Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 24 May 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Repliessort icon Last Post
Story Mandrakesoft and Conectiva Merger srlinuxx 11/04/2005 - 3:20am
Story Ebay Sued srlinuxx 11/04/2005 - 3:20am
Story FBI Being Spoofed in Email srlinuxx 11/04/2005 - 3:19am
Story Nvidia to release 75 series driver srlinuxx 11/04/2005 - 3:19am
Story NVIDIA Unleashes 6800 Mobile GPU srlinuxx 11/04/2005 - 3:18am
Story Newest Vulnerabilities in php apps srlinuxx 11/04/2005 - 3:18am
Story aKademy 2005 Logo Contest Launched srlinuxx 11/04/2005 - 6:29am
Story SCO and The Titanic srlinuxx 11/04/2005 - 4:28am
Story IBM backs open-source Web software srlinuxx 11/04/2005 - 4:27am
Story Who will take home the Gold? srlinuxx 11/04/2005 - 4:25am

Graphics in Linux: Vega/AMD

Filed under
Graphics/Benchmarks

Neptune Plasma 5 ISO Update May

Filed under
GNU
Linux

We are proud to announce the may update for our Neptune Plasma 5 ISO.

This version comes again with numerous detail improvements. We updated the Excalibur applicationmenu and improved it to support scrolling through your favorites and showing more than 3 sysactions.

Read more

Linux 4.12 Gained A Lot Of Weight: More Than One Million New Lines

Filed under
Linux

With big merges this cycle from the DRM additions, a lot of new staging code, and more, the Linux 4.12 kernel is a bit heavier... Here's some numbers.

Curious how Linux 4.12 sizes in with the merge window closing this weekend and all major code pulled for it, here are some Git statistics I ran this morning on the tree for seeing how much 4.12 has grown over Linux 4.11.

Read more

CIOs growing weary of database lock-in, increasingly buying into open source

Filed under
OSS

Oracle's annual revenue has been flat for the last five years, with new license revenue in steady decline during that same period. According to co-CEO Mark Hurd, however, Oracle can decline for decades and still retain its top spot on the database heap. He may be right.

Despite growth from would-be challengers, the database provides the ultimate lock-in. As such, the real question is not how fast companies will dump Oracle for rival databases, but rather how fast cloud computing will grow, given Oracle's relative weakness in that area.

Read more

Security Leftovers

Filed under
Security
  • Six things you need to know about IoT security
  • OpenStack Cloud Security Moves Forward

    When it comes to understanding security in the cloud and specifically security in OpenStack clouds, there are many factors to consider. In a panel session moderated by eWEEK at the OpenStack Summit in Boston, leaders from across different elements of the OpenStack security spectrum provided insight and recommendations on cloud security.

    Security is a broad term in the OpenStack context and isn't just one single item. There is the OpenStack Security Project, which has a mission to help build tools and processes that help to secure OpenStack and its various projects. There is also the Vulnerability Management Team (VMT) that handles vulnerabilities for OpenStack project. Security in OpenStack is also reflected in various OpenStack projects, including notably Project Barbican for security key management. Finally there is just general security for cloud deployment by operators, which includes secure configuration and monitoring.

  • We Wuz Warned

    The tools that are infecting computers worldwide were indeed developed by, and then leaked from, the NSA. (Thanks for nothing, spooks.) The bitcoin.com article contains tips about how to protect yourself, and links to Windows patches, if you haven't yet been hit. Fortunately for us, the attacks seem to be focused on Windows systems; our Linux desktops are so far unscathed.

  • NSA-created cyber tool spawns global attacks — and victims include Russia

    Leaked alleged NSA hacking tools appear to be behind a massive cyberattack disrupting hospitals and companies across Europe, Asia, with Russia among the hardest-hit countries.

    But the Department of Homeland Security told POLITICO it had not confirmed any attacks in the U.S. on government targets or vital industries, such as hospitals and banks.

  • GCHQ tweeted about keeping Britain cyber-safe and it majorly backfired
  • Leaked NSA Hacking Tool On Global Ransomware Rampage [Ed: No, the problem isn't "patching" or "upgrade", the problem is Windows itself, irrespective of which version (back doors)]

    Thus, there's some debate online about whether the "problem" here is organizations who don't upgrade/patch or the NSA. Of course, these things are not mutually exclusive: you can reasonably blame both. Failing to update and patch your computers is a bad idea these days -- especially for large organizations with IT staff who should know better.

  • An NSA-derived ransomware worm is shutting down computers worldwide
  • WCry is so mean Microsoft issues patch for 3 unsupported Windows versions [Ed: Back doors in old versions of Windows belatedly closed because Microsoft risks losing millions of useds [sic] for good]

Graphics in Linux

Filed under
Graphics/Benchmarks
  • Mesa 17.0.6 Released With Polaris 12 RADV Support

    For those that haven't yet switched over to the newly-stable Mesa 17.1 series, last quarter's Mesa 17.0 series was just updated with the v17.0.6 point release.

  • Radeon's ROCm OpenCL Runtime Finally Open-Sourced

    AMD has made good on their word to open-source their ROCm OpenCL stack.

    AMD hadn't been contributing much to their Clover-based Gallium3D OpenCL stack in quite some time as their focus shifted to their ROCm-based compute stack with plans to eventually open up their OpenCL implementation. That implementation is now available as open-source.

  • Mesa 17.2 Planned For Release Mid-August

    With Mesa 17.1 having been released this week, the release calendar has been updated for Mesa 17.2.

  • Vulkan 1.0.49 Introduces Two New Extensions

    It had been close to one month since the last Vulkan update, which is rare since usually point releases to Vulkan 1.0 ship every week or two. But with the wait comes many bug fixes to the specifications as well as two new specifications.

    Vulkan 1.0.49 contains a number of document clarifications, new commentary, and in total fixes four GitHub issues and 11 internal issues.

NHS Cautionary Tale About Windows

Filed under
Microsoft
Security

Windows Chaos

Filed under
Microsoft
Security
  • ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks

    WikiLeaks has released the latest instalment in the #Vault7 series, detailing two apparent CIA malware frameworks dubbed ‘AfterMidnight’ and ‘Assassin’ which it says target the Microsoft Windows platform.

  • WannaCry ransomware used in widespread attacks all over the world

    Earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world. In these attacks, data is encrypted with the extension “.WCRY” added to the filenames.

    Our analysis indicates the attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows. This exploit (codenamed “EternalBlue”) has been made available on the internet through the Shadowbrokers dump on April 14th, 2017 and patched by Microsoft on March 14.

  • NHS left reeling by cyber-attack: ‘We are literally unable to do any x-rays’

    Thousands of patients across England and Scotland have been in limbo after an international cyber-attack hit the NHS, with many having operations cancelled at the last minute.

    Senior medics sought to reassure patients that they could be seen in the normal way in emergencies, but others were asked to stay away if possible.

    According to one junior doctor who works in a London hospital, the attack left hospitals struggling to care for people. “However much they pretend patient safety is unaffected, it’s not true. At my hospital we are literally unable to do any x-rays, which are an essential component of emergency medicine,” the doctor told the Guardian.

  • "Worst-Ever Recorded" Ransomware Attack Strikes Over 57,000 Users Worldwide, Using NSA-Leaked Tools

    Update 4: According to experts tracking and analyzing the worm and its spread, this could be one of the worst-ever recorded attacks of its kind. The security researcher who tweets and blogs as MalwareTech told The Intercept “I’ve never seen anything like this with ransomware," and "the last worm of this degree I can remember is Conficker.” Conficker was a notorious Windows worm first spotted in 2008; it went on to infect over nine million computers in nearly 200 countries.

Here comes Treble: A modular base for Android

Filed under
Android

On the Android team, we view each dessert release as an opportunity to make Android better for our users and our ecosystem partners. One thing we've consistently heard from our device-maker partners is that updating existing devices to a new version of Android is incredibly time consuming and costly.

With Android O, we've been working very closely with device makers and silicon manufacturers to take steps toward solving this problem, and we're excited to give you a sneak peek at Project Treble, the biggest change to the low-level system architecture of Android to date.

Read more

today's leftovers

Filed under
Misc
  • Hardening SSH authentication using Yubikey (1/2)
  • Hardening SSH authentication using Yubikey (2/2)
  • KDE 4/5 Affected By A Root Exploit Vulnerability

    The issue in KAuth paired with a problem in smb4k can allow an attacker to gain root access on a local machine. This exploit has been tested on openSUSE Leap and Fedora 26 Alpha, among other distributions.

    More details on the issue are still coming to light but there is some detailed information via this oss-security posting.

  • Meson and GXml

    After a call, Yannick has pushed a patch to add Meson build system to GXml. This is my first time using Meson and I really love it.

    After a set of patches, I’ve managed to fix most installation and Unit Test integration.

  • Which Apps Would You Like to See as Snaps?

    Which applications would you like to see made available as Snap?

    That’s the question being asked by the Snapcraft community who work on the technology.

  • conjure-up dev summary for week 19

    We sent out a proposal outlining why we wanted to go with a particular solution and made sure to solicit input from the community to either get approval or see if there were any other solutions. Read about that proposal and responses for more details into that process and the pros and cons. The conclusion was to go with our proposal and bundle LXD into conjure-up snap in the same way we do Juju.

    This work has been completed and should make it's way into conjure-up 2.2. Prior to that though we need to make sure to socialize this change as it will cause users existing Localhost deployment to not be easily reachable and also documenting how users can reach their newly deployed containers.

Red Hat News

Filed under
Red Hat
  • Red Hat's Head Of Products On Competing With Docker, Teaming With AWS And A Container Services 'Renaissance' For The Channel

    At open-source technologies giant Red Hat, executives say it's their company—not Docker—that is the player to beat in containers for the enterprise. Paul Cormier, an executive vice president who heads Red Hat's technology and products organizations, sat down with CRN during Red Hat Summit 2017 in Boston and had plenty to say about the competition around containers. "You need a production-ready environment to really start to deploy [containers] and bet your business on it," Cormier said, "and we're the only one that's proved we can do that."

  • Red Hat Release Next Generation of OpenShift Online

    Red Hat have announced the initial availability of the next generation of OpenShift Online, the PaaS cloud application platform. This next edition is re-engineered to be built on top of OpenShift container platform, powered by open source tools such as Docker and Kubernetes.

    OpenShift online is a multi-tenant cloud application platform, which allows developers to develop and run container based applications. It aims to reduce operational overhead by providing on-demand application stacks, automating building and deployment, and streamlining development processes.

  • Market Spotlight: Focusing on Shares of Red Hat, Inc. (NYSE:RHT)

Leftovers: OSS and Sharing

Filed under
OSS
  • CNCF Snares Four New Members for Open Source Container Orchestration

    The Cloud Native Computing Foundation (CNCF) added four new members to its efforts to develop an open source-based container orchestration platform.

    The new members include Tencent Cloud, which joined as a “Gold” member; Mashape, which signed on as a “Silver” member; and Vevo and Zalando Technology, which both joined the organization as “End-User Supporters.”

  • Kubernetes: The smart person's guide

    As containers have become more important to businesses across the globe, it was necessary to create a system that would allow containers to scale out to meet the needs of enterprise-level deployments. That's where Kubernetes comes into play.

    Unlike Docker, Kubernetes is a very robust ecosystem. Instead of deploying a single container, Kubernetes enables you to deploy multiple containers to multiple hosts, making it ideal for larger deployments and load balancing.

  • How to do time series prediction using RNNs, TensorFlow and Cloud ML Engine

    The Estimators API in tf.contrib.learn (See tutorial here) is a very convenient way to get started using TensorFlow. The really cool thing from my perspective about the Estimators API is that using it is a very easy way to create distributed TensorFlow models. Many of the TensorFlow samples that you see floating around on the internets are not distributed — they assume that you will be running the code on a single machine. People start with such code and then are immeasurably saddened to learn that the low-level TensorFlow code doesn’t actually work on their complete dataset. They then have to do lots of work to add distributed training code around the original sample, and who wants to edit somebody else’s code?

  • TensorFlow: I want to like you, but you're tricksy

    Occasionally a technology comes along that changes the way that people work. Docker has had a profound effect on how applications are deployed in the cloud, Hadoop changed how analysis of big data was done and the R language has disrupted the statistics market.

    And so to TensorFlow, which emerged from the Machine Learning team at the Google Brain project. Building on their experience of a system called DistBelief, TensorFlow is a second-generation framework for the implementation of machine learning at scale.

    Users described their ML models as dataflow graphs, combining a number of machine learning techniques into a single model. TensorFlow itself does nothing to reduce the learning curve found in ML (in fact it might make it steeper), but Google's framework does enormously simplify the deployment of ML models. If you think of ML model construction as a data science then TensorFlow is a Data Engineering tool for deployment.

  • Chrome Gets A GPU Service Scheduler
  • Why Quotas are Hard

    Lets say we allow the explicit allocation of quota from higher to lower. Does this mean that the parent project is reducing its own quota while creating an explicit quota for the lower project? Or does it mean that both quotas need to be enforced? If the quota for sales is set to 10, and the quota for the three node projects are all set to 10, is this legal or an error?

  • Promoting FreeBSD at Events
  • GNU OrgaDoc Aims To Make It Easy To Copy/Sync Documents Between Computers

    But will OrgaDoc serve much of a use in 2017 when for years most multi-computer individuals have probably been using Nextcloud/ownCloud, their own web/FTP servers, or proprietary services like Google Docs and Dropbox to manage files across computers? Do you plan to use OrgaDoc or how do you keep files synced across computers? What about using the Eiffel programming language today? Let us know your thoughts in the forums. Should you want to learn more about GNU OrgaDoc, see the project site.

  • Why we need an open source approach to data management

    Open source communities that form around common challenges allow large groups of individuals to gain knowledge on really complicated aspects of their business and industry, expanding communal learning and continually advancing a topic along the way. Open sourcing a framework that enables data management and is supported by a community of information security professionals provides them with the tools and capabilities necessary in today’s cybersecurity environment, including:

  • The curl user survey 2017

    If you use curl or libcurl, in any way, shape or form, please consider spending a few minutes of your precious time on this. Your input helps us understand where we are and in which direction we should go next.

Leftovers: Gaming

Filed under
Gaming

Wine 2.8

Filed under
Software

Broadcom BCM2835 Thermal Driver For Linux 4.12

Filed under
Linux

The Broadcom BCM2835 SoC, most notably used by various Raspberry Pi boards and other SBCs, will have a thermal driver in the Linux 4.12 kernel.

As part of the thermal updates sent in to Linux 4.12, a BCM2835 SoC thermal driver is being added. The bcm2835_thermal driver exposes the SoC temperature and a critical trip point (80C or whatever is defined by the firmware). It looks like this BCM2835 driver will also work for BCM2836 and BCM2837 SoCs too with the correct DeviceTree information. This thermal driver should be useful for Raspberry Pi users putting their hardware under routine load or in more demanding environments.

Read more

Dev/FOSS Events: Kamailio World, Open Source Day, SunCamp, and DebConf14 Throwback

Filed under
Development
OSS
  • Kamailio World and FSFE team visit, Tirana arrival

    This week I've been thrilled to be in Berlin for Kamailio World 2017, one of the highlights of the SIP, VoIP and telephony enthusiast's calendar. It is an event that reaches far beyond Kamailio and is well attended by leaders of many of the well known free software projects in this space.

  • The Open Source Day 2017 conference coming on May 17th in Warsaw

    Nearly 1,000 attendees and several thousand viewers online participates in the annual Open Source Day conference. This Europe’s largest event dedicated to open technology has become a highlight among tech events in the country. The 10th anniversary edition will take place on May 17th at Marriott Hotel in Warsaw.

  • 6 days to SunCamp

    It will be a small event (about 20-25 people), with a more intimate atmosphere than DebConf. There will be people fixing RC bugs, preparing stuff for after the release, or just discussing with other Debian folks.

  • Linus Torvalds Talks to Debian Users

    A little over two-and-a-half years ago, Linus Torvalds spent over an hour taking and answering questions from an audience of developers at DebConf14 in Portland, Oregon. Some of what he said is by now old news, but that’s interesting too, as it serves as a marker for where we’ve been.

Fedora: The Latest

Filed under
Red Hat
  • Nvidia driver improvements for Fedora 25+
  • The latest Sublime Text Editor build on Fedora
  • Track the night sky with Stellarium on Fedora

    Ever looked up at the night sky and tried to identify specific celestial bodies out of the millions you can see? Stellarium is an awesome open source planetarium application available in Fedora to help you identify and track objects in the night sky. Basically, it simulates the night sky and provides labels and other tools to help you know what you are actually looking at.

  • Crouton Fedora + Wayland. Yes, please!

    As of version 50, Chrome OS includes a Wayland server. Even though this is mostly for running Android applications, even my old Toshiba Chromebook which doesn’t have Android support, has Wayland in it. Therefore Crouton Fedora can now fully utilize it and run GUI applications on it, mixed with Chrome OS windows!

  • It's Now Possible To Run Fedora On Chromebooks With Wayland

    With Wayland now being present on Chrome OS for the Android compatibility layer, modifications to Crouton were made to allow Fedora Workstation with Wayland to run atop these Wayland-enabled Chromebooks.

    Using Crouton to load a Linux distribution on a Chromebook/Chromebox no longer has to rely upon using a xorg-server now that Wayland is present on ChromeOS 50+.

Microsoft Windows and Ransom

Filed under
Microsoft
Security
  • Massive ransomware attack hits UK hospitals, Spanish banks [Ed: Microsoft shows its real cost]

    A large number of hospitals, GPs, and walk-in clinics across England have been locked down by a ransomware attack, reports suggest. There are also some reports of a ransomware attack hitting institutions in Portugal and Spain, with telecoms provider Telefonica apparently hit hard. Further attacks have been reported in Russia, Ukraine, and Taiwan. Batten down the hatches: we might be in the middle of a global ransomware attack.

    Multiple sources point to this ransomware attack being based on the EternalBlue vulnerability, which was discovered by the NSA but was leaked by a group calling itself Shadow Brokers last month.

    NHS Digital has confirmed the attack and issued a brief statement, stating that there's no evidence that patient data had been accessed and that the attack was not specifically targeted at the NHS. At this point it isn't clear whether a central NHS network has been knocked offline by the ransomware or whether individual computers connected to the network are being locked out. In any case, a number of hospitals and clinics are reporting that their computer systems are inaccessible, and some telephone services are down too.

  • New ransomware Jaff demands $3,700 payments
  • Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

    This is a Wordfence public service security announcement for all users of computers running any version of Windows.

    We have confirmed that a serious virulent ransomware threat known as WannaCrypt0r/WannaCry has affected Windows computers on shared networks in at least 74 countries worldwide, with 57,000 reported individual cases being affected. And according to the analysis team at Kaspersky Lab, that number is growing fast.

Syndicate content

More in Tux Machines

today's howtos

Tizen in Bolivia and India

Security Leftovers

  • Security updates for Wednesday
  • Microsoft says its best not to fiddle with its Windows 10 group policies (that don't work)

    On Monday, we revealed that a security researcher had used a packet sniffer to show that many settings designed to prevent access to the internet were being ignored with connections to a range of third party servers including advertising hubs.

  • What's got a vast attack surface and runs on Linux? Windows Defender, of course
    Google Project Zero's Windows bug-hunter and fuzz-boffin Tavis Ormandy has given the world an insight into how he works so fast: he works on Linux, and with the release of a personal project on GitHub, others can too. Ormandy's project is to port Windows DLLs to Linux for his vuln tests (“So that's how he works so fast!” Penguinistas around the world are saying). Typically self-effacing, Ormandy made this simple announcement on Twitter (to a reception mixing admiration, humour, and horror):
  • Hacked in Translation – from Subtitles to Complete Takeover
    Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.
  • A Samba remote code execution vulnerability
    Distributors are already shipping the fix; there's also a workaround in the advisory for those who cannot update immediately.

KDE, Qt, GTK and GNOME News

  • KDE Plasma 5.8.7 LTS Desktop Environment Released with over 60 Improvements
    KDE has announced today the release and immediate availability of the seventh maintenance update to the long-term supported KDE Plasma 5.8 desktop environment. KDE Plasma 5.8.7 LTS is now considered the latest stable and most advanced version of the KDE Plasma 5.8 LTS (Long Term Support) desktop environment, which some of you out there are probably using on your favorite GNU/Linux distributions instead of a short-lived branch like KDE Plasma 5.9 or the upcoming KDE Plasma 5.10 release.
  • Summer of Coding!
    After a month of dread and panicking about the fact that Google Summer of Code results are announced in the middle of exam season... I'm happy to say I'll be doing the Rust plugin for KDevelop!
  • Qt 5.9 Release Candidate Available For Testing
  • Qt 5.9.0 RC released
    We have released Qt 5.9.0 RC today. You can update it at the top of your Qt 5.9 beta(4) online installation or do clean installation by using qt online installer. Detailed instructions here: https://wiki.qt.io/How_to_get_snapshot_via_online_installer .
  • The Road to GTK+ 4 Continues, New Milestone Adds Initial OS X and Meson Support
    A new milestone was released recently, GTK+ 3.91.0, which adds quite a bunch of improvements and bug fixes, but also some new APIs and compatibility with other supported operating systems besides those based on the Linux kernel. For example, GTK+ 3.91.0 implements initial support for Apple's macOS platform, which will make it possible to run apps written in GTK+ 4 on OS X.
  • Epiphany Browser Updated for GNOME 3.25.2 with New Shortcuts for Switching Tabs
    Ahead of today's GNOME 3.25.2 desktop environment development release, the team of developers behind the Epiphany web browser have released the second milestone towards the Epiphany 3.26 stable series, due out later this year.