Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 26 Sep 20 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Debian Etch: Solid, Crufty, Some Assembly Required srlinuxx
Story This months Cosmo srlinuxx 06/02/2005 - 4:03am
Story 50 gmail invites? srlinuxx 1 06/02/2005 - 4:10am
Story Moooore Spam! srlinuxx 1 06/02/2005 - 4:12am
Story Vin Diesel going soft on us? srlinuxx 2 06/02/2005 - 4:25pm
Poll How's the new site? srlinuxx 2 06/02/2005 - 9:01pm
Story Hackers homing in on Cellular Phones srlinuxx 5 07/02/2005 - 2:20pm
Story M$ Claims Safer than Linux srlinuxx 1 11/02/2005 - 5:34am
Story This Week At the Movies: Boogeyman & Alone in the Dark & Hide and Seek srlinuxx 1 11/02/2005 - 5:41am
Story Forbes Wants to Know srlinuxx 2 11/02/2005 - 6:13am

Updated Debian 10: 10.6 released

Filed under
Debian

The Debian project is pleased to announce the sixth update of its stable distribution Debian 10 (codename "buster"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

Please note that the point release does not constitute a new version of Debian 10 but only updates some of the packages included. There is no need to throw away old "buster" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.

New installation images will be available soon at the regular locations.

Read more

Also: Debian 10.6 Released With Many Security & Bug Fixes

Top 10 New Features of Deepin 20

Filed under
OS

Deepin released its latest version Deepin V20. It’s beautiful and more stable than before. It has been a whopping five months since we wrote about the Deepin 20 beta and the new features it brought along. After a long wait, Deepin V20 has ditched the beta status and is now out for the masses.

Deepin V20 developers seem to have focused more on the overall look and feel of this impressive open-source GNU/Linux distribution. There has even been a conversation that Deepin V20 looks like the New macOS Big Sur. Or is it the other way round?

Read more

Security Leftovers

Filed under
Security
  • FinSpy Spyware for Mac and Linux OS Targets Egyptian Organisations

    FinSpy, also known as FinFisher, can target both desktop and mobile operating systems, including Android, iOS, Windows, macOS, and Linux, to gain spying capabilities, including secretly turning on their webcams and microphones, recording everything the victim types on the keyboard, intercepting calls, and exfiltration of data.

  • Multiple vulnerabilities in Pandora FMS could trigger remote execution attack

    Critical vulnerabilities lurking in Pandora FMS could have led to the full compromise of enterprise infrastructure and networks.

    Developed by Ártica ST, Pandora FMS is an open source solution that provides an interface for monitoring network connections, app management, event alerts, and both agent and agentless monitoring for Windows, Linux, Unix, and Android systems.

    On September 22, SonarSource cybersecurity researcher Dennis Brinkrolf explained the potential impact of four vulnerabilities recently discovered in Pandora FMS version 742. All flaws have since been patched.

  • Introducing “YAYA”, a New Threat Hunting Tool From EFF Threat Lab

    At the EFF Threat Lab we spend a lot of time hunting for malware that targets vulnerable populations, but we also spend time trying to classify malware samples that we have come across. One of the tools we use for this is YARA. YARA is described as “The Pattern Matching Swiss Knife for Malware Researchers.” Put simply, YARA is a program that lets you create descriptions of malware (YARA rules) and scan files or processes with them to see if they match. 

    The community of malware researchers has amassed a great deal of useful YARA rules over the years, and we use many of them in our own malware research efforts. One such repository of YARA rules is the Awesome YARA guide, which contains links to dozens of high-quality YARA repositories. 

  • EU Still Asking For The Impossible (And The Unnecessary): 'Lawful Access' To Encrypted Material That Doesn't Break Encryption

    A few months ago, Techdirt wrote about a terrible bill in the US that would effectively destroy privacy and security on the Internet by undermining encryption. Sadly, that's nothing new: the authorities have been whining about things "going dark" for years now. Moreover, this latest proposal is not just some US development. In an official document obtained by Statewatch (pdf), the current German Presidency of the Council of the European Union (one of the key organizations in the EU) has announced that it wants to move in the same direction (found via Netzpolitik). It aims to prepare:

  • 'BootHole' implications for 'isorespin.sh'

    When it was discovered that GRUB2 contained various vulnerabilities that would allow UEFI Secure Boot to be bypassed and which became known as the “BootHole” vulnerability (CVE-2020-10713), the recommendation was that all operating systems using GRUB2 with Secure Boot must release new installers and bootloaders.

    I reviewed 'isorespin.sh' at that time as one of it's key features is the option to add a GRUB2 bootloader to allow ISOs to boot on the many Intel devices limited by their BIOS requiring a 32-bit bootloader to boot a 64-bit OS.

    My initial 'fix' was based around Ubuntu's response by recompiling and adding the latest fixed GRUB2 bootloader from 'groovy' (Ubuntu 20.10) and let the Ubuntu package manager 'apt' install the appropriate GRUB2 binaries to the ISO whilst being respun.

  • Bug Bounty FAQ: Top Questions, Expert Answers

    Four leading voices in the bug bounty community answer frequently asked questions from bounty hunters, companies and curious cybersecurity professionals.

  • Update Infrastructure Access – Adios http

    Earlier this year we enabled access to the update infrastructure through the data center. This was made possible by a refresh of the update infrastructure last year. Also earlier this year SUSE Linux Enterprise Server 11 SP4 reached EOL w.r.t on-demand image maintenance and this allowed us to switch all our traffic to run over https. The redirection of traffic from http to https happened shortly after SLES 11 SP4 images reached EOL but until now we didn’t come around with making this change stick on the client side.

Debian GNU/Linux 10.6 Released with Over 30 Security Updates, 53 Bug Fixes

Filed under
Debian

Debian GNU/Linux 10.6 is here two months after the Debian GNU/Linux 10.5 update to provide those who want to install the latest stable Debian GNU/Linux release an up-to-date installation media that includes all the important corrections and security updates.

Debian GNU/Linux 10.6 packs a total of 53 updated packages with miscellaneous bug fixes, as well as 32 security updates that address some of the latest vulnerabilities. All of these updates have already been made available to exiting Debian Buster users through the official software repositories.

Read more

Build a successful community using a Linux leader's playbook

Filed under
Linux

I love books about technology. My idea of a relaxing weekend is—legitimately—settling in with my copy of DocBook: The Definitive Guide (TDG to those of us who us who've read the whole series). I love learning to understand and integrate technology, and so those are the books I read.

But when I heard that Jono Bacon, former community manager of Ubuntu Linux, had written a book about understanding and integrating people, I was intrigued enough to purchase the book for myself. This past weekend, I sat down with the book and read it from cover to cover. I'll admit I still don't understand people, but for the cover price of the book, I do have a few years' worth of new insight.

Read more

Linux Jargon Buster: What is FOSS? What is Open Source?

Filed under
HowTos

In this part of Linux jargon buster, learn about the FOSS principles. Learn what is FOSS, what is open source and why you should care about it.
Read more

Games: Discover, Overland and DOSBox on Chromebooks

Filed under
Gaming

     

  • Another Discord voice chat overlay for Linux appears with 'Discover'

    Since the official Discord client doesn't currently support the Overlay on Linux, it's up to the community and another has been released named Discover. Not to be confused with the KDE application store, which is also named Discover.

    The Discover overlay for Discord was created by the same people as the last one we wrote about. This time, it's a little different. They're not relying on Discord's StreamKit and it instead interacts with the Discord client directly. This means it could expand to support other chat applications too in future perhaps, plus they said it should also be "lighter on system resources and less hack-and-slash included than discord-overlay".

  • Post-apocalyptic road-trip strategy Overland has a big 1.2 update with an all-dogs mode

    Possibly one of the most stylish turn-based strategy games around and one that's also rather difficult, Overland just had a big 1.2 update released with some funny new additions.

    A post-apocalyptic road-trip game all about making tough decisions. You thought XCOM 2 was difficult? Overland can be quite on the brutal side. Small maps that don't give you a lot of wiggle room, with one misstep it might all be over. Every noise you make only brings weird creatures closer and you've got to get moving across the United States.

    [...]

    Finding another dog and inviting them into my crew might be the sweetest thing I've seen in a turn-based strategy game, as they both give a little "woof" and wag their tails and suddenly I've got a two-dog crew driving across the USA during the end of the world. It's weirdly wholesome, until one of them dies that is — so sad.

  •  

  • Revisit childhood games with DOSBox on your Chromebook

    I’m back at it! I spent the better part of yesterday morning tinkering with virtual machines and the Linux container on my Chromebook to see was sort of shenanigans I could get myself into. Somewhere along the way, I decided to fiddle with MS-DOS. More on that later. Along the way, I discovered a nifty little app that I had never heard of until this week. Just to be clear, this application is not new. In fact, it’s been around for nearly two decades and its sole purpose is to emulate DOS in an x86 environment.

    [...]

    There you go. You’re all set. You can now launch DOSBox from the terminal by just typing or you can open it with the app icon that is now in your app launcher. I’m sure you’re now wondering what you can actually do with DOSBox. Don’t worry. We’ll get to that next. As I mentioned above, DOSBox has been reworked to bring countless older video games directly to the web by allowing users to play in the browser. Chances are decent that, if you are looking for one of your favorite childhood games, it’s available in a browser-based version. Sites such as playclassic.games use this very technology to run games like Oregon Trail, DOOM, and Civilization I&II.

    Anyway, you can use DOSBox to do the very same thing locally on your Chromebook. Here’s how to get your favorite MS-DOS games on Chrome OS using DOSBox. First, we will need a game to play. For many DOS games, you can download the .exe file and run the game directly from that file. Other games, like the example we’re using, has an installation file. That file will create the .exe file that will launch the game. In honor of all the Intel Gemini Lake Chromebooks out there, we will be installing the cult classic Commander Keen. If you have no clue what I’m talking about, most Chromebook code names and baseboards are named after video game or animated characters. The original Google Cr-48 is code-named Mario. More recent devices powered by Intel’s Gemini Lake processors are named after characters from ID Software’s Commander Keen series of video games.

Python Programming

Filed under
Development
  • Ternary Search Algorithm: Explained with example.
  • Robot Framework with Selenium and Python: All You Need to Know

    With 5000+ stars and 1500+ forks on GitHub, Robot framework has been a go-to-option for many organizations who are aiming for Agile and Test Driven Development (TDD) where developers should write functional code only when there is a test that has failed. Robot framework allows acceptance testing, behaviour driven testing, Robotic Process Automation (RPA), and Acceptance test-driven development (ATDD).

    It offers an extensible keyword driven approach to perform automation testing. The learning curve is simple as you don’t need to have a programming experience to get started with the Robot framework.

    Robot framework is written in Python, however, it is not restricted to that. You can implement keywords in Robot framework using Python, Java, JavaScript, Perl, .Net and PHP.

  • How and why I built a menu planning application: What's on the Menu?

    The application that I build can, of course, be used for searching recipes. Additionally, a list of persons could be maintained with their list of allergies, favourite ingredients and when the user decides to plan a meal or cook for them, then appropriate recipes would be suggested which fulfils the needs of the people being planned for. It also learns to suggest recipes based on previous selections.

  • PyCharm: Webinar Recording: “From The Docs: PyCharm Skills, Beginner to Advanced” with Alla Redko

    PyCharm has broad, useful, up-to-date documentation. How does it get made? Who works on it? What are some hidden gems? Last week we had a webinar covering this with Alla Redko, technical writer for PyCharm, and the recording is now available.

  • Mixing text and chemistry toolkits

    This is part of a series of essays about using chemfp to work with SD files at the record and simple text level. Chemfp has a text toolkit to read and write SDF and SMILES files as records, rather than molecules. It also has a chemistry toolkit I/O API to have a consistent way to handle structure input and output when working with the OEChem, RDKit, and Open Babel toolkits. In this essay I'll combine the two, so chemfp reads records from an SD file, which are then passed to a chemistry toolkit for further parsing, then chemfp adds a data item back to the original record instead of converting the toolkits molecule into a new SDF record.

  • Colin Watson: Porting Launchpad to Python 3: progress report

    Launchpad still requires Python 2, which in 2020 is a bit of a problem. Unlike a lot of the rest of 2020, though, there’s good reason to be optimistic about progress.

    I’ve been porting Python 2 code to Python 3 on and off for a long time, from back when I was on the Ubuntu Foundations team and maintaining things like the Ubiquity installer. When I moved to Launchpad in 2015 it was certainly on my mind that this was a large body of code still stuck on Python 2. One option would have been to just accept that and leave it as it is, maybe doing more backporting work over time as support for Python 2 fades away. I’ve long been of the opinion that this would doom Launchpad to being unmaintainable in the long run, and since I genuinely love working on Launchpad - I find it an incredibly rewarding project - this wasn’t something I was willing to accept. We’re already seeing some of our important dependencies dropping support for Python 2, which is perfectly reasonable on their terms but which is starting to become a genuine obstacle to delivering important features when we need new features from newer versions of those dependencies. It also looks as though it may be difficult for us to run on Ubuntu 20.04 LTS (we’re currently on 16.04, with an upgrade to 18.04 in progress) as long as we still require Python 2, since we have some system dependencies that 20.04 no longer provides. And then there are exciting new features like type hints and async/await that we’d like to be able to use.

NVIDIA GeForce vs. AMD Radeon Vulkan Neural Network Performance With NCNN

Filed under
Graphics/Benchmarks

With having added Tencent's NCNN tests to the Phoronix Test Suite with Vulkan acceleration, here is a look at the real-world impact by using RealSR-NCNN for scaling up with RealSR. Various NVIDIA GeForce and AMD Radeon graphics cards were tested for this initial NCNN / RealSR-NCNN Vulkan comparison.

This is our first time looking at how well Vulkan performs in this area with the current state of the Linux drivers. The GeForce hardware was tested with the latest 450 series proprietary driver while on the Radeon side it was with Linux 5.9 and Mesa 20.3-devel using the RADV Vulkan driver. One of the Tencent developers working on NCNN has commented as well that using RADV's ACO offers a big boost for the performance, which fortunately is the current default for the RADV Vulkan driver.

Read more

Also: Phoronix Test Suite / OpenBenchmarking.org Now Has 600 Different Tests/Benchmarks

Kernel Space: Trenchboot, RAID10, Spelling Mistakes and Initcalls

Filed under
Linux
  • Trenchboot Secure Launch Support For Linux Sees New Patches

    For a while now Oracle engineers and others have been working on Trenchboot as a means of secure launch/boot support when paired with the likes of Intel TXT and AMD SKINIT for trusted execution and configuring each piece of the software boot chain for trusted/secure handling. The latest kernel patches have been sent out for review for secure launching of the kernel.

    Earlier this year Oracle engineers sent out Linux kernel patches for Trenchboot while on Thursday the newest work surfaced.

  • Linux 5.10 To See RAID10 DISCARD Improvement - From 259 Seconds To Less Than 1 Second

    Queued today into the block subsystem's "-next" area ahead of the Linux 5.10 cycle kicking off next month are some MD RAID enhancements.

    In particular, thanks to Red Hat's Xiao Ni is improved RAID10 discard request handling. The change with a set of five SSDs in a RAID10 array on a test system dropped the mkfs.xfs time for creating an XFS file-system taking 4 minutes 39 seconds to less than 1 second... Quite a noticeable difference in that scenario.

  • Colin King: Kernel janitor work: fixing spelling mistakes in kernel messages

    The Linux 5.9-rc6 kernel source contains over 300,000 literal strings used in kernel messages of various sorts (errors, warnings, etc) and it is no surprise that typos and spelling mistakes slip into these messages from time to time.

    To catch spelling mistakes I run a daily automated job that fetches the tip from linux-next and runs a fast spelling checker tool that finds all spelling mistakes and then diff's these against the results from the previous day. The diff is emailed to me and I put my kernel janitor hat on, fix these up and send these to the upstream developers and maintainers.

    The spelling checker tool is a fast-and-dirty C parser that finds literal strings and also variable names and checks these against a US English dictionary containing over 100,000 words. As fun weekend side project I hand optimized the checker to be able to parse and spell check several millions lines of kernel C code per second.

  • Initcalls, part 2: Digging into implementation

    In the first part of this blog post series on Linux kernel initcalls, we looked at their purpose, their usage, and ways to debug them (using initcall_debug or FTrace). In this second part, we'll go deeper into the implementation of initcalls, with a look at the colorful __device_initcall() macro, the rootfs initcall, and how modules can be executed.

Graphics: AMD, KWinFT and Zink

Filed under
Graphics/Benchmarks
  • AMD Sends Out Linux Kernel Support For Van Gogh APUs - Confirms DDR5 Memory, VCN3

    s a nice Friday afternoon patch series there is the 275k lines of code for wiring up the next-generation AMD Van Gogh APU support under Linux.

    Earlier this week there were the Mesa patches for AMD Dimgrey Cavefish and Van Gogh while today the kernel-side portion for Van Gogh was sent out for the AMDGPU kernel driver.

  • AMD Van Gogh APUs Spotted In Linux Patch, Features DDR5, Navi 2 iGPU

    AMD submitted the 45 Linux kernel patches, which weigh in at 275,000 lines of code, to enable Linux support for the coming APUs. The patches also reveal that Van Gogh comes with Video Core Next 3.0, which supports AV1 decode. In the past, Phoronix has found patches indicating VCN 3.0 (video encode) is native to the Navi 2 graphics engine.

    Pairing the Navi 2 / RDNA 2 graphics engine with DDR5/LPDDR5 could unlock quite a bit of graphical horsepower, as integrated graphics engines tend to respond well to increased memory throughput. Van Gogh is also predicted to come with Zen 2 cores, and it will certainly be interesting to see what kind of impact the improved memory throughput has on the Zen 2 architecture.

  • Roman Gilg: Universal means to specific ends

    Today new beta versions for all KWinFT projects – that are KWinFT, Wrapland, Disman and KDisplay – were released. With that we are on target for the full release which is aligned with Plasma 5.20 on October 13.

    Big changes will unquestionable come to Disman, a previously stifled library for display management, which now learns to stand on its own feet providing universal means for the configuration of displays with different windowing systems and Wayland compositors.

    But also for the compositor KWinFT a very specific yet important feature got implemented and a multitude of stability fixes and code refactors were accomplished.

    In the following we will do a deep dive into reasons and results of this recent efforts.

  • Mike Blumenkrantz: Engage Thrusters

    Briefly, zink copies the framebuffer state, there’s a number of conditions under which a new pipeline object is needed, which all result in ctx->gfx_pipeline_state.hash = 0;. Other than this, there’s sample count check for sample changes so that the shader can be modified if necessary, and then there’s the setup for creating the Vulkan framebuffer object as well as the renderpass object in get_framebuffer().

    Eagle-eyed readers will immediately spot the problem here, which is, aside from the fact that there’s not actually any reason to be setting up the framebuffer or renderpass here, how zink is also flushing the current batch if a renderpass is active.

    The change I made here was to remove everything related to Vulkan from here, and move it to zink_begin_render_pass(), which is the function that the driver uses to begin a renderpass for a given batch.

Mozilla: Firefox for Android Nightly and Surveillance ('Telemetry')

Filed under
Moz/FF
  • More Recommended extensions added to Firefox for Android Nightly

    As we mentioned recently, we’re adding Recommended extensions to Firefox for Android Nightly as a broader set of APIs become available to accommodate more add-on functionality. We just updated the collection with some new Recommended extensions, including…

    Mobile favorites Video Background Play Fix (keeps videos playing in the background even when you switch tabs) and Google Search Fixer (mimics the Google search experience on Chrome) are now in the fold.

    Privacy related extensions FoxyProxy (proxy management tool with advanced URL pattern matching) and Bitwarden (password manager) join popular ad blockers Ghostery and AdGuard.

    Dig deeper into web content with Image Search Options (customizable reverse image search tool) and Web Archives (view archived web pages from an array of search engines). And if you end up wasting too much time exploring images and cached pages you can get your productivity back on track with Tomato Clock (timed work intervals) and LeechBlock NG (block time-wasting websites).

  • Jeff Klukas: The Nitty-Gritty of Moving Data with Apache Beam

    In this session, you won’t learn about joins or windows or timers or any other advanced features of Beam. Instead, we will focus on the real-world complexity that comes from simply moving data from one system to another safely. How do we model data as it passes from one transform to another? How do we handle errors? How do we test the system? How do we organize the code to make the pipeline configurable for different source and destination systems?

    We will explore how each of these questions are addressed in Mozilla’s open source codebase for ingesting telemetry data from Firefox clients. By the end of the session, you’ll be equipped to explore the codebase and documentation on your own to see how these concepts are composed together.

  • This Week in Glean: glean-core to Wasm experiment

    On the Glean team we make an effort to move as much of the logic as possible to glean-core, so that we don’t have too much code duplication on the language bindings and guarantee standardized behaviour throughout all platforms.

    Since that is the case, it was counterintuitive for me, that when we set out to build a version of Glean for the web, we wouldn’t rely on the same glean-core as all our other language bindings. The hypothesis was: let’s make JavaScript just another language binding, by making our Rust core compile to a target that runs on the browser.

    Rust is notorious for making an effort to have a great Rust to Wasm experience, and the Rust and Webassembly working group has built awesome tools that make boilerplate for such projects much leaner.

  • Data Publishing @ Mozilla

    Mozilla’s history is steeped in openness and transparency – it’s simply core to what we do and how we see ourselves in the world. We are always looking for ways to bring our mission to life in ways that help create a healthy internet and support the Mozilla Manifesto. One of our commitments says “We are committed to an internet that elevates critical thinking, reasoned argument, shared knowledge, and verifiable facts”.

    To this end, we have spent a good amount of time considering how we can publicly share our Mozilla telemetry data sets – it is one of the most simple and effective ways we can enable collaboration and share knowledge. But, only if it can be done safely and in a privacy protecting, principled way. We believe we’ve designed a way to do this and we are excited to outline our approach here.

    Making data public not only allows us to be transparent about our data practices, but directly demonstrates how our work contributes to our mission. Having a publicly available methodology for vetting and sharing our data demonstrates our values as a company. It will also enable other research opportunities with trusted scientists, analysts, journalists, and policymakers in a way that furthers our efforts to shape an internet that benefits everyone.

Best Free and Open Source Mail Notification Tools

Filed under
Software

Email is arguably one of the most popular and useful functions of a Linux system. Fortunately, there is a wide selection of free email software available on the Linux platform which is stable, feature laden, and ideal for personal and business environments.

A mail notification tool lets you know when new emails are received. A prominent feature of these tools is the non-obtrusive passive notification about important emails which will let you concentrate on your work and avoid unnecessary interruptions.

When all you want to do is be notified when you have a new e-mail message the last thing you want is software chugging along in the background using up valuable system memory. Fortunately, the programs are lightweight in nature.

Here’s our recommendations. All of the programs are free and open source goodness.

Read more

Wine 5.18 Released

Filed under
Software

  • Wine Announcement
    The Wine development release 5.18 is now available.
    
    What's new in this release (see below for details):
      - Vulkan shader compilation using the new vkd3d-shader library.
      - USER32 library converted to PE.
      - Console no longer requires the curses library.
      - Support for display modes with various orientations.
      - A number of syntax fixes in the WIDL compiler.
      - Non-recursive makefiles.
      - Various bug fixes.
    
    The source is available from the following locations:
    
      https://dl.winehq.org/wine/source/5.x/wine-5.18.tar.xz
      http://mirrors.ibiblio.org/wine/source/5.x/wine-5.18.tar.xz
    
    Binary packages for various distributions will be available from:
    
      https://www.winehq.org/download
    
    You will find documentation on https://www.winehq.org/documentation
    
    You can also get the current source directly from the git
    repository. Check https://www.winehq.org/git for details.
    
    Wine is available thanks to the work of many people. See the file
    AUTHORS in the distribution for the complete list.
    
    
  • Wine 5.18 is out making use of the new vkd3d-shader library

    The team hacking away on the Wine compatibility layer have put out another development build with Wine 5.18 now being made available. Wine 5.18 comes not long after the Wine team also released vkd3d 1.2, their Direct3D 12 to Vulkan translation layer and it seems part of the work was on integrations here.

  • Wine 5.18 Released With VKD3D 1.2's vkd3d-shader Usage

    Wine 5.18 is out as the newest bi-weekly feature development release.

    Wine 5.18 isn't the most exciting feature release in recent times but is notable in that Vulkan shader compilation is now done using the vkd3d-shader library. That library was introduced as part of this week's VKD3D 1.2 release for mapping Direct3D 12 over Vulkan. VKD3D 1.2 is much more capable than the prior v1.1 release from nearly two years ago.

    Wine 5.18 also converts the USER32 library to being of the portable executable (PE) format, the console no longer requires the curses library, support for display modes with various orientations, syntax fixes in the WIDL compiler, non-recursive makefiles now for the build system handling, and various bug fixes.

today's leftovers

Filed under
Misc
  • Intel DG1 Sound Support Coming For Linux 5.10

    Intel continues bringing up the DG1 discrete graphics card under Linux with continued refinements set to hit for Linux 5.10.

    Besides all of the Intel (i915) DRM kernel graphics driver improvements coming for Linux 5.10 some of which explicitly benefit Gen12/Xe and the DG1 discrete graphics card, the sound subsystem updates for this next kernel cycle are bringing up the audio support.

  • openSUSE Tumbleweed – Review of the week 2020/39

    During this week we have released ‘only’ three Snapshot (0919, 0922 and 0923). But some of you might have noticed that we are finally sending the ‘build fail notification mails’ again, helping you be more laid back, not having to look at your packages all the time, as the bot does that for you. Unfortunately, due to some OBS issue, this feature was broken for a little while.

  • Renovating payment services with microservices, cloud-native integration, and artificial intelligence

    Red Hat sees three fundamental areas of modernization that financial institutions should focus on in order to modernize their payment service and benefit from the same technologies that upstart new entrants to the payments industry already have: microservices, cloud-native integration, and intelligent process automation.

  • Modernize telco business support systems for 5G with Red Hat
  • What are containers and why do you need them?

    The best analogy for understanding containers is a shipping container. That’s why the majority of all container articles and blog posts show a photo of a shipping container. We’re sure you’ve seen the transport of those big steel shipping containers. (We’ve also seen some people use them to build houses and swimming pools.) The shipping industry standardized on a consistent size container. Now, the same container can move from a ship to a train to a truck without unloading the cargo. The container contents do not matter.

    Just like a shipping container, a software container is a standardized package of software. Everything needed for the software to run is inside the container. The software code, runtime, system tools, system libraries, and settings are all inside a single container.

  • LHS Episode #369: The Weekender LVII

    It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

  • Directing Traefik | Self-Hosted 28

    We get fancy with Traefik labels, and gush over some new Home Assistant features while saving our data from inevitable future failure.

  • TikTok and App Censorship

    Doc Searls and Katherine Druckman talk to Kyle Rankin and Petros Koutoupis about TikTok and who controls your phone.

Syndicate content

More in Tux Machines

Security Leftovers

  • FinSpy Spyware for Mac and Linux OS Targets Egyptian Organisations

    FinSpy, also known as FinFisher, can target both desktop and mobile operating systems, including Android, iOS, Windows, macOS, and Linux, to gain spying capabilities, including secretly turning on their webcams and microphones, recording everything the victim types on the keyboard, intercepting calls, and exfiltration of data.

  • Multiple vulnerabilities in Pandora FMS could trigger remote execution attack

    Critical vulnerabilities lurking in Pandora FMS could have led to the full compromise of enterprise infrastructure and networks. Developed by Ártica ST, Pandora FMS is an open source solution that provides an interface for monitoring network connections, app management, event alerts, and both agent and agentless monitoring for Windows, Linux, Unix, and Android systems. On September 22, SonarSource cybersecurity researcher Dennis Brinkrolf explained the potential impact of four vulnerabilities recently discovered in Pandora FMS version 742. All flaws have since been patched.

  • Introducing “YAYA”, a New Threat Hunting Tool From EFF Threat Lab

    At the EFF Threat Lab we spend a lot of time hunting for malware that targets vulnerable populations, but we also spend time trying to classify malware samples that we have come across. One of the tools we use for this is YARA. YARA is described as “The Pattern Matching Swiss Knife for Malware Researchers.” Put simply, YARA is a program that lets you create descriptions of malware (YARA rules) and scan files or processes with them to see if they match. 

    The community of malware researchers has amassed a great deal of useful YARA rules over the years, and we use many of them in our own malware research efforts. One such repository of YARA rules is the Awesome YARA guide, which contains links to dozens of high-quality YARA repositories. 

  • EU Still Asking For The Impossible (And The Unnecessary): 'Lawful Access' To Encrypted Material That Doesn't Break Encryption

    A few months ago, Techdirt wrote about a terrible bill in the US that would effectively destroy privacy and security on the Internet by undermining encryption. Sadly, that's nothing new: the authorities have been whining about things "going dark" for years now. Moreover, this latest proposal is not just some US development. In an official document obtained by Statewatch (pdf), the current German Presidency of the Council of the European Union (one of the key organizations in the EU) has announced that it wants to move in the same direction (found via Netzpolitik). It aims to prepare:

  • 'BootHole' implications for 'isorespin.sh'

    When it was discovered that GRUB2 contained various vulnerabilities that would allow UEFI Secure Boot to be bypassed and which became known as the “BootHole” vulnerability (CVE-2020-10713), the recommendation was that all operating systems using GRUB2 with Secure Boot must release new installers and bootloaders. I reviewed 'isorespin.sh' at that time as one of it's key features is the option to add a GRUB2 bootloader to allow ISOs to boot on the many Intel devices limited by their BIOS requiring a 32-bit bootloader to boot a 64-bit OS. My initial 'fix' was based around Ubuntu's response by recompiling and adding the latest fixed GRUB2 bootloader from 'groovy' (Ubuntu 20.10) and let the Ubuntu package manager 'apt' install the appropriate GRUB2 binaries to the ISO whilst being respun.

  • Bug Bounty FAQ: Top Questions, Expert Answers

    Four leading voices in the bug bounty community answer frequently asked questions from bounty hunters, companies and curious cybersecurity professionals.

  • Update Infrastructure Access – Adios http

    Earlier this year we enabled access to the update infrastructure through the data center. This was made possible by a refresh of the update infrastructure last year. Also earlier this year SUSE Linux Enterprise Server 11 SP4 reached EOL w.r.t on-demand image maintenance and this allowed us to switch all our traffic to run over https. The redirection of traffic from http to https happened shortly after SLES 11 SP4 images reached EOL but until now we didn’t come around with making this change stick on the client side.

Debian GNU/Linux 10.6 Released with Over 30 Security Updates, 53 Bug Fixes

Debian GNU/Linux 10.6 is here two months after the Debian GNU/Linux 10.5 update to provide those who want to install the latest stable Debian GNU/Linux release an up-to-date installation media that includes all the important corrections and security updates. Debian GNU/Linux 10.6 packs a total of 53 updated packages with miscellaneous bug fixes, as well as 32 security updates that address some of the latest vulnerabilities. All of these updates have already been made available to exiting Debian Buster users through the official software repositories. Read more

Today in Techrights

Android Leftovers