Language Selection

English French German Italian Portuguese Spanish

What you need to know about the SSLv3 “POODLE” flaw (CVE-2014-3566)

Filed under
Red Hat
Security

So, the bottom line is: on servers and clients, disable SSLv3 (and, of course, older). Updates to Fedora packages which make this the default will be forthcoming, but in the meantime, you can do it manually. Red Hat is working on a security blog article explaining the steps to take for different software; we’ll link to that when it becomes available.

Read more

More in Tux Machines

Stable kernel 4.4.142

I'm announcing the release of the 4.4.142 kernel. It's not an "essencial" upgrade, but a number of build problems with perf are now resolved, and an x86 issue that some people might have hit is now handled properly. If those were problems for you, please upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st... Read more

today's leftovers

  • Ditching Windows: 2 Weeks With Ubuntu Linux On The Dell XPS 13 [Ed: sadly it's behind a malicious spywall]
  • What Serverless Architecture Actually Means, and Where Servers Enter the Picture
  • What are ‘mature’ stateful applications?
    BlueK8s is a new open source Kubernetes initiative from ‘big data workloads’ company BlueData — the project’s direction leads us to learn a little about which direction containerised cloud-centric applications are growing. Kubernetes is a portable and extensible open source platform for managing containerised workloads and services (essentially it is a container ‘orchestration’ system) that facilitates both declarative configuration and automation. The first open project in the BlueK8s initiative is Kubernetes Director (aka KubeDirector), for deploying and managing distributed ‘stateful applications’ with Kubernetes.
  • Winds – Machine Learning Powered RSS and Podcast App
    There are numerous RSS reader apps available in Linux universe, some of them are best and some of them are your native Linux apps. Not all of them are having ability to support podcast though. Winds is very beautiful RSS and podcast app based on stream API and it comes with him nice user interface and loaded with features.
  • Reaper audio editing software gets a native Linux installer
    Reaper is a powerful, versatile digital audio workstation for editing music, podcasts, or other audio projects. I’ve used it to edit and mix every single episode of the LPX podcast and Loving Project podcast. The software is also cross-platform. There 32-bit and 64-bit builds available for Windows and macOS, and there’s been an experimental Linux version for a few years.
  • Common Vision Blox 2018 with Enhanced 3D and Linux Functionality
    CVB Image Manager is the core component of Common Vision Blox and offers unrivalled functionality in image acquisition, image handling, image display and image processing. It is also included with the free CameraSuite SDK licence which is supplied with all GigE Vision or USB3 Vision cameras purchased from Stemmer Imaging. CVB 2018 Image Manager features core 3D functionality to handle point clouds and pre-existing calibrations as well as the display of 3D data. A new tool called Match 3D, which operates in both Windows and Linux, has been added. This allows a point cloud to be compared to a template point cloud, returning the 3D transformation between the two. It can be useful for 3D positioning systems and also for calculating the differences for quality control applications. The new features in CVB 2018 Image Manager have also been extended to Linux (on Intel and ARM platforms), making it even more suitable for developing solutions in embedded and OEM applications.
  • Oldest swinger in town, Slackware, notches up a quarter of a century
    Slackware, the oldest Linux distribution still being maintained, has turned 25 this week, making many an enthusiast wonder where all those years went. Mention Slackware, and the odds are that the FOSS fan before you will go a bit misty-eyed and mumble something about dependency resolution as they recall their first entry into the world of Linux. Released by Patrick Volkerding on 17 July 1993, Slackware aimed to be the most “UNIX-like” Linux distribution available and purports to be designed “with the twin goals of ease of use and stability as top priorities”. Enthusiasts downloading the distro for the first time might take issue with the former goal – the lack of a cuddly graphical installer can be jarring.
  • SDR meets AI in a mash-up of Jetson TX2, Artix-7, and 2×2 MIMO
    Deepwave Digital has launched an Ubuntu-driven, $5K “AIR-T” Mini-ITX board for AI-infused SDR, equipped with an Nvidia Jetson TX2, a Xilinx Artix-7 FPGA, and an AD9371 2×2 MIMO transceiver.
  • 8BitDo’s DIY Kit Can Turn Your Fave Retro Gamepad into a Wireless Steam Controller
    The “8BitDo Mod Kit” is a DIY package that gives you everything you need to convert an existing wired game pad for the NES, SNES, or Sega Mega Drive/Genesis systems into a fully-fledged wireless controller. A wireless controller you could then use with Ubuntu. No soldering is required. You just unscrew the case of an existing controller and the PCB inside and replace it with the one included in the mod kit. Screw it all back up and, hey presto, wireless gaming on a classic controller. Modded controllers are compatible with Steam on Windows and macOS (one assumes Linux too), as well the Nintendo Switch, and the Raspberry Pi — that’s a versatility classic game pads rarely had!
  • Are These a Risky Play with big payoff? PayPal Holdings, Inc. (PYPL) and Red Hat, Inc. (RHT)
  • How These Stocks Are Currently Valued TechnipFMC plc (FTI), Red Hat, Inc. (RHT)?
  • Form 4 RED HAT INC For: Jul 16 Filed by: Kelly Michael A
  • Form 4 RED HAT INC For: Jul 16 Filed by: KAISER WILLIAM S

Kernel: Linux 4.19 and LWN Coverage Unleashed From Paywall

  • Linux 4.19 To Feature Support For HDMI CEC With DP/USB-C To HDMI Adapters
    Adding to the big batch of feature additions and improvements queuing in DRM-Next for the upcoming Linux 4.19 kernel merge window is another round of drm-misc-next improvements. While the drm-misc-next material consists of the random DRM core and small driver changes not big enough to otherwise warrant their own individual pull requests to DRM-Next, for Linux 4.19 this "misc" material has been fairly exciting. Last week's drm-misc-next pull request introduced the Virtual KMS (VKMS) driver that offers exciting potential. With this week's drm-misc-next pull are further improvements to the VKMS code for frame-buffer and plane helpers, among other additions.
  • Nouveau Changes Queue Ahead Of Linux 4.19
    Linux 4.19 is going to be another exciting kernel on the Direct Rendering Manager (DRM) front with a lot of good stuff included while hours ago we finally got a look at what's in store for the open-source NVIDIA "Nouveau" driver. Nouveau DRM maintainer Ben Skeggs of Red Hat has updated the Nouveau DRM tree of the latest batch of patches ahead of sending in the pull request to DRM-Next. As has been the trend in recent times, the Nouveau DRM work mostly boils down to bug/regression fixes.
  • IR decoding with BPF
    In the 4.18 kernel, a new feature was merged to allow infrared (IR) decoding to be done using BPF. Infrared remotes use many different encodings; if a decoder were to be written for each, we would end up with hundreds of decoders in the kernel. So, currently, the kernel only supports the most widely used protocols. Alternatively, the lirc daemon can be run to decode IR. Decoding IR can usually be expressed in a few lines of code, so a more lightweight solution without many kernel-to-userspace context switches would be preferable. This article will explain how IR messages are encoded, the structure of a BPF program, and how a BPF program can maintain state between invocations. It concludes with a look at the steps that are taken to end up with a button event, such as a volume-up key event. Infrared remote controls emit IR light using a simple LED. The LED is turned on and off for shorter or longer periods, which is interpreted somewhat akin to morse code. When infrared light has been detected for a period, the result is called a "pulse". The time between pulses when no infrared light is detected is called a "space".
  • The block I/O latency controller
    Large data centers routinely use control groups to balance the use of the available computing resources among competing users. Block I/O bandwidth can be one of the most important resources for certain types of workloads, but the kernel's I/O controller is not a complete solution to the problem. The upcoming block I/O latency controller looks set to fill that gap in the near future, at least for some classes of users. Modern block devices are fast, especially when solid-state storage devices are in use. But some workloads can be even faster when it comes to the generation of block I/O requests. If a device fails to keep up, the length of the request queue(s) will increase, as will the time it takes for any specific request to complete. The slowdown is unwelcome in almost any setting, but the corresponding increase in latency can be especially problematic for latency-sensitive workloads.

Microsoft's Lobbying Campaign for Android Antitrust Woes

  • Google Hints A Future Where Android Might NOT Be Free
  • Android has created more choice, not less
  • Google Fined Record $5 Billion by EU, Given 90 Days to Stop ‘Illegal Practices’

    EU regulators rejected arguments that Apple Inc. competes with Android, saying Apple’s phone software can’t be licensed by handset makers and that Apple phones are often priced outside many Android users’ purchasing power.

  • EU: Google illegally used Android to dominate search, must pay $5B fine

    Thirdly, Google allegedly ran afoul of EU rules by deterring manufacturers from using Android forks. Google "has prevented manufacturers wishing to pre-install Google apps from selling even a single smart mobile device running on alternative versions of Android that were not approved by Google," the commission said.

  • EU hits Google with US$5b fine over alleged Android misuse

    The European Union has hit Google with a second fine in as many years, demanding that the search behemoth pay €4.34 billion (US$5.05 billion, A$6.82 billion) for breaching anti-trust rules over its Android mobile operating system.

    Announcing the fine on Wednesday in Brussels, the EU said Google must end such conduct within 90 days or pay a penalty of up to 5% of the average daily turnover of its parent company, Alphabet.

    The company has said it will appeal against the fine.

  • iPhone users buy half as many apps as Android users, but spend twice as much

    Apple's app store is still yielding twice the revenue of Google Play, and yet is only recording half the number of downloads.

    The figures for Q1&2 of the year suggest Apple owners spent $22.6bn on apps, whilst Android users only spent $11.8bn.

  • The EU fining Google over Android is too little, too late, say experts

    The Play Store is free to use under licence from Google, but comes with a set of conditions smartphone manufacturers must meet. The most important of these, and the one the EC has a problem with, is the requirement to set Google as the default search engine and the pre-installation of certain apps, including Google Chrome, YouTube and the Google search app. Google also dictates that some of the pre-installed apps be placed on the homescreen.

  • Don’t Expect Big Changes from Europe’s Record Google Fine

    The decision by the European Commission, the EU’s regulatory arm, found that Google manages Android, which runs roughly 80 percent of the world’s smartphones, in ways that illegally harm competition. The ruling focused on three practices: the bundling of Google's Chrome web browser and its search app as a condition for licensing the Google Play store; payments Google makes to phone manufacturers and telecom companies to exclusively preinstall the Google search app on their devices; and Google's practice of prohibiting device makers from running Google apps on Android “forks,” or alternative versions of the software unapproved by Google. In its ruling, the commission ordered Google to stop all of those practices.