Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 21 Feb 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Authorsort icon Replies Last Post
Story 5 Ways Xoopit Extends Gmail adriantry 27/04/2009 - 10:27am
Story Audacity: The Versatile Audio Tool for Everyone adriantry 12/05/2009 - 10:03am
Forum topic Dialup dilemma afs 05/06/2008 - 5:40pm
Blog entry Distribution Release: EnGarde Secure Linux 3.0.21 akramshaikh 08/10/2008 - 7:55am
Blog entry 25 Cool & Beautiful Linux Wallpapers akramshaikh 31/08/2009 - 6:50pm
Blog entry Ubuntu 10.04 LTS Finally Released! akramshaikh 29/04/2010 - 7:18pm
Story Top 10 Addictive games on Linux alieneyes 06/03/2010 - 5:07pm
Blog entry “Can’t locate module” Error in Linux and Data Loss allen 06/10/2008 - 4:52am
Blog entry “No such file or directory” Error in Linux allen 15/10/2008 - 4:47am
Blog entry ‘attempt to access beyond end of device’ Linux Error allen 27/03/2009 - 6:45am

Noctua's NH-U9 TR4-SP3 Is Still The Best 4U EPYC / Threadripper Cooler I've Found

Filed under
Graphics/Benchmarks

If you are in the market for an AMD Ryzen Threadripper or AMD EPYC heatsink that fits within 4U height requirements, the Noctua NH-U9 TR4-SP3 is still easily the best option available. I'm now running the NH-U9 TR4-SP3 in five different EPYC/Threadripper systems in the racks and they work out splendid.

I've already covered the NH-U9 TR4-SP3 multiple times before, but with having picked up another one of these coolers this past week and being satisfied with the results, just wanted to give another shout-out to Noctua and pass along the latest thermal results. For this latest build, the NH-U9 TR4-SP3 is cooling an EPYC 7351P 16-core / 32-thread CPU that tops out at 3.9GHz.

Read more

Uber: AresDB and Ludwig Source Code

Filed under
OSS
  • Uber Introduces AresDB: GPU-Powered, Open-Source, Real-Time Analytics Engine

    Uber recently introduced AresDB, an open-source real-time analytics engine leveraging an unconventional power source - graphics processing units (GPUs) - for meeting the growing demands of analysis at scale and at the same time unifying, simplifying and improving Uber's existing solutions.

  • New open-source project introduces code-free deep learning approach

    Uber’s AI engineering team wants to make deep learning more accessible with the open-source release of Ludwig. The deep learning toolbox based on TensorFlow aims to give users the ability to train and test deep learning models without having to write any code.

    “Ludwig is unique in its ability to help make deep learning easier to understand for non-experts and enable faster model improvement iteration cycles for experienced machine learning developers and researchers alike. By using Ludwig, experts and researchers can simplify the prototyping process and streamline data processing so that they can focus on developing deep learning architectures rather than data wrangling,” the Uber AI team wrote in a post.

  • Good old Ludwig makes deep learning code-free

    Ride sharing company Uber’s AI department open sourced project Ludwig to get those into deep learning, that don’t necessarily want to write code.

    The toolbox has been in the making for two years and though there are no coding skills required to train a model, experienced users should have ways of influencing the process. It was developed to simplify model building and comparing while keeping it more generic than other well known machine learning libraries such as OpenCV or Facebook’s PyText.

  • Uber releases Ludwig, an open source AI toolkit that simplifies training deep learning models for non-experts

    Uber released a new, open source Deep Learning toolbox called Ludwig, yesterday, to make training and testing of the deep learning models easier for non-experts. “By using Ludwig, experts and researchers can simplify the prototyping process and streamline data processing so that they can focus on developing deep learning architectures rather than data wrangling”, states the Uber team.

    Uber had been working on developing Ludwig for the past two years to simplify the use of Deep Learning models in projects. Uber has used the toolkit for several of its own projects such as its Customer Obsession Ticket Assistant (COTA), information extraction from driver licenses, food delivery time prediction, etc. Ludwig comes with a set of model architectures that can be combined to develop an end-to-end model for a given use case.

  • Uber releases Ludwig, an open source AI ‘toolbox’ built on top of TensorFlow

    Want to dive earnestly into artificial intelligence (AI) development, but find the programming piece of it intimidating? Not to worry — Uber has your back. The ride-hailing giant today debuted Ludwig, an open source “toolbox” built on top of Google’s TensorFlow framework that allows users to train and test AI models without having to write code.

Linux Foundation: Hyperledger, Mapzen, Open Mainframe Project and Academy Software Foundation

Filed under
Linux
OSS
  • Samsung SDS Reveals Blockchain Accelerator Tech Following Hyperledger Testing

    The IT arm of South Korean technical school large Samsung proclaimed it had developed technology to hurry up blockchain transactions, the corporate confirmed in an exceedingly promulgation on Feb fourteen. Presenting at the continued IBM suppose 2019 conference in point of entry, Samsung SDS aforesaid its new technology, Nexledger Accelerator, had already passed testing with Hyperledger material.

    “In order to boost dealing process speed, that could be a key thought in applying blockchain technology, Samsung SDS has developed its own Nexledger Accelerator, which may be applied to Hyperledger material,” the promulgation explained:

  • Samsung SDS, IBM collaborate to strengthen Open Source Hyperledger Fabric

    During IBM THINK 2019, IBM’s annual conference focused on technology and business, Samsung SDS announced it is continuing its collaboration with IBM in support of advancing Hyperledger Fabric, an open source cross-industry blockchain technology, with recent code contributions, research, and a new white paper.
    As a contributor to Hyperledger Fabric, Samsung SDS is working to improve fabric capabilities and actively contributing its new "Accelerator" code to the open source community. The new code is expected to significantly improve Hyperledger Fabric performance for specific use cases.

  • Samsung SDS and IBM Collaborate to Strengthen Open Source Hyperledger Fabric and Blockchain Ecosystems
  • IBM Blockchain Platform now live in Melbourne

    IBM has made its blockchain platform available out of the IBM data centre in Melbourne, allowing customers to run their applications on the company's cloud and abide by data sovereignty requirements.

  • Hyundai Commercial Partners With IBM to Accelerate Blockchain Development
  • Linux Foundation Revives Mapzen, an Alternative to Giants

    Mapzen, an open source mapping platform praised in civic tech circles and used in certain local government projects, is back.

    More accurately, it never really left. The project officially shut down a year ago, but since it was open-source, people kept using it.

    Now, the Linux Foundation — a vanguard of open-sourcing — is taking on Mapzen as a project, giving current and prospective Mapzen users more clarity about who owns the intellectual property and how they can use it.

  • Open Mainframe Project Advances Modern Mainframe with Production-Ready Zowe 1.0

    The Open Mainframe Project (OMP) has announced that Zowe, an open source software framework for the mainframe, is now production-ready less than 6 months after launching.

    Hosted by The Linux Foundation, the Open Mainframe Project is comprised of business and academic leaders within the mainframe community that collaborate to develop shared tool sets and resources. OMP launched Zowe, an open source project based on z/OS, last August to serve as an integration platform for the next generation of tools for administration, management and development on z/OS mainframes.

  • Develop on the Mainframe like any other cloud platform with Zowe

    Hosted by The Linux Foundation, the Open Mainframe Project is comprised of business and academic leaders within the mainframe community that collaborates to develop shared toolsets and resources. OMP launched Zowe, the first-ever open source project based on z/OS, last August to serve as an integration platform for the next generation of tools for administration, management and development on z/OS mainframes.

    Zowe 1.0 consists of core technologies enabling modern interfaces for web applications on z/OS, a new command line interface and expansion of platform REST API capabilities. This makes the z/OS environment more “cloud-like” and aims to improve integration in h

  • Open Mainframe Project Advances Modern Mainframe with Production Ready Zowe 1.0

    Hosted by The Linux Foundation, the Open Mainframe Project is comprised of business and academic leaders within the mainframe community that collaborate to develop shared tool sets and resources. OMP launched Zowe, the first-ever open source project based on z/OS, last August to serve as an integration platform for the next generation of tools for administration, management and development on z/OS mainframes.

  • Zowe 1.0 released, Microsoft joins OpenChain, new Raspberry Pi store, and more news
  • Zowe 1.0 released for the modern mainframe

    The Open Mainframe Project has announced that after six months of development Zowe is now production ready. Zowe is an open-source mainframe framework that strengthens integrations with modern enterprise applications.

    By providing interoperability and offering new web technologies, Zowe is designed to enable developers to use familiar open-source tools to access mainframe resources and services.

  • Sony Pictures unveils the Open-Source Software used for making Into the Spider-Verse

    The acclaimed Sony Pictures Imageworks contributed the software tool used to curate the best of Sony Pictures movies. The movies such as Spider-Man: Into the Spider-Verse, Alice in Wonderland, Cloudy with a Chance of Meatballs to a major open source community.

    Sony Pictures used OpenColorIO for managing color during the process of production. OpenColorIO has become the second project of the software in the Academy Software Foundation. The foundation is an industry association across the industry the the Open Source Linux Foundation is working on.

    The acclaimed Sony Pictures Imageworks contributed the software tool used to curate the best of Sony Pictures movies. The movies such as Spider-Man: Into the Spider-Verse, Alice in Wonderland, Cloudy with a Chance of Meatballs to a significant open source community.

  • OpenColorIO tool from Into the Spider-Verse now open-source

    The OpenColorIO tool from Spider-Man: Into the Spider-Verse is now available as an open-source program.

Open Hardware: Hackable Devices, RISC-V and 3-D Printing

Filed under
Hardware
OSS
  • freeDSP-aurora open source DSP offers 8 inputs and outputs

    Developers at Auverdion based in Verden, Germany have created the new open source DSP offering users eight inputs and eight outputs with USB Audio Class 2 and wireless control via Wifi and Bluetooth. The aptly named freeDSP-aurora DSP has this week been launched via Kickstarter.

    The new hardware supports macOS, Linux or Windows 10 operating systems and a XMOS XE216-512-TQ128 MCU is used to expose an USB Audio Class 2 compliant interface. The ESP32 MCU controls the operation of the DSP and support for both WiFi and Bluetooth connectivity can support peripherals such as a rotary encoder, display, temperature sensor, PWM controlled fan and IR sensor.

    “The freeDSP-aurora is a cost-effective real-time audio signal processing solution for audio enthusiasts, researchers, and the do-it-yourself community. It is a bare circuit board that can be incorporated into your own projects. It comes with no housing. Easy assembling and simple programmability are the main focus. It is based on Analog Devices’ ADAU1452 DSP chip.”

  • The Future Of Fritzing Is Murky At Best

    Fritzing is a very nice Open Source design tool for PCBs, electrical sketches, and schematics for designers and artists to move from a prototype to real hardware. Over the years, we’ve seen fantastic projects built with Fritzing. Fritzing has been the subject of books, lectures, and educational courses, and the impact of Fritzing has been huge. Open up a book on electronics from O’Reilly, and you’ll probably see a schematic or drawing created in Fritzing.

    However, and there’s always a however, Fritzing is in trouble. The project is giving every appearance of having died. You can’t register on the site, you can’t update parts, the official site lacks HTTPS, the Twitter account has been inactive for 1,200 days, there have been no blog posts for a year, and the last commit to GitHub was on March 13th. There are problems, but there is hope: [Patrick Franken], one of the developers of Fritzing and the president of the PCB firm Aisler which runs the Fritzing Fab, recently gave a talk at FOSDEM concerning the future of Fritzing. (That’s a direct FTP download, so have fun).

  • Slic3r vs Cura – 3D Printer Slicer Software Shootout

    A slicer is a software application that takes in 3D model files, like STL and OBJ, as input and, based on the user’s preferences and settings, creates g-code files as output.

    G-code is a set of commands that control the movement of a 3D printer along the X, Y, and Z axes for the entire model. They also contain instructions for heaters and other connected devices, such as servos or leveling sensors.

  • Can MIPS Leapfrog RISC-V?

    When Wave Computing acquired MIPS, “going open source” was the plan Wave’s CEO Derek Meyer had in mind. But Meyer, a long-time MIPS veteran, couldn’t casually mention his plan then. Wave was hardly ready with the solid infrastructure it needed to support a legion of hardware developers interested in coming to the MIPS open-source community.

    To say “go open source” is easy. Pulling it off has meant a huge shift from MIPS, long accustomed to the traditional IP licensing business.

    Wave’s first step was hiring Art Swift as president of its MIPS licensing business. Swift fit the bill as someone who knows the best of both worlds — old (traditional IP for licensing) and new (open source). Swift had served as vice-chair of the RISC-V Foundation’s Marketing Committee and was vice president of marketing and business development at MIPS Technologies from 2008 to 2011.

  • Building A RISC-V Desktop

    The core of this build is the HiFive Unleashed, a Linux-capable board from SiFive, makers of the first (production) RISC-V microcontroller. This board uses the Freedom U540 SOC built with a 28nm process, has 8GB of DDR4, and 32MB of Flash. For a board built on an Open archetecuture this is impressive, but it comes at a cost: the HiFive Unleashed ran for $1000 during its crowdfunding campaign.

  • Can Arm Survive RISC-V Challenge?

    We hear stories about new licensing practices at Arm since it was acquired by Japan’s SoftBank. Arm’s rivals tell us that they are engaged in many more talks with current Arm licensees who are looking for alternatives.

    Product developers no longer have the luxury of two-year product development cycles. And many don’t have the big budgets for licensing fees, often quoted as the huge barrier to entry for system-on-chip (SoC) design.

  • Open Source Hardware Benefits Procurement Practices

    “Open source does two things for you: it rationalizes price and motivates adoption and investment,” explained Keith Witek, senior vice president, Corporate Development, Strategy, and General Counsel at SiFive, a provider of commercial RISC-V processor IP. “If I charge you too much, you can leave and go to different vendor. I can’t lock you up with proprietary architecture or tools. And you feel like you can invest, because no one can take it away from you. RISC-V takes a big part in democratizing silicon.”

    The basics of RISC-V

    The RISC-V ISA is based on established reduced instruction set computer (RISC) principles. Anyone can use it for all types of implementation, including development and commercial and open source implementations, without cost. That means that anyone who wants to can design, manufacture and sell RISC-V chips and software.

  • The next generation open-source, 3D-printable Niskin bottle has arrived!

    The Niskin bottle, a seemingly simple device designed to take water samples at discrete depths, is one of the most important tools of oceanography. These precision instruments allow us to bring ocean water back to the surface to study its chemical composition, quality, and biologic constituency. If you want to know how much plastic is circulating in the deep sea, you need a Niskin bottle. If you need to measure chemical-rich plumes in minute detail, you need a Niskin bottle. If you want to use environmental DNA analyses to identify the organisms living in a region of the big blue sea, you need a Niskin bottle.

  • Arduino IoT Cloud Public Beta

    One of the reassuring things about the Arduino, and something that contributed to making it a success, was its open source nature. Of course, this caused Arduino - the company - problems. How to make money and keep control of an open source product is a headache. One solution is to move things online.

    Once upon a time the Arduino was programmed exclusively using an open source desktop IDE. Using it gave the security of open source.

  • Hack My House: Garage Door Cryptography Meets Raspberry Pi

    The garage door is controlled by a button hung on the garage wall. There is only a pair of wires, so a simple relay should be all that is needed to simulate the button press from a Raspberry Pi. I wired a relay module to a GPIO on the Pi mounted in the garage ceiling, and wrote a quick and dirty test program in Python. Sure enough, the little relay was clicking happily– but the garage door wasn’t budging. Time to troubleshoot. Does the push button still work? *raises the garage door* yep. How about the relay now? *click…click* nope.

  • How 3D Printers Work – Simply Explained

    Many of us will be familiar with the Star Trek scene where Captain Picard steps up to the food synthesizer and says, “Tea, Earl Grey, hot,” and the drink miraculously appears. When you mention 3D printing to the uninitiated, this is sometimes what they expect.

    The reality is that 3D printing is a lot more down to earth and certainly easier to understand than matter scrambling.

    In this article, we’ll look at how this approach to manufacturing has become a mainstay among hobbyists and engineers alike.

The Need to Fund Open Source Software Research and Development to Enhance ICT for Development and ICT for Dollars

Filed under
OSS

I owe part of my IT education to the Open Source Community. I enhanced my programming skills using open source programming languages; I garnered a better understanding of operating systems through my study and research of the Linux kernel; I understood the inner workings of software by having access to their code; and in college, I used learning materials from computer science classes made available by MIT Open Courseware. But this article is not about how I benefited from open source software. I only mentioned my experience with open source software to illustrate that if I can benefit from it, every Liberian can do the same. Therefore, this article is about how open source software can benefit Liberia as a developing country. It is also a call to both private and public organizations to invest in open source software in order to enhance Information and Communications Technology for Development (ICT4D) and Information and Communications Technology for Dollars (ICT4$).

Liberia’s ICT sector has achieved a lot since the end of the civil war. The creation of a liberal market, the advent and deployment of the ACE subsea cable and several other achievements have been the factors that have driven Liberia’ ICT revolution. Again, this article is not intended to delineate all of Liberia’s ICT achievements; it’s about the benefits we can get from investing in open source software.

Before going further into this discussion, permit me to briefly discuss the difference between the two types of software. Open source software is software whose source code is openly published, is available at no charge, and can freely be modified and distributed. Proprietary software is software that is generally licensed for a fee and its source code is kept secret. It is often developed by software firms or companies such as Microsoft.

Read more

Call for Oman Free and Open Source Software Platform

Filed under
OSS
  • Call for Oman Free and Open Source Software Platform

    The participants of the Free and Open Source Software Conference 2019 commended the efforts of government agencies and academic institutions in supporting free and open source software in the Sultanate.

    It was recommended to strengthen these efforts and raise awareness of this software in various educational institutions and in public and private institutions.

    The participants commended the good organisation of the conference and its success and they called for its continuation every two years to increase awareness of free and open source software and its role in modern digital technologies to keep up with the developments during the Fourth Industrial Revolution.

    They also commended the Oman Free and Open Source Software Platform, which was announced at the opening of the conference.

  • 'IT localisation vital for future'

    Under the theme of “FOSS as Driver for Technology Transfer, Innovation & Entrepreneurship”, the fourth edition of the Free and Open Source Conference FOSSC was launched yesterday at Sultan Qaboos University (SQU) Conference Hall under the patronage of Dr. Abdulmounim bin Mansoor Al Hassani, Minister of Information and in the presence of academics, researchers and students along with international guests.

    The two-day conference, the first-of-its-kind in the Mena region, is jointly organised by the Communication and Information Research centre (CIRC) at SQU and the Information Technology Authority (ITA), represented by the Digital Society Development Division to support the Free and Open Source Initiative (FOSS).

KDE Usability & Productivity

Filed under
KDE

  • This week in Usability & Productivity, part 58

    The System Settings Window Decorations page has been completely rewritten, bringing it into greater conformance with the modern visual style and fixing a huge number of bugs in the process (Valerio Pilo, KDE Plasma 5.16.0)...

  • KDE Continues Overhauling System Settings, More Discover Improvements

    Sunday mornings mean another weekly recap of the KDE improvements made, thanks to the great analysis by KDE developer Nathan Graham. While Plasma 5.15 was released this week, the KDE developers are already hard at work on KDE Plasma 5.16.

Security: More Breaches, Phishing, Windows Problems and WireGuard

Filed under
Security

Python 2.7.16 release candidate 1 available

Filed under
Development

A release candidate for the upcoming 2.7.16 bug fix release is now available for download.

Read more

FinalCrypt – An Open Source File Encryption Application

Filed under
Software

FnalCrypt is a free and open source encryption tool that allows you to encrypt files with a key. It is available for Linux, Windows and macOS.
Read more

Fedora's Adoption of Cgroups V2 and Fedora Infrastructure Detective Work

Filed under
Red Hat
  • Fedora 31 Planning To Use Cgroups V2 By Default

    While the Linux kernel has shipped Cgroups V2 as stable since early 2016, on Fedora and most other Linux distributions it hasn't been enabled by default over the original control groups "Cgroups" implementation. But come Fedora 31 later this year, they are now planning to make it the default.

    Enabling Cgroups V2 by default will allow systemd and the various Linux container technologies along with libvirt and friends to make use of the new features and improvements over the original Cgroups like offering a unified hierarchy. The new implementation also provides better consistency, purpose-driven flexibility, and other design improvements over the original control groups. It's taken a while for CGroups V2 to become the default due to interface changes compared to V1 and all of the important containers/tooling needing to be adapted to make use of it.

  • Fedora Infrastructure Detective Work: Mirrorlist 503's

    The Fedora Project Mirrorlist system has evolved multiple times in the last 10 years. Originally written by Matt Domsch it underwent an update and rewrite by Adrian Reber, et al a couple of years ago. For many years Fedora used a server layout where the front end web servers would proxy the data over VPN to dedicated mirrorlist servers. While this made sense when systems were a bit slower compared to VPN latency, it had become more troublesome over the last couple of years.

GNU FreeDink 109.6

Filed under
GNU
Gaming
  • GNU FreeDink 109.6

    This is the first official announcement for the new 109.x line with updated technologies (SDL2, OpenGL), WebAssembly support and many fixes and improvements.

  • GNU's RPG/Adventure Game Updated For SDL2, Defaults To OpenGL Rendering

    Of the many free software projects under the GNU umbrella, there aren't many games. One of the only titles is GNU FreeDink, which is out this weekend with its newest update after several active weeks of development.

Microsoft Now Calls Windows "Linux" (Misleading People)

Filed under
GNU
Linux
Microsoft

Security Leftovers

Filed under
Security

Graphics: Mesa, Vega and ETC2

Filed under
Graphics/Benchmarks
  • RADV Driver Gets Big Patch Series For 8-bit & 16-bit Arithmetic, 8-bit Storage

    A set of 38 patches have been sent out that wire in support for the VK_KHR_shader_float16_int8, VK_AMD_gpu_shader_half_float, VK_AMD_gpu_shader_int16, and VK_KHR_8bit_storage extensions to the RADV driver within Mesa.

    Rhys Perry who started contributing to the Nouveau driver stack has been working on this 8-bit and 16-bit arithmetic support for the Radeon Vulkan "RADV" driver. These 8-bit / 16-bit extensions work for AMD Volcanic Islands GPUs and newer. However, the half-floats support needs LLVM 8.0 or newer due to bugs on LLVM 7.

  • BACO Power Savings Support Comes To AMD's Vega 12

    The latest addition to AMD's open-source Linux kernel driver is supporting BACO on Vega 12.

    With the upcoming Linux 5.1 kernel cycle, BACO is enabled for Vega 10 and Vega 20. BACO is short for Bus Active, Chip Off as a low-power mode whereby most of the GPU is shut-off during idle periods in order to drastically cut the power consumption of the graphics card. BACO is also known as AMD ZeroCore Power mode.

  • Improved ETC2 Texture Compression Lands For Older Haswell/Ivybridge GPUs On Linux

    The previously mentioned work on improving ETC2 support for older generations of Intel graphics has now been mainlined for Mesa 19.1.

    This work for the ETC2 texture compression is improving the "fake" support for Intel Gen 7 class graphics, the Ivybridge and Haswell era graphics. This work was done by Igalia to address the lack of native ETC2 coverage on these several year old chips. Following this improved implementation for the fake ETC2 support is also wiring up OES_copy_image support for this extension. ETC2 is the lossy texture compression mandated since OpenGL ES 3.0 and OpenGL 4.3.

Bitmain SoC Support Coming To Linux 5.1 - Sophon ARMv8 + RISC-V Chip For Deep Learning

Filed under
Linux
Hardware

Queued for mainlining with the upcoming Linux 5.1 kernel cycle is initial support for Bitmain SoCs. Bitmain is the Chinese company that started out designing ASICs for Bitcoin mining with the Antminer and other products. The company has also been venturing into designs for artificial intelligence and deep learning.

With the upcoming Linux 5.1 kernel will be initial support for Bitmain's BM1880 System-on-a-Chip as well as the "Sophon Edge" developer board.

Read more

Debian Developers' Updates and Python Bits

Filed under
Development
Debian

Tales of colours: GIMP and Latte Dock (KDE)

Filed under
GNU
KDE
Software
  • Colorization in GIMP

    As part of the Image team at GREYC lab (CRNS, ENSICAEN, University of Caen), I implemented the “fill by line art” algorithm in GIMP, also known as “Smart Colorization“. You may know this algorithm in G’Mic (developed by the same team), so when they proposed me to work with them, I wanted to implement this algorithm in GIMP core. Thus it became my first assignment.

  • Latte and a Colors tale...

    A few months ago while I was scratching Latte Dock limits an idea came and haunted my thoughts. How Latte could give the colors freedom for panels and windows that an Android phone already provides? Questions like this arose and solutions appeared suddenly in many different places, but an important and concrete dream prevail in the end.

Syndicate content

More in Tux Machines

Games: Surviving Mars and OpenMW

Kernel and Security: BPF, Mesa, Embedded World, Kernel Address Sanitizer and More

  • Concurrency management in BPF
    In the beginning, programs run on the in-kernel BPF virtual machine had no persistent internal state and no data that was shared with any other part of the system. The arrival of eBPF and, in particular, its maps functionality, has changed that situation, though, since a map can be shared between two or more BPF programs as well as with processes running in user space. That sharing naturally leads to concurrency problems, so the BPF developers have found themselves needing to add primitives to manage concurrency (the "exchange and add" or XADD instruction, for example). The next step is the addition of a spinlock mechanism to protect data structures, which has also led to some wider discussions on what the BPF memory model should look like. A BPF map can be thought of as a sort of array or hash-table data structure. The actual data stored in a map can be of an arbitrary type, including structures. If a complex structure is read from a map while it is being modified, the result may be internally inconsistent, with surprising (and probably unwelcome) results. In an attempt to prevent such problems, Alexei Starovoitov introduced BPF spinlocks in mid-January; after a number of quick review cycles, version 7 of the patch set was applied on February 1. If all goes well, this feature will be included in the 5.1 kernel.
  • Intel Ready To Add Their Experimental "Iris" Gallium3D Driver To Mesa
    For just over the past year Intel open-source driver developers have been developing a new Gallium3D-based OpenGL driver for Linux systems as the eventual replacement to their long-standing "i965 classic" Mesa driver. The Intel developers are now confident enough in the state of this new driver dubbed Iris that they are looking to merge the driver into mainline Mesa proper.  The Iris Gallium3D driver has now matured enough that Kenneth Graunke, the Intel OTC developer who originally started Iris in late 2017, is looking to merge the driver into the mainline code-base of Mesa. The driver isn't yet complete but it's already in good enough shape that he's looking for it to be merged albeit marked experimental.
  • Hallo Nürnberg!
    Collabora is headed to Nuremberg, Germany next week to take part in the 2019 edition of Embedded World, "the leading international fair for embedded systems". Following a successful first attendance in 2018, we are very much looking forward to our second visit! If you are planning on attending, please come say hello in Hall 4, booth 4-280! This year, we will be showcasing a state-of-the-art infrastructure for end-to-end, embedded software production. From the birth of a software platform, to reproducible continuous builds, to automated testing on hardware, get a firsthand look at our platform building expertise and see how we use continuous integration to increase productivity and quality control in embedded Linux.
  • KASAN Spots Another Kernel Vulnerability From Early Linux 2.6 Through 4.20
    The Kernel Address Sanitizer (KASAN) that detects dynamic memory errors within the Linux kernel code has just picked up another win with uncovering a use-after-free vulnerability that's been around since the early Linux 2.6 kernels. KASAN (along with the other sanitizers) have already proven quite valuable in spotting various coding mistakes hopefully before they are exploited in the real-world. The Kernel Address Sanitizer picked up another feather in its hat with being responsible for the CVE-2019-8912 discovery.
  • io_uring, SCM_RIGHTS, and reference-count cycles
    The io_uring mechanism that was described here in January has been through a number of revisions since then; those changes have generally been fixing implementation issues rather than changing the user-space API. In particular, this patch set seems to have received more than the usual amount of security-related review, which can only be a good thing. Security concerns became a bit of an obstacle for io_uring, though, when virtual filesystem (VFS) maintainer Al Viro threatened to veto the merging of the whole thing. It turns out that there were some reference-counting issues that required his unique experience to straighten out. The VFS layer is a complicated beast; it must manage the complexities of the filesystem namespace in a way that provides the highest possible performance while maintaining security and correctness. Achieving that requires making use of almost all of the locking and concurrency-management mechanisms that the kernel offers, plus a couple more implemented internally. It is fair to say that the number of kernel developers who thoroughly understand how it works is extremely small; indeed, sometimes it seems like Viro is the only one with the full picture. In keeping with time-honored kernel tradition, little of this complexity is documented, so when Viro gets a moment to write down how some of it works, it's worth paying attention. In a long "brain dump", Viro described how file reference counts are managed, how reference-count cycles can come about, and what the kernel does to break them. For those with the time to beat their brains against it for a while, Viro's explanation (along with a few corrections) is well worth reading. For the rest of us, a lighter version follows.

Blacklisting insecure filesystems in openSUSE

The Linux kernel supports a wide variety of filesystem types, many of which have not seen significant use — or maintenance — in many years. Developers in the openSUSE project have concluded that many of these filesystem types are, at this point, more useful to attackers than to openSUSE users and are proposing to blacklist many of them by default. Such changes can be controversial, but it's probably still fair to say that few people expected the massive discussion that resulted, covering everything from the number of OS/2 users to how openSUSE fits into the distribution marketplace. On January 30, Martin Wilck started the discussion with a proposal to add a blacklist preventing the automatic loading of a set of kernel modules implementing (mostly) old filesystems. These include filesystems like JFS, Minix, cramfs, AFFS, and F2FS. For most of these, the logic is that the filesystems are essentially unused and the modules implementing them have seen little maintenance in recent decades. But those modules can still be automatically loaded if a user inserts a removable drive containing one of those filesystem types. There are a number of fuzz-testing efforts underway in the kernel community, but it seems relatively unlikely that any of them are targeting, say, FreeVxFS filesystem images. So it is not unreasonable to suspect that there just might be exploitable bugs in those modules. Preventing modules for ancient, unmaintained filesystems from automatically loading may thus protect some users against flash-drive attacks. If there were to be a fight over a proposal like this, one would ordinarily expect it to be concerned with the specific list of unwelcome modules. But there was relatively little of that. One possible exception is F2FS, the presence of which raised some eyebrows since it is under active development, having received 44 changes in the 5.0 development cycle, for example. Interestingly, it turns out that openSUSE stopped shipping F2FS in September. While the filesystem is being actively developed, it seems that, with rare exceptions, nobody is actively backporting fixes, and the filesystem also lacks a mechanism to prevent an old F2FS implementation from being confused by a filesystem created by a newer version. Rather than deal with these issues, openSUSE decided to just drop the filesystem altogether. As it happens, the blacklist proposal looks likely to allow F2FS to return to the distribution since it can be blacklisted by default. Read more

gitgeist: a git-based social network proof of concept

Are you tired of not owning the data or the platform you use for social postings? I know I am. It's hard to say when I "first" used a social network. I've been on email for about 30 years and one of the early ad-hoc forms of social networks were chain emails. Over the years I was asked to join all sorts of "social" things such as IRC, ICQ, Skype, MSN Messenger, etc. and eventually things like Orkut, MySpace, Facebook, etc. I'll readily admit that I'm not the type of person that happily jumps onto every new social bandwagon that appears on the Internet. I often prefer preserving the quietness of my own thoughts. That, though, hasn't stopped me from finding some meaningfulness participating in Twitter, Facebook, LinkedIn and more recently Google+. Twitter was in fact the first social network that I truly embraced. And it would've remained my primary social network had they not killed their own community by culling the swell of independently-developed Twitter clients that existed. That and their increased control of their API effectively made me look for something else. Right around that time Google+ was being introduced and many in the open source community started participating in that, in some ways to find a fresh place where techies can aggregate away from the noise and sometimes over-the-top nature of Facebook. Eventually I took to that too and started using G+ as my primary social network. That is, until Google recently decided to pull the plug on G+. While Google+ might not have represented a success for Google, it had become a good place for sharing information among the technically-inclined. As such, I found it quite useful for learning and hearing about new things in my field. Soon-to-be-former users of G+ have gone in all sorts of directions. Some have adopted a "c'mon guys, get over it, Facebook is the spot" attitude, others have adopted things like Mastodon, others have fallen back to their existing IDs on Twitter, and yet others, like me, are still looking. Read more