Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 18 Oct 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story today's howtos Roy Schestowitz 18/10/2018 - 2:39pm
Story Graphics: Open-Source Qualcomm Graphics Support, Advances in Mesa Continuous Integration and Status Update for Virgl Roy Schestowitz 18/10/2018 - 2:08pm
Story Raspbian Linux distribution updated, but with one unexpected omission Roy Schestowitz 18/10/2018 - 2:06pm
Story Games: Kingdom Rush Origins, Jackbox Games, Gaming on the Latest Ubuntu Roy Schestowitz 18/10/2018 - 2:02pm
Story 2nd New MakuluLinux Release Offers Flash and Substance Roy Schestowitz 18/10/2018 - 1:25pm
Story Today in Techrights Roy Schestowitz 18/10/2018 - 12:36pm
Story OSS Leftovers Roy Schestowitz 18/10/2018 - 12:08pm
Blog entry 5 Best Data Recovery Tools For Linux To Recover Data Or Deleted Partitions Mohd Sohail 1 18/10/2018 - 11:44am
Blog entry Blog posts Roy Schestowitz 1 18/10/2018 - 11:44am
Blog entry Happy Easter and Remarkable Spring Rianne Schestowitz 2 18/10/2018 - 11:44am

Proprietary: Lightworks 14.5 Released, Carnegie Mellon is Saving Old Software from Oblivion

Filed under
Software
  • Lightworks 14.5 Video Editor Released With Same-Day Linux Support But Still No Source

    Lightworks, the long-standing non-linear video editing system that has offered a native Linux build the past few years after being challenged by delays for a few years, is out today with version 14.5 and comes with Linux, macOS, and Windows support.

    Lightworks 14.5 succeeds the Lightworks 14.0 release from a year and a half ago as the latest major update for this cross-platform software owned by EditShare. This new release has user-interface improvements, variable frame-rate media support, higher GPU precision settings, Reaper export support, AC-3 audio support in various formats, support for Blackmagic RAW files, and a variety of other enhancements.

  • Carnegie Mellon is Saving Old Software from Oblivion

    In early 2010, Harvard economists Carmen Reinhart and Kenneth Rogoff published an analysis of economic data from many countries and concluded that when debt levels exceed 90 percent of gross national product, a nation’s economic growth is threatened. With debt that high, expect growth to become negative, they argued.

    This analysis was done shortly after the 2008 recession, so it had enormous relevance to policymakers, many of whom were promoting high levels of debt spending in the interest of stimulating their nations’ economies. At the same time, conservative politicians, such as Olli Rehn, then an EU commissioner, and U.S. congressman Paul Ryan, used Reinhart and Rogoff’s findings to argue for fiscal austerity.

Themes With Emphasis on GTK/GNOME

Filed under
GNU
Linux
GNOME
  • Stylish Gtk Themes Makes Your Linux Desktop Look Stylish

    There are plenty of nice themes available for Gnome desktop and many of them are in active development. Stylish theme pack is one of the great looking pack around since 2014 and constantly evolving. It offers stylish clean and flat design themes for Gtk-3 and Gtk-2, including Gnome shell themes. Stylish theme pack is based Materia theme and support almost every desktop environment such as Gnome, Cinnamon, Mate, Xfce, Mate, Budgie, Panteon, etc.
    We are offering Stylish themes via our PPA for Ubuntu/Linux Mint. If you are using distribution other than Ubuntu/Linux Mint then download this pack directly from its page and install it in this location "~/.themes" or "/usr/share/themes". Since Stylish theme pack is in active development that means if you encounter any kind of bug or issue with it then report it to get fixed in the next update.

  • Delft: Another Great Icon Pack In Town Forked From Faenza Icons

    In past, you may have used Faenza icon theme or you still have it set on your desktop. Delft icons are revived version of Faenza and forked from Faenza icon theme, maybe it is not right to say 'revived' because it looks little different from Faenza theme and at the same time it stays close to the original Faenza icons, it is released under license GNU General Public License V3. The theme was named after a dutch city, which is known for its history, its beauty, and Faenza in Italy. The author who is maintaining Delft icons saw that Faenza icons haven't been updated from some years and thought to carry this project. There are some icons adopted from the Obsidian icon theme.
    Delft icon pack offer many variants (Delft, Delft-Amber, Delft-Aqua, Delft-Blue, Delft-Dark, Delft-Gray, Delft-Green, Delft-Mint, Delft-Purple, Delft-Red, Delft-Teal) including light and dark versions for light/dark themes, you can choose appropriate one according to your desktop theme. These icons are compatible with most of the Linux desktop environments such as Gnome, Unity, Cinnamon, Mate, Lxde, Xfce and others. Many application icons available in this icons pack and if you find any missing icon or want to include something in this icon pack or face any kind of bug then report it to creator.

  • Give Your Desktop A Sweet Outlook With Sweet Themes Give Your Desktop A Sweet Outlook With Sweet Themes

    It is feels bit difficult to describe this theme we are going to introduce here today. Sweet theme pack looks and feel very different on the desktop but at the same time make the Linux desktop elegant and eye catching. Maybe these are not perfect looking themes available but it lineup in the perfect theme queue. You may say, I don't like it in screenshots, let me tell you that you should install it on your system and if you don't like then you already have option to remove it. So there is no harm to try a new thing, maybe this is next best theme pack for your Linux desktop.

Open-source hardware could defend against the next generation of hacking

Filed under
Hardware
OSS
Security

Imagine you had a secret document you had to store away from prying eyes. And you have a choice: You could buy a safe made by a company that kept the workings of its locks secret. Or you could buy a safe whose manufacturer openly published the designs, letting everyone – including thieves – see how they’re made. Which would you choose?

It might seem unexpected, but as an engineering professor, I’d pick the second option. The first one might be safe – but I simply don’t know. I’d have to take the company’s word for it. Maybe it’s a reputable company with a longstanding pedigree of quality, but I’d be betting my information’s security on the company upholding its traditions. By contrast, I can judge the security of the second safe for myself – or ask an expert to evaluate it. I’ll be better informed about how secure my safe is, and therefore more confident that my document is safe inside it. That’s the value of open-source technology.

Read more

Ubuntu 18.10: What’s New? [Video]

Filed under
Ubuntu

But how do you follow up the brilliant Bionic Beaver?

It’s far from being an easy task and, alas, the collected changes you’ll find accrued in the ‘Cosmic Cuttlefish’ are of the “down-to-earth” variety rather than the “out-of-this-world” ones you might’ve been hoping for.

But don’t take our word for it; find out yourself by watching our Ubuntu 18.10 video (and it’s best watched with headphones because, ahem, I can level sound properly).

In 3 minute and 18 seconds we whizz you through everything that’s new, neat and noticeable in Ubuntu 18.10.

Read more

today's howtos

Filed under
HowTos

AMD Graphics: AMD Radeon GPU, Mesa VCN JPEG Decode Patches Posted For AMD Raven Ridge

Filed under
Graphics/Benchmarks
  • Coreboot's Flashrom Working On Radeon GPU Flashing Support

    Former RadeonHD driver developer Luc Verhaegen is back at the AMD Radeon GPU reverse-engineering game. He's now pursuing Radeon firmware flashing with the Coreboot Flashrom utility.

  • Mesa VCN JPEG Decode Patches Posted For AMD Raven Ridge

    With the imminent Linux 4.19 kernel release there is VCN JPEG decode support within the AMDGPU DRM driver for use with Raven Ridge APUs. The accompanying user-space patches for the Radeon Gallium3D code have now been posted for making this functionality work on the Linux desktop with these Zen+Vega APUs.

    Now that the kernel-side bits for accelerated JPEG decoding using the "Video Core Next" block are in place, the Mesa/Gallium3D patches were posted today for getting this functionality enabled and working for Raven Ridge. VCN as a reminder is the new unified video encode/decode block with Raven that succeeds the UVD video decoding and VCE video encoding blocks on the GPU.

Security: DMARC, ShieldX, Spectre V2, Equifax/TransUnion and More

Filed under
Security
  • DMARC Email Security Adoption Soars as US Government Deadline Hits
  • ShieldX Integrates Intention Engine Into Elastic Security Platform

    ShieldX announced its new Elastic Security Platform on Oct. 17 providing organizations with Docker container based data center security, that uses advanced machine learning to determine intent.

    At the core of the Elastic Security Platform is a technology that ShieldX calls the Adaptive Intention Engine that automatically determines the right policy and approach for security controls across multicloud environments. The intent-based security model can provide network microsegmentation, firewall and malware detection capabilities, among other features.

  • Spectre V2 "Lite" App-To-App Protection Mode Readying For The Linux Kernel

    We are approaching one year since the Spectre and Meltdown CPU vulnerabilities shocked the industry, and while no new CPU speculative execution vulnerabilities have been made public recently, the Linux kernel developers continue improving upon the Spectre/Meltdown software-based mitigation techniques for helping to offset incurred performance costs with current generation hardware.

  • Another Massive Credit Reporting Database Breached By Criminals

    Lots of companies like gathering lots of data. Many do this without explicit permission from the people they're collecting from. They sell this info to others. They collect and collect and collect and it's not until there's a problem that many people seem to feel the collection itself is a problem.

    The Equifax breach is a perfectly illustrative case. Lenders wanted a service that could rate borrowers quickly to determine their trustworthiness. This required a massive amount of data to be collected from numerous creditors, along with personally-identifiable information to authenticate the gathered data. The database built by Equifax was a prime target for exploitation. That this information would ultimately end up in the hands of criminals was pretty much inevitable.

    But Equifax isn't the only credit reporting service collecting massive amounts of data but failing to properly secure it. TransUnion not only collects a lot of the same information, but it sells access to cops, lenders, private investigators, landlords… whoever might want to do one-stop shopping for personal and financial data. This includes criminals, because of course it does.

  • Security updates for Wednesday
  • LibSSH Flaw Allows Hackers to Take Over Servers Without Password
  • This iPhone Passcode Bypass Allows Hackers To View And Share Your Images

    If you look at the video, the iOS vulnerability can be seen as part of running accessibility features on the device. He used the iPhone VoiceOver feature and the Siri assistant to access the Photo Library, open photos and send them to another device chosen by the attacker.

Programming: Thorntail 2.2 General Availability, OpenJDK, LLVM 7, wlc 0.9, Pango Development

Filed under
Development
  • Announcing: Thorntail 2.2 General Availability

    Today Red Hat is making Thorntail 2.2 generally available to Red Hat customers through a subscription to Red Hat OpenShift Application Runtimes (RHOAR). RHOAR provides application developers with a variety of application runtimes running on the OpenShift Container Platform.

    Thorntail is the new name for WildFly Swarm, and bundles everything you need to develop and run Thorntail and MicroProfile applications by packaging server runtime libraries with your application code and running it with java -jar. It speeds up the transition from monoliths to microservices and takes advantage of your existing industry standard Java EE technology experience.

  • The history and future of OpenJDK

    In the second half of 2017, a number of major changes were announced in the Java ecosystem that have the potential to force a reassessment of Java roadmaps and vendor selection for enterprise Java users. Some of the changes are happening in the upstream OpenJDK (Open Java Development Kit) community, and some of the changes are happening in proprietary commercial distributions of Java. Red Hat anticipates that many of our customers will need to review their current Java plans and we want to take this opportunity to review the history of our relationship with the OpenJDK community, discuss the changes in the Java ecosystem, and describe Red Hat’s Java offerings. Subsequent posts will cover the ecosystem changes and Red Hat’s plans going forward.

  • LLVM 7 improves performance analysis, linking

    The developers behind LLVM, the open-source framework for building cross-platform compilers, have unveiled LLVM 7. The new release arrives right on schedule as part of the project’s cadence of major releases every six months.

    LLVM underpins several modern language compilers including Apple’s Swift, the Rust language, and the Clang C/C++ compiler. LLVM 7 introduces revisions to both its native features and to companion tools that make it easier to build, debug, and analyze LLVM-generated software.

  • wlc 0.9

    wlc 0.9, a command line utility for Weblate, has been just released. There are several new commands like translation file upload or repository cleanup. The codebase has been also migrated to use requests instead of urllib.

  • A pango update

    Pango development has been slow in the last few years, while most of the work on the text rendering stack has moved to harfbuzz. But recently, Behdad and I got together for a pango work day, and made some plans, which we want to share. The underlying goal of these changes is to ensure that GTK+ and GNOME continue to have a competitive text rendering stack, and to avoid pango becoming a roadblock for this.

  • GNOME Developers Are Looking At Sprucing Up Pango

    GNOME developers want to make sure they have a competitive text rendering stack with other platforms and as such are looking to make some modernization improvements to Pango.

    Pango as a refresher is the text layout library used by GTK+ as well as other applications and works in hand with the HarfBuzz shaping engine for the display/placement of text.

Mozilla: Search, Decentralised Web and Rust

Filed under
Moz/FF
  • Searchfox in Phabricator extension

    Being able to search code while reviewing can be really useful, but unfortunately it’s not so straightforward. Many people resort to loading the patch under review in an IDE in order to be able to search code.

    Being able to do it directly in the browser can make the workflow much smoother.

    To support this use case, I’ve built an extension for Phabricator that integrates Searchfox code search functionality directly in Phabricator differentials. This way reviewers can benefit from hovers, go-to-definition and find-references without having to resort to the IDE or without having to manually navigate to the code on searchfox.org or dxr.mozilla.org. Moreover, compared to searchfox.org or dxr.mozilla.org, the extension highlights both the pre-patch view and the post-patch view, so reviewers can see how pre-existing variables/functions are being used after the patch.

  • Searching Made Faster, the Latest Firefox Exploration

    earch is one of the most common activities that people do whenever they go online. At Mozilla, we are always looking for ways to streamline that experience to make it fast, easy and convenient for our users.

    Our Firefox browser provides a variety of options for people to search the things and information they seek when they’re on the web, so we want to make search even easier. For instance, there are two search boxes on every home or new tab page – one is what we call the “awesome bar” also known as the URL bar, and the other is the search box in the home/new tab pages.

    In the awesome bar, users can use a shortcut to their queries by simply entering a predefined keyword (like @google) and typing the actual search term they are seeking, whether it’s the nearest movie theater location and times for the latest blockbuster movie or finding a sushi restaurant close to their current location. These Search Keywords have been part of the browser experience for years, yet it’s not commonly known. Here’s a hint to enable it: Go to “Preferences,” then “Search” and check “ One-Click Search Engines”.

  • Dweb: Decentralised, Real-Time, Interoperable Communication with Matrix

    Matrix is an open standard for interoperable, decentralised, real-time communication over the Internet. It provides a standard HTTP API for publishing and subscribing to real-time data in specified channels, which means it can be used to power Instant Messaging, VoIP/WebRTC signalling, Internet of Things communication, and anything else that can be expressed as JSON and needs to be transmitted in real-time over HTTP. The most common use of Matrix today is as an Instant Messaging platform.

  • This Week in Rust 256

GNU: GCC 9 Feature Development Is Ending Next Month, GCC's Test Suite To Begin Testing C++17 By Default

Filed under
Development
GNU
  • GCC 9 Feature Development Is Ending Next Month

    There is just three weeks left for GNU toolchain developers to finish landing new feature material in GCC 9.0 ahead of next year's GCC 9.1 stable release.

    Richard Biener of SUSE announced today that GCC's "stage 1" development will shift to "stage 3" on 11 November. This marks the point at which open feature development is over and will then focus on bug-fixing... No new features are generally allowed in during this stage. On 6 January 2019 is when they intend to begin their final period of only working on regression fixes and documentation updates.

  • GCC's Test Suite To Begin Testing C++17 By Default

    GCC's test suite will soon begin testing the C++17 standard as part of its C++98/11/14 standard tests by default... This doesn't affect the default C++ standard used by the GCC G++ compiler at this point, but at least will help eliminate any lingering C++17 bugs as well as helping to stop regressions in the future.

    With the GCC test suite's test cases having cleared through the last of the C++17 issues, Marek Polacek of Red Hat sent out the patch today to begin testing C++17 by default when running its test suite. C++17 is tested in addition to the earlier C++98, C++11, and C++14 standards.

KDE and openSUSE, Leap 15.1

Filed under
SUSE
  • KDE and openSUSE: Plasma 5.14, Qt 5.12 and more

    Plasma 5.14 was released with many improvements.

    It was planned to have it in a released in a Tumbleweed snapshot on the same day, but openQA issues prevented snapshot 20181008 from getting published. Instead, Tumbleweed users got it with snapshot 20181009 on Thursday morning. Currently, 5.14.1 is staged to be accepted in Tumbleweed.

    To get it on Leap 15 (and even 42.3 with restrictions), you can add https://en.opensuse.org/SDB:KDE_repositories#KDE_Frameworks_5.2C_Plasma_5_and_Applications. Note that those are not part of the official distribution and therefore not as well supported.

  • OpenSUSE Begins Preparing For Leap 15.1 (15 Service Pack 1)

    As part of some brief openSUSE news today, some early details concerning Leap 15 Service Pack 1 (Leap 15.1) were shared.

    The main user-facing changes of the forthcoming openSUSE Leap 15.1 is that with this first service pack release Qt WebKit is being removed from the default installation. On the desktop side it will be shipping KDE Plasma 5.12 LTS in its latest point release at the time. It will also be shipping with the very latest KDE Applications and KDE Frameworks packages.

Games: RimWorld, Civilization VI, Steam Play's Proton

Filed under
Gaming

Linux-powered Jetson Xavier module gains third-party carriers

Filed under
Linux

CTI announced two carrier boards for the Nvidia’s AI/robotics focused Jetson AGX Xavier module: a compact Rogue carrier and a Mimic Adapter that plugs the Xavier into any CTI Jetson TX2/TX2i/TX1 carrier.

Connect Tech, Inc. (CTI) has released two new developer options for Nvidia’s octa-core Jetson AGX Xavier computer-on-module, which is already supported by Nvidia’s innovative, $1,299 Jetson Xavier Developer Kit . Like the official dev kit, CTI’s 105 x 92mm Rogue board is approximately the same size as the 105 x 87 x 16mm Xavier, making it easier to use for robotics applications.

Read more

today's leftovers

Filed under
Misc
  • Linux-Focused Penguin Computing Banking On AI Infrastructure
  • Spinnaker: The Kubernetes of Continuous Delivery

    Comparing Spinnaker and Kubernetes in this way is somewhat unfair to both projects. The scale, scope, and magnitude of these technologies are different, but parallels can still be drawn.

    Just like Kubernetes, Spinnaker is a technology that is battle tested, with Netflix using Spinnaker internally for continuous delivery. Like Kubernetes, Spinnaker is backed by some of the biggest names in the industry, which helps breed confidence among users. Most importantly, though, both projects are open source, designed to build a diverse and inclusive ecosystem around them.

  • Tracktion 7 – A Full Featured Digital Audio Workstation for Music Creators [Ed: When "free, cross-platform" is just a marketing term for proprietary software with a restrictive licence]

    FossMint has covered software for audio creation and manipulation in the past (e.g. Ardour and Audacity) and we even covered Operating Systems created with media creation in focus (e.g Ubuntu Studio and AV Linux).

    Today, we bring you an amazing tool for professional use that anybody with an interest in music creation and time can easily make use of. It goes by the name of Tracktion 7.

    Tracktion 7 is a free, cross-platform, DAW (Digital Audio Workstation) for music creators of all classes. It features an equalizer, input, waveform, level, pan, and plugins which are all displayed left-to-right in an intuitive single-screen interface.

    Its users have access to an unlimited number of audio and MIDI tracks coupled with tools to facilitate easier music composing, recording, mixing, and sharing processes.

  • KDE Bugsquad – Konsole Bug Day on October 20th, 2018

    We will be holding a Bug Day on October 20th, 2018, focusing on Konsole. Join at any time, the event will be occurring all day long!

    This is a great opportunity for anyone, especially non-developers to get involved!

  • KDE Plasma5 for Slackware – october ’18 batch

    Today the Plasma developer team released Plasma 5.14.1 which was what I was waiting for. I was a bit hesitant to add a major new release (5.14.0) to my monthly refresh for Slackware and opted for this point release.

    And now “KDE-5_18.10” has been uploaded to the ‘ktown‘ repository. Again I was able to offer a full set of updates.

    What’s new

    The October release of KDE Plasma5 for Slackware contains the KDE Frameworks 5.51.0, Plasma 5.14.1 and Applications 18.08.2. All this on top of Qt 5.11.2 which was updated inbetween the two monthly ‘ktown’ releases.
    There were two updates in the ‘extras’ section for Applications: new versions for ‘krita’ and ‘okteta”. The ‘deps’ section saw some changes as well: ‘PyQt5’ was updated to work properly with Qt 5.11.2, a newer version of ‘sip’ had to be added for that same reason – it replaces the somewhat older Slackware package. And a new package ‘python-enum34’ package had to be added, it is a dependency for the Python2 support in PyQt5.

  • How to accelerate your digital transformation with open source technologies

    Businesses worldwide are on track to spend $1.1 Trillion on Digital Transformation in 2018 according to IDC. Executives tasked with driving transformation have to balance funding innovation initiatives with keeping the lights on. Maintaining existing infrastructure is necessary but when much of the budget is used to maintain the status quo, transformation efforts slow down to a crawl. New competitors disrupting established companies are not saddled with the burden of maintaining legacy infrastructure. They can innovate faster, using new business models and technologies like Cloud Computing, Artificial Intelligence, industrial IoT, and Real Time Analytics. What do all these technologies have in common? The foundation for these transformational technologies is open source software.

  • Shutter Removed From Ubuntu 18.10 And Debian Unstable, New PPA Available

    The popular screenshot tool, which uses Gtk2 and Perl, was one of the very few packages that blocked Debian (and Ubuntu) from removing the obsolete libgnome2-perl and libgnome2-vfs-perl from the repository archive. Since Shutter doesn't work without these packages, it was removed from the Debian Unstable and Ubuntu 18.10 repositories.

  •  

  • La Frite Linux Mini Computer Looks Like An Ultra-affordable Raspberry Pi Alternative

    Raspberry Pi has been able to inspire a wide range of open source Linux computer boards. Some of the notable names include Orange Pi, Asus Tinker Board, Banana Pi, etc. Also, from time-to-time, new and promising projects keep appearing on Kickstarter and Indiegogo that promise to provide a better value at lower cost.

    Just recently, I came across a similar project that goes by the name La Frite. This open source mini computer is available for backing and it aims to ship in November. The project has already crossed its $10,000 aim.

  • The New Kindle Paperwhite is Waterproof, Still Affordable [Ed: These run Linux, but Bezos uses these to remotely delete your books...]
  • The new Kindle Paperwhite is thinner and waterproof

    The Voyage may be dead, but the Kindle line still has some life left in it. This time last year, Amazon upgraded the high-end Oasis model, and now the mid-range Paperwhite is getting a little love.The workhorse of the company’s devoted e-reader line just got a handful of upgrades that will give users a more premium experience, while keeping the device’s starting price at $130.

OSS Leftovers

Filed under
OSS
  • We already have nice things, and other reasons not to write in-house ops tools

    When I was an ops consultant, I had the "great fortune" of seeing the dark underbelly of many companies in a relatively short period of time. Such fortune was exceptionally pronounced on one client engagement where I became the maintainer of an in-house deployment tool that had bloated to touch nearly every piece of infrastructure—despite lacking documentation and testing. Dismayed at the impossible task of maintaining this beast while tackling the real work of improving the product, I began reviewing my old client projects and probing my ops community for their strategies. What I found was an epidemic of "not invented here" (NIH) syndrome and a lack of collaboration with the broader community.

  • Open Source Program Benefits Survey Results

    There are many organizations out there, from companies like Red Hat to internet scale giants like Google and Facebook that have established an open source programs office (OSPO). The TODO Group, a network of open source program managers, recently performed the first ever annual survey of corporate open source programs and revealed some interesting findings on the actual benefits of open source programs.

  • LLVM Still Proceeding With Their Code Relicensing

    It's been three years since the original draft proposal for relicensing the LLVM compiler code was sent out and while there hasn't been a lot to report on recently about the effort, they are making progress and proceeding.

    Since 2015 LLVM developers have been discussing relicensing to an Apache 2.0 license to help motivate new contributors, protect users of LLVM code, better protect existing contributors, ensure that LLVM run-time libraries can be used by both other open-source and proprietary compilers.

  • Automating upstream releases with release-bot

    Good news: We have developed a tool called release-bot that automates the process. All you need to do is file an issue into your upstream repository and release-bot takes care of the rest. But let’s not get ahead of ourselves. First, let’s look at what needs to be set up for this automation to happen. I’ve chosen the meta-test-family upstream repository as an example.

Security: Facebook, GNU Binutils and Epson/HP

Filed under
Security
  • What To Do If Your Account Was Caught in the Facebook Breach

    Keeping up with Facebook privacy scandals is basically a full-time job these days. Two weeks ago, it announced a massive breach with scant details. Then, this past Friday, Facebook released more information, revising earlier estimates about the number of affected users and outlining exactly what types of user data were accessed. Here are the key details you need to know, as well as recommendations about what to do if your account was affected.

    30 Million Accounts Affected

    The number of users whose access tokens were stolen is lower than Facebook originally estimated. When Facebook first announced this incident, it stated that attackers may have been able to steal access tokens—digital “keys” that control your login information and keep you logged in—from 50 to 90 million accounts. Since then, further investigation has revised that number down to 30 million accounts.

    The attackers were able to access an incredibly broad array of information from those accounts. The 30 million compromised accounts fall into three main categories. For 15 million users, attackers access names and phone numbers, emails, or both (depending on what people had listed).

  • GNU Binutils read_reloc Function Denial of Service Vulnerability [CVE-2018-18309]
  • Security Updates Are Even Breaking Your Printer (On Purpose)

    Printer manufacturers hate third-party ink cartridges. They want you buying the expensive, official ones. Epson and HP have issued sneaky “updates” that break these cheaper cartridges, forcing you to buy the expensive ones.

    HP pioneered this technique back in 2016, rolling out a “security update” to its OfficeJet and OfficeJet Pro printers that activated a helpful new feature—helpful for HP’s bottom line, at least. Now, before printing, the printer would verify you’re using new HP ink cartridges. If you’re using a competitor’s ink cartridge or a refilled HP ink cartridge, printing would stop. After some flaming in the press, HP sort-of apologized, but not really.

Kernel: Keeping Control in the Hands of the User and KUnit

Filed under
Linux
  • Keeping Control in the Hands of the User

    Various efforts always are underway to implement Secure Boot and to add features that will allow vendors to lock users out of controlling their own systems. In that scenario, users would look helplessly on while their systems refused to boot any kernels but those controlled by the vendors.

    The vendors' motivation is clear—if they control the kernel, they can then stream media on that computer without risking copyright infringement by the user. If the vendor doesn't control the system, the user might always have some secret piece of software ready to catch and store any streamed media that could then be shared with others who would not pay the media company for the privilege.

    Recently, Chen Yu and other developers tried to submit patches to enhance Secure Boot so that when the user hibernated the system, the kernel itself would encrypt its running image. This would appear to be completely unnecessary, since as Pavel Machek pointed out, there is already uswsusp (userspace software suspend), which encrypts the running image before suspending the system. As Pavel said, the only difference was that uswusp ran in userspace and not kernel space.

  • Google Engineer Proposes KUnit As New Linux Kernel Unit Testing Framework

    Google engineer Brendan Higgins sent out an experimental set of 31 patches today introducing KUnit as a new Linux kernel unit testing framework to help preserve and improve the quality of the kernel's code.

    KUnit is a unit testing framework designed for the Linux kernel and inspired by the well known JUnit as well as Googletest and other existing unit testing frameworks for designing unit tests and related functionality.

DragonFlyBSD Continues Squeezing More Performance Out Of AMD's Threadripper 2990WX

Filed under
Graphics/Benchmarks

DragonFlyBSD 5.4 should be a really great release if you are a BSD user and have an AMD Threadripper 2 box, particularly the flagship Threadripper 2990WX 32-core / 64-thread processor.

The project leader of this long ago fork from FreeBSD, Matthew Dillon, has been quite outspoken about the Threadripper 2990WX since he purchased one earlier this summer. This prolific BSD developer has been praising the performance out of the Threadripper 2990WX since he got the system working on the current DragonFlyBSD 5.3 development builds.

Since getting DragonFlyBSD running on the Threadripper 2 hardware in August, he's routinely been making performance tuning optimizations to DragonFly's kernel to benefit the 2990WX given its NUMA design.

Read more

Syndicate content

More in Tux Machines

Stable kernels 4.18.15, 4.14.77 and 4.9.134

Official TV HAT brings DVB-T2 streaming to the Raspberry Pi

The Raspberry Pi Foundation has launched a Raspberry Pi TV HAT with a Sony CXD2880 TV tuner for receiving DVB-T2 transmissions in Europe. The $21.50 board debuts a half-size HAT format. The computer that was born to empower technology education in the UK can now be rejiggered into an old-fashioned idiot box. The Raspberry Pi Foundation has produced an official HAT add-on board for the Raspberry Pi with a Digital Video Broadcast (DVB) tuner that receives terrestrial TV signals. The $21.50 Raspberry Pi TV HAT lets you stream DTV-T2 and DTV-T video in the UK and Europe. Read more

today's howtos

A Bright Spotlight on elementary OS 5.0

It's really bright. elementary OS 5.0 is the best release so far by mainly it's AppCenter uniqueness and richest of desktop features ever among the prior releases. The thing I love the most is the fact that elementary OS developers contribute greatly to our community which we didn't see anything like that before: they created a new software distribution platform similar to what we previously saw on Apple macOS, except it's for free/libre open source software, by allowing app developers to get paid directly by the users (with the so-called "pay-what-you-want" system). elementary OS is popular, as you may see on Distrowatch, so we can expect bright future for the health of its apps market (and hope more developers getting attracted to join). The desktop is really usable, the shortcut keys are visible (by pressing Super key) and customizable, its enhanced with parental control as well as Night Light, the apps are plenty and still growing in numbers, plus it's compatible with Ubuntu 18.04 so you can install thousands of packages if you wish right now. I can run it really smooth on an Intel 967 CPU with 4GB RAM (Intel Graphics). I hope it will be smoother on your systems. I wish this quick review of mine helps you a lot to get attracted to elementary OS and soon be a happy user. Read more