • Free Software: Is It Just A Thing Of The Past?

    Free software is an idea that has existed since before the foundation of Linux but has the idea become stuck in the past and is FOSS something that we should move past, this author seems to think so, I disagree though.

  • New Linux Foundation project takes blockchain and the open source approach to the insurance industry
  •    
  • Linux Foundation Hosts Collaboration Among World’s Largest Insurance Companies

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, and the American Association of Insurance Services (AAIS), today are announcing the launch of OpenIDL, the Open Insurance Data Link platform and project. The platform will reduce the cost of regulatory reporting for insurance carriers, provide a standardized data repository for analytics and a connection point for third parties to deliver new applications to members. openIDL brings together some of the world’s largest insurance companies, including The Hanover and Selective Insurance Group, along with technology and service providers Chainyard, KatRisk and MOBI to advance a common distributed ledger platform for sharing information and business processes across the insurance ecosystem. [...] “AAIS, and the insurance industry in general, are trailblazers in their contribution and collaboration to these technologies,” said Mike Dolan, senior vice president and general manager of Projects at the Linux Foundation. “Open governance networks like openIDL can now accelerate innovation and development of new product and service offerings for insurance providers and their customers. We’re excited to host this work.” As an open source project, all software source code developed will be licensed under an OSI-approved open source license, and all interface specifications developed will be published under an open specification license. And all technical discussions between participants will take place publicly, further enhancing the ability to expand the network to include other participants. As with an openly accessible network, organizations can develop their own proprietary applications and infrastructure integrations.

  • Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021

    The 2021 spring edition of Pwn2Own hacking contest concluded last week on April 8 with a three-way tie between Team Devcore, OV, and Computest researchers Daan Keuper and Thijs Alkemade. [...] The Zoom vulnerabilities exploited by Daan Keuper and Thijs Alkemade of Computest Security are particularly noteworthy because the flaws require no interaction of the victim other than being a participant on a Zoom call. What's more, it affects both Windows and Mac versions of the app, although it's not clear if Android and iOS versions are vulnerable as well. Technical details of the flaws are yet to be disclosed, but in a statement sharing the findings, the Dutch security firm said the researchers "were then able to almost completely take over the system and perform actions such as turning on the camera, turning on the microphone, reading emails, checking the screen and downloading the browser history."

  • Security updates for Monday

    Security updates have been issued by CentOS (kernel and libldb), Debian (mediawiki, qemu, ruby-kramdown, and xen), Fedora (grub2, libldb, libopenmpt, python-pikepdf, python39, samba, squid, and webkit2gtk3), openSUSE (bcc, ceph, gssproxy, hostapd, isync, kernel, openexr, openSUSE KMPs, and tpm2-tss-engine), SUSE (fwupdate and wpa_supplicant), and Ubuntu (spamassassin).

Programming Leftovers

  • Create Beautiful Websites Using Emacs Org Mode

    In my never-ending quest to find the perfect way to create beautiful (yet minimal) websites, I had to try out Org Export in Emacs. Since I tend to write everything in Org Mode these days, it would be amazing to simply be able to convert my Org docs into HTML, and maybe add a little CSS to spice things up.

  • Qt Creator 4.15: New CMake Features

    Qt Creator 4.15 comes with a bunch of features and bug fixes for the CMake Project Manager. Below, you have a list of what’s new and a few tips and tricks which would hopefully improve your CMake experience in Qt Creator.

  • 7 Popular Open Source CI/CD Tools

    DevOps is a software development strategy that incorporates agile practices for fast, efficient product creation and release. It focuses on integration of development and operations teams, continuous integration/continuous delivery (CI/CD) and automation of tasks and processes. Typically, DevOps teams use pipelines to streamline and standardize processes. DevOps pipelines are toolchains that teams can use to automate tasks and provide visibility into the software development life cycle. In this article, we’ll cover seven popular open source CI/CD tools.

  • Community Member Monday: Gökçe Kuler

    I’m from Aydın, Turkey. Currently I’m studying in my final years at the Computer Engineering department of Çanakkale Onsekiz Mart University. I’m interested in free software – and enjoy working with free software projects and learning new things aboutthemit. I met free software when I started university via my advisor Necdet Yücel. I like playing the guitar and the kalimba. Also, I recently started painting with acrylic paints. I’m vegetarian, and actively participate in animal protection and gender equality projects.

  • App Showcase: Drawing

    Drawing is a simple app in the PureOS store to doodle on a digital canvas.

today's howtos

  • How to Use tcpdump and 6 Examples

    Are you trying to capture data packets in order to analyze traffic on your network? Maybe you are a server administrator who has bumped into an issue and wants to monitor transmitted data on the network. Whatever the situation be, the tcpdump Linux utility is what you need. In this article, we will discuss the tcpdump command in detail, along with some guides on how to install and use tcpdump on your Linux system.

  • How to play The Forest on Linux

    The Forest works on Linux, but only with Proton’s help, which is a built-in feature of the Linux release of Steam. So, before we can go over how to configure the game, we must demonstrate how to install Steam on Linux.

  • How to Install CopyQ Clipboard Manager 4.0.0 in Ubuntu 20.04 | UbuntuHandbook

    The CopyQ clipboard manager released version 4.0.0 a day ago. Here’s how to install it in Ubuntu 20.04, Ubuntu 21.04, Ubuntu 18.04 via PPA. CopyQ is a free and open-source clipboard manager with editing and scripting features. The new 4.0.0 release features new script engine with some new functions, better ECMAScript support, improved performance.

  • These 10 Sed Examples Will Make You a Linux Power User

    Editing text files and terminal output is an everyday job for those who administer Linux machines. Command-line utilities like sed allow a user to modify and change the content of a text file right from the terminal window. In this article, we will discuss the sed command in detail, along with some essential examples that demonstrate the power of the sed utility in Linux.

Today in Techrights