Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 15 Sep 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

  • 07/07/2019 - 5:40pm
    JamieCull
  • 04/07/2019 - 7:09pm
    ksanaj
  • 18/07/2018 - 6:58am
    arindam1989
  • 14/08/2017 - 5:04pm
    2daygeek
  • 11/07/2017 - 9:36am
    itsfoss
  • 04/05/2017 - 11:58am
    Variscite
  • 09/04/2017 - 4:47pm
    mwilmoth
  • 11/01/2017 - 12:02am
    tishacrayt
  • 11/01/2017 - 12:01am
    lashayduva
  • 10/01/2017 - 11:56pm
    neilheaney

Security: Vista 10 Woes, Linux FUD and More

Filed under
Security
  • Caution: KB4515384 is breaking audio on Windows 10

    If you’ve already installed KB4515384, and you want to try and fix the audio problem before you attempt the uninstall it, there is really only solution that you can try. Open the Control Panel sound settings.

    On the Playback tab, double-click your speakers to open their Properties. The properties window should have an ‘Enhancements’ tab though, it may be missing as in the case of the screenshot below. If the tab is there, go to it and enable all enhancements, and click Apply. Next, disable them all, and click Apply again.

  • Lilocked ransomware (Lilu) affects thousands of Linux-based servers [Ed: This is not about "Linux"; they're repeating ZDNet (tabloid) talking points from their anti-Linux trolls, whom CBS hired to attack Linux (the real issue here is malware being installed)]

    A ransomware strain named Lilocked or Lilu has been affecting thousands of Linux-based servers all over the world since mid-July and the attacks got intensified by the end of August, ZDNet reports.

  • From PowerShell to auditing: Expand your cybersecurity know-how at SANS London 2019 [Ed: PowerShell is used a lot by CRACKERS. Why does The Register associate NSA back-doored stuff with security? (clue/hint: money)]
  • DigitalOcean Continues Working On Linux Core Scheduling To Make HT/SMT Safer

    With Hyper Threading continuing to look increasingly unsafe in data centers / shared computing environments in light of all the speculative execution vulnerabilities exposed thus far particularly with L1TF and MDS having no SMT-secure mitigation, DigitalOcean continues working on their Linux kernel "core scheduling" patches so they can still make use of HT/SMT in a sane and safe manner.

    DigitalOcean's core scheduling work is their way to make Hyper Threading safe by ensuring that only trusted applications run concurrently on siblings of a core. Their scheduler also tries to be smart about not using SMT/HT in areas where it could degrade performance.

Games: Puzzle Agent, Steam Play Proton and More

Filed under
Gaming
  • Gaming: Puzzle Agent

    Two lovely but short puzzle games: Puzzle Agent and Puzzle Agent II, follow agent Nelson Tethers in his quest to solve an obscure case in Scoggins, Minnesota: The erasers factory delivering to the White House stopped production – a dangerous situation for the US and the world. Tethers embarks on a wild journey.

  • Just some of the games coming to Linux in 2019, the September edition

    It's been quite a while since we had a listicle of interesting games gearing up for release on Linux in 2019, let's take a fresh look today.

    There's a huge amount coming and this list is by no means exhaustive (that would be impossible), plenty still to even be announced yet that I know of. This is just a nice and simple reminder on a few interesting titles you may have forgotten about or perhaps you might find something new.

  • Steam Play Proton 4.11-4 has been release into the wild

    Get ready for another weekend full of testing games, as Valve and CodeWeavers have put out a fresh official build of Steam Play Proton for your pleasure.

  • Proton 4.11-4 Released With Updated DXVK, Improved PS4 Controller Handling

    In time for any weekend gaming, Valve's team maintaining their Proton downstream of Wine for powering Steam Play to run Windows games on Linux has issued their v4.11-4 update.

    Proton 4.11-4 is another update to their Wine 4.11 derived branch. With Proton 4.11-4 comes integrated the new DXVK 1.3.4, D9VK 0.21-rc-p, and FAudio 19.09 as some prominent component updates.

TPC-71W next-generation Arm-Based Industrial Panel PC for IoT applications

Filed under
GNU
Linux
Hardware

Advantech Industrial IoT Group, announced TPC-71W – the new generation of its industrial panel PCs aimed at machine automation and web-terminal applications. TPC-71W is a cost-efficient, Arm-based industrial panel PC that features a 7” true-flat display with P-CAP multi-touch control, high resolution and an NXP Arm Cortex -A9 i.MX 6 dual/quad-core processor to deliver high-performance computing. The system also features a serial port with a 120Ω termination resistor that supports the CAN 2.0B protocol and offers a programmable bit rate of up to 1 Mb/sec. Equipped with the Google Chromium embedded web browser and support for various operating systems, including Android, Linux Yocto, and Linux Ubuntu with QT GUI toolkits, TPC-71W allows system integrators to easily develop and deploy a wide range of industrial applications.

Read more

Also: Raspberry Pi CM3+ based EagleEye Smart Camera Works with OpenCV and LabVIEW NI Vision

Stallman Under Fire for Views on Epstein

Filed under
GNU
  • Famed MIT Scientist Defends Epstein: Victims Were ‘Entirely Willing’

    While MIT engages in damage control following revelations the university’s Media Lab accepted millions of dollars in funding from Jeffrey Epstein, a renowned computer scientist at the university has fanned the flames by apparently going out of his way to defend the accused sex trafficker — and child pornography in general.

    Richard Stallman has been hailed as one of the most influential computer scientists around today and honored with a slew of awards and honorary doctorates, but his eminence in the academic computer science community came into question Friday afternoon when purportedly leaked email excerpts showed him suggesting one of Epstein’s alleged victims was “entirely willing.”

  • Prominent computer scientist at MIT argues definition of rape in defending money from dead sex offender

    Richard Stallman, founder of Cambridge's Free Software Foundation and a visiting scientist at MIT, argues that Jeffrey Epstein's victims were likely "entirely willing" and to stop besmirching the good name of deceased MIT AI guru Marvin Minsky just because he might have "had sex with one of Epstein’s harem."

    Vice reports Stallman made his comments on an MIT mailing list on which he objected to a protest being planned for next week over MIT's ties to the convicted sex offender long after his conviction.

  • Free software icon Richard Stallman has some moronic thoughts about pedophilia

    The world of academia is in turmoil over the shock discovery that disgraced financier Jeffrey Epstein funded several several prestigious science and technology research labs, including MIT’s Media Lab, long after his 2008 conviction for sex crimes involving children.

    For the late Epstein, his generous donations served to whitewash his tainted reputation. They were part of a well-sculpted PR effort that also included paid-for puff pieces in publications like Forbes and HuffPost, which emphasised his philanthropy, while conveniently ignoring his crimes.

  • Famed Computer Scientist Richard Stallman Described Epstein Victims As 'Entirely Willing'

    Richard Stallman, the computer scientist best known for his role in the free software movement, has joined the list of MIT men going out of their way to defend the university’s relationships with convicted sex offender Jeffrey Epstein.

    Selam Jie Gano, an MIT alum, posted on Medium about an email thread in which Stallman argued that the late Marvin Minsky—an AI pioneer accused of assaulting one of Epstein's victims, Virginia Giuffre—had not actually assaulted anyone.

  • MIT Community Horrified by Famed Researcher’s Epstein Outburst

    Since the July arrest of Jeffrey Epstein on charges of sex trafficking, a number of huge names in the world of tech — from Bill Gates to Elon Musk — have attempted to defend or deny any inkling of a relationship with the financier.

    But one prominent computer scientist is seemingly going out of his way to insert himself into the scandal: MIT Visiting Scientist Richard Stallman.

    MIT accepted millions of dollars in funding from Epstein, prompting one student group to organize a protest calling for the resignation of any senior MIT administrators who knew about the donations.

Events: Akademy and LibOCon

Filed under
KDE
LibO
  • Akademy Report

    “Who are you people?”

    That’s what the woman selling the ferry tickets at Varenna asked me once she realized I speaked Italian. She was definitely not used to a group of ~80 people wearing a blue badge. Another woman who was selling stuff on the street asked me if we were a school.

    It’s been an amazing week and a very productive Akademy. A lot has been discussed and a lot has been decided. On my side, I’ve hosted a Dolphin BoF where we discussed both boring things (e.g. where to send bugzilla notification mails) as well as the awesome new features we are getting into Dolphin. Alexander talked about the status of the KIO Fuse project, while Méven talked about his work on the kioslave for the recently used files.

  • Akademy 2019 Wednesday and Thursday BoF Wrapup

    Wednesday continued the Akademy BoFs, group sessions and hacking in the morning followed by the daytrip in the afternoon to Lake Como, to have some fun, get away from laptops and get to know each other better. Thursday was back to BoFs, meetings and hacking culminating in a wrapup session at the end covering the last two days so that what happened in the different rooms can be shared with everyone including those not present.

  • LibOCon 2019 Almeria - How to debug the Online conveniently

Linux 5.4 and Beyond

Filed under
Linux
  • Kernel Lockdown Feature Will Try To Land For Linux 5.4

    After going through 40+ rounds of revisions and review, the Linux kernel "LOCKDOWN" feature might finally make it into the Linux 5.4 mainline kernel.

    While not yet acted upon by Linus Torvalds with the Linux 5.4 merge window not opening until next week, James Morris has submitted a pull request introducing the kernel lockdown mode for Linux 5.4.

  • Linux 5.4 Pull Requests Begin With AMD EPYC Rome EDAC Support, 64-Bit ARM Updates

    Linux 5.3 isn't being released until this weekend after being delayed by one week, but already there have been a few early pull requests submitted for the to-be-opened Linux 5.4 merge window.

    The early Linux 5.4 material submitted so far includes:

    ARM64 updates come in with a growing number of contributors to this 64-bit ARM architecture code. This time around there is support for 52-bit virtual addressing, early random number generator (RNG) seeding by the bootloader, improved robustness of SMP booting, support for the NXP i.MX8 DDR PMU, and various other fixes and improvements.

  • Linux 5.4 Bringing Support For Lenovo's "PrivacyGuard" On Newer ThinkPads

    Newer high-end Lenovo ThinkPad laptops feature an option called "PrivacyGuard" for restricting the usable vertical and horizontal viewing angles of the LCD display, similar to what has been achievable previously using film covers and the like. With Linux 5.4 this feature will be supported by the kernel if concerned about others looking over your shoulders at your screen, etc.

    Lenovo PrivacyGuard allows restricting the usable vertical/horizontal angles of the laptop's LCD panel so that ideally no one else but the user can view the screen contents. Unlike film covers or other practices, PrivacyGuard can be easily enabled/disabled depending upon your location. PrivacyGuard hasn't worked under Linux up to this point but is coming now with Linux 5.4.

  • Support Is Being Worked On For Root File-System Support Over SMB Protocol

    More details on this work can be found via this patch series including the first patch with more documentation on this support for root file-systems via Samba shares.

    These patches aren't in the current CIFS for-next branch so it doesn't look like this functionality will be making it for Linux 5.4.

SUSE CaaS

Filed under
SUSE
  • The Next SUSE CaaS Platform is Here!

    The SUSE CaaS Platform team is excited to announce the availability of our new version 4 – a container management solution that is easier to deploy and manage at scale, richer than ever in security and control, and ready with the latest innovations!

  • SUSE Bolsters Security, Advanced Networking in SUSE CaaS Platform 4

    SUSE has revamped its SUSE CaaS Platform with a wide range of updates, including advanced networking for Kubernetes that will make it easier to configure networking with the platform, and has also bolstered its SUSE Cloud Application Platform with refinements such as improved user interface features.

    The biggest improvement to SUSE Container as a Service (CaaS) Platform 4, which is built for application developers, DevOps teams and Kubernetes container platform operators, is the new advanced networking for Kubernetes which is being brought in via the Cilium open source project, according to SUSE. Cilium works to transparently secure network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes.

Programming Leftovers

Filed under
Development
  • Highlights From The 2019 Pandas Hack

    Taking place simultaneously in Austin, Bentonville, and Dallas from August 16–18, the Pandas Hack was a weekend hackathon focused on providing updates and bug fixes to the pandas data science library.

  • Updated high-DPI support for Qt 5.14
    Hi all,
    
    We’ve recently merged several patches which improves Qt’s high-DPI support. The changes include:
    
    * Support for fractional device pixel ratios (e.g. Windows 150%)
    * Support per-screen DPI in more places like QStyle
    * Cleanup of configuration API and options.
    
    These fixes applies mostly to the AA_EnableHighDpiScaling type of high-DPI support where 
    the device independent coordinate system is set up by QtGui. Relevant platforms include Windows,
    X11, and Android. The new code and and config options are cross-platform though; it should be
    possible to develop and test on any platform (as long as you are not working on platform plugins).
    
    
  • Qt 5.14 Is Bringing Significantly Better HiDPI Support

    Besides KDE seeing its own HiDPI improvements like fractional scaling on Wayland recently landing, the Qt5 tool-kit is seeing more HiDPI improvements on its end too.

    With Qt 5.14 that is slated to be released before year's end there will be better HiDPI support for dealing with today's modern high pixel density displays. Some of the Qt 5.14 HiDPI improvements include support for fractional device pixel ratios, supporting per-screen DPIs more throughout the tool-kit, configuration API clean-ups, platform plug-in additions, an API for setting the rounding policy for the scaling factor, and expanding the supported environment variables for testing the functionality.

  • Reactive Foundation tackles next phase of software architecture

    “With the rise of cloud-native computing and modern application development practices, reactive programming addresses challenges with message streams and will be critical to adoption,” said Michael Dolan, VP of strategic programs at the Linux Foundation. “With the Reactive Foundation, the industry now has a neutral home for supporting the open source projects enabling reactive programming.”

    [...]

    RSocket builds on reactive streams to prevent outages and is designed to support microservices-based and cloud-native applications as a high-performance replacement of traditional HTTP. It enables long-lived streams on different transport connections, which is useful for mobile to server communication. The foundation will also seeks to expand the open-source community around RSocket and reactive programming.

    “After more than a decade of innovations, the reactive ecosystem is making it into mainstream adoption with Project Reactor, Spring Boot and the Spring Framework accelerating its adoption,” said Stephane Maldini, project reactor lLead at Pivotal. “Together, we can build hyper efficient, scalable distributed systems by rethinking the way we design them and by using the right protocol to coordinate them.”

Games: Dota Underlords, Natural Selection 2, Iron Danger

Filed under
Gaming
  • Dota Underlords to get 2 actually playable Underlords, the Duos team mode and more next month

    Valve have teased what they're calling 'The Big Update' to release in early October, with the final release due not long after that for the first official season.

    The news comes from the first of two smaller updates released over the last few days, all update notes can be seen here. What Valve said they will be doing is adding in 2 playable Underlords, the Duos team mode, 6 new Heroes, 3 new Alliances and an updated user interface. That will come sometime in the first part of October, with the "final stop" (the 1.0 release) to come shortly after with 2 more Underlords, the proper Battle Pass, the City Crawl and the start of the first season.

  • Unknown Worlds are dumping the Linux version of Natural Selection 2

    Some sad news to share this Friday evening, as Unknown Worlds Entertainment have announced they're calling it a day for the Linux version of Natural Selection 2.

    Posted in an official announcement on the NS2 website, they claim they're doing this as a result of it apparently being "more difficult to support and develop for the platform natively" including issues like not finding enough users with QA experience to help.

    Unlike what happened with Rust, they're not offering refunds to previous buyers. They say to claim a refund from Valve if you purchased it in the last "30" days which isn't even right, it's two weeks (and under two hours) on Valve's refund option. They will, however, continue their Linux server.

  • Story-driven tactical RPG with time manipulation mechanics 'Iron Danger' should come to Linux

    Here's some fun news, Iron Danger from Action Squad Studios sounds interesting and it's trying to set itself apart from the many turn-based tactical RPGs out there.

    With the fate of the entire world apparently in your hands you will deal with cosmic magic, monsters and colossal war machines in an attempt to save it. I like games that combine elements from different time periods, so you're dealing with both magic and machine here. You take on the role of Kipuna, a "simple village girl" who ends up gaining power over time itself and this is used during combat.

Wine 4.16

Filed under
Software
Gaming
  • Wine Announcement
    The Wine development release 4.16 is now available.
    
    What's new in this release (see below for details):
      - More reliable mouse grabbing in games.
      - Better cross-compilation support in WineGCC.
      - Improved compatibility with Windows debuggers.
      - Various bug fixes.
    
    
  • Wine 4.16 is out with 'more reliable mouse grabbing in games'

    The Wine team have opened up another bottle of the good stuff this evening, with the Wine 4.16 development release now available.

  • Wine 4.16 Bringing Better Compatibility With Windows Debuggers

    Wine 4.16 is out as the newest bi-weekly development snapshot leading up to the Wine 5.0 release in just a few more months.

    Wine 4.16 brings more reliable mouse grabbing for Windows games, better cross-compilation support with WineGCC, and improved compatibility with Windows debuggers.

The Sandy Bridge Core i7 3960X Benchmarked Against Today's Six-Core / 12 Thread AMD/Intel CPUs

Filed under
Graphics/Benchmarks

Complementing our recent AMD Ryzen 5 3600X Linux benchmarking, with recently having out the Intel Core i7 3960X Sandy Bridge Extreme Edition, here are benchmarks showing that previous $999 USD six-core / twelve-thread processor compared to today's Ryzen 5 3600X (and previous-generation Ryzen 5 2600X) as well as the Core i7 8700K.

As some Friday benchmarking fun, this article offers a fresh look at how the once high-end Core i7 3960X compared to today's AMD Ryzen 5 processors at six-cores / twelve-threads and also having in the similarly core/thread count Core i7 8700K.

Besides the Core i7 3960X having cost a great deal more ($999~1059 USD compared to the Ryzen 5 3600X at $250 USD), the i7-3960X has a 130 Watt TDP compared to the Zen 2 mid-range processor at 95 Watts. The i7-3960X carries a 3.3GHz base clock with 3.9GHz turbo frequency compared to the 3600X at 3.8GHz and boosting up to 4.4GHz.

Read more

Archman Linux: Pure Arch With Extra Flair

Filed under
Linux
Reviews

The distro's origin is Turkey. That by itself is not an issue, but the reach of the Archman community's language localization seems a bit short.

In numerous documentation and website displays, the use of English is a bit awkward. The flawed English does not seem to be a factor within the operating system itself though. Still, if you are struggling to deal with Arch idiosyncrasies, side-stepping some of the phraseology can add to the frustration.

Distros based on Arch Linux usually are not a good starting choice for newcomers to the Linux operating system. Users need a better handle on how Linux works to use Arch-based distros successfully. Considerable background reading is necessary for things to make sense with minimal frustration.

Arch Linux distros in general are not ideal operating systems for users with little Linux experience. Developers of distros such as Archman Linux are trying to change that reputation. Archman Linux can be a good second OS to use as a tool for learning more about how Linux works.

Read more

3rd gen kit for embedded linux self-training is Raspberry Pi B-based

Filed under
Linux

The 3rd generation Embedded Linux Learning Kit from Intellimetrix includes a Raspberry Pi 3B board, a Pi HAT with peripherals, power supply, cables and Linux software. It also features a manual tailored specifically for self-teaching yourself embedded Linux.

Intellimetrix has announced the immediate availability of the third generation of its Embedded Linux Learning Kit (E.L.L.K.). The firm touts it as a complete, hands-on way to get started using embedded Linux. Intellimetrix is a consulting firm specializing in real-time and embedded training and software development.

Read more

Why the founder of Apache is all-in on blockchain

Filed under
OSS

As Behlendorf tells the story, Apache came out of an environment when "we might have had a more beneficent view of technology companies. We still thought of them as leading the fight for individual empowerment."

At the same time, Behlendorf adds, "there was still a concern that, as the web grew, it would lose its character and its soul as this kind of funky domain, very flat space, supportive of freedoms of speech, freedoms of thought, freedoms of association that were completely novel to us at the time, but now we take for granted—or even we have found weaponized against us."

This led him to want Apache to address concerns that were both pragmatic in nature and more idealistic.

The pragmatic aspect stemmed from the fact that "iteratively improving upon the NCSA web server was just easier and certainly a lot cheaper than buying Netscape's commercial web server or thinking about IIS or any of the other commercial options at the time." Behlendorf also acknowledges, "it's nice to have other people out there who can review my code and [to] work together with."

There was also an "idealistic notion that tapped into that zeitgeist in the '90s," Behlendorf says. "This is a printing press. We can help people publish their own blogs, help people publish their own websites, and get as much content liberated as possible and digitized as possible. That was kind of the web movement. In particular, we felt it would be important to make sure that the printing presses remained in the hands of the people."

Read more

Events and Shows: IBC 2019, User Error and Ubuntu Podcast

Filed under
OSS
  • Open Source at IBC 2019

    Showcasing two brand new Open Source software demonstrations featuring the Xilinx high-performance Zynq UltraScale+ MPSoC, and the Magic Leap One augmented reality headset.

  • Splitting Fun and Profit | User Error 74

    It's another #AskError episode. The finances of social situations and FOSS projects, automated vehicles, and ways to cheer up.

  • Ubuntu Podcast from the UK LoCo: S12E23 – Wing Commander

    This week we’ve been playing Pillars of Eternity. We discuss boot speed improvements for Ubuntu 19.10, using LXD to map ports, NVIDIA Prime Renderer switching, changes in the Yaru theme and the Librem 5 shipping (perhaps). We also round up some events and some news from the tech world.

    It’s Season 12 Episode 23 of the Ubuntu Podcast! Alan Pope and Mark Johnson are connected and speaking to your brain.

Programming: Bash/Command Line, Python and More

Filed under
Development
HowTos
  • Add leading zeroes that aren't really leading

    A leading zero can be a useful addition to a number string, and there are several ways to add one or more leading zeroes on the command line. The addition is a little less straightforward if the leading zero sits inside a non-numeric string. This post deals with a couple of such cases.

  • Always Launch Terminal as root User (sudo) in Ubuntu

    While working with the Ubuntu command line, the Terminal, we come across situations that require us to log in as root again and again. Ubuntu does that for protecting our system in order to avoid any user or script that opens the Terminal for any malicious activities that put your privacy and system at risk. Root allows far more access than a standard user needs on the command line. With root in action, features that make Ubuntu more secure are no longer working for you. Just consider running a web browser as root!

  • Fastest Python function to slugify a string

    The code is 7-8 years old and relates to a migration when MDN was created as a Python fork from an existing PHP solution.

    I couldn't help but to react to the fact that it's a list and it's looped over every single time. Twice, in a sense. Python has built-in tools for this kinda stuff. Let's see if I can make it faster.

  • Should you use "dot notation" or "bracket notation" with pandas?

    If you prefer bracket notation, then you can use it all of the time! However, you still have to be familiar with dot notation in order to read other people's code.

    If you prefer dot notation, then you can use it most of the time, as long as you are diligent about renaming columns when they contains spaces or collide with DataFrame methods. However, you still have to use bracket notation when creating new columns.

  • Solving Sequence Problems with LSTM in Python's Keras Library

    Time series forecasting refers to the type of problems where we have to predict an outcome based on time dependent inputs. A typical example of time series data is stock market data where stock prices change with time. Similarly, the hourly temperature of a particular place also changes and can also be considered as time series data. Time series data is basically a sequence of data, hence time series problems are often referred to as sequence problems.

  • How the Worlds of Linux and Windows Programming Converged

    Once upon a time, the world of developers was split into two halves: One half was composed of Windows developers, who created most of the productivity apps that powered PCs (and, occasionally, servers). The other half comprised Linux and Unix developers, whose work focused on server-side development. Today, however, as the worlds of Windows and Linux move ever closer together, the distinction between Windows and Linux developers is disappearing. Gone are the days when you had to specialize in one ecosystem or the other.

Red Hat: Edge Computing, Red Hat Success Stories, OpenShift 4.2 and More

Filed under
Red Hat
  • 10 edge computing myths, debunked

    Edge computing can mean different things to different technology leaders – from “anything that’s not in the cloud” to “the practice of capturing, storing, processing, and analyzing data nearest to where the data is generated.” As important as knowing what edge computing is, however, is understanding what it is not.

    [...]

    “Edge can vary based on computing, storage, and where you engage streaming data,” says Jason Mann, VP of IoT at SAS. It will also vary based on your point of view, adds Hopkins. The enterprise edge will look different than a cloud vendor’s or a telco’s edge.

  • Red Hat Success Stories: Reducing friction in Southeast Asia banking and more

    Wondering how Red Hat is helping its customers to succeed? Last month we published six customer success stories that highlight how we've helped customers gain efficiency, cut costs, and transform the way they deliver software. Read on to find out how Ascend Money, Heritage Bank, Generali Switzerland, and others have worked with Red Hat to improve their business.

    [...]

    To improve the efficiency of its application processes, Ascend Money decided to migrate its legacy applications to a standardized platform using Red Hat technology. With assistance from Red Hat Consulting, Ascend Money moved both its legacy applications and new cloud-native services to OpenShift Container Platform, providing a single platform for IT and developers to collaborate across cloud environments.

  • OpenShift 4.2 Disconnected Install

    In a previous blog, it was announced that Red Hat is making the OpenShift nightly builds available to everyone. This gives users a chance to test upcoming features before their general availability. One of the features planned for OpenShift 4.2 is the ability to perform a “disconnected” or “air gapped” install, allowing you to install in an environment without access to the Internet or outside world.

  • Develop with Node.js in a container on Red Hat Enterprise Linux

    In my previous article, Run Red Hat Enterprise Linux 8 in a container on RHEL 7, I showed how to start developing with the latest versions of languages, databases, and web servers available with Red Hat Enterprise Linux 8, even if you are still running RHEL 7. In this article, I’ll build on that base to show how to get started with Node using the current RHEL 8 application stream versions of Node.js and Redis 5.

    From my perspective, using Red Hat Enterprise Linux 8 application streams in containers is preferable to using software collections on RHEL 7. While you need to get comfortable with containers, all of the software installs in the locations you’d expect. There is no need to use scl commands to manage the selected software versions. Instead, each container gets an isolated user space. You don’t have to worry about conflicting versions.

    In this article, you’ll create a Red Hat Enterprise Linux 8 Node.js container with Buildah, and run it with Podman. The code will be stored on your local machine and mapped into the RHEL 8 Node.js container when it runs. You’ll be able to edit the code on your local machine as you would any other application. Because it is mapped via a volume mount, the changes you make to the code will be immediately visible from the container, which is convenient for dynamic languages that don’t need to be compiled. This method isn’t the way you’d want to do things for production, but it gets you started developing quickly and should give you essentially the same development inner loop as you’d have when developing locally without containers. This article also shows how you can use Buildah to build an image with your completed application that you could use for production.

    Additionally, you’ll set up the Red Hat Enterprise Linux 8 Redis application stream in a container that is managed by systemd. You’ll be able to use systemctl to start and stop the container just as you would for a non-container installation.

Security: FOSS Updates, Windows Spying as 'Security', Linux Package Management

Filed under
Security
  • Security updates for Friday

    Security updates have been issued by Debian (curl, dnsmasq, and golang-go.crypto), Mageia (docker, firefox, flash-player-plugin, ghostscript, links, squid, sympa, tcpflow, thunderbird, and znc), openSUSE (srt), Oracle (.NET Core, kernel, libwmf, and poppler), Scientific Linux (firefox), SUSE (cri-o, curl, java-1_8_0-ibm, python-SQLAlchemy, and python-urllib3), and Ubuntu (curl and expat).

  • Microsoft Issues New Windows 10 Update Warning

    Meanwhile, the Windows Latest reports the Start menu stops working for some users who have upgraded to KB4515384 with Windows 10 delivering the following errors: “We’ll try to fix it the next time you sign in” and “Critical Error - Your Start menu isn’t working”

  • Heads up: Microsoft is back to snooping with this month’s Win7 and 8.1 'security-only' patches

    Two months ago, the July Win7 security-only patch was found to install telemetry software, triggered by newly installed scheduled tasks called ProgramDataUpdater, Microsoft Compatibility Appraiser, and AitAgent. As best I can tell, Microsoft never admitted that its security-only patch dropped a telemetry component.

    The August security-only update didn’t include that bit of snooping, so it looked like the July snooping was a one-off aberration.

    Now we’re learning that the September security-only patches for both Win 7 and Win 8.1 have this, shall we say, feature.

    [...]

    What information is Microsoft collecting? I don’t know. Telemetry is frequently downplayed as being largely uninteresting blobs of unattributed data. If that’s the case, why is Microsoft collecting it now, after all these years? It hasn’t even acknowledged (as best I can tell) that it's collecting it via security-only patches.

  • Security Issues with PGP Signatures and Linux Package Management

    In discussions around the PGP ecosystem one thing I often hear is that while PGP has its problems, it's an important tool for package signatures in Linux distributions. I therefore want to highlight a few issues I came across in this context that are rooted in problems in the larger PGP ecosystem.

    Let's look at an example of the use of PGP signatures for deb packages, the Ubuntu Linux installation instructions for HHVM. HHVM is an implementation of the HACK programming language and developed by Facebook. I'm just using HHVM as an example here, as it nicely illustrates two attacks I want to talk about, but you'll find plenty of similar installation instructions for other software packages. I have reported these issues to Facebook, but they decided not to change anything.

Syndicate content

More in Tux Machines

An Easy Fix for a Stupid Mistake

I waited a long time for Mageia 7 and for OpenMandriva Lx 4. When both distros arrived, I was very happy. But new distros bring changes, and sometimes it is not easy to adapt. Mageia 7 has been rock-solid: it is doing a great job in my laptop and both in my daughter's desktop and in mine. There is one thing, though. I have been avoiding a strange mesa update that wants to remove Steam. OpenMandriva is also fantastic, but this new release provided options like rock, release, and rolling. When I first installed the distro, I chose rock because I was shying away from the rolling flavor. Eventually, I had to move to rolling because that was the only way in which I could manage to install Steam in both my laptop and desktop machines. Read more

today's leftovers

  • Clear Linux Is Being Used Within Some Automobiles

    Intel's speedy Clear Linux distribution could be running under the hood of your car. While we're fascinated by the performance of Intel's open-source Clear Linux distribution that it offers meaningful performance advantages over other distributions while still focused on security and offering a diverse package set, we often see it asked... who uses Clear Linux? Some argue that Clear Linux is just a toy or technology demo, but it's actually more.

  • Radeon ROCm 2.7.2 Released

    Radeon ROCm 2.7.2 is now available as the newest update to AMD's open-source GPU compute stack for Linux systems. ROCm 2.7.2 is a small release that just fixes the upgrade path when moving from older ROCm releases, v2.7.2 should now be running correctly. This release comes after the recent ROCm 2.7.1 point release that had corrected some components from properly loading the ROC tracer library.

  • How To Install Webmin on Debian 10 Linux
  • GNOME Shell + Mutter Patches Pending For Wayland Fullscreen Compositing Bypass

    There's an exciting patch set to GNOME Shell and Mutter now pending for finally wiring up the full-screen unredirected display / full-screen bypass compositing for helping the performance of full-screen games in particular on Wayland. GNOME on X11 has long supported the full-screen compositing bypass so the window manager / compositor gets out of the way when running full-screen games/applications. That support under Wayland hasn't been in place and thus there is a performance hit for full-screen Wayland-native software. But now thanks to Red Hat's Jonas Ådahl, that infrastructure now appears to be ready.

  • Xabber Server v.0.9 alpha is released

    After almost three years of research, planning and development we're proud to present the first public version of Xabber Server. Server is licensed under GNU AGPL v3 license, source code is available on GitHub. It is a fork of superb open source source XMPP server ejabberd by ProcessOne, with many custom protocol improvements an an all-new management panel.

  • September Edition of Plasma5 for Slackware

    After a summer hiatus during which I only released new packages for KDE Frameworks because they addressed a serious security hole, I am now back in business and just released KDE-5_19.09 for Slackware-current. The packages for KDE-5_19.09 are available for download from my ‘ktown‘ repository. As always, these packages are meant to be installed on a full installation of Slackware-current which has had its KDE4 removed first. These packages will not work on Slackware 14.2. On my laptop with slackware64-current, this new release of Plasma5 runs smooth.

  • Pen-testing duo cuffed for breaking into courthouse that hired them

    Later, the County official discovered that the two men were in fact, hired by the state court administration to try to "access" court records through "various means" to find out potential security vulnerabilities of the electronic court records.

    The state court administration acknowledged that the two men had been hired, but said they were not supposed to physically break into the courthouse.

  • Satellite, GNU Radio and SDR talks released

    Mark M5BOP reports the complete set of amateur radio technical talks from this year's Martlesham Microwave Round Table is now available to watch on YouTube Videos of these MMRT 2019 talks are available: • Practical GNUradio - Heather Lomond M0HMO

  • Destination Linux 138 - GNOME 3.34, Firefox 69, Librem 5, Chromebooks, Signal Messenger & more

    On DL 138 Gnome 3.34 Drops This Week, Super Grub2 Disk 2.04s1 Released, Firefox 69 Released, Purism Librem 5 Shipping, Chromebooks Targeting The Enterprise, Phantom 3D Coming To Linux

  • Agile project management: 10 reasons to use it

    On the road to change, you’ll encounter fear and loathing. People will undoubtedly cling to old ways of working. Successfully making it to the other side will require commitment, passionate change agents, and unwavering leadership. You might wonder – is it really worth it? Leaders who have made the switch to agile project management say that it has delivered benefits both large and small to their organizations, from the rituals that bring their team together – like daily stand-ups – to the results that make their business stronger – like better end products and happier customers.

Linux Kernel and Linux Foundation Leftovers

  • Improve memset
    
    since the merge window is closing in and y'all are on a conference, I
    thought I should take another stab at it. It being something which Ingo,
    Linus and Peter have suggested in the past at least once.
    
  • An Improved Linux MEMSET Is Being Tackled For Possibly Better Performance

    Borislav Petkov has taken to improve the Linux kernel's memset function with it being an area previously criticzed by Linus Torvalds and other prominent developers. Petkov this week published his initial patch for better optimizing the memset function that is used for filling memory with a constant byte.

  • Kernel Address Space Isolation Still Baking To Limit Data Leaks From Foreshadow & Co

    In addition to the work being led by DigitalOcean on core scheduling to make Hyper Threading safer in light of security vulnerabilities, IBM and Oracle engineers continue working on Kernel Address Space Isolation to help prevent data leaks during attacks. Complementing the "Core Scheduling" work, Kernel Address Space Isolation was also talked about at this week's Linux Plumbers Conference in Lisbon, Portugal. The address space isolation work for the kernel was RFC'ed a few months ago as a feature to prevent leaking sensitive data during attacks like L1 Terminal Fault and MDS. The focus on this Kernel ASI is for pairing with hypervisors like KVM as well as being a generic address space isolation framework.

  • The Linux Kernel Is Preparing To Enable 5-Level Paging By Default

    While Intel CPUs aren't shipping with 5-level paging support, they are expected to be soon and distribution kernels are preparing to enable the kernel's functionality for this feature to extend the addressable memory supported. With that, the mainline kernel is also looking at flipping on 5-level paging by default for its default kernel configuration. Intel's Linux developers have been working for several years on the 5-level paging support for increasing the virtual/physical address space for supporting large servers with vast amounts of RAM. The 5-level paging increases the virtual address space from 256 TiB to 128 PiB and the physical address space from 64 TiB to 4 PiB. Intel's 5-level paging works by extending the size of virtual addresses to 57 bits from 48 bits.

  • Interview with the Cloud Foundry Foundation CTO

    In this interview, Chip Childers, the CTO of the Cloud Foundry Foundation talks about some hot topics.

  • Research Shows Open Source Program Offices Improve Software Practices

    Using open source software is commonplace, with only a minority of companies preferring a proprietary-first software policy. Proponents of free and open source software (FOSS) have moved to the next phases of open source adoption, widening FOSS usage within the enterprise as well as gaining the “digital transformation” benefits associated with open source and cloud native best practices. Companies, as well as FOSS advocates, are determining the best ways to promote these business goals, while at the same time keeping alive the spirit and ethos of the non-commercial communities that have embodied the open source movement for years.

  • Linux Foundation Survey Proves Open-Source Offices Work Better

Releasing Slax 9.11.0

New school year has started again and next version of Slax is here too :) this time it is 9.11.0. This release includes all bug fixes and security updates from Debian 9.11 (code name Jessie), and adds a boot parameter to disable console blanking (console blanking is disabled by default). You can get the newest version at the project's home page, there are options to purchase Slax on DVD or USB device, as well as links for free download. Surprisingly for me we skipped 9.10, I am not sure why :) I also experimented with the newly released series of Debian 10 (code name Buster) and noticed several differences which need addressing, so Slax based on Debian 10 is in progress, but not ready yet. Considering my current workload and other circumstances, it will take some more time to get it ready, few weeks at least. Read more Also: Slax 9.11 Released While Re-Base To Debian 10 Is In Development