Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 15 Oct 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Typesort icon Title Author Replies Last Post
Blog entry Linux Libraries Texstar 01/06/2011 - 8:27pm
Blog entry first ticket srlinuxx 4 29/05/2011 - 7:38am
Blog entry Angry Birds for Chrome Browser Texstar 2 14/05/2011 - 2:35pm
Blog entry What next? harshasrisri 1 11/05/2011 - 5:34pm
Blog entry CentOS 6.0 finid 11/07/2011 - 10:41am
Blog entry sorry downtime srlinuxx 21/12/2010 - 8:10am
Blog entry PCLinuxOS 2010.12 BitTorrent Links available Texstar 21/12/2010 - 8:07am
Blog entry Maintenance Release - pclinuxos lxde 2010.10 Texstar 05/11/2010 - 11:35pm
Blog entry Maintenance Release - pclinuxos phoenix xfce 2010.10 Texstar 05/11/2010 - 11:32pm
Blog entry Maintenance Release - pclinuxos zen mini 2010.10 Texstar 05/11/2010 - 11:29pm

FOSS Project Spotlight: Tutanota, the First Encrypted Email Service with an App on F-Droid

Filed under
GNU

Seven years ago, we started building Tutanota, an encrypted email service with a strong focus on security, privacy and open source. Long before the Snowden revelations, we felt there was a need for easy-to-use encryption that would allow everyone to communicate online without being snooped upon.

As developers, we know how easy it is to spy on email that travels through the web. Email, with its federated setup is great, and that's why it has become the main form of online communication and still is. However, from a security perspective, the federated setup is troublesome—to say the least.

End-to-end encrypted email is difficult to handle on desktops (with key generation, key sharing, secure storing of keys and so on), and it's close to impossible on mobile devices. For the average, not so tech-savvy internet user, there are a lot of pitfalls, and the probability of doing something wrong is, unfortunately, rather high.

Read more

Kernel: LWN Coverage (No Longer Paywalled) and Initial HDMI 2.0 Support With Nouveau Slated For The Next Linux Kernel

Filed under
Linux
  • Revenge of the modems

    Back in the halcyon days of the previous century, those with a technical inclination often became overly acquainted with modems—not just the strange sounds they made when connecting, but the AT commands that were used to control them. While the AT command set is still in use (notably for GSM networks), it is generally hidden these days. But some security researchers have found that Android phones often make AT commands available via their USB ports, which is something that can potentially be exploited by rogue USB devices of various sorts.

    A paper [PDF] that was written by a long list of researchers (Dave (Jing) Tian, Grant Hernandez, Joseph I. Choi, Vanessa Frost, Christie Ruales, Patrick Traynor, Hayawardh Vijayakumar, Lee Harrison, Amir Rahmati, Michael Grace, and Kevin R. B. Butler) and presented at the 27th USENIX Security Symposium described the findings. A rather large number of Android firmware builds were scanned for the presence of AT commands and many were found to have them. That's not entirely surprising since the baseband processors used to communicate with the mobile network often use AT commands for configuration. But it turns out that Android vendors have also added their own custom AT commands that can have a variety of potentially harmful effects—making those available over USB is even more problematic.

    They started by searching through 2018 separate Android binary images (it is not clear how that number came about, perhaps it is simply coincidental) from 11 different vendors. They extracted and decompressed the various pieces inside the images and then searched those files for AT command strings. That process led to a database of 3500 AT commands, which can be seen at the web site for ATtention Spanned—the name given to the vulnerabilities.

  • XFS, LSM, and low-level management APIs

    The Linux Security Module (LSM) subsystem allows security modules to hook into many low-level operations within the kernel; modules can use those hooks to examine each requested operation and decide whether it should be allowed to proceed or not. In theory, just about every low-level operation is covered by an LSM hook; in practice, there are some gaps. A discussion regarding one of those gaps — low-level ioctl() operations on XFS filesystems — has revealed a thorny problem and a significant difference of opinion on what the correct solution is.

    In late September Tong Zhang pointed out that xfs_file_ioctl(), the 300-line function that dispatches the various ioctl() operations that can be performed on an XFS filesystem, was making a call to vfs_readlink() without first consulting the security_inode_readlink() LSM hook. As a result, a user with the privilege to invoke that operation (CAP_SYS_ADMIN) could read the value of a symbolic link within the filesystem, even if the security policy in place would otherwise forbid it. Zhang suggested that a call to the LSM hook should be added to address this problem.

  • Initial HDMI 2.0 Support With Nouveau Slated For The Next Linux Kernel

    Days after Nouveau DRM maintainer Ben Skeggs began staging changes for this open-source NVIDIA driver ahead of the next kernel cycle, this evening Ben Skeggs submitted the DRM-Next pull request to queue this work for the Linux 4.20/5.0 kernel cycle.

    As covered in that previous article, there isn't a whole lot on the Nouveau kernel driver front at this time. Skeggs summed up these open-source NVIDIA driver changes as: "Just initial HDMI 2.0 support, and a bunch of other cleanups."

  • Device-to-device memory-transfer offload with P2PDMA

    One of the most common tasks carried out by device drivers is setting up DMA operations for data transfers between main memory and the device. Often, data read into memory from one device will be immediately written, unchanged, to another device. Common examples include carrying the image between the camera and screen on a mobile phone, or downloading files to be saved on a disk. Those transfers have an impact on the CPU even if it does not use the data directly, due to higher memory use and effects like cache trashing. There are cases where it is possible to avoid usage of the system memory completely, though. A patch set (posted by Logan Gunthorpe with contributions by Christoph Hellwig and Steve Wise) has been in the works for some time that addresses this case for PCI devices using peer-to-peer (P2P) transfers, with a focus on offering an offload option for the NVMe fabrics target subsystem.

Graphics: Proton/RADV, AMD, NVIDIA/Vulkan and X.Org Developers Conference (XDC)

Filed under
Graphics/Benchmarks
  • Proton 3.7 Updated, More RADV Fixes To Help Steam Play Gaming

    Overnight Valve promoted their Proton 3.7-7 build with better alt-tab handling and full-screen behavior for many games. There is also fixed mouse behavior and DXVK 0.80 is now used for the Direct3D-11-over-Vulkan translation to yield better Steam Play gaming performance.

    Steam Play 3.7-8 is also now available in beta with minor compatibility fixes, which Valve says is in preparation for future Proton versions.

  • AMD Stages A Number Of Fixes Ahead Of Linux 4.20~5.0 - Plus Vega 20 "MGPU Fan Boost"

    Following several interesting and exciting feature pull requests for the next Linux kernel (to be released as either version 4.20 or 5.0), AMD developers have moved onto stabilizing this massive amount of new feature code.

    The first "fixes" pull request was submitted today to DRM-Next focusing on stabilizing and fixing issues stemming from all this new code. As a reminder, that feature code ranges from AMD Picasso APU support along with Raven 2, a lot of Vega 20 enablement code including compute support, initial xGMI support, VCN dynamic power gating, DC display code enhancements, VCN JPEG engine support, Raven Ridge GFXOFF support, GPUVM virtual memory performance improvements, and a variety of other interesting work.

  • NVIDIA's Guide For Getting Started With RTX Ray-Tracing In Vulkan

    Last month's Vulkan 1.1.85 release brought NVIDIA's experimental ray-tracing extension (VK_NVX_raytracing) while for those curious how this fits into the Vulkan workflow, NVIDIA today published a guide for getting started with ray-time ray-tracing in the Vulkan space.

  • Freedesktop.org: its past and its future

    At the 2018 X.Org Developers Conference (XDC) in A Coruña, Spain, Daniel Stone gave an update on the status of freedesktop.org, which serves multiple projects as a hosting site for code, mailing lists, specifications, and more. As its name would imply, it started out with a focus on free desktops and cross-desktop interoperability, but it lost that focus—along with its focus in general—along the way. He recapped the journey of fd.o (as it is often known) and unveiled some idea of where it may be headed in the future.

    The talk was billed with Keith Packard as co-presenter, but Packard could not make it to XDC; Stone said that he sent Packard a copy of the slides and heard no complaints, so he left Packard on the slide deck [PDF]. Stone wanted to start with the history of fd.o, because there are lots of new contributors these days—"which is great"—who may not know about it.

Exploring the Linux kernel: The secrets of Kconfig/kbuild

Filed under
Linux

The Linux kernel config/build system, also known as Kconfig/kbuild, has been around for a long time, ever since the Linux kernel code migrated to Git. As supporting infrastructure, however, it is seldom in the spotlight; even kernel developers who use it in their daily work never really think about it.

To explore how the Linux kernel is compiled, this article will dive into the Kconfig/kbuild internal process, explain how the .config file and the vmlinux/bzImage files are produced, and introduce a smart trick for dependency tracking.

Read more

Qt Creator 4.8 Beta released

Filed under
KDE

In Qt Creator 4.8 we’ll introduce experimental support for the language server protocol. For many programming languages there is a “language server” available, which provides IDEs with a whole lot of information about the code, as long as they support communicating via the protocol.

This means that by providing a client for the language server protocol, Qt Creator gets (some) support for many programming languages “for free”. Currently Qt Creator supports code completion, highlighting of the symbol under cursor, and jumping to the symbol definition, as well as integrates diagnostics from the language server. Highlighting and indentation are still provided by our generic highlighter, since they are not provided via the language server protocol.

Read more

Also: Qt Creator 4.8 Rolls Into Beta With C++ Improvements, Language Server Protocol Support

After 16 Years of Development, The First Beta of Haiku is Finally Here

Filed under
OS

Haiku’s history begins with the now defunct Be Inc. Be Inc was founded by former Apple executive Jean-Louis Gassée after he was ousted by CEO John Sculley. Gassée wanted to create a new operating system from the ground up. BeOS was created with digital media work in mind and was designed to take advantage of the most modern hardware of the time. Originally, Be Inc attempted to create their own platform encompassing both hardware and software. The result was called the BeBox. After BeBox failed to sell well, Be turned their attention to BeOS.

In the 1990s, Apple was looking for a new operating system to replace the aging Classic Mac OS. The two contenders were Gassée’s BeOS and Steve Jobs’ NeXTSTEP. In the end, Apple went with NeXTSTEP. Be tried to license BeOS to hardware makers, but in at least one case Microsoft threatened to revoke a manufacturer’s Windows license if they sold BeOS machines. Eventually, Be Inc was sold to Palm in 2001 for $11 million. BeOS was subsequently discontinued.

Read more

Open Invention Network is a Proponent of Software Patents -- Just Like Microsoft -- and Microsoft Keeps Patents It Uses to Blackmail Linux Vendors

Filed under
Linux
Microsoft
Legal

OIN loves Microsoft; OIN loves software patents as well. So Microsoft’s membership in OIN is hardly a surprise and it’s not solving the main issue either, as Microsoft can indirectly sue and “Microsoft has not included any patents they might hold on exfat into the patent non-aggression pact,” according to Bradley M. Kuhn

Read more

Control Flow Integrity in the Android kernel

Filed under
Android

Android's security model is enforced by the Linux kernel, which makes it a tempting target for attackers. We have put a lot of effort into hardening the kernel in previous Android releases and in Android 9, we continued this work by focusing on compiler-based security mitigations against code reuse attacks.

Google's Pixel 3 will be the first Android device to ship with LLVM's forward-edge Control Flow Integrity (CFI) enforcement in the kernel, and we have made CFI support available in Android kernel versions 4.9 and 4.14. This post describes how kernel CFI works and provides solutions to the most common issues developers might run into when enabling the feature.

Read more

today's leftovers

Filed under
Misc
  • Add It Up: FaaS ≠ Serverless

    Using FaaS for isolated use cases or playing with it test environments does not require an organization to rethink the way it writes code or manages infrastructure. But, without re-factoring an application, FaaS can easily increase computing costs when scaled for production use. With many other challenges arising when FaaS moves into production, it is not surprising that almost all organizations with broad deployments are using unique architectures for serverless applications.

  • Cleaning up the Cruft in KDE’s Bugzilla

    We know this is a problem, and some steps have been taken recently to attempt to reduce this. Not long ago, Nate Graham proposed a cleanup of our plasma4 product, which closed 4,000+ bugs. Most of the bugs there were very old and no longer relevant, due to the introduction of Plasma 5 four years ago. While that was a good step in the right direction, we have many, many more products.

  • Usability testing with Outreachy

    I've volunteered with Allan and Jakub to mentor more GNOME usability testing in the next cycle of Outreachy, from December 4, 2018 to March 4, 2019. Outreachy expressly invites applicants from around the world who are women (both cis and trans), trans men, and genderqueer people.

    Interns will work with the GNOME team and mentor(s) to do usability testing on GNOME. The goal is to perform several cycles of usability testing on prototypes of new designs, and provide usability testing results and feedback to the GNOME team so a new iterative design can be updated based on those results. We would like to use a "test what you've got" approach where we set up a testing schedule, and the intern tests whatever prototype or model is ready at that time. So if "test day" is Thursday, we could nail down what to test by Monday, and have the intern post results on Friday or the weekend.

  • The ASUS ROG Phone Wants To Be Your Game Console And PC, Too

    This massively powerful Android phone was announced way back in June, but it’s going up for pre-order in the US on October 18th. The $900 price tag sounds ridiculous, or at least it would have a couple of years ago, before Apple, Google, and Samsung decided that the ceiling on phone prices was more like a stratosphere. If you’re wondering, “ROG” stands for “Republic of Gamers,” ASUS’ dedicated gaming sub-brand a la Dell’s Alienware.

  • The Next Essential Phone Will Be AI Powered, Smart Enough To Email, Book Appointments And Text

OSS Leftovers

Filed under
OSS
  • POA Network launches BlockScout, an open-source Ethereum block explorer

    POA Network, the Ethereum-based platform offering an open-source framework for smart contracts, has unveiled BlockScout, a full-featured block explorer tool for the Ethereum ecosystem. BlockScout is an easy-to-use and secure tool that lets users search and explore transactions, addresses, and balances on the Ethereum, Ethereum Classic, and POA Network blockchains.

  • BlockScout is a New Ethereum Blockchain Explorer Tool by POA Network

    The Ethereum based platform, the POA Network that is offering an open-source platform for smart contracts has established a block explorer that is fully futured called BlockScout for the Ethereum ecosystem. BlockScout is a secure tool that is easy to use allowing users to explore and search transaction, balances and addresses on the Ethereum, POA Network and Ethereum Classic blockchains.

  • POA Network launches open-source Ethereum block explorer tool

    POA Network, the Ethereum-based platform offering an open-source framework for smart contracts, has just announced that it has unveiled BlockScout, the first full featured open-source block explorer tool for the Ethereum ecosystem. BlockScout is a secure tool that lets users search and explore transactions, addresses, and balances on the Ethereum, Ethereum Classic, and POA Network blockchains.

  • BlockScout: The first full-featured open-source Ethereum blockchain explorer
  • Ethereum Based POA Network Launches Open-Source Block Explorer for ETH, ETC and POA

    The team at the POA Network have unveiled the first full featured open-source block explorer tool for the Ethereum ecosystem. This new block explorer is called BlockScout. It is an easy-to-use  and secure tool that allows users to search and explore transactions, addresses, and balances on the three blockchains of Ethereum (ETH), Ethereum Classic (ETC) and POA Network.

  • Asterisk 16.0.0 Now Available
  • Asterisk 16.0 VoIP / PSTN PBX Open-Source Software Released

    Version 16.0 of the long-standing, open-source Asterisk VoIP/PSTN telephony software is now available for voice communication deployments.

    Asterisk 16.0 brings improved media playback via reading the file type from the HTTP header, support for systemd socket activation, and fixes ten security issues ranging from Asterisk crashes to possible DoS vulnerabilities and stack corruption.

  • Sangoma Reaffirms Open Source Communications Commitment and Leadership at AstriCon

    Sangoma Technologies Corporation (TSX VENTURE: STC), a trusted leader in value-based Unified Communications (UC) and UC as a Service (UCaaS) solutions and the world's largest provider of open source communications solutions, today at the annual AstriCon users and developers conference, announced Asterisk 16 and FreePBX 15, the next major releases of the world's two most popular open source communications projects.

  • 5 Tips for Deploying Open-Source Software

    While the democratic ideals and distributed development model of open source are appealing to developers, some elements of that model are less attractive in production systems. The biggest drawback is that community control means distributed responsibility. Implementing pure open source can create problems and burdens that are less likely with systems have professional sales and service organizations behind them.

    In short, with an open-source system, there is no throat to choke and IT professionals can be left with only community support when something goes awry.

    That doesn’t mean that implementing open-source software is a bad idea. Doing so just requires taking a different approach to planning than you would with a proprietary software roll out. To help alleviate some of the problems, here are five things to remember when implementing open-source software.

  • Industry Voices—Doyle: The promise of open source and the current state of telecom adoption

    The adoption of open source software for NFV deployments by CSPs has largely failed to live up to industry expectations. 

    Open source software has been installed in communication service providers' IT departments, some tactical parts of the network and is being widely tested in the labs of the leading CSPs. Despite the hype around “cloud-native” advancements, open source is unlikely to “bend the cost curve” of deploying new network elements – at least not in the next several years.

  •  

  • I have resigned as the WordPress accessibility team lead. Here is why.

    After several years of working on WordPress and accessibility and being part of the accessibility team, I have taken the very difficult decision to leave the WordPress accessibility team. I owe it to the team to explain why I have made this decision and how I hope things can improve for the future.

Security: WhatsApp, Flatpak and DNS

Filed under
Security
  • Hackers Can Take Control Of Your WhatsApp Just With A Video Call: Update Now

    Natalie Silvanovich, a Google Project Zero security researcher, has uncovered a critical security flaw in WhatsApp. The flaw could allow a notorious actor to make a video call and take complete control of your messaging application.

  • Just Answering A Video Call Could Compromise Your WhatsApp Account
  • New Website Claims Flatpak is a “Security Nightmare”

    A newly launched website is warning users about Flatpak, branding the tech a “security nightmare”.

    The ‘Flatkills.org’ web page takes aim at a number of security claims routinely associated with the fledgling Flatpak app packaging and distribution format.

  • DNS Security Still an Issue

    DNS security is a decades-old issue that shows no signs of being fully resolved. Here's a quick overview of some of the problems with proposed solutions and the best way to move forward.

    ...After many years of availability, DNSSEC has yet to attain significant adoption, even though any security expert you might ask recognizes its value. As with any public key infrastructure, DNSSEC is complicated. You must follow a lot of rules carefully, although some network services providers are trying to make things easier.

    But DNSSEC does not encrypt the communications between the DNS client and server. Using the information in your DNS requests, an attacker between you and your DNS server could determine which sites you are attempting to communicate with just by reading packets on the network.

    So despite best efforts of various Internet groups, DNS remains insecure. Too many roadblocks exist that prevent the Internet-wide adoption of a DNS security solution. But it is time to revisit the concerns.

GPUs and Graphics: Nvidia, X.Org Developers' Conference, vRt and ROCm

Filed under
Graphics/Benchmarks
Hardware

Kernel: Threading, Streebog, USB 3.0, "Thermal Pressure" and More

Filed under
Linux
  • A Look At Linux Application Scaling Up To 128 Threads

    Arriving last week in our Linux benchmarking lab was a dual EPYC server -- this Dell PowerEdge R7425 is a beast of a system with two AMD EPYC 7601 processors yielding a combined 64 cores / 128 threads, 512GB of RAM (16 x 32GB DDR4), and 20 x 500GB Samsung 860 EVO SSDs. There will be many interesting benchmarks from this server in the days and weeks ahead. For some initial measurements during the first few days of stress testing this 2U rack server, here is a look at how well various benchmarks/applications are scaling from two to 128 threads.

  • Linux Kernel Patches Posted For Streebog - Crypto From Russia's FSB

    Just months after the controversial Speck crypto code was added to the Linux kernel that raised various concerns due to its development by the NSA and potential backdoors, which was then removed from the kernel tree, there is now Russia's Streebog that could be mainlined.

    The Streebog cryptographic hash was developed by Russia's controversial FSB federal security service and other Russian organizations. Streebog is a Russian national standard and a replacement to their GOST hash function. Streebog doesn't have as much controversy as NSA's Speck, but then again it's not as well known but there is are some hypothetical attacks and some papers have questioned some elements of the design. Streebog is considered to be a competitor to the SHA-3 standard from the NIST.

  • The Linux Kernel In 2018 Finally Deems USB 3.0 Ubiquitous Rather Than An Oddity

    The latest news in the "it's about darn time" section is the Linux kernel's default i386/x86_64 kernel configurations will finally ship with USB 3.0 support enabled, a.k.a. CONFIG_USB_XHCI_HCD.

    For many years now pretty much all Linux distribution vendor kernels have been shipping with CONFIG_USB_XHCI_HCD enabled either built-in or as a module... But built-in is pretty much the best to avoid potential issues at start-up time. As of this week, CONFIG_USB_XHCI_HCD=y is finally set for the default configurations on the x86/x86_64-based kernel builds should you be spinning up a defconfig kernel.

  • "Thermal Pressure" Kernel Feature Would Help Linux Performance When Running Hot

    Linaro engineer Thara Gopinath sent out an experimental set of kernel patches today that introduces the concept of "thermal pressure" to the Linux kernel for helping assist Linux performance when the processor cores are running hot.

    While the Linux CPU frequency scaling code already deals with the event of CPU core(s) overheating as to downclock/limit the frequency, the kernel's scheduler isn't currently aware of the CPU capacity restrictions put in place due to that thermal event.

  • Containers are Linux

    Linux is the core of today’s operating system open source software development, and containers are a core feature of Linux. Linux containers and the Kubernetes community supporting them enable agencies to quickly stand up, distribute and scale applications in the hybrid clouds supporting the IT architecture of today’s digitally transformed government.

    But agencies need more than the speed and flexibility of containers and the power of Kubernetes to take full advantage of today’s hybrid cloud environment. They need open source enterprise software with full lifecycle support and a full complement of hardware certifications to ensure portability across platforms.

Programs and Programming: DICOM Viwers, Turtl, Weblate, Rust and Python

Filed under
Development
Software
  • Excellent Free DICOM Viewers – Medical Imaging Software

    DICOM (an acronym for Digital Imaging and Communications in Medicine) is a worldwide standard in Health IT and is provided by the National Electrical Manufacturers Assocation (NEMA). It’s the standard open image format used to handle, store, print and transmit information in medical imaging. This standard specifies the way medical images and metadata like study or patient related data are stored and communicated over different digital medias.

    DICOM is a binary protocol and data format. The binary protocol specifies a set of networking protocols, the syntax and specification of commands that can be exchanged with these protocols, and a set of media storage services. It’s an entire specification of the elements required to achieve a practical level of automatic interoperability between biomedical imaging computer systems—from application layer to bit-stream encoding.

    DICOM files can be exchanged between two entities that are capable of receiving image and patient data in DICOM format.

  • Encrypted Evernote Alternative Turtl v0.7 Includes Rewritten Server, New Spaces Feature

    Turtl was updated to version 0.7 yesterday, the new release shipping with a rewritten server, among other changes. I'll cover the new version in the second part of this article, after an introduction to Turtl.

    Turtl is a "secure, encrypted Evernote alternative". The free and open source tool, which is considered beta software, can be used to take notes, save bookmarks, store documents and images, and anything else you may need, in a safe place.

    There are Turtl applications available for Linux, Windows, macOS and Android, while an iOS application should also be available in the future. Chrome and Firefox extensions are available to easily bookmark the page you're on, great for quickly saving sites for later.

    The Turtl developers offer the service (hosted server) for free, but a premium service is planned for the future. However, the Turtl server is free and open source software, so you can install and use your own instance.

  • Weblate 3.2.1

    Weblate 3.2.1 has been released today. It's a bugfix release for 3.2 fixing several minor issues which appeared in the release.

  • This Week in Rust 255
  • Code Quality & Formatting for Python

    black, the uncompromising Python code formatter, has arrived in Debian unstable and testing.

    black is being adopted by the LAVA Software Community Project in a gradual way and the new CI will be checking that files which have been formatted by black stay formatted by black in merge requests.

    There are endless ways to format Python code and pycodestyle and pylint are often too noisy to use without long lists of ignored errors and warnings.

GCC: Optimizing Linux, the Internet, and Everything

Filed under
Development
GNU

Software is useless if computers can't run it. Even the most talented developer is at the mercy of the compiler when it comes to run-time performance - if you don’t have a reliable compiler toolchain you can’t build anything serious. The GNU Compiler Collection (GCC) provides a robust, mature and high performance partner to help you get the most out of your software. With decades of development by thousands of people GCC is one of the most respected compilers in the world. If you are building applications and not using GCC, you are missing out on the best possible solution.

GCC is the “de facto-standard open source compiler today” [1] according to LLVM.org and the foundation used to build complete systems - from the kernel upwards. GCC supports over 60 hardware platforms, including ARM, Intel, AMD, IBM POWER, SPARC, HP PA-RISC, and IBM Z, as well as a variety of operating environments, including GNU, Linux, Windows, macOS, FreeBSD, NetBSD, OpenBSD, DragonFly BSD, Solaris, AIX, HP-UX, and RTEMS. It offers highly compliant C/C++ compilers and support for popular C libraries, such as GNU C Library (glibc), Newlib, musl, and the C libraries included with various BSD operating systems, as well as front-ends for Fortran, Ada, and GO languages. GCC also functions as a cross compiler, creating executable code for a platform other than the one on which the compiler is running. GCC is the core component of the tightly integrated GNU toolchain, produced by the GNU Project, that includes glibc, Binutils, and the GNU Debugger (GDB).

Read more

Also: AMDGPU Developer Proposes Array Register Files For LLVM - Would Help Performance

Mozilla: TLS Certificate Distrust, Bugzilla Automatic Bug Triaging Challenge, Firefox Nightly and More

Filed under
Moz/FF
  • Delaying Further Symantec TLS Certificate Distrust

    Due to a long list of documented issues, Mozilla previously announced our intent to distrust TLS certificates issued by the Symantec Certification Authority, which is now a part of DigiCert. On August 13th, the next phase of distrust was enabled in Firefox Nightly. In this phase, all TLS certificates issued by Symantec (including their GeoTrust, RapidSSL, and Thawte brands) are no longer trusted by Firefox (with a few small exceptions).

    In my previous update, I pointed out that many popular sites are still using these certificates. They are apparently unaware of the planned distrust despite DigiCert’s outreach, or are waiting until the release date that was communicated in the consensus plan to finally replace their Symantec certificates. While the situation has been improving steadily, our latest data shows well over 1% of the top 1-million websites are still using a Symantec certificate that will be distrusted.

  • Taming triage: Partnering with Topcoder to harness the power of the crowd

    We are excited to announce the launch of the Bugzilla Automatic Bug Triaging Challenge, a crowdsourcing competition sponsored by Mozilla and hosted by Topcoder, the world’s largest network of software designers, developers, testers, and data scientists. The goal of the competition is to automate triaging (categorization by products and software components) of new bugs submitted to Bugzilla, Mozilla’s web-based bug tracking system. By cooperating with Topcoder, Mozilla is expanding its open innovation capabilities to include specialized crowdsourcing communities and competition mechanisms.

    Mozilla’s Open Innovation strategy is guided by the principle of being Open by Design derived from a comprehensive 2017 review of how Mozilla works with open communities. The strategy sets forth a direction of expanding the organisation’s external outreach beyond its traditional base of core contributors: open source software developers, lead users, and Mozilla volunteers. Our cooperation with Topcoder is an example of reaching out to a global community of data scientists.

  • Firefox Nightly: These Weeks in Firefox: Issue 47
  • Community Coordinator role

    The Reps program is evolving in order to be aligned with Mozilla’s changes on how we perceive communities. Part of those changes is the Mission Driven Mozillians project, where the Reps are involved.

  • Announcing a Competition for Ethics in Computer Science, with up to $3.5 Million in Prizes

    Today, computer scientists wield tremendous power. The code they write can be used by billions of people, and influence everything from what news stories we read, to what personal data companies collect, to who gets parole, insurance or housing loans

    Software can empower democracy, heighten opportunity, and connect people continents away. But when it isn’t coupled with responsibility, the results can be drastic. In recent years, we’ve watched biased algorithms and broken recommendation engines radicalize users, promote racism, and spread misinformation.

A Look At Linux Application Scaling Up To 128 Threads

Filed under
Graphics/Benchmarks

Arriving last week in our Linux benchmarking lab was a dual EPYC server -- this Dell PowerEdge R7425 is a beast of a system with two AMD EPYC 7601 processors yielding a combined 64 cores / 128 threads, 512GB of RAM (16 x 32GB DDR4), and 20 x 500GB Samsung 860 EVO SSDs. There will be many interesting benchmarks from this server in the days and weeks ahead. For some initial measurements during the first few days of stress testing this 2U rack server, here is a look at how well various benchmarks/applications are scaling from two to 128 threads.

This article with these benchmarks is mainly intended for reference purposes for those curious how well different Linux workloads scale up to 128 threads with these multi-core benchmarks available via the Phoronix Test Suite and OpenBenchmarking.org. Tests were done with 2, 4, 8, 16, 32, and 64 cores enabled and then the default configuration of 64 threads plus SMT to yield 128 threads of jaw-dropping power.

Read more

Syndicate content

More in Tux Machines

Linux 4.19-rc8

As mentioned last week, here's a -rc8 release as it seems needed. There were a lot of "little" pull requests this week, semi-normal for this late in the cycle, but a lot of them were "fix up the previous fix I just sent" which implies that people are having a few issues still. I also know of at least one "bad" bug that finally has a proposed fix, so that should hopefully get merged this week. And there are some outstanding USB fixes I know of that have not yet landed in the tree (I blame me for that...) Anyway, the full shortlog is below, lots of tiny things all over the tree. Please go and test and ensure that all works well for you. Hopefully this should be the last -rc release. Read more Also: Linux 4.19-rc8 Released With A Lot Of "Tiny Things"

Kali Linux for Vagrant: Hands-on

I recently saw the announcement for Kali Linux on Vagrant. I have been a huge fan of Kali Linux for a very long time, and I am interested in virtualization (and currently using VirtualBox in an educational environment), so this was a very interesting combination to me. I have now installed it on a few of my systems, and so far I am quite impressed with it. The logical place to start is with a brief overview of Vagrant itself. What is Vagrant? According to their web page: Vagrant is a tool for building and managing virtual machine environments in a single workflow What Vagrant actually does is provide a way of automating the building of virtualized development environments using a variety of the most popular providers, such as VirtualBox, VMware, AWS and others. It not only handles the initial setup of the virtual machine, it can also provision the virtual machine based on your specifications, so it provides a consistent environment which can be shared and distributed to others. Read more

today's leftovers

  • Vulkan Cracks 2,500 Projects On GitHub
    After cracking 2,000 projects referencing Vulkan on GitHub earlier this year, this week it passed the milestone of having more than 2,500 projects. Granted, some of these projects referencing Vulkan are still in their primitive stages, but of the 2,500+ projects are a lot of interesting Vulkan-using projects from RenderDoc to countless game engine initiatives, various code samples, the AMDVLK driver stack, and countless innovative efforts like GLOVE for OpenGL over Vulkan to Kazan for a Rust-written CPU-based Vulkan implementation and a heck of a lot more.
  • GNOME's Geoclue 2.5 Brings Vala Support, WiFi Geolocation For City-Level Accuracy
    GNOME's Geoclue library that provides a D-Bus service for location information based on GPS receivers, 3G modems, GeoIP, or even WiFi-based geolocation has been baking a lot of changes.
  • Geoclue 2.5.0
    Here is the first release in the 2.5 series.
  •  
  • Wine-Staging 3.18 Released With Some New Patches While Other Code Got Upstreamed
    It has been a very exciting weekend for Linux gamers relying upon Wine for running Windows titles under Linux... There was the routine bi-weekly Wine 3.18 development release on Friday but yesterday brought transform feedback to Vulkan and in turn Stream Output to DXVK to fix up a number of D3D11 games. Today is now the Wine-Staging 3.18 release. Wine-Staging 3.18 doesn't incorporate any changes around the Vulkan code (there is a Wine patch needed by DXVK for this new functionality), but does include a lot of other stuff. Wine-Staging 3.18 implements more functions in the user32 code, including cascade windows, GetPointerType, and others. On the Direct3D front are a few additions to WineD3D, including the ability for the Direct3D 10 support to work with the legacy NVIDIA Linux driver. There is also a kernel fix for allowing Steam log-ins to work again with Wine Staging.

today's howtos