Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 29 Jul 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Security News

Filed under
Security
  • Security advisories for Thursday
  • Please save GMane!
  • The End of Gmane?

    In 2002, I grew annoyed with not finding the obscure technical information I was looking for, so I started Gmane, the mailing list archive. All technical discussion took place on mailing lists those days, and archiving those were, at best, spotty and with horrible web interfaces.

    The past few weeks, the Gmane machines (and more importantly, the company I work for, who are graciously hosting the servers) have been the target of a number of distributed denial of service attacks. Our upstream have been good about helping us filter out the DDoS traffic, but it’s meant serious downtime where we’ve been completely off the Internet.

  • Pwnie Express makes IoT, Android security arsenal open source

    Pwnie Express has given the keys to software used to secure the Internet of Things (IoT) and Android software to the open-source community.

    The Internet of Things (IoT), the emergence of devices ranging from lighting to fridges and embedded systems which are connected to the web, has paved an avenue for cyberattackers to exploit.

  • The Software Supply Chain Is Bedeviled by Bad Open-Source Code [Ed: again, trace this back to FUD firms like Sonatype in this case]

    Open-source components play a key role in the software supply chain. By reducing the amount of code that development organizations need to write, open source enables companies to deliver software more efficiently — but not without significant risks, including defective and outdated components and security vulnerabilities.

  • Securing a Virtual World [Ed: paywall, undated (no year but reposted)]
  • Google tells Android's Linux kernel to toughen up and fight off those horrible hacker bullies

    In a blog post, Jeff Vander Stoep of the mobile operating system's security team said that in the next build of the OS, named Nougat, Google is going to be addressing two key areas of the Linux kernel that reside at the heart of most of the world's smartphones: memory protection and reducing areas available for attack by hackers.

Chew on this: Ubuntu Core Linux comes to the uCRobotics Bubblegum-96 board

Filed under
Ubuntu

Linux and other open source software have been in the news quite a bit lately. As more and more people are seeing, closed source is not the only way to make money. A company like Red Hat, for instance, is able to be profitable while focusing its business on open source.

Ubuntu is one of the most popular Linux-based operating systems, and it is not hard to see why. Not only is it easy to use and adaptable to much hardware (such as SoC boards), but there is a ton of free support online from the Ubuntu user community too. Today, Canonical announces a special Ubuntu Core image for the uCRobotics Bubblegum-96 board.

Read more

Homegrown Budgie Desktop Shows Off the Beauty - and Beastliness - of Solus Simplicity

Filed under
OS
Reviews

The Budgie desktop -- and thus Solus itself -- lacks the glitz and glitter found in more seasoned desktop environments. Animation is nonexistent. It also lacks any right-click menu finesse other than the ability to change background or settings.

The Solus Project's distro is very user-friendly, but experienced Linux users will need more optimized software and desktop functionality in the next release to be tempted to give up more advanced desktop flavors.

Read more

Hands-On: Upgrading Linux Mint 17.3 to 18

Filed under
HowTos

The first thing to do is read through the tutorial very carefully - and preferably more than once. This is not a trivial GUI procedure like the Fedora upgrade was, or like many of the previous Mint upgrades have been. It requires use of CLI commands, and those commands produce positively scary amounts of text output. It takes a relatively long time to perform the complete upgrade by Linux standards (it's done in a flash by Windows upgrade standards), and it is not entirely automated, so it will require manual intervention numerous times along the way.

Read more

Mint 18 Xfce Imminent, Gmane.org Shutting Down

Filed under
-s

Mint project lead Clement Lefebvre today said that Mint 18 Xfce is "almost ready" but KDE users will have to continue to wait. The second alpha in the Ubuntu 16.10 developmental cycle is available to crash testers as of today in Lubuntu, Ubuntu MATE and Ubuntu Kylin flavors only. In other news, the Gmane mailing list archive site is shutting down as the founder has grown weary with the hassles as well as a prolonged DDOS attack. Finally today, Carla Schroder shared her Linux story.

Read more

today's leftovers

Filed under
Misc
  • Comic-Con and FOSS Comic Book Solutions

    After whetting his appetite at this year’s Comic-Con, our resident Linux newbie discovers free and open source apps for reading digital comics, as well as a treasure trove of available sources for free comics online.

  • Linux Kernel 3.12.62 LTS Improves SPARC Support, Updates the Networking Stack

    Linux kernel developer Jiri Slaby announced the release of the sixty-second maintenance update for the long-term supported Linux 3.12 kernel series, which will receive support until 2017 because of SUSE Enterprise Linux.

    Linux kernel 3.12.62 LTS is a modest update, and looking at the diff from the previous maintenance release, version 3.12.61, we can notice that it changes a total of 96 files, with 1213 insertions and 1053 deletions. Among the changes, we can notice lots of fixes for the SPARC hardware architecture, but there are various other improvements for the ARM, MIPS, PA-RISC, and x86 instruction set architectures.

  • ‘Anatine’ Is a Simple Desktop Twitter App for Linux

    Anatine describes itself as a 'pristine Twitter app for Linux', but is it anything more than a wrapper around the mobile website?

  • Skype for Linux Alpha 1.3 Released With Small Bug Fixes

    A small bug fix update to Skype for Linux alpha is now available, and fixes, among many changes, errant close to tray behaviour on the Cinnamon desktop.

  • On the killing of intltool

    Say thanks to Daiki Ueno for his work maintaining gettext and enhancing it to make change practical, and to Javier Jardon for pushing this within GNOME and working to remove intltool from important GNOME modules.

  • On discoverability

    I've discussed elsewhere that usability is about real people doing real tasks in a reasonable amount of time. Some researchers also refer to "learnability" and "memorability" to define usability—this is very similar to discoverability. Can you discover the features of the system just by poking at it? Is the user interface obvious enough that you can figure it out on your own?

  • This is Lubuntu 16.10’s New Default Wallpaper

    The default wallpaper of Lubuntu 16.10 — yes, that's Lubuntu, with an 'l' — has been unveiled — but will fans of the lightweight Ubuntu spin like it?

Red Hat and Fedora

Filed under
Red Hat

Leftovers: OSS and Sharing

Filed under
OSS
  • Apache Graduates Another Big Data Project to Top Level

    For the past year, we've taken note of the many projects that the Apache Software Foundation has been elevating to Top-Level Status. The organization incubates more than 350 open source projects and initiatives, and has squarely turned its focus to Big Data and developer-focused tools in recent months. As Apache moves Big Data projects to Top-Level Status, they gain valuable community support.

    Only days ago, the foundation announced that Apache Kudu has graduated from the Apache Incubator to become a Top-Level Project (TLP). Kudu is an open source columnar storage engine built for the Apache Hadoop ecosystem designed to enable flexible, high-performance analytic pipelines. And now, Apache Twill has graduated as well. Twill is an abstraction over Apache Hadoop YARN that reduces the complexity of developing distributed Hadoop applications, allowing developers to focus more on their application logic.

  • Spark 2.0 takes an all-in-one approach to big data

    Apache Spark, the in-memory processing system that's fast become a centerpiece of modern big data frameworks, has officially released its long-awaited version 2.0.

    Aside from some major usability and performance improvements, Spark 2.0's mission is to become a total solution for streaming and real-time data. This comes as a number of other projects -- including others from the Apache Foundation -- provide their own ways to boost real-time and in-memory processing.

  • Why Uber Engineering Switched from Postgres to MySQL

    The early architecture of Uber consisted of a monolithic backend application written in Python that used Postgres for data persistence. Since that time, the architecture of Uber has changed significantly, to a model of microservices and new data platforms. Specifically, in many of the cases where we previously used Postgres, we now use Schemaless, a novel database sharding layer built on top of MySQL. In this article, we’ll explore some of the drawbacks we found with Postgres and explain the decision to build Schemaless and other backend services on top of MySQL.

  • GNU Hyperbole 6.0.1 for Emacs 24.4 to 25 is released

    GNU Hyperbole (pronounced Ga-new Hi-per-bo-lee), or just Hyperbole, is an amazing programmable hypertextual information management system implemented as a GNU Emacs package. This is the first public release in 2016. Hyperbole has been greatly expanded and modernized for use with the latest Emacs 25 releases; it supports GNU Emacs 24.4 or above. It contains an extensive set of improvements that can greatly boost your day-to-day productivity with Emacs and your ability to manage information stored across many different machines on the internet. People who get used to Hyperbole find it helps them so much that they prefer never to use Emacs without it.

  • Belgium mulls reuse of banking mobile eID app

    The Belgium government wants to reuse ‘Belgian Mobile ID’ a smartphone app for electronic identification, developed by banks and telecom providers in the country. The eID app could be used for eGovernment services, and the federal IT service agency, Fedict, is working on the app’s integration.

  • Water resilience that flows: Open source technologies keep an eye on the water flow

    Communities around the world are familiar with the devastation brought on by floods and droughts. Scientists are concerned that, in light of global climate change, these events will only become more frequent and intense. Water variability, at its worst, can threaten the lives and well-beings of countless people. Sadly, humans cannot control the weather to protect themselves. But according to Silja Hund, a researcher at the University of British Columbia, communities can build resilience to water resource stress.

    Hund studies the occurrence and behavior of water. In particular, she studies rivers and streams. These have features (like water volume) that can change quickly. According to Hund, it is essential for communities to understand local water systems. Knowledge of water resources is helpful in developing effective water strategies. And one of the best ways to understand dynamic water bodies like rivers is to collect lots of data.

Development News

Filed under
Development
  • JavaScript keeps its spot atop programming language rankings

    U.K.-based technology analyst firm RedMonk just released the latest version of its biannual rankings of programming languages, and once again JavaScript tops the list, followed by Java and PHP.

    Those are same three languages that topped RedMonk’s list in January. In fact, the entire top 10 remains the same as it was it was six months ago. Perhaps the biggest surprise in Redmonk’s list—compiling the “performance of programming languages relative to one another on GitHub and Stack Overflow”—is that there are so few surprises, at least in the top 10.

  • Plenty of fish in the C, IEEE finds in language popularity contest

    It's no surprise that C and Java share the top two spots in the IEEE Spectrum's latest Interactive Top Programming Languages survey, but R at number five? That's a surprise.

    This month's raking from TIOBE put Java at number one and C at number two, while the IEEE reverses those two, and the IEEE doesn't rank assembly as a top-ten language like TIOBE does.

    It's worth noting however that the IEEE's sources are extremely diverse: the index comprises search results from Google, Twitter, GitHub, StackOverflow, Reddit, Hacker News, CareerBuilder, Dice, and the institute's own eXplore Digital Library.

    Even then, there are some oddities in the 48 programming environments assessed: several commenters to the index have already remarked that “Arduino” shouldn't be considered a language, because code for the teeny breadboard is written in C or C++.

Security Leftovers

Filed under
Security

Parrot Security OS – A Debian Based Distro for Penetration Testing, Hacking and Anonymity

Filed under
GNU
Linux
Security
Debian

Parrot Security operating system is a Debian-based Linux distribution built by Frozenbox Network for cloud oriented penetration testing. It is a comprehensive, portable security lab that you can use for cloud pentesting, computer forensics, reverse engineering, hacking, cryptography and privacy/anonymity.

Read more

Server Administration

Filed under
Server
  • How to Find the Best DevOps Tools

    Almost all VictorOps users are practitioners and heavy users of DevOps tools, said Jason Hand, DevOps Evangelist & Incident & Alerting specialist at VictorOps. He shared the following list of popular tools used by their customers: Icinga, Nagios, Jira, Trello, Hubot, Slack, Jenkins, Graphite, RayGun, Takipi, New Relic, Puppet, Chef, GitHub, Cassandra, Ansible, Grafana, ElasticSearch, Logstash, and Kibana.

  • Persistent vs. Non-Persistent Workloads: the Admin's Conundrum

    Virtualization isn't the answer to every problem in IT. There are plenty of workloads where neither containers nor hypervisors are the answer. The old problems of being able to easily provision, utilize and make highly available bare-metal workloads remain, so what options exist for the modern sysadmin?

    Solutions to this problem can be largely divided into two groups: persistent and non-persistent workloads. For all intents and purposes, these break down into OpEx and CapEx problems, respectively.

  • Agile 2016: How to measure your DevOps initiatives
  • Navigating the Data Center Networking Landscape

    It’s really no surprise that these new types of technologies will have major impacts around the entire enterprise networking layer. Most of all – these systems will change the way business create go-to-market strategies and where next-generation networking technologies can make an impact.

Facebook Open Sources 17-Camera Surround360 Rig with Ubuntu Stitching Software

Filed under
Ubuntu

The major benefit of the higher end cameras -- and the Surround360 in particular -- is not only quality and durability, but much shorter processing time stitching videos into a seamless whole. The open source Linux software “vastly reduces the typical 3D-360 processing time while maintaining the 8K-per-eye quality we think is optimal for the best VR viewing experience,” says Facebook.

Read more

Linux Devices

Filed under
Linux

Tanglu 4 "Dasyatis Kuhlii" Enters Beta, Ships with Linux Kernel 4.6 & GNOME 3.20

Filed under
GNU
Linux

Matthias Klumpp informs the community about the availability of the first Beta build towards the Tanglu 4 "Dasyatis Kuhlii" GNU/Linux operating system, due for release later this year.

Tanglu 4 "Dasyatis Kuhlii" Beta is distributed with the usual flavors, including with the KDE and GNOME desktop environments. A Core edition is available as well, designed for those who want to build their own Tanglu-based GNU/Linux distribution.

Under the hood, all Tanglu 4 Beta editions are powered by a kernel from the Linux 4.6 series, along with the systemd 229 init system, but each one incorporates some of the latest open-source technologies that correspond to their user base.

Read more

Syndicate content

More in Tux Machines

Red Hat and Fedora

Leftovers: OSS and Sharing

  • Learn from the Experts at The Linux Foundation’s Europe Events
    The Linux Foundation has released session details for three major conferences coming up this fall: MesosCon Europe, Embedded Linux Conference / OpenIoT Summit Europe, and LinuxCon + ContainerCon Europe. MesosCon Europe, which will take place August 31-September 1 in Amsterdam, The Netherlands, is an annual conference organized by the Apache Mesos community, bringing together users and developers for two days of sessions about Mesos and related technologies. This year, the MesosCon program will include workshops to get started with Mesos, keynote speakers from industry leaders, and sessions led by adopters and contributors.
  • The Firebird Project's Firebird Relational Database
    Firebird distills its identity into the phrase "True universal open-source database" and boasts not only of being "free like free beer" but also, fittingly, of being "free like a bird". The latter permits anyone to build a custom version of the Firebird, as long as the modifications are made available for others to use and build upon.
  • Report: Austria can benefit from Big Data solutions
    Big Data solutions can contribute significantly to Austrian public administrations, a working group concludes in a report published in June. Benefits include improved quality of life, finding optimal business locations, and offering better guidance to citizens. The report by the Big Data working group aims to help public administration when considering Big Data solutions, providing legal, economic and technical context.
  • Report: over half of Spain’s regions now use SaaS
    In 2014, 59% of Spain’s regional governments used Software as a Service, according to the 2015 eGovernment report published on 30 June by PAe, Spain’s eGovernment portal. Next most-used cloud computing service is Infrastructure as a Service (40%), and third is Platform as a Service (20%). The usage of cloud computing is just one of the attributes of and indicators for eGovernment services that are aggregated in the report. The document shows the use of document management systems and support of electronic signatures. The text looks at interoperability, open data portals and eParticipation, lists region’s maturity levels of eGovernment services, from the availability to download forms online to the fully electronic management of applications.
  • Software Freedom in Kosovo, Waiting for Xfce Mint & More…
    It’s not FOSS, but I reckon the biggest story in tech this week, ignoring claims of Russia hacking for Trump, is the sale of Yahoo to Verizon for $4.8 billion. Considering that traffic watcher Alexa says the site is the fifth most visited address on the web, that seems like something of a bargain to me. Add to that Yahoo’s prime Silicon Valley real estate and the price seems to be in the “it fell of the truck” category. The sale puts Verizon in control of both America Online and Yahoo, so I suspect we’ll be seeing Verizon trying to compete with Google and Bing for a share of the search advertising market. [...] We’ve also heard from Software Freedom Kosova, which tells us it’s issued this year’s call for speakers, which will be open through September 15. This will be the seventh year for the Kosovo event, which aims to “promote free/libre open source software, free culture and open knowledge” — all laudable goals in my estimation. Potential speakers should know “the topic must be related to free software and hardware, open knowledge and culture.” Mike DuPont, the SFK member who made us aware of the event, told FOSS Force, “There might be travel expenses for qualified speakers.” The event will take place October 21-23.
  • Cloud, open source and DevOps: Technology at the GLA
    David Munn, head of IT at the Greater London Authority, explains what technology his organisation has adopted in order to help individuals keep innovating
  • Our attitude towards wealth played a crucial role in Brexit. We need a rethink
    Money was a key factor in the outcome of the EU referendum. We will now have to learn to collaborate and to share [...] Does money matter? Does wealth make us rich any more? These might seem like odd questions for a physicist to try to answer, but Britain’s referendum decision is a reminder that everything is connected and that if we wish to understand the fundamental nature of the universe, we’d be very foolish to ignore the role that wealth does and doesn’t play in our society.
  • France’s Insee and Drees publish microsimulation model to increase transparency
    Insee (Institut national de la statistique), the French public agency for statistics, and Drees (Direction des études du Ministère des Affaires sociales et de la santé), which is in charge of surveys at the Ministry of Social Affairs and Health, has published the source code of the microsimulation algorithmic model called Ines.
  • Plant Sciences pushing open-source berry model
    Several of those opportunities appear to lie in the development of so-called ‘open market’ breeding. Historically, Plant Sciences’ berry varieties have made it into the commercial arena under limited licensing arrangements, with individuals or groups of grower-shippers paying a premium to use them. While Nelson is eager to point out that this model continues to perform well, his company have decided to structure its business in Europe in such a way that it offers varieties to the “largest audience possible” at the most competitive price. “Given the price pressures that producers, marketers and retailers are under, we sense that such an approach is needed to remain most viable going forward and bring new varieties forward to the broadest market,” he explained.
  • Drug discovery test leads to malaria drug prospects at UW
  • Worldwide Open-Source Project Discovers Promising Disease-Fighting Compounds
  • Open-source drug discovery a success
  • The Global Open Data Index to be updated
    Open Knowledge International, a not-for-profit organisation that promotes openness and transparency, has decided to update the survey for its Global Open Data Index. This index measures Open Data publication in 122 countries.
  • This Startup Created the Ultimate Open-Source Prototyping Product
    The world has become a technologically focused place. Unless you’ve set up shop in a cabin in the woods, your life is likely filled with gadgets, wearables, devices, and doodads that control everything from your TV to your laptop. And with all this technology, it’s no wonder tech jobs have become so prevalent in the market. Fortunately, there are a number of ways to learn skills and prototyping projects that will impress even the most critical interviewer. And one startup has built the perfect product to do just that. Created by a group of students from the India Institute of Technology, evive is an open-source prototyping module that can make creating projects easier than ever. It has a power module, plug and play hardware interface, user interface, data acquisition module, shield stack space and more. It’s even IoT ready so it can connect to more devices than you can count. Plus, it works across multiple platforms like LabVIEW, MATLAB, Scratch, Eclipse, ROS, Python, Arduino IDE and many more.
  • Friday's security updates
  • Pwnie Express Open Sources Tools to Lock Down IoT/Android Security
    Pwnie Express isn't a name that everyone is familiar with, but in the security arena the company has a good reputation for its wired and wireless threat detection technologies. Now, the Boston-based firm has announced plans to open source key tools that it has used to secure the Internet of Things (IoT) and Android software. Blue Hydra is a Bluetooth utility that can detect Bluetooth devices, and also work as a sniffer to query devices it detects for threats. Meanwhile, the Android Open Pwn Project (AOPP), is an Android ROM built for security testers. It's based on the Android Open Source Project (AOSP) and community-developed ROMS -- one of which is CyanogenMod. It lets developers on the Android front sniff out threats on mobile platforms.

Openwashing

Sailfish OS 2.0.2

  • Sailfish OS 2.0.2 In Early Access With Variety Of Improvements
    Jolla announced today that their Sailfish OS 2.0.2 "Aurajoki" mobile operating system release is available as early access. Sailfish OS 2.0.2 makes it easier to take screenshots via the volume buttons, a variety of new keyboard layouts, a new layout on the media app, a new Sailfish OS logo, simplified backups, browser improvements, support for flash when recording videos, the cloud services now supports the VK service, dual SIM support on capable devices, Dropbox and OneDrive integration in the photo gallery, and a wide variety of other fixes and improvements.
  • [Early Access] Sailfish OS 2.0.2 Aurajoki
    This update contains of many bug fixes and new added features such as taking screenshot by holding down volume buttons for 0.5 seconds, added keyboard layouts for Indian languages Telugu, Malayalam, Kannada, Punjabi, Tamil and Bengali, new layout on Media app’s front page, new Sailfish OS logo and many more.