Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 18 Sep 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Linux firewalls: What you need to know about iptables and firewalld

A firewall is a set of rules. When a data packet moves into or out of a protected network space, its contents (in particular, information about its origin, target, and the protocol it plans to use) are tested against the firewall rules to see if it should be allowed through. Here’s a simple example... Read more

Mozilla: Firefox GCC/LLVM Clang Dilemma, September 2018 CA Communication and CfP

  • Fedora Firefox – GCC/CLANG dilemma
    After reading Mike’s blog post about official Mozilla Firefox switch to LLVM Clang, I was wondering if we should also use that setup for official Fedora Firefox binaries. The numbers look strong but as Honza Hubicka mentioned, Mozilla uses pretty ancient GCC6 to create binaries and it’s not very fair to compare it with up-to date LLVM Clang 6. Also if I’m reading the mozilla bug correctly the PGO/LTO is not yet enabled for Linux, only plain optimized builds are used for now…which means the transition at Mozilla is not so far than I expected.
  • September 2018 CA Communication
    Mozilla has sent a CA Communication to inform Certification Authorities (CAs) who have root certificates included in Mozilla’s program about current events relevant to their membership in our program and to remind them of upcoming deadlines. This CA Communication has been emailed to the Primary Point of Contact (POC) and an email alias for each CA in Mozilla’s program, and they have been asked to respond to the following 7 action items:
  • Emily Dunham: CFP tricks 1
    Some strategies I’ve recommended in the past for dealing with this include looking at the conference’s marketing materials to imagine who they would interest, and examining the abstracts of past years’ talks.

today's howtos

Security: Quantum Computing and Cryptography, Time to Rebuild Alpine Linux Docker Container

  • Quantum Computing and Cryptography
    Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would break the RSA cryptosystem for any key length. This is why cryptographers are hard at work designing and analyzing "quantum-resistant" public-key algorithms. Currently, quantum computing is too nascent for cryptographers to be sure of what is secure and what isn't. But even assuming aliens have developed the technology to its full potential, quantum computing doesn't spell the end of the world for cryptography. Symmetric cryptography is easy to make quantum-resistant, and we're working on quantum-resistant public-key algorithms. If public-key cryptography ends up being a temporary anomaly based on our mathematical knowledge and computational ability, we'll still survive. And if some inconceivable alien technology can break all of cryptography, we still can have secrecy based on information theory -- albeit with significant loss of capability. At its core, cryptography relies on the mathematical quirk that some things are easier to do than to undo. Just as it's easier to smash a plate than to glue all the pieces back together, it's much easier to multiply two prime numbers together to obtain one large number than it is to factor that large number back into two prime numbers. Asymmetries of this kind -- one-way functions and trap-door one-way functions -- underlie all of cryptography.
  • This New CSS Attack Restarts iPhones & Freezes Macs
  • Time to Rebuild Alpine Linux Docker Containers After Package Manager Patch
  • GrrCon 2018 Augusta15 Automation and Open Source Turning the Tide on Attackers John Grigg

Security: Updates, PAM HaveIBeenPwned Module, Alpine Linux and Wireshark

Filed under
Security
  • Security updates for Monday
  • PAM HaveIBeenPwned module
  • Remote code exec found in Alpine Linux

    Users of Alpine Linux are advised to update their installations - especially those used for Docker production environments - after a researcher found a remotely exploitable bug in the distribution's package manager.

    Alpine Linux is popular with Docker users due to its small size and package repository.

    Crowdfunded bug bounty program BountyGraph co-founder Max Justicz managed to exploit Alpine .apk package files to create arbitrary files which could be turned into code execution.

  • What is Wireshark? What this essential troubleshooting tool does and how to use it

    Wireshark is the world's leading network traffic analyzer, and an essential tool for any security professional or systems administrator. This free software lets you analyze network traffic in real time, and is often the best tool for troubleshooting issues on your network.

    Common problems that Wireshark can help troubleshoot include dropped packets, latency issues, and malicious activity on your network. It lets you put your network traffic under a microscope, and provides tools to filter and drill down into that traffic, zooming in on the root cause of the problem. Administrators use it to identify faulty network appliances that are dropping packets, latency issues caused by machines routing traffic halfway around the world, and data exfiltration or even hacking attempts against your organization.

    [...]

    While Wireshark supports more than two thousand network protocols, many of them esoteric, uncommon, or old, the modern security professional will find analyzing IP packets to be of most immediate usefulness. The majority of the packets on your network are likely to be TCP, UDP, and ICMP.

    Given the large volume of traffic that crosses a typical business network, Wireshark's tools to help you filter that traffic are what make it especially useful. Capture filters will collect only the types of traffic you're interested in, and display filters will help you zoom in on the traffic you want to inspect. The network protocol analyzer provides search tools, including regular expressions and colored highlighting, to make it easy to find what you're looking for.

today's howtos

Filed under
HowTos

Intel and IBM in Linux and the Linux Foundation

Filed under
Linux

LLVM 7.0.0 is Ready

Filed under
Development
BSD
  • [llvm-dev] [7.0.0 Release] The final tag is in

    The final version of 7.0.0 has been tagged from the branch at r342370. It is identical to rc3 modulo release notes and docs changes.

  • LLVM 7.0 Is Ready For Release

    The LLVM/Clang 7.0 release had been running a bit behind schedule and warranted a third release candidate, but this week LLVM 7.0.0 is now ready to ship.

    Release manager Hans Wennborg announced minutes ago on the mailing list that the 7.0.0 release has been tagged in their source tree. This ends up being the same as last week's 7.0-RC3 except for release notes and documentation updates.

  • LLVM Developers Still Discussing SPIR-V Support Within Clang

    One of the features that didn't materialize for LLVM / Clang 7.0 is the SPIR-V support within the compiler toolchain.

    While there has been a SPIR-V / LLVM translator out-of-tree and various developers at different vendors have been discussing for months the prospects of adding SPIR-V intermediate representation support to LLVM/Clang, it has yet to materialize.

    The latest developer discussion is to have a roundtable talk on the SPIR-V integration at the 2018 LLVM Developers' Meeting. This year the LLVM Developers' Meeting is happening at the San Jose Convention Center from 17 to 18 October.

Valve Prepares Open-Source Moondust Repository

Filed under
OSS
Gaming

Back in June, Valve announced "Moondust" as a new VR technical demo to showcase their hardware efforts (primarily with the Knuckles EV2 VR controllers) and consists of some mini games. It looks like this tech demo might be soon open-sourced.

If you missed Valve's original announcement of Moondust, you can find it on SteamCommunity.com granted this tech demo is primarily aimed at VR-enabling game developers.

Read more

Games: Gift of Parthax, Galaxy Champions TV, Shovel Knight: King of Cards, BlockShip Wars, 0°N 0°W

Filed under
Gaming

The world’s biggest curl installations

Filed under
OSS
Web

curl is quite literally used everywhere. It is used by a huge number of applications and devices. But which applications, devices and users are the ones with the largest number of curl installations? I've tried to come up with a list...

I truly believe curl is one of the world's most widely used open source projects.

If you have comments, other suggestions or insights to help me polish this table or the numbers I present, please let me know!

Read more

Red Hat News

Filed under
Red Hat

The Current Linux Performance With 16 ARM Boards

Filed under
Graphics/Benchmarks

Last week I provided a fresh look at the latest Linux performance on 22 Intel/AMD systems while for kicking off the benchmarking this week is a look at the current Linux performance on sixteen different ARM single board computers / developer boards from low-end to high-end.

For those curious about the current ARM Linux performance or wanting to compare your own x86/ARM/POWER/MIPS performance to these 16 ARM boards, here are some fresh benchmarks using the latest ARM Linux image releases for these different boards under test. Without going into too old of ARM platforms and based upon what I had available, the sixteen ARM boards for this comparison were...

Read more

Apache SpamAssassin 3.4.2 released

Filed under
Security

On behalf of the Apache SpamAssassin Project Management Committee, I am
very pleased to announce the release of Apache SpamAssassin v3.4.2.
This release contains security bug fixes. A security announcement will
follow within the next 24 hours.

Apache SpamAssassin can be downloaded from
https://spamassassin.apache.org/downloads.cgi and via cpan
(Mail::SpamAssassin).

Our project website is https://spamassassin.apache.org/

Our DOAP is available at https://spamassassin.apache.org/doap.rdf

Read more

International Day Against DRM takes action for a Day Without DRM on September 18th

Filed under
GNU

DRM is the practice of imposing technological restrictions that control what users can do with digital media. DRM creates a damaged good: it prevents you from doing what would be possible without it. This concentrates control over production and distribution of media, giving DRM peddlers the power to carry out massive digital book-burnings and conduct large-scale surveillance over people's media viewing habits.

Organized by the Defective by Design team, IDAD has occurred annually since 2006. Each year, participants take action through protests, rallies, and the sharing of DRM-free media and materials. Participating nonprofits, activist groups, and companies from around the world include the Electronic Frontier Foundation, Open Rights Group, Public Knowledge, the Document Foundation, and others (for a complete list, see: https://dayagainstdrm.org). These groups will share the message by writing about why DRM is harmful, organizing events, and offering discounts on DRM-free media.

Read more

Bulgaria prepares to build its own central code repository

Filed under
Development
OSS

In November, Bulgaria’s state eGovernment agency SEGA (Държавната агенция „Електронно управление“ ДАЕУ) will award a contract for building the country’s open source code repository. SEGA began studying submitted proposals this Tuesday. The repository, to be based on Git, will be hosting source all software newly developed by or for Bulgaria’s public services.

Read more

today's leftovers

Filed under
Misc
  • An "obsessive," "anti-imperialist" Turing Complete computer language with only one command

    Daniel writes, "An obsessive programmer, frustrated with not only the inefficiencies of mainstream OSes like Windows, but what he sees as their 'imperialistic oppression,' built an entire operating system using a subleq architecture. Subleq is a OISC, a language with only a single command. It lacks the most basic features of programming languages, and yet is Turing Complete.

  • PHP 7.3-RC1 Released, Benchmarks Looking Good For This Next PHP7 Update

    Released this week was the first RC milestone for the PHP 7.3 feature update due out before year's end. This weekend I ran some fresh PHP benchmarks looking at its performance.

    The PHP 7.3 release candidate is made up of many fixes ranging from memory corruption and segmentation faults to undefined symbols and other problems. The list of changes can be found via the NEWS entry.

  • Louis-Philippe Véronneau: GIMP 2.10

    GIMP 2.10 landed in Debian Testing a few weeks ago and I have to say I'm very happy about it. The last major version of GIMP (2.8) was released in 2012 and the new version fixes a lot of bugs and improved the user interface.

  • Political strategy game Democracy 4 announced with Linux support

    Positech Games have announced Democracy 4 [Official Site], the next evolution of their political strategy game and it's coming with Linux support. For those who think they can run a country or would like to have a go at it, this is probably the closest you will ever get.

    This is good to see, because we had Democracy 3 that supported Linux, but Democracy 3 Africa did not support Linux. A shame too, because I rather liked what I saw in Democracy 3 which is why I'm quite happy about this news.

Software and howtos

Filed under
Software
HowTos
  • 7 Top free & open source web hosting control panel (Cpanel)

    Setting up a website is not an easy task especially when you have to maintain multiple websites including databases and other files. Its become more hectic, when you go for VPS servers or Cloud hosting those are not more than a just bare server machine with some Linux operating system such as CentOS or Ubuntu. Those are website developers or familiar to how to up and run a website on Linux server definitely looking for some kind of free & open source tools to manage a website’s hosting backend.

    To solve such situations we have web hosting control panels or admin panels software those comes really handy and helps to get rid of the command interface for setting up each and everything.

  • Gavi's Song sheet music with TuxGuitar and LilyPond

    A year or two ago I bought Lindsey Stirling’s Album Brave Enough. It’s wonderful all around, but I really fell in love with Gavi’s Song.

    Three weeks ago I took a stab at playing this on my guitar. It’s technically not actually that difficult – After listening to the original and trying to repeat it for several days, I can now actually play through it without too many hiccups (still far from being YouTube’able, though). At least the first two thirds – but what I have is enough to get the feeling across, and it has a proper ending.

  • How to Increase File Upload Size in PHP
  • Simple guide to install PostGreSQL on Ubuntu
  • Combating article theft by delaying RSS feeds

KDE: KDE Repository Proposal, Belated Akademy Coverage, and Krita Interview With Alyssa May

Filed under
KDE
  • Proposal: .editorconfig files in every KDE Repository

    There’s some discussion on D15383 about the use of editorconfig in our sources, I belive that we should have this little file in *all* of our projects (actually I would put this in *every single project that exists*. This is a small file that handles common code conventions per project, for instance the tab vs spaces thing.

  • KDE Akademy 2018

    Yeah I am not in the picture, but I was there! You can find me over on the left there, where several of us were cut off Akademy was held in the lovely city of Vienna, Austria this year. Hats off to the akademy team for a great job!

    This year at akademy I spent much of my time catching up with the Blue Systems team and meeting with the KDE Sysadmin team. I am happy to report Ben Cooksley is real! Due to my flights, I missed the first and last day. It was still a productive akademy. I attended some good sysadmin and KDE Neon BoFs . I also did a bit of volunteering

    Even though I am mostly packaging for Debian directly these days, KDE Neon is still near and dear to my heart. I hope to be able to merge debian packaging into Neon soon so that we can have better collaboration within the team.

    I met with Ben in regards to getting back into sysadmin/CI work. I am working on Appimage tooling for KDE Binary factory to begin. I hope to utilize the craft tooling to make everyone’s lives easier. This of course is on my free time, but do keep an eye out!

  • Krita Interview with Alyssa May

Linux Accessibility For The Visually Impaired – For The Record

Filed under
GNU
Linux
Interviews

Linux Accessibility For The Visually Impaired. I received a comment from Milton asking me about text to speech options in Linux. He also wanted to know what I recommended for audio dictation under Linux. The first option is indeed, using FoSS awesomeness. However the later relies on Google’s Web Speech API. Also, here is that article on controlling your mouse cursor with your webcam and no hands.

Read more

4 scanning tools for the Linux desktop

Filed under
Linux

While the paperless world isn't here quite yet, more and more people are getting rid of paper by scanning documents and photos. Having a scanner isn't enough to do the deed, though. You need software to drive that scanner.

But the catch is many scanner makers don't have Linux versions of the software they bundle with their devices. For the most part, that doesn't matter. Why? Because there are good scanning applications available for the Linux desktop. They work with a variety of scanners and do a good job.

Read more

Syndicate content

More in Tux Machines

Linux firewalls: What you need to know about iptables and firewalld

A firewall is a set of rules. When a data packet moves into or out of a protected network space, its contents (in particular, information about its origin, target, and the protocol it plans to use) are tested against the firewall rules to see if it should be allowed through. Here’s a simple example... Read more

Mozilla: Firefox GCC/LLVM Clang Dilemma, September 2018 CA Communication and CfP

  • Fedora Firefox – GCC/CLANG dilemma
    After reading Mike’s blog post about official Mozilla Firefox switch to LLVM Clang, I was wondering if we should also use that setup for official Fedora Firefox binaries. The numbers look strong but as Honza Hubicka mentioned, Mozilla uses pretty ancient GCC6 to create binaries and it’s not very fair to compare it with up-to date LLVM Clang 6. Also if I’m reading the mozilla bug correctly the PGO/LTO is not yet enabled for Linux, only plain optimized builds are used for now…which means the transition at Mozilla is not so far than I expected.
  • September 2018 CA Communication
    Mozilla has sent a CA Communication to inform Certification Authorities (CAs) who have root certificates included in Mozilla’s program about current events relevant to their membership in our program and to remind them of upcoming deadlines. This CA Communication has been emailed to the Primary Point of Contact (POC) and an email alias for each CA in Mozilla’s program, and they have been asked to respond to the following 7 action items:
  • Emily Dunham: CFP tricks 1
    Some strategies I’ve recommended in the past for dealing with this include looking at the conference’s marketing materials to imagine who they would interest, and examining the abstracts of past years’ talks.

today's howtos

Security: Quantum Computing and Cryptography, Time to Rebuild Alpine Linux Docker Container

  • Quantum Computing and Cryptography
    Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would break the RSA cryptosystem for any key length. This is why cryptographers are hard at work designing and analyzing "quantum-resistant" public-key algorithms. Currently, quantum computing is too nascent for cryptographers to be sure of what is secure and what isn't. But even assuming aliens have developed the technology to its full potential, quantum computing doesn't spell the end of the world for cryptography. Symmetric cryptography is easy to make quantum-resistant, and we're working on quantum-resistant public-key algorithms. If public-key cryptography ends up being a temporary anomaly based on our mathematical knowledge and computational ability, we'll still survive. And if some inconceivable alien technology can break all of cryptography, we still can have secrecy based on information theory -- albeit with significant loss of capability. At its core, cryptography relies on the mathematical quirk that some things are easier to do than to undo. Just as it's easier to smash a plate than to glue all the pieces back together, it's much easier to multiply two prime numbers together to obtain one large number than it is to factor that large number back into two prime numbers. Asymmetries of this kind -- one-way functions and trap-door one-way functions -- underlie all of cryptography.
  • This New CSS Attack Restarts iPhones & Freezes Macs
  • Time to Rebuild Alpine Linux Docker Containers After Package Manager Patch
  • GrrCon 2018 Augusta15 Automation and Open Source Turning the Tide on Attackers John Grigg