Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 15 Oct 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Blog entry Slackware 10.1 srlinuxx 8 27/03/2005 - 4:37am
Story sex bots srlinuxx 2 28/03/2005 - 7:02am
Story 'Game theft' led to fatal attack srlinuxx 1 31/03/2005 - 11:21pm
Story Cannabis: Too much, too young? srlinuxx 2 31/03/2005 - 11:33pm
Blog entry gentoo's april fools srlinuxx 1 01/04/2005 - 4:35pm
Page Real April 1st Screenshot srlinuxx 01/04/2005 - 5:38pm
Spring Forward srlinuxx 03/04/2005 - 6:14am
Story Pope John Paul II dies in Vatican srlinuxx 1 03/04/2005 - 7:27am
Blog entry New Logo srlinuxx 07/04/2005 - 7:07am
Story NoGravity Linux Game Port srlinuxx 07/04/2005 - 2:08pm

Canonical Releases Important Ubuntu Kernel Live Patch to Fix L1TF, SpectreRSB

Filed under
Ubuntu

Available for the Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) operating system series, the new Linux kernel livepatch is rolling out now to all subscribers of the Canonical Livepatch Service. It patches a total of seven security flaws, including the well-known L1 Terminal Fault (L1TF)/Foreshadow and SpectreRSB vulnerabilities.

The two L1FT vulnerabilities fixed in this new kernel livepatch are CVE-2018-3620 and CVE-2018-3646, but it also addresses a flaw that reduced the effectiveness of Spectre Variant 2 mitigations for paravirtual guests (CVE-2018-15594), a use-after-free vulnerability in the IRDA implementation (CVE-2018-6555), and a critical stack-based buffer overflow in the iSCSI target implementation (CVE-2018-14633).

Read more

First VyOS 1.2.0 release candidate is available for download

Filed under
OS

This month, the VyOS project turns five years old. In these five years, VyOS has been through highs and lows, up to speculation that the project is dead. Past year has been full of good focused work by the core team and community contributors, but the only way to make use of that work was to use nightly builds, and nightly builds are like a chocolate box a box of WWI era shells—you never know if it blows up when handled or not. Now the codebase has stabilized, and we are ready to present a release candidate. While it has some rough edges, a number of people, including us, are already using recent builds of VyOS 1.2.0 in production, and now it's time to make it public.

Read more

0.3 Release of Elisa Music Player

Filed under
KDE

Elisa is a music player developed by the KDE community that strives to be simple and nice to use. We also recognize that we need a flexible product to account for the different workflows and use-cases of our users.

We focus on a very good integration with the Plasma desktop of the KDE community without compromising the support for other platforms (other Linux desktop environments, Windows and Android).

We are creating a reliable product that is a joy to use and respects our users privacy. As such, we will prefer to support online services where users are in control of their data.

Read more

Academix GNU/Linux – A Debian-Based Education-Focused Distro

Filed under
Debian

Recently, We have published articles focusing on education with titles including 10 best Linux educational software for your kids, and QupZilla – An Educational Lightweight Qt Web Browser.

Today, we have a Linux distro that even though you may not have heard about, is doing a lot of great work for learners in various parts of the world and it goes by the name of Academix GNU/Linux.

Academix GNU/Linux is a Debian-based distro that was created specifically for teaching. All of the bundled software that it ships with is free, open-source, and targetted at education fields ranging from primary to university level.

Read more

Red Hat News

Filed under
Red Hat
  • Red Hat cofounder Bob Young, 7 others win top NC TECH awards

    Bob Young, cofounder and former CEO of Raleigh-based Red Hat, is one of eight people to win top individual awards from the NC Technology Association.

    Young was chosen for the Beacon Award, which is for outstanding achievement.

    Over the last three decades, Young also founded and served as CEO of self-publishing company Lulu. And after investing in drone technology firm he later served as CEO and chairman. He also is CEO of Needlepoint.

  • Strengthening our partner ecosystem at the North America Partner Conference

    Every year we gather our partners, Red Hat executives and industry thought leaders together at our North America Partner Conference to network, learn and celebrate our robust partner ecosystem. This year’s event is especially exciting because 2018 marks Red Hat’s 25th anniversary. It’s a great time to reflect on how much our partner network has grown, look where we’re going in the future and showcase some of the partners who contribute to our success.

  • Open technologies are working together to help patients

    ChRIS Research Integration System (ChRIS)—a collaboration between Boston Children’s Hospital (BCH), the Mass Open Cloud (MOS), and Red Hat—has the potential to change medicine as we know it today.

    It all started in 2003, when the team at BCH set out to make vast amounts of data accessible to researchers and doctors. Ultimately, the team created ChRIS: an image processing application that allows doctors to compare hundreds of thousands of MRI scans in seconds.

    But like any major undertaking, it’s not the goal or the outcome that’s most interesting, it’s the how.

    Here’s a breakdown of how the team achieved their goal: three critical components that worked together to improve patient care.

  • RSI update: Red Hat, Inc. (RHT) Becomes Oversold
  • Most Active Stock: Red Hat (RHT), Accelerate Diagnostics (AXDX)
  • Red Hat, Inc. (RHT) have strong bones for your portfolio
  • Can Red Hat, Inc. (RHT) Offer Investors Safety?
  • Taking A Longer Viewpoint Of Red Hat, Inc. (RHT), AtriCure, Inc. (ATRC)
  • Red Hat Inc (RHT) Expected to Post Quarterly Sales of $852.77 Million
  • Goodbye JJB, Hello Jenkies Pipeline

    Like so many scripts, I started making Bodhi's test running script in bash before realizing that it was growing too many tentacles and was becoming difficult to extend. I have plans to add an integration test suite to Bodhi that tests it against other dependant network services (such as Koji), and the prospect of getting my bash script to handle that as well with sane input/output options was daunting. Thus, I created bodhi-ci. By using click it was much easier to give it a nice set of subcommands and CLI flags that made it much easier to extend.

    The loss of GNU parallel was a little sad to me, but the features from it that I was using are mostly implemented in Python now. The main thing I'm still missing that I had with run_tests.sh is a fully working -x flag, which causes all tests jobs to exit immediately if any one of them fails. I plan to fix this by using Python's async/await API in the future so that I can react to failures in a similar manner, but I'm quite satisfied with the script otherwise. The old run_tests.sh script will remain in the repository until I refactor the new script to fully support the failfast flag.

    [...]

    Enter the Jenkies Pipeline. With some help, I was able to accomplish something much more ideal with my new Jenkiesfile. This solves the resource contention problems described above as Bodhi is now back to using a single node per pull request, and it is able to run the build job once and then fan out to run the individual tests concurrently. In fact, I was able to run the builds in parallel, and have each of those jobs kick off the individual release tests in parallel inside those jobs for double-parallel action. This is very nice since the pip container typically takes about 80% longer to build than the rpm based containers, but we don't have to wait for it to finish to start testing the rpm containers. This means that pull requests start getting results for Fedora 28 tests before the pip container is even finished building. The pipeline can now test a pull request in about 20-30 minutes instead of several hours due to the efficient sharing between tests and the use of a single node.

Google+ and Hyper-Threading (Intel) Compromised

Filed under
Google
Hardware
Security
  • Project Strobe: Protecting your data, improving our third-party APIs, and sunsetting consumer Google+

    Many third-party apps, services and websites build on top of our various services to improve everyone’s phones, working life, and online experience. We strongly support this active ecosystem. But increasingly, its success depends on users knowing that their data is secure, and on developers having clear rules of the road.

  • Google+ Is Shutting Down After Data Breach

    Google has decided to shut down the consumer version of its failed social network Google+. This news comes in the wake of a previously undisclosed security flaw that exposed the data of the profile of users.

    The bug in question remained active between 2015 and 2018, and Google discovered it in March; during this period, the flaw affected more than 500,000 users. However, Google claims to have no evidence that suggests that any external developer or app had access to the data.

  • Google Concealed Data Breach Over Fear Of Repercussions; Shuts Down Google+ Service

    Google opted in the Spring not to disclose that the data of hundreds of thousands of Google+ users had been exposed because the company says they found no evidence of misuse, reports the Wall Street Journal. The Silicon Valley giant feared both regulatory scrutiny and regulatory damage, according to documents reviewed by the Journal and people briefed on the incident.

    In response to being busted, Google parent Alphabet is set to announce broad privacy measures which include permanently shutting down all consumer functionality of Google+, a move which "effectively puts the final nail in the coffin of a product that was launched in 2011 to challenge Facebook, and is widely seen as one of Google's biggest failures."

  • Google+ is Dead, Survived By Better Privacy Controls

    Earlier this year, Google started a project to review third-party developer access to Google accounts through the use of APIs. It found a security breach surrounding Google+, and is now shutting the service down, at least for consumers.

    The long and short of the issue is that there was a security hole that allowed third-party developers to access Google+ users’ account data, including name, email address, occupation, gender, and age—even if the account was set as private.. This isn’t particularly sensitive data, but regardless, a breach is a breach.

    The bug was discovered in March of 2018, but was presumed to have been open since sometime in 2015. To make matters slightly more troubling, Google only keeps this particular API’s data log for two weeks…so the company has no way of knowing which users were affected. Presumably, however, some 500,000 users were on the list.

  • How does TLBleed abuse the Hyper-Threading feature in Intel chips?

    A new side-channel attack called TLBleed abuses the Hyper-Threading feature of Intel chips. Researchers say there is a high success rate of TLBleed exploits, but Intel currently has no plans to patch it. How does TLBleed work, and what are the risks of not patching it?

LoRa gateway and node boards run on Raspberry Pi power

Filed under
Linux
Hardware

Pi Supply is Kickstartering Iot LoRa Gateway and IoT LoRa Node pHAT add-ons for the Raspberry Pi, as well as a LoRa Node that works with the Micro:bit. An Arduino node is also in the works.

Pi Supply, which has produced a variety of Raspberry Pi add-on boards including the Papirus E-Paper display and Flick HAT gesture detector, has now returned to Kickstarter to launch a series of IoT LoRa Boards that work with the Pi. The offerings include an IoT LoRa Gateway HAT board starting at an early bird price of 120 UK Pounds ($157) and a LoRa Node pHAT node board with a 25 Pound ($33) early bird price.

Read more

Canonical/Ubuntu: Weekly Newsletter, Design and Web, Ubuntu Doing OpenStack

Filed under
Ubuntu
  • The Fridge: Ubuntu Weekly Newsletter Issue 548

    Welcome to the Ubuntu Weekly Newsletter, Issue 548 for the week of September 30 – October 6, 2018.

  • Design and Web team summary – 8 October 2018

    We’ve recently implemented the ability to include or exclude your Snap in certain territories. This functionality has been ported to improve the publisher experience on snapcraft.io. Part of the work is an implementation of a multi-select picker with filtering capabilities, that will be proposed to upstream Vanilla soon.

  • Ubuntu does OpenStack

    OpenStack, the open source cloud of choice for many businesses, has seen broad adoption across a large number of industries, from telco to finance, healthcare and more. It’s become something of a safe haven for highly regulated industries and for those looking to have a robust, secure cloud that is open source and enables them to innovate – without breaking the bank.

    For those of you that don’t know, Ubuntu does OpenStack.

    In fact, Ubuntu is the #1 platform for OpenStack and the #1 platform for public cloud operations on AWS, Azure, and Google Cloud, too – meaning that we know our stuff when it comes to building and operating clouds.

    Which is great news because Canonical, the company behind Ubuntu, helps to deliver OpenStack on rails, with consulting, training, enterprise support and managed operations that help your business to focus on what matters most – your applications, not the infrastructure.

GNOME Shell & Mutter Reach Their 3.30.1 Milestone

Filed under
GNOME

Released at the end of September was GNOME 3.30.1 as the first and only point release collection to the GNOME 3.30 desktop environment feature update that debuted earlier in February. Finally out today are the v3.30.1 updates for Mutter and the GNOME Shell.

Read more

Matthias Clasen on Flatpak 1.2 Schedule

Filed under
Red Hat
GNOME
  • Flatpak, after 1.0

    One of the easiest ways to help Flatpak is to get your favorite applications on flathub, either by packaging it yourself, or by convincing the upstream to do it.

    If you feel like contributing to Flatpak itself, please do! Flatpak is still a young project, and there are plenty of small to medium-size features that can be added. The tests are also a nice place to stick your toe in and see if you can improve the coverage a bit and maybe find a bug or two.

    Or, if that is more your thing, we have a nice design for improving the flatpak commandline user experience that is waiting to be implemented.

  • Flatpak 1.2 Likely Coming Around Year's End With New Features

    Prolific open-source developer Matthias Clasen at Red Hat has shared some of the post-1.0 plans for the Flatpak app sandboxing/distribution tech. As it stands now, Flatpak 1.2 will likely be out around the end of the calendar year with the next batch of features.

    Flatpak developers have begun merging new feature work onto the Flatpak master branch. Some of the latest work includes better life-cycle control, logging and history support, file copy/paste and drag-n-drop, and a better test suite for regression testing.

    Some of the other work being planned for Flatpak but not yet done is support for using the host OpenGL drivers via libcapsule, application renaming and end-of-life migration for apps, a Dconf/GSettings portal, a portal for web camera access, and greater test coverage.

TenFourFox FPR10b1 and Firefox Push Notifications in Vista 10

Filed under
Moz/FF
  • TenFourFox FPR10b1 available

    TenFourFox Feature Parity 10 beta 1 is now available (downloads, hashes, release notes). This version is mostly about expanded functionality, adding several new DOM and JavaScript ES6 features, and security changes to match current versions of Firefox. Not everything I wanted to get done for this release got done, particularly on the JavaScript side (only one of the ES6 well-known symbols updates was finished in time), but with Firefox 63 due on the 22nd we'll need this period for sufficient beta testing, so here it is.

    The security changes include giving document-level (i.e., docshell) data: URIs unique origins to reduce cross-site scripting attack surface (for more info, see this Mozilla blog post from Fx57). This middle ground should reduce issues with the older codebase and add-on compatibility problems, but it is possible some historical add-ons may be affected by this and some sites may behave differently. However, many sites now assume this protection, so it is important that we do the same. If you believe a site is behaving differently because of this, toggle the setting security.data_uri.unique_opaque_origin to false and restart the browser. If the behaviour changes, then this was the cause and you should report it in the comments. This covers most of the known exploits of the old Firefox behaviour and I'll be looking at possibly locking this down further in future releases.

  • Mozilla Firefox Collabs With Windows 10 Action Center for Push Notifications

    Similar to other browsers, Firefox supports push notifications but for some reason, it never used the Microsoft Windows 10 Action center for notifications. However, that is about to change with the in-development Mozilla Firefox build 64, as reported by Tech Radar.

    The browser is getting updated soon to support Windows 10 Action Center for notifications. The aim here is to improve the overall user experience and make it seamless to access your notifications from Mozilla Firefox.

Emmabuntüs Debian Edition 2 Is Now Based on Debian GNU/Linux 9.5 "Stretch"

Filed under
GNU
Linux

Patrick d'Emmabuntüs informs Softpedia today about the availability of the Emmabuntüs Debian Edition 2 1.03 release of the Debian-based open-source operating system.

Coming about five months after the release of version 1.02, Emmabuntüs Debian Edition 2 has been updated over the weekend to version 1.03, which is now available for download. It's a bugfix release based on the latest Debian GNU/Linux 9.5 "Stretch" operating system and featuring a mix of performance improvements, software updates, and cosmetic enhancements.

"This update is released to improve the current Emma DE2 by adding some functional, ergonomic as well as cosmetic features.

Read more

How new-lines affect the Linux kernel performance

Filed under
Linux

The Linux kernel strives to be fast and efficient. As it is written mostly in C, it can mostly control how the generated machine code looks. Nevertheless, as the kernel code is compiled into machine code, the compiler optimizes the generated code to improve its performance. The kernel code, however, employs uncommon coding techniques, which can fail code optimizations. In this blog-post, I would share my experience in analyzing the reasons for poor code inlining of the kernel code. Although the performance improvement are not significant in most cases, understanding these issues are valuable in preventing them from becoming larger. New-lines, as promised, will be one of the reasons, though not the only one.

Read more

​Redis Labs and Common Clause attacked where it hurts: With open-source code

Filed under
OSS
Legal

After Redis Labs added a new license clause, Commons Clause, on top of popular open-source, in-memory data structure store Redis, open-source developers were mad as hell. Now, instead of just ranting about it, some have counterattacked by starting a project, GoodFORM, to fork the code in question.

Read more

today's leftovers

Filed under
Misc
  • 3 areas to drive DevOps change

    Pain avoidance is a powerful motivator. Some studies hint that even plants experience a type of pain and take steps to defend themselves. Yet we have plenty of examples of humans enduring pain on purpose—exercise often hurts, but we still do it. When we believe the payoff is worth the pain, we'll endure almost anything.

    The truth is that driving large-scale organizational change is painful. It hurts for those having to change their values and behaviors, it hurts for leadership, and it hurts for the people just trying to do their jobs. In the case of DevOps, though, I can tell you the pain is worth it.

  • Red Hat (NYSE:RHT) Price Target Cut to $160.00 by Analysts at Stifel Nicolaus
  • California Public Employees Retirement System Sells 28,032 Shares of Red Hat Inc (RHT)
  • Red Hat (NYSE:RHT) Rating Lowered to Positive at OTR Global
  • Fedora 29 Upgrade Test Day 2018-10-08

    Monday, 2018-10-08, is the Fedora 29 Upgrade Test Day!
    As part of this planned change for Fedora 29, we need your help to test if everything runs smoothly!

  • My LTS work in September
  • SQL tutorial: Learn SQL on PostgreSQL

    PostgreSQL is an open-source, object-relational (also called extended relational) database management system. Modern relational database features in PostgreSQL include complex queries, foreign keys, triggers, updatable views, transactional integrity, and multi-version concurrency control. Users can extend PostgreSQL with new data types, functions, operators, aggregate functions, index methods, and procedural languages.

    With more than 20 years of development and deployment behind it, PostgreSQL is a solid open-source database that rivals even commercial relational databases in many respects. You can install it on Linux (all recent distributions), Windows (Windows 2000 SP4 and later), FreeBSD, OpenBSD, NetBSD, MacOS, AIX, HP/UX, and Solaris. You can also find a hosted high-performance version of PostgreSQL in Amazon Aurora, and a wire-compatible distributed implementation in CockroachDB.

  • SQL tutorial: Learn SQL on PostgreSQL

    PostgreSQL is an open-source, object-relational (also called extended relational) database management system. Modern relational database features in PostgreSQL include complex queries, foreign keys, triggers, updatable views, transactional integrity, and multi-version concurrency control. Users can extend PostgreSQL with new data types, functions, operators, aggregate functions, index methods, and procedural languages.

    With more than 20 years of development and deployment behind it, PostgreSQL is a solid open-source database that rivals even commercial relational databases in many respects. You can install it on Linux (all recent distributions), Windows (Windows 2000 SP4 and later), FreeBSD, OpenBSD, NetBSD, MacOS, AIX, HP/UX, and Solaris. You can also find a hosted high-performance version of PostgreSQL in Amazon Aurora, and a wire-compatible distributed implementation in CockroachDB.

  • This tech investor had a killer week thanks to two big open-source deals

    Mike Volpi of Index Ventures started investing in open-source software companies when it wasn't clear if they could make much money. This past week — more than any before it — has validated his conviction that they can.

    On Wednesday, Hortonworks, a big-data software company backed by Volpi, announced that it was merging with competitor Cloudera. Two days later, another one of Volpi's companies, Elastic, started trading on the New York Stock Exchange and doubled in value in its debut.

    It was a whirlwind few days for Volpi, who left San Francisco early in the week for meetings in London and Paris with Index's limited partners and other investors. On Thursday, shortly after the Cloudera-Hortonworks deal was made public, he flew to New York, where he and other Elastic board members met for three hours to price the software company's IPO and allocate shares.

  • IOTA Has Issued Grants To Three Open-source Projects

    About $354,000 USD were allocated for this second cohort of grantees

    The IOTA Foundation, via its granting program called Ecosystem Development Fund, is supporting three open-source projects to be developed on its network, according to an announcement via its official blog.

    “We are proud to announce another cohort of fantastic open-source projects the Ecosystem Development Fund will support for a total of $354,000 USD,” reads the publication.

Graphics/Hardware: CUDA, AMD, Intel and Phoronix Test Suite

Filed under
Graphics/Benchmarks
Syndicate content

More in Tux Machines

OSS/Microsoft Openwashing Leftovers

Brave and Firefox Latest

  • Brave Browser Team Up With Tor
     

    TOR [sic] or The Onion Router uses technology that separates your computer from the website you’re viewing by routing the network traffic through 3 seperate servers before it reaches your computer. That being said Brave Core Beta hasn’t been fully tested yet so “users should not rely on it for serious use just yet,” Brave said.

  •  
  • Your RSS is grass: Mozilla euthanizes feed reader, Atom code in Firefox browser, claims it's old and unloved
    When Firefox 64 arrives in December, support for RSS, the once celebrated content syndication scheme, and its sibling, Atom, will be missing. "After considering the maintenance, performance and security costs of the feed preview and subscription features in Firefox, we’ve concluded that it is no longer sustainable to keep feed support in the core of the product," said Gijs Kruitbosch, a software engineer who works on Firefox at Mozilla, in a blog post on Thursday. RSS – which stands for Rich Site Summary, RDF Site Summary, or Really Simple Syndication, as you see fit – is an XML-based format for publishing and subscribing to web content feeds. It dates back to 1999 and for a time was rather popular, but been disappearing from a variety of applications and services since then. Mozilla appears to have gotten the wrecking ball rolling in 2011 when it removed the RSS button from Firefox. The explanation then was the same as it is now: It's just not very popular.
  • Cameron Kaiser: It's baaaaa-aaack: TenFourFox Intel
    It's back! It's undead! It's ugly! It's possibly functional! It's totally unsupported! It's ... TenFourFox for Intel Macs! Years ago as readers of this blog will recall, Claudio Leite built TenFourFox 17.0.2 for Intel, which the update check-in server shows some determined users are still running to this day on 10.5 and even 10.4 despite various problems such as issue 209. However, he didn't have time to maintain it, and a newer version was never built, though a few people since then have made various attempts and submitted some patches. One of these attempts is now far enough along to the point where I'm permitted to announce its existence. Riccardo Mottola has done substantial work on getting TenFourFox to build and run again on old Intel Macs with a focus on 32-bit compatibility, and his patches have been silently lurking in the source code repository for some time. Along with Ken Cunningham's additional work, who now also has a MacPorts portfile so you can build it yourself (PowerPC support in the portfile is coming, though you can still use the official instructions, of course), enough functions in the new Intel build that it can be used for basic tasks.

Security: 'Smart' Locks, Windows in Weapons

Android Leftovers