Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 22 Oct 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story EU-Fossa project submits results of code audits Rianne Schestowitz 21/10/2016 - 6:27pm
Story today's leftovers Roy Schestowitz 21/10/2016 - 3:44pm
Story today's howtos Roy Schestowitz 21/10/2016 - 3:39pm
Story Red Hat News Roy Schestowitz 21/10/2016 - 3:38pm
Story Leftovers: OSS and Sharing Roy Schestowitz 21/10/2016 - 3:34pm
Story And More Security Leftovers Roy Schestowitz 21/10/2016 - 3:32pm
Story Blockchain and FOSS Roy Schestowitz 21/10/2016 - 2:07pm
Story Ubuntu Leftovers Roy Schestowitz 21/10/2016 - 11:31am
Story More Security News (and FUD) Roy Schestowitz 21/10/2016 - 11:28am
Story Leftovers: Software Roy Schestowitz 21/10/2016 - 10:57am

KDE Leftovers

Filed under
  • Choose Your Own Experience in Plasma 5.8 and beyond

    One of the key points of Plasma is while giving a simple default desktop experience, not limiting the user to that single, pre-packed one size fits all UI.

  • KDevelop 5.0.2 released for Windows and Linux

    Four weeks after the release of KDevelop 5.0.1, we are happy to announce the availability of KDevelop 5.0.2, a second stabilization release in the 5.0 series. We highly recommend to update to version 5.0.2 if you are currently using version 5.0.1 or 5.0.0.

  • Wayland improvements since Plasma 5.8 release

    Two weeks have passed since the Plasma 5.8 release and our Wayland efforts have seen quite some improvements. Some changes went into Plasma 5.8 as bug fixes, some changes are only available in master for the next release. With this blog post I want to highlight what we have improved since Plasma 5.8.

  • Wayland For KDE Plasma 5.9 Should Shape Up Quite Nicely

    Plasma 5.8 was only released at the beginning of October but already there has been a number of Wayland improvements queuing up for the next milestone, Plasma 5.9.

    KWin maintainer Martin Gräßlin wrote a blog post yesterday about some of the early Wayland changes coming for Plasma 5.9. Some of this early work for the next KDE Plasma 5 release includes resize-only borders, global shortcut handling, support for keyboard LEDs via libinput, relative pointer support, the color scheme syncing to the window decoration, window icon improvements, multi-screen improvements, panel imporvements, and more.

  • Autumn Sale in the Krita Shop
  • .

Linux/FOSS Events

Filed under
  • FOSDEM Desktops DevRoom 2016 all for Participation

    FOSDEM is one of the largest (5,000+ hackers!) gatherings of Free Software contributors in the world and happens each February in Brussels (Belgium, Europe).

    Once again, one of the tracks will be the Desktops DevRoom (formerly known as “CrossDesktop DevRoom”), which will host Desktop-related talks.

    We are now inviting proposals for talks about Free/Libre/Open-source Software on the topics of Desktop development, Desktop applications and interoperability amongst Desktop Environments. This is a unique opportunity to show novel ideas and developments to a wide technical audience.

  • LatinoWare

    Yesterday, Wednesday 19 oct, was the first day of LatinoWare thirteen edition hosted in the city of Foz do Iguaçu in Parana state with presence of 5155 participants and temperature of 36ºC. Currently this is the biggest event of free software in Brazil.

  • Attending a FUDcon LATAM 2016

    From my experience I will share my days at FUDcon 2016 held on Puno last week. There were 3 core days, and 2 more days to visit around.

Games for GNU/Linux

Filed under

Linux Foundation and Linux

Filed under
  • Intel Turbo Boost Max 3.0 Patches Updated For Linux 4.9

    Intel has updated its currently out-of-tree Turbo Boost Max Technology 3.0 patches for compatibility against the Linux 4.9-rc1 kernel plus made other improvements to the code.

    These patches have been worked on the past few months after Intel PR initially claimed no TBM 3.0 Linux support. The patches have gone through several public revisions but sadly didn't make it for integration into the mainline Linux 4.9 kernel.

  • Linux 4.9 Is Showing A Performance Boost On More Systems

    Earlier this week I posted some benchmarks of a Core i7 6800K Broadwell-E system seeing performance boosts under Linux 4.9 and it turns out it's looking more widespread than just affecting a niche system or two. When testing a more traditional Intel Haswell desktop, Linux 4.9 Git is seeing more wins over Linux 4.8 and 4.7 kernels.

    Following that earlier 4.9 Git benchmarking I set out to do a fairly large Linux kernel comparison on a Haswell system to go back three or so years worth of kernel releases. That big kernel comparison will be finished up and posted in the days ahead, but already from this Core i7 4790K Devil's Canyon system I am seeing some performance improvements with 4.9 Git to share over 4.7.0 and 4.8.0 stock kernels...

  • Linux Foundation Welcomes JavaScript Community

    Kris Borchers, executive director of the foundation, announced the news, saying that the JavaScript Foundation aims "to support a vast array of technologies that complement projects throughout the entire JavaScript ecosystem."

    This includes both client and server side application libraries, mobile application testing frameworks, and JavaScript engines.

    All jQuery Foundation projects will also be united within the JS Foundation including jQuery, Lodash, ESLint, Esprima, Grunt, RequireJS, jQuery UI, Globalize, Sizzle, Jed, and Dojo.

OpenStack in the Headlines

Filed under
  • Mirantis and NTT Com Double Down on OpenStack

    Mirantis continues to drive forward with new partnerships focused on the OpenStack cloud computing platform. The company and NTT Communications Corporation (NTT Com) have announced that they will partner to offer fully managed Private OpenStack as a service in NTT Com Enterprise Cloud and its data center services across the globe. NTT Com, in becoming Mirantis’ first data center services partner, says it will offer Mirantis Managed OpenStack on NTT Com Enterprise Cloud’s Metal-as-a-Service.

  • Using metrics effectively in OpenStack development

    At the OpenStack summit taking place this month in Barcelona, Ildikó Váncsa will be speaking on metrics in her talk Metrics: Friends or Enemies? She will discuss OpenStack metrics and how they can be used in software development processes, both for the individual developer and manager.

    I caught up with Ildikó before her talk to learn more about how metrics in OpenStack help guide developers and companies, and how they also drive evolution of the OpenStack community itself.

Patten: How to exorcise Windows from your old computer

Filed under

You may have heard of Linux (also known as GNU/Linux), but only as something that hackers use. It has a reputation for being unwieldy and hard. That reputation is deserved … sometimes.

But anyone can learn it. And if it’s good enough for Barbie, it should be good enough for you.

The best part: It’s free, free, free.

Linux is actually a kind of operating system, just as a mammal is a kind of animal. Linux systems are all similar or identical at the core (also known as the kernel). But they come in a lot of varieties, or distros. (Fun fact: Much of the Android operating system is based on Linux.)

The hard part about Linux isn’t learning. It’s choosing.

Read more

Also: Kodi-fying an old computer

Dirty Cow, Ubuntu @ 12, Save a Penguin

Filed under

Dirty Cow is a local privilege vulnerability that can allow one to gain root access. Specifically, "race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system." Linus signed off and pushed the patch to git a few days ago and distributions are currently updating their products. This is considered a critical bug and users are encouraged to update as soon as possible because researchers have found code in the wild to exploit it. Worse still, the exploit leaves little or no trace of being compromised. So, keep an eye on your update applets or security advisories over the next few days. Since this bug has been in existence for so long, Kees Cook had to revise his critical bug lifetime average from 3.3 to 5.2 years, while the overall average for all bugs increased only slightly.

Read more

CVE-2016-5195 Patched

Filed under
  • Linux Kernels 4.8.3, 4.7.9 & 4.4.26 LTS Out to Patch "Dirty COW" Security Flaw

    Today, October 20, 2016, Linux kernel maintainer Greg Kroah-Hartman announced three new maintenance updates for the Linux 4.8, 4.7, and 4.4 LTS kernel series, patching a major security vulnerability.

    Known as "Dirty COW," the Linux kernel vulnerability documented at CVE-2016-5195 is, in fact, a nasty bug that could have allowed local users to write to any file they can read. The worst part is that the security flaw was present in various Linux kernel builds since at least the Linux 2.6.x series, which reached end of life in February this year.

  • Canonical Patches Ancient "Dirty COW" Kernel Bug in All Supported Ubuntu OSes

    As reported earlier, three new Linux kernel maintenance releases arrived for various Linux-based operating systems, patching a critical and ancient bug popularly known as "Dirty COW."

    We already told you that the kernel vulnerability could be used by a local attacker to run programs as an administrator, and it looks like it also affects all supported Ubuntu releases, including Ubuntu 16.10 (Yakkety Yak), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), as well as all of their official or unofficial derivatives running the same kernel builds.

Mad Max Now on GNU/Linux

Filed under
  • Mad Max Open World Action-Adventure Video Game Released for Linux, SteamOS & Mac

    After teasing us earlier this month, today, October 20, 2016, Feral Interactive had the great pleasure of announcing the release of the Mad Max open world action-adventure video game for the SteamOS, Linux, and Mac platforms.

    Feral Interactive is well known for bringing AAA titles to the Linux and Mac gaming world, and after porting the Tomb Raider 2013 reboot last year to our beloved platforms, which continue to get more fans by the day, now the UK-based video games publisher delights us with the superb Mad Max title developed by Avalanche Studios and published by Warner Bros.

  • Mad Max Launches For Linux

    Feral Interactive's port of Mad Max to Linux (and macOS) is now officially out and can be found on Steam.

    Feral announced their Mad Max port at the beginning of October while today it's ready to ship. As mentioned in that original article, the Linux system requirements are fairly stiff with only listing NVIDIA hardware under Linux and the minimum being a GTX 660 while the recommendation is at least a GTX 970.

  • Mad Max Appears To Work Fine With RadeonSI Gallium3D

    This morning's release of the Mad Max game for Linux lists only NVIDIA graphics as supported, but it does turn out at least for newer AMD GPUs using the RadeonSI Gallium3D driver things should work -- well, assuming you are using the latest open-source driver code.

  • Mad Max released for Linux, port report and review available

    Mad Max is the latest Linux port from Feral Interactive, probably one of the titles I have been most excited about so hopefully it lives up to the promise.

    It has only been a few weeks since Feral Interactive released Dawn of War II, Chaos Rising and Retribution on Linux, and now we have a real whopper with Mad Max.

    Something Linux lacks is a reasonable amount of high quality open-world story-based games. We started getting a few with Borderlands 2 and Shadow of Mordor, but another top quality game like this is a must for us to keep the interest up.

Red Hat and Fedora

Filed under
Red Hat
  • Red Hat – the open source conglomerate

    As successful companies grow, they accumulate products; new ones are developed and additional ones are acquired. Managing diverse portfolios is a challenge, not least when it comes to putting it all together on a single presentation slide to make it appear there is an overall coherent product strategy.

  • Ericsson Embraces Red Hat OpenStack Platform

    Ericsson and Red Hat today announced a broad alliance to work together on network functions virtualization (NFV) products. And the telco infrastructure provider will now support the Red Hat OpenStack Platform.

    Ericsson already has a longstanding distribution partnership with Red Hat that includes Red Hat Enterprise Linux and Red Hat JBoss Middleware. The existing distribution partnerships define not only commercial terms, but also joint support models, co-engineering and certification testing, and joint go-to-market collaboration.

  • Raleigh's Red Hat teams up with Ericsson

    Open-source software firm Red Hat (NYSE: RHT) has teamed up with Ericsson (Nasdaq: ERIC) on what the companies are calling a “broad alliance” aimed at transforming the information and communications technology market.

    Red Hat, headquartered at downtown Raleigh’s Red Hat Tower, announced that its new partnership with Ericsson would allow the duo to deliver fully open-source and production-ready cloud infrastructure, spanning OpenStack, software-defined networking and software-defined infrastructure.

  • FCAIC in the House

    The job is like many other roles called “Community Manager” or “Community Lead.” That means there is a focus on metrics and experiences. One role is to try ensure smooth forward movement of the project towards its goals. Another role is to serve as a source of information and motivation. Another role is as a liaison between the project and significant downstream and sponsoring organizations.

    In Fedora, this means I help the Fedora Project Leader. I try to be the yen to his yang, the zig to his zag, or the right hand to his right elbow. In all seriousness, it means that I work on a lot of the non-engineering focused areas of the Fedora Project. While Matthew has responsibility for the project as a whole I try to think about users and contributors and be mechanics of keeping the project running smoothly.

  • keepalived: Simple HA

    We have been using keepalived in Fedora Infrastructure for a while now. It’s a pretty easy to use and simple way to do some basic HA. Keepalived can keep track of which machine is “master” for a IP address and quickly fail over and back when moving that IP address around. You can also run scripts on state change. Keepalived uses VRRP and handles updating arp tables when IP addresses move around. It also supports weighting so you can prefer one or another server to “normally” have the master IP/scripts.

  • What does Factory 2.0 mean for Modularity?

    This blog now has a drop-down category called Modularity. But, many arteries of Modularity lead into a project called Factory 2.0. These two are, in fact, pretty much inseparable. In this post, we’ll talk about the 5 problems that need to be solved before Modularity can really live.

    The origins of Factory 2.0 go back a few years, when Matthew Miller started the conversation at Flock. The first suggested names were “Fedora Rings”, “Envs and Stacks”, and Alephs.

  • varnish-5.0, varnish-modules-0.9.2 and hitch-1.4.1, packages for Fedora and EPEL

    The Varnish Cache project recently released varnish-5.0, and Varnish Software released hitch-1.4.1. I have wrapped packages for Fedora and EPEL.

    varnish-5.0 has configuration changes, so the updated package has been pushed to rawhide, but will not replace the ones currently in EPEL nor in Fedora stable. Those who need varnish-5.0 for EPEL may use my COPR repos at They include the varnish-5.0 and matching varnish-modules packages, and are compatible with EPEL 5, 6, and 7.

  • Installroot in DNF-2.0

Security News

Filed under
  • Security advisories for Thursday
  • More information about Dirty COW (aka CVE-2016-5195)

    The security hole fixed in the stable kernels released today has been dubbed Dirty COW (CVE-2016-5195) by a site devoted to the kernel privilege escalation vulnerability. There is some indication that it is being exploited in the wild. Ars Technica has some additional information. The Red Hat bugzilla entry and advisory are worth looking at as well.

  • CVE-2016-5195

    My prior post showed my research from earlier in the year at the 2016 Linux Security Summit on kernel security flaw lifetimes. Now that CVE-2016-5195 is public, here are updated graphs and statistics. Due to their rarity, the Critical bug average has now jumped from 3.3 years to 5.2 years. There aren’t many, but, as I mentioned, they still exist, whether you know about them or not. CVE-2016-5195 was sitting on everyone’s machine when I gave my LSS talk, and there are still other flaws on all our Linux machines right now. (And, I should note, this problem is not unique to Linux.) Dealing with knowing that there are always going to be bugs present requires proactive kernel self-protection (to minimize the effects of possible flaws) and vendors dedicated to updating their devices regularly and quickly (to keep the exposure window minimized once a flaw is widely known).

  • “Most serious” Linux privilege-escalation bug ever is under active exploit (updated)

    While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.

  • Linux users urged to protect against 'Dirty COW' security flaw

    Organisations and individuals have been urged to patch Linux servers immediately or risk falling victim to exploits for a Linux kernel security flaw dubbed ‘Dirty COW'.

    This follows a warning from open source software vendor Red Hat that the flaw is being exploited in the wild.

    Phil Oester, the Linux security researcher who uncovered the flaw, explained to V3 that the exploit is easy to execute and will almost certainly become more widely used.

    "The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8," he said.

  • Hackers Hit U.S. Senate GOP Committee

    The national news media has been consumed of late with reports of Russian hackers breaking into networks of the Democratic National Committee. Lest the Republicans feel left out of all the excitement, a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the Web storefront of the National Republican Senatorial Committee (NRSC).


    Dataflow markets itself as an “offshore” hosting provider with presences in Belize and The Seychelles. Dataflow has long been advertised on Russian-language cybercrime forums as an offshore haven that offers so-called “bulletproof hosting,” a phrase used to describe hosting firms that court all manner of sites that most legitimate hosting firms shun, including those that knowingly host spam and phishing sites as well as malicious software.

    De Groot published a list of the sites currently present at Dataflow. The list speaks for itself as a collection of badness, including quite a number of Russian-language sites selling synthetic drugs and stolen credit card data.

    According to De Groot, other sites that were retrofitted with the malware included e-commerce sites for the shoe maker Converse as well as the automaker Audi, although he says those sites and the NRSC’s have been scrubbed of the malicious software since his report was published.

    But De Groot said the hackers behind this scheme are continuing to find new sites to compromise.

    “Last Monday my scans found about 5,900 hacked sites,” he said. “When I did another scan two days later, I found about 340 of those had been fixed, but that another 170 were newly compromised.”

  • Thoughts on the BTB Paper

    The Branch Target Buffer (BTB) whitepaper presents some interesting information. It details potential side-channel attacks by utilizing timing attacks against the branch prediction hardware present in Intel Haswell processors. The article does not mention Intel processors later than Haswell, such as Broadwell or Skylake.

    Side-channel attacks are always interesting and fun. Indeed, the authors have stumbled into areas that need more research. Their research can be applicable in certain circumstances.

    As a side-note, KASLR in general is rather weak and can be considered a waste of time[1]. The discussion why is outside the scope of this article.

Android Leftovers

Filed under

Debian-Based Parsix GNU/Linux 8.15 "Nev" Gets First Test Build, Ships GNOME 3.22

Filed under

Today, October 21, 2016, the developers of the Debian-based Parsix GNU/Linux operating system proudly announced the availability for download of the first test build of the upcoming Parsix GNU/Linux 8.15 "Nev" release.

Read more

Open source where possible in Polish Gdańsk

Filed under

The city of Gdańsk, Poland’s sixth largest city, is using open source software applications where possible. Open source is called an ‘important element’ in the Operational Programmes, made public in August. This document describes the tasks and activities set out by the city to achieve the goals it defined in the Gdańsk 2030 Plus Development Strategy.

Read more

Fedora 26 Linux to Retire the Synaptics Driver for a Better Touchpad Experience

Filed under
Red Hat

Today, October 20, 2016, Red Hat's Fedora Program Manager Jan Kurik informed the Fedora Linux community about an upcoming system-wide change proposal for the Fedora 26 release.

Read more

Meet Remix IO, All-in-One Android 7 Nougat-Powered PC, TV Box & Gaming Console

Filed under

Today, October 20, 2016, Softpedia was informed by Jide Technology, the team behind the popular Android-x86-based Remix OS operating system, about an upcoming device called Remix IO.

Read more

Top 8 Linux Distributions Of 2016

Filed under

There are quite a number of linux distribution out there and new ones are being added as the days go by. This means picking a distro amongst the lot becomes quite a difficulty. Luckily for you, I have hand-picked the best linux distributions in 2016 for you. These are the top distributions targeting very different uses and users and I bet at least one is going to appeal to you. So let’s get started.

Read more

Red Hat's Software Collections 2.3 and Developer Toolset 6 Suites Enter Beta

Filed under
Red Hat

Today, October 20, 2016, Red Hat had the pleasure of announcing the release and immediate availability of the Beta builds of its upcoming Software Collections 2.3 and Developer Toolset 6 collections of tools for developers.

Read more

Linux users urged to protect against 'Dirty COW' security flaw

Filed under
Red Hat

Organisations and individuals have been urged to patch Linux servers immediately or risk falling victim to exploits for a Linux kernel security flaw dubbed ‘Dirty COW'.

This follows a warning from open source software vendor Red Hat that the flaw is being exploited in the wild.

Phil Oester, the Linux security researcher who uncovered the flaw, explained to V3 that the exploit is easy to execute and will almost certainly become more widely used.

"The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8," he said.

Read more

Also: New Debian Linux Kernel Update Addresses "Dirty COW" Bug, Three Security Issues

Syndicate content

More in Tux Machines

Today and Yesterday in Techrights

Plasma 5.8.2, Applications 16.08.2 and Frameworks 5.27.0 available in Chakra

The latest updates for KDE's Plasma, Applications and Frameworks series are now available to all Chakra users. The Plasma 5.8.2 release provides additional bugfixes to the many new features and changes that were introduced in 5.8.0 aimed at enhancing users' experience: Read more

Yocto driven camera design taps octa-core Snapdragon

Qualcomm and Thundercomm unveiled a Linux-supported, 4K camera reference design with an octa-core Snapdragon 625 and video analytics software. Qualcomm and hardware partner Thundercomm Technology announced an IP Connected Camera reference design called the Snapdragon 625 IP Camera built around its 14nm-fabricated, octa-core Cortex-A53 Snapdragon 625 system-on-chip. This is Qualcomm’s first Connected Camera design to support Linux instead of Android. Read more