Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 24 Jun 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Repliessort icon Last Post
Story Diamonds are a girl's best friend srlinuxx 10/04/2005 - 11:45pm
Story AMD not out of the Race yet srlinuxx 10/04/2005 - 11:53pm
Story techiemoe rants: srlinuxx 10/08/2009 - 7:01pm
Story More BS from the Evil One. srlinuxx 10/04/2005 - 11:27pm
Story Doom3 for those with little or no PC! srlinuxx 11/04/2005 - 12:49am
Story Linux leaders at open-source summit srlinuxx 10/04/2005 - 11:35pm
Story This months Cosmo srlinuxx 06/02/2005 - 4:03am
Story Mandrake's Clustering Again srlinuxx 11/04/2005 - 4:58pm
Story No Case - No Problem srlinuxx 11/04/2005 - 5:35am
Story ATI has released 64-Bit drivers srlinuxx 10/04/2005 - 11:38pm

There's A Professional Grade Digital Cinema Camera Powered By Linux

Filed under
Linux

Digital camera startup Octopus Cinema has been designing the "OCTOPUSCAMERA" as a digital cinema camera that's professional grade yet is an open platform with removable/upgradeable parts and this camera platform itself is running Linux.

The OCTOPUSCAMERA supports up to 5K full frame recording, weighs less than 1kg, and is powered by Linux. It's a rather ambitious device and they aim to be shipping in 2020.

Read more

Also: Old Linus Torvalds is back: Linux page caching sparks 'bulls**t' outburst [Ed: Anti-Linux writers of the CBS tabloid ZDNet are mobbing Torvalds into silence again]

One Mix Yoga 3 mini laptop demostrated running Ubuntu

Filed under
Ubuntu

If you are in interested in seeing how the Ubuntu Linux operating system runs on the new One Mix Yoga 3 mini laptop. You are sure to be interested in the new video created by Brad Linder over at Liliputing. “ I posted some notes about what happened when I took Ubuntu 19.04 for a spin on the One Mix 3 Yoga in my first-look article, but plenty of folks who watched my first look video on YouTube asked for a video… so I made one of those too.”

The creators of the One Mix Yoga 3 have made it fairly easy to boot an alternative operating system simply by plugging in a bootable flash drive or USB storage device. As the mini laptop is powering up simply hit the delete key and you will be presented by the BIOS/UEFI menu. Simply change the boot priority order so that the computer will boot from a USB device and you are in business.

Read more

Security: Curl, Fedora, Windows and More

Filed under
Security
  • Daniel Stenberg: openssl engine code injection in curl

    This flaw is known as CVE-2019-5443.

    If you downloaded and installed a curl executable for Windows from the curl project before June 21st 2019, go get an updated one. Now.

  • Fedora's GRUB2 EFI Build To Offer Greater Security Options

    In addition to disabling root password-based SSH log-ins by default, another change being made to Fedora 31 in the name of greater security is adding some additional GRUB2 boot-loader modules to be built-in for their EFI boot-loader.

    GRUB2 security modules for verification, Cryptodisk, and LUKS will now be part of the default GRUB2 EFI build. They are being built-in now since those using the likes of UEFI SecureBoot aren't able to dynamically load these modules due to restrictions in place under SecureBoot. So until now using SecureBoot hasn't allowed users to enjoy encryption of the boot partition and the "verify" module with ensuring better integrity of the early boot-loader code.

  • Fedora 31 Will Finally Disable OpenSSH Root Password-Based Logins By Default

    Fedora 31 will harden up its default configuration by finally disabling password-based OpenSSH root log-ins, matching the upstream default of the past four years and behavior generally enforced by other Linux distributions.

    The default OpenSSH daemon configuration file will now respect upstream's default of prohibiting passwords for root log-ins. Those wishing to restore the old behavior of allowing root log-ins with a password can adjust their SSHD configuration file with the PermitRootLogin option, but users are encouraged to instead use a public-key for root log-ins that is more secure and will be permitted still by default.

  • Warning Issued For Millions Of Microsoft Windows 10 Users

    Picked up by Gizmodo, acclaimed Californian security company SafeBreach has revealed that software pre-installed on PCs has left “millions” of users exposed to hackers. Moreover, that estimate is conservative with the number realistically set to be hundreds of millions.

    The flaw lies in PC-Doctor Toolbox, systems analysis software which is rebadged and pre-installed on PCs made by some of the world’s biggest computer retailers, including Dell, its Alienware gaming brand, Staples and Corsair. Dell alone shipped almost 60M PCs last year and the company states PC-Doctor Toolbox (which it rebrands as part of ‘SupportAssist’) was pre-installed on “most” of them.

    What SafeBreach has discovered is a high-severity flaw which allows attackers to swap-out harmless DLL files loaded during Toolbox diagnostic scans with DLLs containing a malicious payload. The injection of this code impacts both Windows 10 business and home PCs and enables hackers to gain complete control of your computer.

    What makes it so dangerous is PC-makers give Toolbox high-permission level access to all your computer’s hardware and software so it can be monitored. The software can even give itself new, higher permission levels as it deems necessary. So once malicious code is injected via Toolbox, it can do just about anything to your PC.

  • Update Your Dell Laptop Now to Fix a Critical Security Flaw in Pre-Installed Software

    SafeBreach Labs said it targeted SupportAssist, software pre-installed on most Dell PCs designed to check the health of the system’s hardware, based on the assumption that “such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation.”

    What the researchers found is that the application loads DLL files from a folder accessible to users, meaning the files can be replaced and used to load and execute a malicious payload.

    There are concerns the flaw may affect non-Dell PCs, as well.

    The affected module within SupportAssist is a version of PC-Doctor Toolbox found in a number of other applications, including: Corsair ONE Diagnostics, Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic Tool, and Tobii Dynavox Diagnostic Tool.

    The most effective way to prevent DLL hijacking is to quickly apply patches from the vendor. To fix this bug, either allow automatic updates to do its job, or download the latest version of Dell SupportAssist for Business PCs (x86 or x64) or Home PCs (here).

    You can read a full version of the SafeBreach Labs report here.

  • TCP SACK PANIC Kernel Vulnerabilities Reported by Netflix Researchers

    On June 17th, Researchers at Netflix have identified several TCP networking vulnerabilities in FreeBSD and Linux kernels.

  • DNS Security - Getting it Right

    This paper addresses the privacy implications of two new Domain Name System (DNS) encryption protocols: DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). Each of these protocols provides a means to secure the transfer of data during Internet domain name lookup, and they prevent monitoring and abuse of user data in this process.

    DoT and DoH provide valuable new protection for users online. They add protection to one of the last remaining unencrypted ‘core’ technologies of the modern Internet, strengthen resistance to censorship and can be coupled with additional protections to provide full user anonymity.

    Whilst DoT and DoH appear to be a win for Internet users, however, they raise issues for network operators concerned with Internet security and operational efficiency. DoH in particular makes it extremely difficult for network operators to implement domain-specific filters or blocks, which may have a negative impact on UK government strategies for the Internet which rely on these. We hope that a shift to encrypted DNS will lead to decreased reliance on network-level filtering for censorship.

Drawpile 2.1.11 release

Filed under
Software

Version 2.1.11 is now out. In addition to bug fixes, this release adds one long awaited feature: the ability to detach the chat box into a separate window.

Another important change is to the server. IP bans now only apply to guest users. When a user with a registered account is banned, the ban is applied to the account only. This is to combat false positives caused by many unrelated people sharing the same IP address because of NAT.

Read more

Also: Drawpile 2.1.11 Released! Allow to Detach Chat Box into Separate

Audiocasts/Shows: Going Linux, Linux Action News, TechSNAP, GNU World Order, Linux in the Ham Shack, Python Podcast

Filed under
Interviews
  • Going Linux #371 · Listener Feedback

    Bill continues his distro hopping. We discuss the history of Linux and a wall-mountable timeline. Troy gives feedback on Grub. Grubb give feedback on finding the right distribution. Highlander talks communication security and hidden files. Ro's Alienware computer won't boot. David provides liks to articles.

  • Linux Action News 111

    Ubuntu sets the Internet on fire, new Linux and FreeBSD vulnerabilities raise concern, while Mattermost raises $50M to compete with Slack.

    Plus we react to Facebook’s Libra confirmation and the end of Google tablets.

  • SACK Attack | TechSNAP 406

    A new vulnerability may be the next ‘Ping of Death’; we explore the details of SACK Panic and break down what you need to know.

    Plus Firefox zero days targeting Coinbase, the latest update on Rowhammer, and a few more reasons it’s a great time to be a ZFS user.

  • GNU World Order 13x26
  • LHS Episode #289: Linux Deep Dive

    Hello and welcome to Episode #289 of Linux in the Ham Shack. In this episode, LHS gets a visit from Jon "maddog" Hall, a legend in the open source and Linux communities. He discusses--well--Linux. Everything you ever wanted to know about Linux from its early macro computing roots all the way up to the present. If there's something you didn't know about Linux, you're going to find it here. Make sure to listen to the outtake after the outro for 30 more minutes on Linux you problem didn't know anything about. Thanks to Jon for an illuminating and fascinating episode.

  • Podcast.__init__: Behind The Scenes At The Python Software Foundation

    One of the secrets of the success of Python the language is the tireless efforts of the people who work with and for the Python Software Foundation. They have made it their mission to ensure the continued growth and success of the language and its community. In this episode Ewa Jodlowska, the executive director of the PSF, discusses the history of the foundation, the services and support that they provide to the community and language, and how you can help them succeed in their mission.

Linux Package Managers Compared – AppImage vs Snap vs Flatpak

Filed under
GNU
Linux

Package managers provide a way of packaging, distributing, installing, and maintaining apps in an operating system. With modern desktop, server and IoT applications of the Linux operating system and the hundreds of different distros that exist, it becomes necessary to move away from platform specific packaging methods to platform agnostic ones. This post explores 3 such tools, namely AppImage, Snap and Flatpak, that each aim to be the future of software deployment and management in Linux. At the end we summarize a few key findings.

Read more

Games on GNU/Linux: Latest News and Titles

Filed under
Gaming
  • Epic's Tim Sweeney thinks Wine "is the one hope for breaking the cycle", Easy Anti-Cheat continuing Linux support

    This is as a result of this article on Wccftech, which highlights a number of other interesting statements made by Sweeney recently. The funny this is, Valve themselves are helping to improve Wine (which Sweeney touches on below) with Steam Play (which is all open source remember) and a lot of the changes make it back into vanilla Wine.

  • Insurgency: Sandstorm for Linux not due until next year, with a beta likely first

    We're in for a sadly longer wait than expected for the first-person shooter Insurgency: Sandstorm [Steam], as it's not coming until next year for Linux.

    On a recent Twitch broadcast during the free weekend, it was asked in their chat "Linux will be released along with consoles or after?" to which the Lead Game Designer, Michael Tsarouhas said (here) "We haven't really announced our Linux or Mac release either, but we will just have to update you later, right now we can say we are focused on the PC post-release content and the console releases.".

  • Tense Reflection sounds like pretty original take on combining a shooter with a puzzle game

    Tense Reflection will ask you to think, solve and shoot as you need to solve puzzles to reload your ammo making it a rather unique hybrid of game genres.

    Developed by Kommie since sometime in 2016, the gameplay is split across three different panels you will need to switch between. A colour panel to pick the colour of your shots, the puzzle panel you need to solve to apply the colour and then the shooter to keep it all going.

  • The survival game 'SCUM' seems to still be coming to Linux, no date yet though

    SCUM, a survival game from Gamepires, Croteam and Devolver Digital that was previously confirmed to eventually come to Linux is still planned.

    They never gave a date for the Linux release and they still aren't, but the good news is that it still seems to be in their minds. Writing on Steam, a developer kept it short and sweet by saying "Its not to far" in reply to my comment about hoping the Linux version isn't far off. Not exactly much to go by, but it's fantastic to know it's coming as I love survival games like this.

  • In the real-time strategy game "Moduwar" you control and change an alien organism

    I absolutely love real-time strategy games, so Moduwar was quite a catch to find. It seems rather unique too, especially how you control everything.

    Instead of building a traditional base and units, you control an alien organism that can split and change depending on what you need to do. It sounds seriously brilliant! Even better, is that it will support Linux. I asked on the Steam forum after finding it using the Steam Discovery Queue, to which the developer replied with "Yes, there will be a Linux version, that's the plan. Thanks :)".

Review: Clear Linux and Guix System 1.0.1

Filed under
Reviews

Clear Linux is a rolling release distro that places a strong emphasis on performance. The distribution focuses on providing optimizations for Intel (and compatible) CPU platforms and often scores well in benchmark tests.

I previously experimented briefly with Clear Linux in 2017 and found it to be very minimal in its features. The distribution presented users with a command line interface by default and, while it was possible to install a desktop environment from the project's repositories, it was not focused on desktop computing. These days Clear Linux is available in several editions. There are separate builds for command line and desktop editions, along with cloud and specially tailored virtual machine builds.

I downloaded the distribution's live desktop edition which was a 2.2GB compressed file. Expanding the download unpacks a 2.3GB ISO. It actually took longer for me to decompress the file than it would have to download the extra 100MB so the compression used on the archive is probably not practical.

Trying to boot from the live desktop media quickly resulted in Clear Linux running into a kernel panic and refusing to start. This was done trying version 29410 of the distribution and, since new versions come along almost every day, I waited a while and then downloaded another version: Clear Linux 29590. The new version had an ISO approximately the same size and, after it passed its checksum, it too failed to boot due to a kernel panic.

I have used Clear Linux on this system before and, though it technically utilizes an AMD CPU, that was not an issue during my previous trial. The current situation does make me wonder if Clear Linux might have optimized itself so much that it is no longer capable of running on previous generation processors.

Read more

Horde vs Roundcube vs Squirrelmail - Which Works Best

Filed under
Server
Software
Web

Webmail is a great way to access your emails from different devices and when you are away from your home. Now, most web hosting companies include email with their server plans. And all of them offer the same three, webmail clients as well: RoundCube, Horde, and SquirrelMail. They are part of the cPanel - most popular hosting control panel.

Read more

today's leftovers

Filed under
Misc
  • Hardware Review - The ZaReason Virtus 9200 Desktop
  • Chrome OS 76 will disable Crostini Linux backups by default

    Essentially, this is still a work in progress feature. And I shouldn’t be terribly surprised by that, even though in my experience, the functionality hasn’t failed me yet.
    That’s because we know that the Chromium team is considering on a way to backup and restore Linux containers directly from the Files app on a Chromebook. That proposal is targeted for Chrome OS 78, so this gives the team more time to work that out, as well as any other nits that might not be quite right with the current implementation.

  • Andrei Lisita: Something to show for

    Unfortunately along with the progress that was made we also encountered a bug with the NintendoDS core that causes Games to crash if we attempt to load a savestate. We are not yet 100% sure if the bug is caused by my changes or by the NintendoDS core itself.

    I hope we are able to fix it by the end of the summer although I am not even sure where to start since savestates are working perfectly fine with other cores. Another confusing matter about this is that the Restart/Resume Dialog works fine with the NintendoDS core and it also uses savestates. This led me to believe that perhaps cores can be used to load savestates only once, but this can’t be the problem since we re-instantiate the core every time we load a savestate.

    In the worst case we might just have to make a special case for the NintendoDS core and not use savestates with it, except for the Resume/Restart dialog. This would sadden me deeply since there are plenty of NintendoDS games which could benefit from this feature.

  • OSMC's June update is here with Kodi v18.3

    Team Kodi recently announced the 18.3 point release of Kodi Leia. We have now prepared this for all supported OSMC devices and added some improvements and fixes. Here's what's new:

OSS Leftovers

Filed under
OSS
  • A comparison of open source, real-time data streaming platforms

    A variety of open source, real-time data streaming platforms are available today for enterprises looking to drive business insights from data as quickly as possible. The options include Spark Streaming, Kafka Streams, Flink, Hazelcast Jet, Streamlio, Storm, Samza and Flume -- some of which can be used in tandem with each other.

    Enterprises are adopting these real-time data streaming platforms for tasks such as making sense of a business marketing campaign, improving financial trading or recommending marketing messages to consumers at critical junctures in the customer journey. These are all time-critical areas that can be used for improving business decisions or baked into applications driven by data from a variety of sources.

  • Amphenol’s Jason Ellison on Signal Integrity Careers and His Free, Open Source PCB Design Software

    Ellison, Senior Staff Signal Integrity Engineer at Amphenol ICC, gives his insight on the importance of networking, giving to the EE community, and his open-source signal integrity project.
    How does signal integrity engineering compare to other EE fields? What are open-source resources worth these days? What makes for a good work life for an engineer? Learn this and more in this Engineer Spotlight!

    Jason Ellison started down the path to becoming an electrical engineer because someone told him it was "fun and easy if you're good at math." In this interview with AAC's Mark Hughes, Ellison—a Senior Staff Signal Integrity Engineer at Amphenol ICC—describes how his career has grown from these beginnings into the rewarding and diverse work of signal integrity engineering.

  • Cruise open-sources Webviz, a tool for robotics data analysis [Ed: Releasing a little tool that's part of proprietary software so that it 'feels' more "open"]

    Cruise, the self-driving startup that General Motors acquired for nearly $1 billion in 2016, generates an enormous amount of data by any measure. It orchestrates 200,000 hours of driving simulation jobs daily in Google Cloud Platform, spread across 30,000 virtual cars in an environment running on 300,000 processor cores and 5,000 graphics cards. Both those cars and Cruise’s fleet of over 180 real-world autonomous Chevrolet Bolts make thousands of decisions every second, and they base these decisions on observations captured in binary format from cameras, microphones, radar sensors, and lidar sensors.

  • EWF launches world’s first open source blockchain for the energy industry

    The Energy Web Foundation this week announced that it has launched the world’s first public, open-source, enterprise-grade blockchain tailored to the energy sector: the Energy Web Chain (EW Chain).
    More than ten Energy Web Foundation (EWF) Affiliates — including utilities, grid operators, and blockchain developers — are hosting validator nodes for the live network, according to the company.

  • Pimcore Releases Pimcore 6.0, Amplifying User-Friendly Digital Experiences Through Open Source

    Pimcore, the leading open-source platform for data and customer experience management, has released the most powerful version of the Pimcore platform, Pimcore 6.0. The updated platform includes a new user interface that seamlessly connects MDM/PIM, DAM, WCM, and digital commerce capabilities to create more advanced and user-friendly experiences quickly and efficiently.

  • VCV Rack reaches version 1.0.0: free and open-source modular synth gets a full release

    VCV Rack is a free, open-source modular software synth that’s been gaining ground for a couple of years, but only now has it reached the significant milestone of version 1.0.

    Designed to replicate the feeling of having a hardware modular synth on your desktop, VCV Rack enables you to add both free and paid-for modules, and now supports polyphony of up to 16 voices. There’s MIDI Output, too with CV-Gate, CV-MIDI and CV-CC modules enabling you to interface with drum machines, desktop synths and Eurorack gear.

  • Flying Above the Shoulders of Giants

    Thanks to open-source platforms, developers can stand on the shoulders of software giants to build bigger and better things. Linux is probably the biggest...

  • MIT Researchers Open-Source AutoML Visualization Tool ATMSeer

    A research team from MIT, Hong Kong University, and Zhejiang University has open-sourced ATMSeer, a tool for visualizing and controlling automated machine-learning processes.

    Solving a problem with machine learning (ML) requires more than just a dataset and training. For any given ML tasks, there are a variety of algorithms that could be used, and for each algorithm there can be many hyperparameters that can be tweaked. Because different values of hyperparameters will produce models with different accuracies, ML practitioners usually try out several sets of hyperparameter values on a given dataset to try to find hyperparameters that produce the best model. This can be time-consuming, as a separate training job and model evaluation process must be conducted for each set. Of course, they can be run in parallel, but the jobs must be setup and triggered, and the results recorded. Furthermore, choosing the particular values for hyperparameters can involve a bit of guesswork, especially for ones that can take on any numeric value: if 2.5 and 2.6 produce good results, maybe 2.55 would be even better? What about 2.56 or 2.54?

  • Open-Source Cybersecurity Tool to Enhance Grid Protection

    A revolutionary new cybersecurity tool that can help protect the electric power grid has been released to the public on the code-hosting website GitHub.

  • Quick notes for Mozilla Whistler All Hands 2019
  • Deeper into the data fabric with MongoDB

    However, to gain access to rich search functionality, many organisations pair their database with a search engine such as Elasticsearch or Solr, which MongoDB claims can complicate development and operations — because we end up with two entirely separate systems to learn, maintain and scale.

Raspberry Pi 4 is here!

Filed under
Linux

The latest version of the Raspberry Pi—Raspberry Pi 4—was released today, earlier than anticipated, featuring a new 1.5GHz Arm chip and VideoCore GPU with some brand new additions: dual-HDMI 4K display output; USB3 ports; Gigabit Ethernet; and multiple RAM options up to 4GB.

The Raspberry Pi 4 is a very powerful single-board computer and starts at the usual price of $35. That gets you the standard 1GB RAM, or you can pay $45 for the 2GB model or $55 for the 4GB model—premium-priced models are a first for Raspberry Pi.

Read more

Open Data, Open Access and Open Hardware

Filed under
OSS
  • DoD’s Joint AI Center to open-source natural disaster satellite imagery data set

    As climate change escalates, the impact of natural disasters is likely to become less predictable. To encourage the use of machine learning for building damage assessment this week, Carnegie Mellon University’s Software Engineering Institute and CrowdAI — the U.S. Department of Defense’s Joint AI Center (JAIC) and Defense Innovation Unit — open-sourced a labeled data set of some of the largest natural disasters in the past decade. Called xBD, it covers the impact of disasters around the globe, like the 2010 earthquake that hit Haiti.

    “Although large-scale disasters bring catastrophic damage, they are relatively infrequent, so the availability of relevant satellite imagery is low. Furthermore, building design differs depending on where a structure is located in the world. As a result, damage of the same severity can look different from place to place, and data must exist to reflect this phenomenon,” reads a research paper detailing the creation of xBD.

    [...]

    xBD includes approximately 700,000 satellite images of buildings before and after eight different kinds of natural disasters, including earthquakes, wildfires, floods, and volcanic eruptions. Covering about 5,000 square kilometers, it contains images of floods in India and Africa, dam collapses in Laos and Brazil, and historic deadly fires in California and Greece.

    The data set will be made available in the coming weeks alongside the xView 2.0 Challenge to unearth additional insights from xBD, coauthor and CrowdAI machine learning lead Jigar Doshi told VentureBeat. The data set collection effort was informed by the California Air National Guard’s approach to damage assessment from wildfires.

  • Open-source textbooks offer free alternative for UC Clermont students

    Some UC Clermont College students are avoiding paying hundreds of dollars for textbooks — and getting the content for free — thanks to online open-source textbooks, a growing trend among faculty at the college and throughout higher education.

    UC Clermont Dean Jeff Bauer, who is also a professor of business, said the benefits of open textbooks are many. “All students have the book on the first day of class, it saves them a lot of money, and the information can be accessed anywhere, anytime, without carrying around a heavy textbook,” Bauer said. “They don’t need to visit the bookstore before or after each semester to buy or sell back books, either.”

  • Open Source Computer Controlled Loom Knits Pikachu For You

    The origin story of software takes us back past punch card computers and Babbage's Difference Engine to a French weaver called Joseph Marie Jacquard.

  • Successful open-source RISC-V microcontroller launched through crowdfunding

    X-FAB Silicon Foundries, together with crowd-sourcing IC platform partner Efabless Corporation, launched the first-silicon availability of the Efabless RISC-V SoC reference design. This open-source semiconductor project went from start of design to tape-out in less than three months employing the Efabless design flow produced on open-source tools. The mixed-signal SoC, called Raven, is based on the community developed ultra-low power PicoRV32 RISC-V core. Efabless has bench-tested the Raven at 100MHz, and based on simulations, the solution should operate at up to 150MHz.

  • Open Hardware: Open-Source MRI Scanners Could Bring Enormous Cost Savings

    Wulfsberg explore the possibilities of open source MRI scanning. As open-source technology takes its place around the world—everywhere from makerspaces to FabLabs, users on every level have access to design and innovation. In allowing such access to MRI scanning, the researchers realize the potential for ‘technological literacy’ globally—and with MRIs specifically, astronomical sums could be saved in healthcare costs.

    The authors point out that medical technology is vital to the population of the world for treating not only conditions and illnesses, but also disabilities. As so many others deeply involved in the world of technology and 3D printing realize, with greater availability, accessibility, and affordability, huge strides can be made to improve and save lives. Today, with so many MRI patents expiring, the technology is open for commercialization.

Security: Password Managers, 'Cyber Militia', Linux Kernel "LOCKDOWN" and IPFire 2.23

Filed under
Security
  • Open source vs proprietary password managers [Ed: If it's proprietary software, then you can never trust what it's doing with all your passwords; it can compromise everything you have. Like putting a bandit in charge of guarding a neighbourhood]

    Nowadays, we all have huge numbers of subscriptions to online accounts and services. For those accounts to be secure, each one of them must have a unique, robust password. What’s more, truly strong passwords must be complicated, which means that they are extremely difficult to remember.

  • Cyber Militia Launches Non-Profit to Share Technology [Ed: The NSA uses the term "Cyber Militia"; what a bunch of thugs.

    RockNSM is a network security monitoring platform that uses open source technologies, such as CentOS, which is an operating system derived from the RedHat enterprise-level open source system. RockNSM formed the basis for a Task Force Echo network anomaly detection system used for real-world cyber operations.

  • Linux Kernel "LOCKDOWN" Ported To Being An LSM, Still Undergoing Review

    It didn't make it for the Linux 5.2 kernel and now it's up to its 33rd revision on the Linux kernel mailing list... The "lockdown" patches for locking down access to various kernel hardware features has been reworked now and is a Linux Security Module (LSM) as it still tries to get enough endorsements to be mainlined.

    The Lockdown effort has been most recently led by Google's Matthew Garrett and with this 33rd revision he reworked the code to serve as an LSM module. The Lockdown functionality prohibits writing to /dev/mem, restricts PCI BAR and CPU MSR access, doesn't allow kernel module parameters that touch hardware settings, drops system hibernation support, and disables other functionality that could potentially change the hardware state or running Linux kernel image.

  • IPFire 2.23 - Core Update 133 has been released

    This update brings many updates on the core libraries of the system. Various changes to our build system are also helping us to build a more modern distribution, faster. The toolchain is now based on GCC 8.3.0, binutils 2.32 and glibc 2.29 which bring various bugfixes, performance improvements and some new features.

    Although these might not be the most exciting changes, we recommend upgrading as soon as possible since this is essential hardening for backbone components of the user-space.

Nordic Theme on Ubuntu Desktop GNOME 3

Filed under
GNOME

Nordic is currently ranked #10 most popular GTK3 theme on OpenDesktop.org. This article exposes this theme beauty and explains how to install every component on Ubuntu 18.04. You can practice the installation procedures on other distros as long as it uses GNOME 3 as the user interface.

Read more

GNU APL 1.8 Released

Filed under
GNU

I am happy to announce that GNU APL 1.8 has been released.
GNU APL is a free implementation of the ISO standard 13751 aka.
"Programming Language APL, Extended",

Read more

KDE: Usability & Productivity, Skrooge 2.20.0, New Site for Konsole and GSoC

Filed under
KDE
  • KDE Usability & Productivity: Week 76

    Week 76 in KDE’s Usability & Productivity initiative is here! This week’s progress report includes the first several says of the Usability & Productivity sprint, and as such, it’s absolutely overflowing with cool stuff!

  • KDE's Night Color Feature Being Ported From Wayland To X11

    It's another busy summer in the KDE space with a nice mixture of bug fixes and features being pursued for KDE Frameworks, KDE Plasma, and KDE Applications.

    One new feature coming is a back-porting of their night color feature from Wayland to X11. KDE, like many other desktops these days, has offered a "night color" option that adjusts the gamma ramp for the display output. This feature has just been supported on Wayland given that's their focus moving forward, but with no major blockers in supporting the feature on X11, that is now being addressed. This X11 support for the night color feature is coming for Plasma 5.17.

  • Skrooge 2.20.0 released

    The Skrooge Team announces the release 2.20.0 version of its popular Personal Finances Manager based on KDE Frameworks.

  • New website for Konsole

    The content could probably still need some improvements, so if you find typos or want to improve the wording of a sentence, please get in touch with KDE Promo. The good news is that you don’t need to be a programmer for this.

    [...]

    The new website uses Jekyll to render static html. Because the layout and the design aren’t unique to konsole.kde.org, I created a special Jekyll located at invent.kde.org/websites/jekyll-kde-theme, so that only the content and some configuration files are located in the websites/konsole-kde-org repository. This make it easier to maintain and will make it easier to change others website in the future without repeating ourself.

    This was a bit harder to deploy than I first though, I had problem with installing my Jekyll theme in the docker image, but after the third or fourth try, it worked and then I had an encoding issue, that wasn’t present on my development machine.

  • Crazy Last Weeks

    Last weeks have been crazy for me. Since the GSoC began, I have been rushing everything related to university and my life to dedicate exclusively to the development. Besides the two classes I was taking, Static Code Analysis and Approximation Algorithms, I had my obligatory teaching internship in Project and Analysis of Algorithms for the postgraduate program, where I was responsible for creating and evaluating assignments for 50+ students and answering general questions.

    [...]

    I am using as my environment the Qt Creator, and I am focusing in the algorithm for creation of specific graph classes inside the generategraphwidget. I have already implemented algorithms for Paths, Complete and Complete Bipartite graphs, besides fixing some details here and there. These modifications are still only in my local machine, as I am having some problems pushing the commits (I must be doing something wrong in my configuration).

Syndicate content

More in Tux Machines

Security: Curl, Fedora, Windows and More

  • Daniel Stenberg: openssl engine code injection in curl

    This flaw is known as CVE-2019-5443. If you downloaded and installed a curl executable for Windows from the curl project before June 21st 2019, go get an updated one. Now.

  • Fedora's GRUB2 EFI Build To Offer Greater Security Options

    In addition to disabling root password-based SSH log-ins by default, another change being made to Fedora 31 in the name of greater security is adding some additional GRUB2 boot-loader modules to be built-in for their EFI boot-loader. GRUB2 security modules for verification, Cryptodisk, and LUKS will now be part of the default GRUB2 EFI build. They are being built-in now since those using the likes of UEFI SecureBoot aren't able to dynamically load these modules due to restrictions in place under SecureBoot. So until now using SecureBoot hasn't allowed users to enjoy encryption of the boot partition and the "verify" module with ensuring better integrity of the early boot-loader code.

  • Fedora 31 Will Finally Disable OpenSSH Root Password-Based Logins By Default

    Fedora 31 will harden up its default configuration by finally disabling password-based OpenSSH root log-ins, matching the upstream default of the past four years and behavior generally enforced by other Linux distributions. The default OpenSSH daemon configuration file will now respect upstream's default of prohibiting passwords for root log-ins. Those wishing to restore the old behavior of allowing root log-ins with a password can adjust their SSHD configuration file with the PermitRootLogin option, but users are encouraged to instead use a public-key for root log-ins that is more secure and will be permitted still by default.

  • Warning Issued For Millions Of Microsoft Windows 10 Users

    Picked up by Gizmodo, acclaimed Californian security company SafeBreach has revealed that software pre-installed on PCs has left “millions” of users exposed to hackers. Moreover, that estimate is conservative with the number realistically set to be hundreds of millions. The flaw lies in PC-Doctor Toolbox, systems analysis software which is rebadged and pre-installed on PCs made by some of the world’s biggest computer retailers, including Dell, its Alienware gaming brand, Staples and Corsair. Dell alone shipped almost 60M PCs last year and the company states PC-Doctor Toolbox (which it rebrands as part of ‘SupportAssist’) was pre-installed on “most” of them. What SafeBreach has discovered is a high-severity flaw which allows attackers to swap-out harmless DLL files loaded during Toolbox diagnostic scans with DLLs containing a malicious payload. The injection of this code impacts both Windows 10 business and home PCs and enables hackers to gain complete control of your computer. What makes it so dangerous is PC-makers give Toolbox high-permission level access to all your computer’s hardware and software so it can be monitored. The software can even give itself new, higher permission levels as it deems necessary. So once malicious code is injected via Toolbox, it can do just about anything to your PC.

  • Update Your Dell Laptop Now to Fix a Critical Security Flaw in Pre-Installed Software

    SafeBreach Labs said it targeted SupportAssist, software pre-installed on most Dell PCs designed to check the health of the system’s hardware, based on the assumption that “such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation.” What the researchers found is that the application loads DLL files from a folder accessible to users, meaning the files can be replaced and used to load and execute a malicious payload. There are concerns the flaw may affect non-Dell PCs, as well. The affected module within SupportAssist is a version of PC-Doctor Toolbox found in a number of other applications, including: Corsair ONE Diagnostics, Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic Tool, and Tobii Dynavox Diagnostic Tool. The most effective way to prevent DLL hijacking is to quickly apply patches from the vendor. To fix this bug, either allow automatic updates to do its job, or download the latest version of Dell SupportAssist for Business PCs (x86 or x64) or Home PCs (here). You can read a full version of the SafeBreach Labs report here.

  • TCP SACK PANIC Kernel Vulnerabilities Reported by Netflix Researchers

    On June 17th, Researchers at Netflix have identified several TCP networking vulnerabilities in FreeBSD and Linux kernels.

  • DNS Security - Getting it Right

    This paper addresses the privacy implications of two new Domain Name System (DNS) encryption protocols: DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). Each of these protocols provides a means to secure the transfer of data during Internet domain name lookup, and they prevent monitoring and abuse of user data in this process. DoT and DoH provide valuable new protection for users online. They add protection to one of the last remaining unencrypted ‘core’ technologies of the modern Internet, strengthen resistance to censorship and can be coupled with additional protections to provide full user anonymity. Whilst DoT and DoH appear to be a win for Internet users, however, they raise issues for network operators concerned with Internet security and operational efficiency. DoH in particular makes it extremely difficult for network operators to implement domain-specific filters or blocks, which may have a negative impact on UK government strategies for the Internet which rely on these. We hope that a shift to encrypted DNS will lead to decreased reliance on network-level filtering for censorship.

Drawpile 2.1.11 release

Version 2.1.11 is now out. In addition to bug fixes, this release adds one long awaited feature: the ability to detach the chat box into a separate window. Another important change is to the server. IP bans now only apply to guest users. When a user with a registered account is banned, the ban is applied to the account only. This is to combat false positives caused by many unrelated people sharing the same IP address because of NAT. Read more Also: Drawpile 2.1.11 Released! Allow to Detach Chat Box into Separate

Audiocasts/Shows: Going Linux, Linux Action News, TechSNAP, GNU World Order, Linux in the Ham Shack, Python Podcast

  • Going Linux #371 · Listener Feedback

    Bill continues his distro hopping. We discuss the history of Linux and a wall-mountable timeline. Troy gives feedback on Grub. Grubb give feedback on finding the right distribution. Highlander talks communication security and hidden files. Ro's Alienware computer won't boot. David provides liks to articles.

  • Linux Action News 111

    Ubuntu sets the Internet on fire, new Linux and FreeBSD vulnerabilities raise concern, while Mattermost raises $50M to compete with Slack. Plus we react to Facebook’s Libra confirmation and the end of Google tablets.
  • SACK Attack | TechSNAP 406

    A new vulnerability may be the next ‘Ping of Death’; we explore the details of SACK Panic and break down what you need to know. Plus Firefox zero days targeting Coinbase, the latest update on Rowhammer, and a few more reasons it’s a great time to be a ZFS user.

  • GNU World Order 13x26
  • LHS Episode #289: Linux Deep Dive

    Hello and welcome to Episode #289 of Linux in the Ham Shack. In this episode, LHS gets a visit from Jon "maddog" Hall, a legend in the open source and Linux communities. He discusses--well--Linux. Everything you ever wanted to know about Linux from its early macro computing roots all the way up to the present. If there's something you didn't know about Linux, you're going to find it here. Make sure to listen to the outtake after the outro for 30 more minutes on Linux you problem didn't know anything about. Thanks to Jon for an illuminating and fascinating episode.

  • Podcast.__init__: Behind The Scenes At The Python Software Foundation

    One of the secrets of the success of Python the language is the tireless efforts of the people who work with and for the Python Software Foundation. They have made it their mission to ensure the continued growth and success of the language and its community. In this episode Ewa Jodlowska, the executive director of the PSF, discusses the history of the foundation, the services and support that they provide to the community and language, and how you can help them succeed in their mission.

today's howtos