Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 28 Mar 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Games for GNU/Linux

Filed under
Gaming
  • It looks like we may be getting a Planescape Torment Enhanced Edition

    Back in January Beamdog was looking for testers on a new game. Now the Planescape website has a countdown timer. It's legitimate too, as tweeted by the Beamdog and the D&D twitter accounts.

  • RTS game 'Deadhold' could come to Linux, considering an experimental Beta

    The developers of Deadhold [Steam, Official Site] want to support Linux and they are thinking about releasing an experimental Linux Beta.

  • Ten amazing Linux games you can play without WINE

    Those of us who have taken up the mantle of a Linux gamer know that our path is rarely easy. For a long time, few games were released for our chosen platform. Those that were shipped riddled with bugs, compatibility issues and rarely worked out of the box. Getting games to work require using WINE and deeply complex almost arcane workarounds to force windows games to work on our quirky systems. Unfortunately, games rarely worked well and usually required hours of complex tweaking in order to get them to function properly. To top this all of, there were graphics driver problems, optimization issues, peripherals rarely worked out of the box and our lives were generally difficult.

Ubuntu-Based LXLE 16.04.2 Gets an RC Build, Promises to Be the Best Release Ever

Filed under
Ubuntu

LXLE 16.04.2 is on its way to becoming the best release ever of the Ubuntu-based distribution built around the lightweight LXDE desktop environment, and it just received a Release Candidate (RC) build.

Continuing to get all the goodies from Ubuntu 16.04.2 LTS (Xenial Xerus), LXLE 16.04.2 Release Candidate is here only two weeks after the last Beta milestone, and adds quite a bunch of improvements and bug fixes. These include a reconfigured menu layout to be less cluttered for navigation, and a revamped Control Menu to act as a dynamic Control Panel.

Read more

These Are the Default Wallpapers of the Ubuntu 17.04 (Zesty Zapus) Linux Distro

Filed under
Ubuntu

Ubuntu member Nathan Haines is proud to inform Softpedia about the availability of the new community wallpapers for the upcoming Ubuntu 17.04 (Zesty Zapus) operating system.

Ubuntu 17.04 just got its Final Beta release at the end of last week, and now that Final Freeze stage is approaching fast, it's time for us to have a look at the default wallpapers shipping with the final release, which have been contributed by various artists and photographers from all over the world.

Read more

Samsung Galaxy Tab S3 Review: Finally, an Android tablet built with enterprise users in mind

Filed under
Reviews

Show me an Android tablet and I'll show you a device that has yet to live up to its full potential. Google's Play Store lacks a wide selection of apps that support a tablet's larger display, with most apps only expanding the phone interface, in turn looking horrible on the smaller screen.

In addition to the lack of quality apps, Android tablets have lacked key accessories such as a keyboard.

For the most part, Android tablets have been relegated to a device used to catch up on Netflix or to entertain kids with games.

Read more

Ubuntu 17.04 inches closer to production

Filed under
Ubuntu

Ubuntu's final beta for version 17.04 has landed.

Zesty Zapus covers Ubuntu desktop, server and cloud editions, Kubuntu, Lubuntu, Ubuntu Gnome, MATE, Studio and Xubuntu flavours.

It's not a huge feature boost, but the release is using the Linux 4.10 kernel, useful if your iron runs Intel Kaby Lake or AMD Ryzen silicon.

If configuring the Common UNIX Printing System (CUPS) is on your hate-list, there's good news: the release includes support for driverless printing.

Read more

Also: Getting Better Radeon Polaris Performance On Ubuntu 17.04 With Mesa 17.1, Linux 4.11

Linux 4.11 RC4

Filed under
Linux
  • Linux 4.11-rc4

    So last week, I said that I was hoping that rc3 was the point where
    we'd start to shrink the rc's, and yes, rc4 is smaller than rc3. By a
    tiny tiny smidgen. It does touch a few more files, but it has a
    couple fewer commits, and fewer lines changed overall. But on the
    whole the two are almost identical in size.

    Which isn't actually all that bad, considering that rc4 has both a
    networking merge and the usual driver suspects from Greg, _and_ some
    drm fixes - and those tend to be the big areas.

    So on the whole things look fine. There's changes all over, and in
    mostly the usual proportions. Some core kernel code shows up in the
    diffstat slightly more than it usually does - we had an audit fix and
    a bpf hashmap fix, but on the whole it all looks very regular: mostly
    drivers, networking, arch fixes and some filesystem noise. Shortlog
    appended as usual for people who want to skim the details.

    Go out and test,

    Linus

  • Linus Torvalds Announces the Fourth Release Candidate of the Linux 4.11 Kernel

    As expected, Linus Torvalds made his regular Sunday announcement to inform us about the availability of the fourth Release Candidate (RC) development release of the upcoming Linux 4.11 kernel.

    Coming one week after the third Release Candidate, Linux 4.11 RC4 appears to be just a bit smaller than the previous build, updating the networking stack and many of the supported drivers to be on par with what was changed earlier this week in the stable Linux kernel branches.

  • Linux 4.11-rc4 Kernel Released

    Linus Torvalds has announced the Linux 4.11-rc4 kernel this evening.

today's leftovers

Filed under
Misc
  • Microsoft Sued After Windows 10 Upgrade “Destroyed Users’ Computers”

    In the lawsuit documents (via The Reg), the plaintiffs explain that Microsoft did not “exercise reasonable care in designing, formulating, and manufacturing the Windows 10 upgrade,” becoming responsible for damages caused to users in the form of data loss and hardware issues.

  • WebTorrent Desktop: Instant Video Streaming App for Linux Desktop

    WebTorrent Desktop is a cross-platform open source torrent client with which you can instantly stream audio and video torrent files without waiting to completely download them.

    It features a beautiful and modern User Interface, streaming support for videos from Internet Archive, music from Creative Commons, and audiobooks from Librivox, and has the ability to talk to BitTorrent and WebTorrent peers while providing a seamless User Experience.

  • Humble Store has some noteworthy deals on this weekend
  • clr-boot-manager now available in Solus

    We’re happy to announce the rollout of clr-boot-manager in our stable repository. clr-boot-manager, from the Clear Linux Project For Intel Architecture, enables a more bulletproof update experience by handling the maintenance and garbage collection of kernels, as well as configuration of the bootloader itself (i.e. GRUB2 for Legacy Boot, goofiboot for UEFI boot on Solus). Furthermore, it enables us to retain older, known-working kernels, so in the event a kernel upgrade results in the inability to boot, you’ll still be able to roll back to the last good kernel.

  • Ubuntu vs Arch Linux

    Comparing Ubuntu to Arch Linux. Focus is entirely on the underlying system, as Arch don’t offer a specific interface to compare with Ubuntu’s Unity desktop.

  • Packaging Ishiiruka-Dolphin (GameCube/Wii Emulator)
  • Red Hat Inc (RHT) To Kick Off Another Week Of Big Earnings Reports
  • Debian Project Leader elections 2017

    It's that time of year again for the Debian Project: the elections of its Project Leader!

    The Project Leader position is described in the Debian Constitution.

Canonical and Ubuntu

Filed under
Ubuntu
  • RADV & ANV Vulkan Drivers Are One Command Away On Ubuntu 17.04

    Similar to Ubuntu 16.10, the Mesa Vulkan drivers are not present by default on new Ubuntu installations. But to get the packaged Vulkan drivers, simply sudo apt install mesa-vulkan-drivers. When running some tests on Ubuntu 17.04 this weekend, I was a bit surprised to see that Mesa's Intel ANV and Radeon RADV drivers aren't present by default -- since it's been one year since the Vulkan 1.0 debut and the ANV/RADV drivers have matured a lot during this time. There's also more and more software becoming available that can make use of Vulkan while personally wishing for more Linux desktops to push Vulkan. But it's easy to install the Vulkan drivers as mentioned. Similarly, vulkan-utils isn't installed by default.

  • Wishful Thinking Of Non-Free Software Makers

    Regardless of my personal problems with non-Free software, the world has largely accepted FLOSS to SAS’s chagrin. I guess Canonical should be glad except they barely mention “Linux” on their site. What’s with that? They are like some purveyors of non-Free software that talk about the benefits of their products without even mentioning what the software actually does as if that’s best kept secret…

  • 2017: Should Linux Benchmarking Still Be Mostly Done With Ubuntu?

    Every year or so it comes up how some users believe that at Phoronix we should be benchmarking with Antergos/Arch, Debian, or [insert here any other distribution] instead of mostly using Ubuntu for our Linux benchmarking. That discussion has come back up in recent days.

    In our forums and Twitter the past few days, that discussion seems to have come up by some users requesting I use a different Linux distribution than Ubuntu as the main test platform for all of our benchmarking. As I've said before, Ubuntu is used given it's the most popular when it comes to Linux desktop usage as well as significant usage of it on servers / workstations / cloud. But I have no tie to it beyond focusing upon using the Linux distribution that's used by the most folks for obtaining the maximum relevance to users, gamers, and enthusiasts reading said articles. And for allowing easy comparisons / out-of-the-box expectations. On my main production system I still use Fedora Workstation as my personal favorite and in the basement server room there are a variety of operating systems -- both BSDs and Linux and from Antergos to openSUSE and Debian.

Linux Devices, Tizen, and Android

Filed under
Android
Linux
Hardware

Leftovers: OSS

Filed under
OSS
  • SAP buys into blockchain, joins Hyperledger Project
  • foss-north speaker line-up

    I am extremely pleased to have confirmed the entire speaker line-up for foss north 2017. This will be a really good year!

  • Chromium/Chrome Browser Adds A glTF Parser

    Google's Chrome / Chromium web-browser has added a native glTF 1.0 parser. The GL Transmission Format, of course, being Khronos' "3D asset delivery format" for dealing with compressed scenes and assets by WebGL, OpenGL ES, and other APIs.

    There are glTF utility libraries in JavaScript and other web-focused languages, but Google adding a native glTF 1.0 parser appears to be related to their VR push with supporting VR content on the web. Their glTF parser was added to Chromium Git on Friday.

  • Sex and Gor and open source

    A few weeks ago, Dries Buytaert, founder of the popular open-source CMS Drupal, asked Larry Garfield, a prominent Drupal contributor and long-time member of the Drupal community, “to leave the Drupal project.” Why did he do this? He refuses to say. A huge furor has erupted in response — not least because the reason clearly has much to do with Garfield’s unconventional sex life.

    [...]

    I’ll unpack the first: open-source communities/projects are crucially important to many people’s careers and professional lives — cf “the cornerstone of my career” — so who they allow and deny membership to, and how their codes of conduct are constructed and followed, is highly consequential.

  • Hazelcast Releases 3.8 – The Fastest Open Source In-Memory Data Grid
  • SecureDrop and Alexandre Oliva are 2016 Free Software Awards winners
  • MRRF 17: Lulzbot and IC3D Release Line Of Open Source Filament

    Today at the Midwest RepRap Festival, Lulzbot and IC3D announced the creation of an Open Source filament.

    While the RepRap project is the best example we have for what can be done with Open Source hardware, the stuff that makes 3D printers work – filament, motors, and to some extent the electronics – are tied up in trade secrets and proprietary processes. As you would expect from most industrial processes, there is an art and a science to making filament and now these secrets will be revealed.

  • RApiDatetime 0.0.2

Security Leftovers

Filed under
Security
  • NSA: We Disclose 90% of the Flaws We Find

    In the wake of the release of thousands of documents describing CIA hacking tools and techniques earlier this month, there has been a renewed discussion in the security and government communities about whether government agencies should disclose any vulnerabilities they discover. While raw numbers on vulnerability discovery are hard to come by, the NSA, which does much of the country’s offensive security operations, discloses more than nine of every 10 flaws it finds, the agency’s deputy director said.

  • EFF Launches Community Security Training Series

    EFF is pleased to announce a series of community security trainings in partnership with the San Francisco Public Library. High-profile data breaches and hard-fought battles against unlawful mass surveillance programs underscore that the public needs practical information about online security. We know more about potential threats each day, but we also know that encryption works and can help thwart digital spying. Lack of knowledge about best practices puts individuals at risk, so EFF will bring lessons from its comprehensive Surveillance Self-Defense guide to the SFPL.

    [...]

    With the Surveillance Self-Defense project and these local events, EFF strives to help make information about online security accessible to beginners as well as seasoned techno-activists and journalists. We hope you will consider our tips on how to protect your digital privacy, but we also hope you will encourage those around you to learn more and make better choices with technology. After all, privacy is a team sport and everyone wins.

  • NextCloud, a security analysis

    First, I would like to scare everyone a little bit in order to have people appreciate the extent of this statement.

    As the figure that opens the post indicates, there are thousands of vulnerable Owncloud/NextCloud instances out there. It will surprise many just how easy is to detect those by trying out common URL paths during an IP sweep.

  • FedEx will deliver you $5.00 just to install Flash

    Bribes on offer as courier's custom printing service needs Adobe's security sinkhole

GNOME Extensions Website Has A New Look

Filed under
GNOME

Every GNOME Shell user will visit the official GNOME Shell Extensions website at least once. And if those users do so this weekend they’ll notice a small difference as the GNOME Shell Extensions website is sporting a minor redesign. This online repo plays host to a stack of terrific add-ons that add additional features and tweak existing ones.

Read more

today's leftovers

Filed under
Misc
  • Why You Should Consider Open Sourcing Your Software

    Free & Open source software have grown so rapidly in the last few years. Just compare the situation of being ignored and considered like a nerds-movement in the early 2000’s to the situation today in 2017. We surly made a huge advancement so far. Thanks to the amazing ecosystem of open source which links both communities and enterprises together.

    However, when it comes to individuals, a lot of people are hesitant when it comes to open-sourcing their software. They think that the “secret” behind it will be stolen. They think that they will be releasing their work “for nothing in return” when they do so. That’s definitely false.

  • Caspia Projects and Thunderbird – Open Source In Absentia

    What does this have to do with Thunderbird? I sat in a room a few weeks ago with 10 guys at Clallam Bay, all who have been in a full-time, intensive software training program for about a year, who are really interested in trying to do real-world projects rather than simply hidden internal projects that are classroom assignments, or personal projects with no public outlet. I start in April spending two days per week with these guys. Then there are another 10 or so guys at WSR in Monroe that started last month, though the situation there is more complex. The situation is similar to other groups of students that might be able to work on Thunderbird or Mozilla projects, with these differences:1) Student or GSOC projects tend to have a duration of a few months, while the expected commitment time for this group is much longer.

  • Make Dragonfly BSD great again!

    Recently I spent some time reading Dragonfly BSD code. While doing so I spotted a vulnerability in the sysvsem subsystem that let user to point to any piece of memory and write data through it (including the kernel space). This can be turned into execution of arbitrary code in the kernel context and by exploiting this, we're gonna make Dragonfly BSD great again!

Desktop GNU/Linux

Filed under
GNU
Linux
  • [Video] Litebook Alpha Review! | Unboxing, Apps, and Gaming!
  • Beginners Guide To Linux

    Curious about getting into Raspberry Pi or just Linux in general but you're not sure where to start? This post is for you. It's not intended to be a comprehensive guide, rather a gentle intro into the Linux world. I'm not a Linux expert, but I know from experience that it can be an intimidating platform to get started in. I want this post to show you what you need to know to get started with Linux.

  • [Video] 5 Reasons To Switch To Linux
  • System76 Provides Wireless Fixes for Ubiquity

    We are proud to have contributed to Ubiquity in such a way that we feel improves all users’ lives when using Ubuntu. We will continue improving the platform and hope that our users will see value in what we do.

  • GNOME 3.24 Released, See What`s New

    After being in development for six months, GNOME 3.24 was released today, bringing improvements such as Night Light, weather information in the date / time indicator, along with updates to its applications, and more.

Late Night Linux, Bad Voltage, and Effective Communication in Podcasting

Filed under
Interviews
  • Late Night Linux – Episode 06

    Jesse is back but this time Félim is in his sick bed so it’s a 3 man show yet again. Some heated debates about Nextcloud’s actions, Ubuntu extended support and PowerPC distros, followed by a deep dive into the world of HiDPI 4k support in Linux.

  • Bad Voltage Live at SCaLE 15x

    The Bad Voltage live stage show, from SCaLE 15x in Pasadena, March 2017!

  • Effective Communication in Podcasting

    When I got serious about doing Linux videos on YouTube, I drew on all of that Old Media experience plus I took a few classes to make sure I knew what I was talking about before handing out advice to others. That has led to the EzeeLinux project. The goal of EzeeLinux is to educate folks about Linux and get them started on the right path to success… I have been truly humbled by the response it has gotten.

    That said, I don’t feel like I’m competing with anyone – the more, the merrier! I honestly feel that Linux and Open Source Software are arguably one of the few truly good things happening in the world today. It brings people from all over the world together and provides a means to get cutting edge technology into the hands of anyone, anywhere who wants to take the time to learn how to use it regardless of their financial situation. That is the kind of power that can quite literally change the world, folks. No one should be left behind in this Information Age. Come to think of it, Ed Murrow would probably do a documentary about Linux if he was still around today… It would be right up his street, I think. It’s the kind of thing he liked to talk about.

Leftovers: Software

Filed under
Software
  • [Video] Linux Audio Programs Compared 2017

    I made this video for those that are new to, or just interested in making music on the Linux OS. I go over the features, goods and bads of Rosegarden, LMMS, Ardour, Mixbus, and EnergyXT, as well as touch on Qtractor. I don't don't go much into details of the particular versions I am using, but the video was made in the early part of 2017 and I'm running Ubuntu 16.04LTS.

  • Green Recorder: A Simple Desktop/Screen Recorder for Linux

    Green Recorder is a simple, open source desktop recorder developed for Linux systems built using Python, GTK and FFmpeg. It supports most of the Linux desktop environments such as Unity, Gnome, Cinnamon, Mate, Xfce and so on. Recently it has been updated to work with Wayland too in Gnome session.

  • Komorebi: A New Way To Enhance Your Desktop Using Animated/Parallax Wallpapers

    In past there were applications that allowed us to run videos/Gif as wallpaper on the desktop and make desktop look much cooler but than all of sudden the development of such Apps stopped and I can't name any App that exist for this purpose. Komorebi is fairly new application designed to make your desktop experience much better and make desktop cool as well, we can say it is kind of 'live wallpaper' situation here or 3D wallpaper. It is developed by Abe Masri and available under GPL license for free.

  • Stacer Sytem Optimizer: A Must Have Application For Ubuntu/Linux Mint

    There are multiple ways to optimize your Linux, the most geeky way is using Terminal, there are also applications available that performs such actions like Bleachbit, Ubuntu cleaner and so on. Stacer is simple, open-source, quick and new application designed to offer you all-in-one optimizer for your Ubuntu/Linux Mint (It's alternative to CCleaner but only for Linux).

  • Qtox: Open Source and Fully Secure Skype Replacement for Linux

    Long years ago, we've talked about a Skype alternative called Tox which was still in its early developmental stages. Tox was supposed to become the anti-thesis of Skype by being a fully open-source video and voice chat client that placed user privacy and security at its center. Well, guess what, there are now fully active and well-maintained chat clients that are built on top of Tox protocol. qTox is one of them.

  • Rclone 1.36 Released With SFTP And Local Symlinks Support, More

    Rclone 1.36 was released recently, bringing support for SFTP, local symbolic links support, mount improvements, along with many other new features and bug fixes.

    For those not familiar with Rclone, this is a cross-platform command line tool for synchronizing files and folders to multiple cloud storages, which supports Dropbox, Google Drive, Amazon S3, Amazon Drive, Microsoft One Drive, Yandex Disk, and more.

    It can be used to sync files either from your machine or from one cloud storage to another.

  • Streamlink Twitch GUI 1.2.0 Adds Support For Communities And Team Pages, Basic Hotkeys

    Streamlink Twitch GUI (previously Livestreamer Twitch GUI) is a multi-platform Twitch.tv browser.

    The application is powered by Node.js, Chromium and Streamlink, though it can still use Livestreamer (which is no longer maintained) too.

  • Code Editor `Brackets` 1.9 Released, Available In PPA

    Brackets is a free, open source code editor focused on front-end web development (HTML, CSS and JavaScript).

  • Terminix Terminal Emulator Renamed To Tilix, Sees New Bugfix Release

    [Quick update] Terminix, a GTK3 tiling terminal emulator, has been renamed to Tilix due to some trademark issues.

today's howtos

Filed under
HowTos
Syndicate content

More in Tux Machines

Tizen and Android

Leftovers: OSS and Sharing

  • Making your OpenStack monitoring stack highly available using Open Source tools
    Operators tasked with maintaining production environments are relying on monitoring stacks to provide insight to resource usage and a heads-up to threats of downtime. Perhaps the most critical function of a monitoring stack is providing alerts which trigger mitigation steps to ensure an environment stays up and running. Downtime of services can be business-critical, and often has extremely high cost ramifications. Operators working in cloud environments are especially reliant on monitoring stacks due to the increase in potential inefficiency and downtime that comes with greater resource usage. The constant visibility of resources and alerts that a monitoring stack provides, makes it a fundamental component of any cloud.
  • InfraRed: Deploying and Testing Openstack just made easier!
  • The journey of a new OpenStack service in RDO
    When new contributors join RDO, they ask for recommendations about how to add new services and help RDO users to adopt it. This post is not a official policy document nor a detailed description about how to carry out some activities, but provides some high level recommendations to newcomers based on what I have learned and observed in the last year working in RDO.
  • Getting to know the essential OpenStack components better
  • Getting to know core components, speed mentoring, and more OpenStack news
  • Testing LibreOffice 5.3 Notebookbar
    I teach an online CSCI class about usability. The course is "The Usability of Open Source Software" and provides a background on free software and open source software, and uses that as a basis to teach usability. The rest of the class is a pretty standard CSCI usability class. We explore a few interesting cases in open source software as part of our discussion. And using open source software makes it really easy for the students to pick a program to study for their usability test final project.
  • [Older] Drupal member sent out after BDSM lifestyle revealed

    Drupal, like many other open source projects, has a stated goal of welcoming and accepting all people, no matter their heritage, culture, sexual orientation, gender identity or other factors.

  • Controversy Erupts in Open-Source Community After Developer's Sex Life Made Public
    Drupal is a popular open-source content-management system, used to build websites. Like many other open-source projects, Drupal is guided by several committees that are supposed to be accountable to the community and its code of conduct, which enshrines values like "be considerate" and "be respectful." Also like many other open-source projects, Drupal attracts all sorts of people, some of whom are eclectic. Last week, under murky circumstances, Drupal creator Dries Buytaert banned one of the project's technical and community leaders, Larry Garfield. Buytaert attributed the decision to aspects of Garfield's private sex life. Many Drupal users and developers are up in arms about the perceived injustice of the move, exacerbated by what they see as a lack of transparency.
  • HospitalRun: Open Source Software for the Developing World
    When open source software is used for global health and global relief work, its benefits shine bright. The benefits of open source become very clear when human health and human lives are on the line. In this YouTube video, hear Harrisburg, Pennsylvania software developer Joel Worrall explain about HospitalRun software – open source cloud-based software used at developing world healthcare facilities.
  • Scotland emphasises sharing and reuse of ICT
    Scotland’s public administrations should focus on common, shared technology platforms, according to the new digital strategy, published on 22 March. The government says it wants to develop “shared infrastructure, services and standards in collaboration with our public sector partners, to reduce costs and enable resources to be focused on front-line services.”
  • [Older] OpenSSL Re-licensing to Apache License v. 2.0 To Encourage Broader Use with Other FOSS Projects and Products

    OpenSSL Launches New Website to Organize Process, Seeks to Contact All Contributors

  • Austria state secretary promotes open data
    The State Secretary at Austria’s Federal Chancellery, Muna Duzdar, is encouraging the making available of government data as open data. “The administration must set an example and support the open data culture by giving society its data back”, the State Secretary for Digitalisation said in a statement.
  • Study: Hungary should redouble open data initiatives
    The government of Hungary should redouble its efforts to make public sector information available as open data, and actively help to create market opportunities, a government white paper recommends. The ‘White Paper on National Data Policy’ was approved by the government in December.
  • Williamson School Board OKs developing open source science curriculum
    Science textbooks may be a thing of the past in Williamson County Schools. The Williamson County school board approved a proposal Monday night to use open source science resources instead of science textbooks. The switch will require a team of nine teachers to spend a year developing an open source curriculum.
  • How Elsevier plans to sabotage Open Access
    It was a long and difficult road to get the major publishing houses to open up to open access, but in the end the Dutch universities got their much awaited ‘gold deal’ for open access. A recently revealed contract between Elsevier and the Dutch research institutes lays bare the retardant tactics the publishing giant employs to stifle the growth of open access.
  • #0: Introducing R^4
  • RcppTOML 0.1.2

Security Leftovers

  • Security updates for Monday
  • FedEx Will Pay You $5 to Install Flash on Your Machine
    FedEx is making you an offer you can’t afford to accept. It’s offering to give you $5 (actually, it’s a discount on orders over $30) if you’ll just install Adobe Flash on your machine. Nobody who knows anything about online security uses Flash anymore, except when it’s absolutely necessary. Why? Because Flash is the poster child for the “security-vulnerability-of-the-hour” club — a group that includes another Adobe product, Acrobat. How unsafe is Flash? Let’s put it this way: seven years ago, Steve Jobs announced that Flash was to be forever banned from Apple’s mobile products. One of the reasons he cited was a report from Symantec that “highlighted Flash for having one of the worst security records in 2009.” Flash security hasn’t gotten any better since.
  • Every once in a while someone suggests to me that curl and libcurl would do better if rewritten in a “safe language”
  • An insecure dishwasher has entered the IoT war against humanity

    Regel says that he has contacted Miele on a number of occasions about the issue, but had failed to get a response to his missives, and this has no updated information on the vulnerability.

    He added, bleakly that "we are not aware of an actual fix."

  • Monday Witness: It's Time to Reconize a Civil Right Not to be Connected
    Along with death and taxes, two things appear inevitable. The first is that Internet of Things devices will not only be built into everything we can imagine, but into everything we can't as well. The second is that IoT devices will have wholly inadequate security, if they have any security at all. Even with strong defenses, there is the likelihood that governmental agencies will gain covert access to IoT devices anyway. What this says to me is that we need a law that guarantees consumers the right to buy versions of products that are not wirelessly enabled at all.
  • Remember kids, if you're going to disclose, disclose responsibly!
    If you pay any attention to the security universe, you're aware that Tavis Ormandy is basically on fire right now with his security research. He found the Cloudflare data leak issue a few weeks back, and is currently going to town on LastPass. The LastPass crew seems to be dealing with this pretty well, I'm not seeing a lot of complaining, mostly just info and fixes which is the right way to do these things.

Lightroom and Darktable: the verdict two years after switching

In summer 2015, I posted a detailed account of my tentative switch from Windows7 and Lightroom to Linux and Darktable. This was sparked by sudden crashes that were afflicting my system, but in a deeper sense grew from frustration with Windows and, to a lesser degree, with Lightroom. Once I headed for Linux, I decided to plunge in fully and commit to using Ubuntu and free, open-source photo software for several months – at least until the end of that year. That would give me a chance to see whether I could actually run my photography business on the new system. Read more