Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 19 Feb 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Software: CLI File Viewers, 5 Excellent Free Mind Mapping Software and Sophos Snakeoil for Linux

Filed under
Software
  • 3 tools for viewing files at the command line

    I always say you don't need to use the command line to use Linux effectively—I know many Linux users who never crack open a terminal window and are quite happy. However, even though I don't consider myself a techie, I spend about 20% of my computing time at the command line, manipulating files, processing text, and using utilities.

    One thing I often do in a terminal window is viewing files, whether text or word processor files. Sometimes it's just easier to use a command line utility than to fire up a text editor or a word processor.

    Here are three of the utilities I use to view files at the command line.

  • 5 Excellent Free Mind Mapping Software

    Structured thinking is a process of setting a framework to an unstructured problem. Having a structure not only helps to understand a particular problem, it also helps to identify areas which need more understanding. Structured thinking allows us to map ideas in structured fashion, thereby enabling the identification of areas which require the most thought.

    Mind mapping is a fairly free flowing concept. This means you need software that is versatile, and can adapt to your requirements. Your idea of a neat and tidy mind map might be another person’s idea of bamboozling. A map can concentrate very complex content in a small space such as a piece of paper. It helps to use both sides of your brain: the logical side and also the creative side. It’s a technique to help organize the way you think and stimulate your creativity: It can help you by developing, sorting and helping to memorize your ideas.

    Mind mapping software therefore offers an excellent way of capturing your thoughts in a structured way, brainstorming new ideas. Move away from simple lists, and use this software to link ideas in different ways. By thinking creatively, not linearly, we can seize on our big ideas.

  • How to install Sophos Antivirus for Linux [Ed: Installing proprietary software on GNU/Linux would likely cause security issues and/or add back doors, not improve real security]

    Seeing the Ubuntu popularity between both Desktops and serves, here we are using Ubuntu to show how to install Sophos Antivirus for Linux.

Microsoft is Down and Pretending to be "Open"

Filed under
Microsoft
OSS
  • Down productivity tools: Microsoft Teams takes a Monday tumble

    Microsoft's collaborative Slack-alike, Teams, is having a difficult start to the week, with users unable to log in to share their hopes, dreams and Word documents with their co-workers.

    Problems started at around 13:00 UTC, as users found themselves presented with connection errors as they attempted to hook up to the service. Naturally, they took to Twitter to share their experience.

  • Microsoft is going all-in on 'Inner Source' [Ed: Microsoft's de facto PR person at CBS on how Microsoft will keep giving malicious software with NSA back doors while calling it "open". Dr. Glyn Moody, to his credit, warned about it over a decade ago in Linux Journal when he said Microsoft would bamboozle nontechnical people/officials by claiming it itself is its competition and is "open source" (even when it's proprietary, with back doors).]
  • After Open Source, Microsoft Wants “Inner Source” For A Better Future [Ed: Having bribed OSI and others, Microsoft is now trying to redefine and totally control FOSS (all products proprietary but with openwashing for marketing purposes). Remember "Shared Source"? Microsoft keeps rebranding. Microsoft: we’re sort of kind of like “open”. We bought some things. BP: we’re sort of green. We changed our logo and mentioned words like “climate”.]

HowTos and Development Leftovers

Filed under
Development
HowTos

Security: Nest Lockout, Moment of Truth for Cyber Insurance, DNS Hijacking Attacks and Australian Cracking

Filed under
Security
  • Nest is locking customers out of accounts until they fix their security

    Emails were sent last night to all users that may have been affected by recent [breaches], with a new password being mandatory, as it tries to avoid the "I'll do it later" attitude that means that often vulnerable passwords remain in use for months or years.

  • A Moment of Truth for Cyber Insurance

    Mondelez’s claim represents just a fraction of the billions of dollars in collateral damage caused by NotPetya, a destructive, indiscriminate cyberattack of unprecedented scale, widely suspected to have been launched by Russia with the aim of hurting Ukraine and its business partners. A compromised piece of Ukrainian accounting software allowed NotPetya to spread rapidly around the world, disrupting business operations and causing permanent damage to property of Mondelez and many others. According to reports, Zurich apparently rejected Mondelez’s claim on the grounds that NotPetya was an act of war and, therefore, excluded from coverage under its policy agreement. If the question of whether and how war risk exemptions apply is left to the courts to decide on a case-by-case basis, this creates a profound source of uncertainty for policyholders about the coverage they obtain.

  • A Deep Dive on the Recent Widespread DNS Hijacking Attacks

    The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

    This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers.

  • With elections weeks away, someone “sophisticated” [cracked] Australia’s politicians

    With elections just three months away, Australian Prime Minister Scott Morrison announced on February 18 that the networks of the three major national political parties had been breached by what Australian security officials described as a "sophisticated state actor."

  • Australia's major political parties [cracked] in 'sophisticated' attack ahead of election

    Sources are describing the level of sophistication as "unprecedented" but are unable to say yet which foreign government is behind the attack.

  • Parliament attackers appear to have used Web shells

    Attackers who infiltrated the Australian Parliament network and also the systems of the Liberal, National and Labor Parties appear to have used Web shells – scripts that can be uploaded to a Web server to enable remote administration of a machine.

How Linux testing has changed and what matters today

Filed under
Linux
Interviews

If you've ever wondered how your Linux computer stacks up against other Linux, Windows, and MacOS machines or searched for reviews of Linux-compatible hardware, you're probably familiar with Phoronix. Along with its website, which attracts more than 250 million visitors a year to its Linux reviews and news, the company also offers the Phoronix Test Suite, an open source hardware benchmarking tool, and OpenBenchmarking.org, where test result data is stored.

According to Michael Larabel, who started Phoronix in 2004, the site "is frequently cited as being the leading source for those interested in computer hardware and Linux. It offers insights regarding the development of the Linux kernel, product reviews, interviews, and news regarding free and open source software."

Read more

Programmes and Events: Outreachy, FOSDEM and LibreOffice Asia Conference

Filed under
LibO
OSS
  • Outreachy Summer 2019 Applications Open With Expanded Eligibility

    But beginning this round, they are also opening the application process to "anyone who faces systemic bias or discrimination in the technology industry of their country is invited to apply." For evaluating the systemic bias or discrimination, an essay question was added to the application process about what discrimination they may have faced or otherwise think they could face in seeking employment.

    Also different beginning this round is only students (update: for non-student participants, this restriction does not apply) from the Northern Hemisphere can apply to this May to August round while the Southern Hemisphere round is being deemed the December to March round moving forward.

  • VkRunner at FOSDEM

    I attended FOSDEM again this year thanks to funding from Igalia. This time I gave a talk about VkRunner in the graphics dev room. It’s now available on Igalia’s YouTube channel below:

    I thought this might be a good opportunity to give a small status update of what has happened since my last blog post nearly a year ago.

  • First LibreOffice Asia Conference

    The First LibreOffice Asia Conference Will Be Held On May 25-26, 2019 In Nihonbashi, Tokyo, Japan

    This is the first ever LibreOffice conference covering Asia, a rapidly-growing area for free and open source software. The call for papers will be launched soon.

    Berlin, February 18, 2019 – After the huge success of the LibreOffice Conference Indonesia in 2018, members of the Asian communities have decided to raise the bar in 2019 with the first ever LibreOffice Asia Conference in Nihonbashi – the very center of Tokyo, Japan – on May 25-26.

    One of the main organizers, Naruhiko Ogasawara, a member of the Japanese LibreOffice community and The Document Foundation, can’t hide his excitement: “When we launched the LibreOffice Mini Conference Japan in 2013 as a local event, we knew little about communities in other parts of Asia. In recent years we have attended the LibreOffice Conference and other Asian events like OpenSUSE Asia, COSCUP etc. We have realized that many of our colleagues are active and that our community should learn a lot from them. We are proud to be able to hold the first Asia Conference with our colleagues to further strengthen that partnership.”

FS-VERITY Updated For Read-Only, File-Based Authenticity Protection On EXT4/F2FS

Filed under
Linux

Since November we haven't heard much about Google's effort around FS-VERITY as transparent integrity / authenticity support for read-only files on a writable file-system. Fortunately, the effort didn't stop and new patches are pending for this implementation that complements DM-VERITY.

FS-VERITY offers read-only, file-based authenticity protection on a per-file basis that can reside on a read-write file-system, like DM-VERITY being at the block level. FS-VERITY is being implemented as its own framework akin to fs-crypt for file-system encryption. The initial Linux file-systems that Google cares about for hooking into FS-VERITY are EXT4 and F2FS, both of which are used by Android devices.

Read more

Programming and HowTos

Filed under
Development
HowTos

Servers: Container Mythbusters, OpenShift (Red Hat) and IBM

Filed under
Server
SUSE
  • Video: Container Mythbusters

    Michael Jennings has been a UNIX/Linux sysadmin and software engineer for over 20 years. He has been the author of or a contributor to numerous open source software projects, including Charliecloud, Mezzanine, Eterm, RPM, Warewulf/PERCEUS, and TORQUE. Additionally, he co-founded the Caos Foundation, creators of CentOS, and has been the lead developer on 3 separate Linux distributions. He currently serves as the Platforms Team Lead in the HPC Systems group at Los Alamos National Laboratory, responsible for managing some of our nation’s most powerful supercomputers and is the primary author/maintainer for the LBNL Node Health Check (NHC) project. He is also the Vice President of HPCXXL, the extreme-scale HPC Users group.

  • Assessing App Portfolios for Onboarding to OpenShift

    Most professionals who’ve spent enough time in the IT industry have seen organizational silos in action. The classic silos are the ones created by Development and Operations organizations; silos we aim to break down through DevOps-style collaboration. But how many organizations pursuing digital transformation are continuing that siloed thinking when it comes to evaluating the application portfolio for cloud migration and modernization?

    Application Development, Database Operations, Infrastructure, and the various lines of business have portions of the application portfolio for which they take responsibility. When organizations think about modernization, they need to deemphasize the silos and develop a comprehensive approach that evaluates the entire portfolio, and the teams that support those applications. Otherwise, they’re leaving money on the table in the form of missed opportunities for cost savings and application improvements that generate revenue and increase customer engagement.

    A comprehensive approach takes into account the full range of workloads supported by the IT organization and starts making tough decisions about: which workloads can/should be modernized, which should be rehosted to take advantage of more efficient cloud platforms, and which should be left as is or even retired because they’re outlived their usefulness.

  • Big Blue Finally Brings IBM i To Its Own Public Cloud

    Well, that took quite a long time. After what seems like eons of nudging and cajoling and pushing, IBM is making the IBM i operating system and its integrated database management system, as well as the application development tools and other systems software, available on its self-branded IBM Cloud public cloud.

    Big Blue previewed its plans to bring both IBM i and AIX to the IBM Cloud at its annual Think conference in Las Vegas, on scale out machines aimed at small and medium businesses as well as to customers who want to run clusters of machines, and on scale up systems that have NUMA electronics that more tightly cluster them into shared memory systems.

Security Leftovers

Filed under
Security
  • Firefox Monitor: Mozilla Firefox’s New Safety Feature Will Show You Notifications When You Visit Breached Sites

    Mozilla recently launched Firefox Monitor, a service that allows users to find out if their account has been been part of a data breach and has been compromised. Firefox Monitor provides data from the popular service Have I Been Pwned. Mozilla has been working hard day and night to improve the Firefox browser and as a part of security improvements, comes Firefox Monitors’s integration with the Firefox desktop browsers.

    Back in November last year, Mozilla announced in a blog post that the Firefox Monitor service was being integrated with the Firefox desktop browser to warn users with a notification when visiting sites that were known to be involved in a data breach. The company said that the update was going to be rolled out to all Firefox users in the coming weeks. According to Techdows, as of February 18, 2019, all the Firefox desktop users have received the Firefox Monitor integration update.

  • Vulnerability Scanning – Roadmap to Securing Your Infrastructure
  • 92 Million Accounts Put Up For Sale on the Dark Web by Well Known Hacker Group

    Gnosticplayers has been on fire recently, having put 620 million accounts for sale and then followed it up by another 127 million accounts. The asking price for the first round of data hack was about $20,000 while for the second round it was around $14,500.

  • Security updates for Monday

It's Still Undecided Whether Ubuntu 20.04 LTS Will Support 32-bit x86 (i386)

Filed under
Hardware
Ubuntu

Ubuntu 17.10 dropped its i386 / 32-bit x86 installer image while the i386 port has remained part of the package archive. Other Ubuntu derivatives over the past year have also moved to drop their 32-bit installer images and with Lubuntu/Xubuntu now ending their ISOs for that port, it's hitting the end of the road. Now for Ubuntu 20.04 LTS, there might not even be the i386 port.

Canonical's Steve Langasek has restarted the discussion about whether to include i386 for next year's Ubuntu 20.04 Long-Term Support release. Langasek commented today, "The real question is whether i386 is still supportable (and justifiable) as a release architecture at all in the 20.04 timeframe. There are significant technical concerns raised about whether we can continue to provide the expected security support for i386 over the lifetime of Ubuntu 20.04."

Read more

Also: Ubuntu Weekly Newsletter Issue 566

Fedora 30 Will Have Firefox Wayland By Default But Could Be Reverted If Too Buggy

Filed under
Red Hat
Moz/FF

The plan to use the Wayland-native version of Firefox by default for Fedora Workstation 30 atop GNOME has been tentatively approved by the Fedora Engineering and Steering Committee (FESCo).

At this morning's FESCo meeting, the Fedora stakeholders approved of this late change to ship the Wayland-enabled version of Firefox by default, after they've been carrying this spin of Firefox in their package repository for several cycles but haven't made use of it out-of-the-box. This Firefox Wayland version will be used by Fedora 30 straight-away when running on the GNOME Shell Wayland session.

Read more

Also: Bodhi 3.13.1 released

5 of the Best Linux Distros for Raspberry Pi

Filed under
GNU
Linux
Hardware

The Raspberry Pi debuted in 2012, and since then the tiny computer and its successors have powered countless projects. While you can install regular Ubuntu on a Raspberry Pi, there are plenty of more specialized Linux distributions available. This list includes options that can handle everything from general computing to creating a tiny portable arcade.

Read more

Mesa 18.3.4

Filed under
Graphics/Benchmarks

Mesa 18.3.4 is now available.

In this release we have:

A fix in the XvMC state-tracker, which was causing some video attributes to
not take affect. On the video front the VAAPI state tracker has seen
improvements with VP9 streams while the amdgpu driver advertises all available
profiles.

On Intel side we have compiler fixes and extra PCI IDs for Coffee Lake and
Ice Lake parts. In the Broadcom drivers a couple of memory leaks were
addressed and the NEON assembly should compile properly on armhf.

Other drivers such as radeonsi, nouveau and freedreno have also seen some
love. The RADV driver has seen addressed to compile correctly with GCC9
amongst other changes.

The Xlib based libGL have been addressed to work with X servers, which lacks
the MIT-SHM extension such as XMing.

To top it up we have a few fixes to the meson build system.

Read more

Also: Mesa 18.3.4 Brings VA-API VP9 Improvements, More Coffeelake/Icelake IDs For Intel

Cutelyst 2.7.0 released, async is back!

Filed under
Development
KDE

Cutelyst a Qt/C++ Web Framework just got a new version. This time bringing back proper async support.

Perl Catalyst Framework was conceived as a sync/blocking framework, due that the Mojolicious framework was created, NodeJS and a few other web frameworks have pushed the async programming to the web. Performance wise being async doesn’t mean you get faster response times, rather the opposite, the need to unroll stack and make extra calls makes a CPU bound application slower.

But depending on the problem to solve it allows you to serve more users at the same time, using the same CPU cores. A typical modern application might receive a request from a Phone App then do a REST API call to an external API which might take 2ms or 200ms for the reply. While waiting for the response, typical sync/blocking applications can’t process more requests, or have to spawn more threads increasing RAM consumption and leveraging concurrency to the OS scheduler. On an Async web application, you can process another request while you wait for the previous request, thus possibly making the first request reply to be sent back to the user at a later time than if there was a dedicated process just waiting for his reply.

So, both ways have pros and cons and IMHO I’d like to support them both. When I started Cutelyst I thought that if I ever need async I could have a local QEventLoop to wait for the reply and would be able to deal with async requests, not recently I found out that supporting QEventLoop was causing stack overflow due it being used in pipelined scenarios, after that I removed it’s usage and performance improved in PlainText tests of TechEmpower, so I advised against using it and marked Cutelyst as not async.

Read more

New Audiocasts: LHS and Destination Linux

Filed under
Interviews
  • LHS Episode #272: The Weekender XXIV

    Good grief! It's the latest edition of the Weekender! In this episode, the hosts put together a list of amateur radio contests and special events, upcoming open source conferences and a hefty does of hedonism that blends together and goes down like a luxurious sippin' whiskey. Thank you for tuning in and we hope you have an amazing upcoming fortnight.

  • Destination Linux EP108 – Ubuntu Studio Amped Up

    On this episode of Destination Linux, we discuss some news for Makulu Linux, GNOME 3.32, IPFire 2.21 and more. We’ll also check out a cool new system deployment tool that could change how multi-booting is done. Then we’ll check out a new desktop offering from ZaReason as well as an overclocking tool for Team Green users. Later in the show we’ll talk about some Linux Gaming news and much more including our Tips, Tricks and Software Spotlight picks!

Games: Battle Motion and The Bard's Tale IV: Barrows Deep

Filed under
Gaming

GNU Leveraged for Spying

Filed under
GNU
Microsoft
Syndicate content

More in Tux Machines

Today in Techrights

Security: Nest Lockout, Moment of Truth for Cyber Insurance, DNS Hijacking Attacks and Australian Cracking

  • Nest is locking customers out of accounts until they fix their security

    Emails were sent last night to all users that may have been affected by recent [breaches], with a new password being mandatory, as it tries to avoid the "I'll do it later" attitude that means that often vulnerable passwords remain in use for months or years.

  • A Moment of Truth for Cyber Insurance

    Mondelez’s claim represents just a fraction of the billions of dollars in collateral damage caused by NotPetya, a destructive, indiscriminate cyberattack of unprecedented scale, widely suspected to have been launched by Russia with the aim of hurting Ukraine and its business partners. A compromised piece of Ukrainian accounting software allowed NotPetya to spread rapidly around the world, disrupting business operations and causing permanent damage to property of Mondelez and many others. According to reports, Zurich apparently rejected Mondelez’s claim on the grounds that NotPetya was an act of war and, therefore, excluded from coverage under its policy agreement. If the question of whether and how war risk exemptions apply is left to the courts to decide on a case-by-case basis, this creates a profound source of uncertainty for policyholders about the coverage they obtain.

  • A Deep Dive on the Recent Widespread DNS Hijacking Attacks

    The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

    This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers.

  • With elections weeks away, someone “sophisticated” [cracked] Australia’s politicians

    With elections just three months away, Australian Prime Minister Scott Morrison announced on February 18 that the networks of the three major national political parties had been breached by what Australian security officials described as a "sophisticated state actor."

  • Australia's major political parties [cracked] in 'sophisticated' attack ahead of election

    Sources are describing the level of sophistication as "unprecedented" but are unable to say yet which foreign government is behind the attack.

  • Parliament attackers appear to have used Web shells

    Attackers who infiltrated the Australian Parliament network and also the systems of the Liberal, National and Labor Parties appear to have used Web shells – scripts that can be uploaded to a Web server to enable remote administration of a machine.

Android Leftovers

How Linux testing has changed and what matters today

If you've ever wondered how your Linux computer stacks up against other Linux, Windows, and MacOS machines or searched for reviews of Linux-compatible hardware, you're probably familiar with Phoronix. Along with its website, which attracts more than 250 million visitors a year to its Linux reviews and news, the company also offers the Phoronix Test Suite, an open source hardware benchmarking tool, and OpenBenchmarking.org, where test result data is stored. According to Michael Larabel, who started Phoronix in 2004, the site "is frequently cited as being the leading source for those interested in computer hardware and Linux. It offers insights regarding the development of the Linux kernel, product reviews, interviews, and news regarding free and open source software." Read more