Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 23 Sep 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Games: Morphite, Mooseman, Arma, and PlayStation 4 DualShock Controller Roy Schestowitz 20/09/2017 - 7:53pm
Story Debian Development Reports Roy Schestowitz 20/09/2017 - 7:51pm
Story The GNOME Foundation Backs Librem 5 Roy Schestowitz 20/09/2017 - 7:22pm
Story Wine Staging 2.17 Roy Schestowitz 20/09/2017 - 7:16pm
Story 7 Things You Should Know About… Open Source Projects in Education Roy Schestowitz 20/09/2017 - 6:46pm
Story A Quick Review Of PCLinuxOS Mohd Sohail 20/09/2017 - 5:04pm
Story Development: RTOS, LipidFinder, Github Threat, and Stack Overflow Survey Roy Schestowitz 1 20/09/2017 - 4:04pm
Story Android/Linux Devices: Fire OS/Fire HD, Chromebook Pixel, Pixel 2 XL Roy Schestowitz 20/09/2017 - 4:02pm
Story Security: Equifax, Kodi, Infrared, and Windows XP in 2017 Roy Schestowitz 20/09/2017 - 3:49pm
Story Flock 2017, Fedora 27, and New Fedora 26 (F26) ISO Roy Schestowitz 20/09/2017 - 3:44pm

Programming: PyCon, Python, NativeScript and NVIDIA 381.26.17

Filed under
Development
  • [Older] Two days remaining for PyCon Pune 2018 CFP

    The CFP for PyCon Pune 2018 will close at the end of 15th September AOE. If you are thinking about submitting a talk, this is a good time to do that. The conference will happen from 8-11th February in Pune, India. The first 2 days are the main conference, a single track event where will have around 650 people. The last two days will be devsprints.

  • Python security transparency

    As Steve Dower noted in his lightning talk at the 2017 Python Language Summit, Python itself can be considered a security vulnerability—because of its power, its presence on a target system is a boon to attackers. Now, Dower is trying to address parts of that problem with a Python Enhancement Proposal (PEP) that would enable system administrators and others to detect when Python is being used for a nefarious purpose by increasing the "security transparency" of the language. It is not a solution that truly thwarts an attacker's ability to use Python in an unauthorized way, but will make it easier for administrators to detect, and eventually disable, those kinds of attacks.

  • Open Source NativeScript Mobile Framework Tackles Augmented Reality

    With augmented reality the new hotness in the mobile development space, companies right and left are jumping on the AR bandwagon, including Progress, which just announced upcoming support in its open source, cross-platform NativeScript framework.

    AR, popularized last year by the runaway success of Pokémon GO, lets developers enhance real-world imagery with computer-generated sensory input, such as graphics and sound.

  • NVIDIA 381.26.17 Adds Vulkan 1.0.61 Support

    For those wanting the bleeding-edge NVIDIA Vulkan driver support, a new beta was pushed out today providing same-day support for the Vulkan 1.0.61 update.

Software: OpenStack Charms 17.08, PiCluster 2.2 and More

Filed under
Software
  • OpenStack Charms 17.08 release!

    The OpenStack Charms team is pleased to announce that the 17.08 release of the OpenStack Charms is now available from jujucharms.com!

    In addition to 204 bug fixes across the charms and support for OpenStack Pike, this release includes a new charm for Gnocchi, support for Neutron internal DNS, Percona Cluster performance tuning and much more.

  • Go Serverless with new PiCluster 2.2

    I am pleased to introduce the new release of PiCluster! In PiCluster 2.2, there is now support to deploy functions! With this new feature, applications can spin up containers themselves and retrieve data from the PiCluster server. Let’s explore how this works.

    When a function is finished running, the container is automatically deleted and the output is stored on the server. When the application requests the data from the server, the data is removed as well.

  •  

  • Plasma publictransport rewrite – Part II

    Last time we heard the publictransport applet was being re-written was almost a year back now. Since then, it has indeed gone through some sorts of rewrite, but at the Randa meetings, 2017, this has taken a whole new course.

  • Spam filtering with Rspamd

    Running one's own mail system on the Internet has become an increasingly difficult thing to do, to the point that many people don't bother, even if they have the necessary skills. Among the challenges is spam; without effective spam filtering, an email account will quickly drown under a deluge of vile offers, phishing attempts, malware, and alternative facts. Many of us turn to SpamAssassin for this task, but it's not the only alternative; Rspamd is increasingly worth considering in this role. Your editor gave Rspamd a spin to get a sense for whether switching would be a good thing to do.

    SpamAssassin is a highly effective tool; its developers could be forgiven for thinking that they have solved the spam problem and can move on. Which is good, because they would appear to have concluded exactly that. The "latest news" on the project's page reveals that the last release was 3.4.1, which came out in April 2015. Stability in a core communications tool is good but, still, it is worth asking whether there is really nothing more to be done in the area of spam filtering.

  • Finding driver bugs with DR. CHECKER

    Drivers are a consistent source of kernel bugs, at least partly due to less review, but also because drivers are typically harder for tools to analyze. A team from the University of California, Santa Barbara has set out to change that with a static-analysis tool called DR. CHECKER. In a paper [PDF] presented at the recent 26th USENIX Security Symposium, the team introduced the tool and the results of running it on nine production Linux kernels. Those results were rather encouraging: "it correctly identified 158 critical zero-day bugs with an overall precision of 78%".

Kernel: LWN Linux Articles (Now Free), Testers Wanted

Filed under
Linux
  • CPU frequency governors and remote callbacks

    The kernel's CPU-frequency ("cpufreq") governors are charged with picking an operating frequency for each processor that minimizes power use while maintaining an adequate level of performance as determined by the current policy. These governors normally run locally, with each CPU handling its own frequency management. The 4.14 kernel release, though, will enable the CPU-frequency governors to control the frequency of any CPU in the system if the architecture permits, a change that should improve the performance of the system overall.

    For a long time, the cpufreq governors used the kernel's timer infrastructure to run at a regular interval and sample CPU utilization. That approach had its shortcomings; the biggest one was that the cpufreq governors were running in a reactive mode, choosing the next frequency based on the load pattern in the previous sampling period. There is, of course, no guarantee that the same load pattern will continue after the frequency is changed. Additionally, there was no coordination between the cpufreq governors and the task scheduler. It would be far better if the cpufreq governors were proactive and, working with the scheduler, could choose a frequency that suits the load that the system is going to have in the next sampling period.

  • A last-minute MMU notifier change

    One does not normally expect to see significant changes to an important internal memory-management mechanism in the time between the ‑rc7 prepatch and the final release for a development cycle, but that is exactly what happened just before 4.13 was released. A regression involving the memory-management unit (MMU) notifier mechanism briefly threatened to delay this release, but a last-minute scramble kept 4.13 on schedule and also resulted in a cleanup of that mechanism. This seems like a good time to look at a mechanism that Linus Torvalds called "a badly designed mistake" and how it was made to be a bit less mistaken.

  • A pile of stable kernel updates
  • Improving Linux laptop battery life: Testers Wanted

Security: Eugene Kaspersky, IT security in the EU, CouchDB, Telcos, D-Link, Bluetooth, and Fitbit

Filed under
Security

CentOS 7.4 Is Now Available for 64-Bit, ARM64, ARMhfp, POWER7 & POWER8 Machines

Filed under
OS
Red Hat

CentOS developers Karanbir Singh and Jim Perrin announced the release of the CentOS 7.4 operating system for supported architectures, a release that brings all the latest updates and security patches.

Read more

Ubuntu and GNOME Devs Team Up to Ease Your "Unity to GNOME" Transition

Filed under
GNOME
Ubuntu

The Ubuntu 17.10 (Artful Aardvark) operating system is only a few weeks away, and it will be shipping with the recently released GNOME 3.26 desktop environment by default, running on top of the next-generation Wayland display server.

Read more

also: Canonical Adds Support for GNOME's JHBuild Tool to Its Snapcraft Snappy Creator

Containers: Kubernetes, Heptio, and Oracle

Filed under
Server
  • Kubernetes, containers help mainstream open-source software

    Open-source software is now a key part of the tech world, matching proprietary software through a combination of enthusiastic developers, organizations and shared standards. This trend is especially visible in the world of container technology, a popular virtualization method for deploying and running distributed software applications.

    “Open source is the mainstream now. It’s very hard to release a proprietary product right now and come up with some justification about why you have to do it,” said Steve Pousty (pictured), lead developer advocate, OpenShift Online, at Red Hat Inc.

  • Heptio Raises New Funding to Close Kubernetes Operational Gaps

    Craig McLuckie helped launch the open-source Kubernetes project while at Google and has been busy since November 2016 with his new company Heptio. Heptio is now moving forward, thanks to a $25 million Series B round of funding, bringing total funding to date for the startup to $33.5 million.

    "Kubernetes is doing really well, there is a lot of energy in the ecosystem, and many companies are making Kubernetes a core part of their operating practices," McLuckie told eWEEK in a video interview.

  • Oracle Joins Cloud Native Computing Foundation in Kubernetes Push

    Oracle has taken a plunge deeper into open source waters by joining the Cloud Native Computing Foundation (CNCF) as a platinum member. The announcement was made Wednesday, on stage with Linux Foundation executive director Jim Zemlin, at Open Source Summit in Los Angeles. In addition, Oracle announced it's bringing Kubernetes to Oracle Linux and open sourcing a Terraform Kubernetes Installer for Oracle Cloud. This prompted Zemlin to remark that "six of the largest clouds are now running Kubernetes."

  • Larry Ellison: There is No One Left for Oracle to Buy

    Oracle isn't likely to be buying any other big companies soon, according to founder Larry Ellison.

More of "Public Money, Public Code"

Filed under
OSS
  • Public money? Public Code!
  • Public Money? Public Code! 31 organisations ask to improve public procurement of software

    Digital services offered and used by public administrations are the critical infrastructure of 21st-century democratic nations. To establish trustworthy systems, government agencies must ensure they have full control over systems at the core of our digital infrastructure. This is rarely the case today due to restrictive software licences.

  • Public Money, Public Code, Public Control

    An interesting article published by the UK Government Digital Service was referenced in a response to the LWN.net coverage of the recently-launched “Public Money, Public Code” campaign. Arguably, the article focuses a little too much on “in the open” and perhaps not enough on the matter of control. Transparency is a good thing, collaboration is a good thing, no-one can really argue about spending less tax money and getting more out of it, but it is the matter of control that makes this campaign and similar initiatives so important.

  • FSFE: publicly funded software has to be open source

    Digital services offered and used by public administrations are the critical infrastructure of 21st-century democratic nations. To establish trustworthy systems, government agencies must ensure they have full control over systems at the core of our digital infrastructure. This is rarely the case today due to restrictive software licences.

Ubuntu Press/Development: Kernel Team Summary, Snap, NEC, Servers and GNOME Desktop

Filed under
Ubuntu

Debian Development and News: Google Blobs, RcppMsgPack 0.2.0, RcppRedis 0.1.8 and devscripts needs YOU!

Filed under
Development
Debian
  • Google Hangouts in Debian testing (Buster)

    Google offers a lot of software components packaged specifically for Debian and Debian-like Linux distributions. Examples are: Chrome, Earth and the Hangouts plugin. Also, there are many other Internet services doing the same: Spotify, Dropbox, etc. I’m really grateful for them, since this make our life easier.

    Problem is that our ecosystem is rather complex, with many distributions and many versions out there. I guess is not an easy task for them to keep such a big variety of support variations.

  • RcppMsgPack 0.2.0
  • RcppRedis 0.1.8
  • devscripts needs YOU!

    Over the past 10 years, I've been a member of a dwindling team of people maintaining the devscripts package in Debian.

  • My Free Software Activities in August 2017

    Here is my monthly report that covers what I have been doing for Debian.

Red Hat, Fedora and Flock

Filed under
Red Hat

Security: Windows Zeo-Day, Cryptography, Updates, Reproducible Builds, Vendor Bans, AT& and More

Filed under
Security

Equifax Failed to Patch, Now Fails as a Company

Filed under
Security

Kernel Sources for Motorola Devices Appear to Differ from Binaries on Live Devices

Filed under
Linux
  • Kernel Sources for Motorola Devices Appear to Differ from Binaries on Live Devices

    Android's foundations are born in open source, releasing as an open source operating system and growing to be the largest operating system in the world. Without licenses like the General Public License (GPL), open source could not have been enforced...

    [...]

    The GPL has protected so much of the growing Android community over the years. It allows developers from anywhere in the world to take a device and use the kernel source code to make something great out of it. It’s a recipe for brilliance in some cases, with some amazing feats of intuition and development shown daily by our amazing developer community. To build an AOSP-based ROM for any device, for instance, it’s imperative that we have access to the kernel source code to ensure that the ROM can boot properly.

  • Videos: A Conversation with Linux and Git Creator Linus Torvalds

…and today is Software Freedom Day!

Filed under
GNU
OSS

For its fourteenth edition the Digital Freedom Foundation is happy to celebrate Software Freedom Day! At the time of this writting we have 112 teams listed on the wiki and about 80+ events registered. Over the year we’ve notice that this “double registration process” (creating a wiki page and then filling the registration form) is a bit difficult for some of our participants and we wish to change that. In the plan for the coming months we plan to have a single registration process which will in turn generate a wiki page. We also want to display the event date as some of us cannot celebrate exactly on this international day due to local celebrations or other reasons.

Read more

Ubuntu-enabled open source SDR board shrinks in size and price

Filed under
OSS
Ubuntu

Lime Microsystems launched the $139 “LimeSDR Mini,” a size- and cost-reduced sibling of its Ubuntu Core-enabled LimeSDR board, at CrowdSupply.

Lime Microsystems, a developer of field programmable RF (FPRF) transceivers for wireless broadband systems, has gone to CrowdSupply again, to fund a size- and cost-reduced variant of the LimeSDR board that it launched there last year. Like its larger sibling, the LimeSDR Mini is a “free and open source project” that supports the company’s “entirely open-source” LimeSuite host-side software that supports a range of SDRs.

Read more

​Check Point's bogus Windows Subsystem for Linux attack

Filed under
Security

Security companies, desperate for attention and headlines, love to come up with flashy, dangerous-sounding security hole names. The latest is Check Point's Bashware. This one, Check Point claims, can render 400 million Windows 10 PCs open to malware using Windows Subsystem for Linux (WSL) to launch Windows malware from a WSL Linux instance, thus bypassing most Windows security products in the process.

Read more

today's leftovers

Filed under
Misc
  • IBM Linux-only mainframe delivers breakthrough security
  • Kubernetes Meets HPC

    Anyone who has worked with Docker can appreciate the enormous gains in efficiency achievable with containers. While Kubernetes excels at orchestrating containers, high-performance computing applications can be tricky to deploy on Kubernetes.

    In this post, I discuss some of the challenges of running HPC workloads with Kubernetes, explain how organizations approach these challenges today, and suggest an approach for supporting mixed workloads on a shared Kubernetes cluster. We will also provide information and links to a case study on a customer, IHME, showing how Kubernetes is extended to service their HPC workloads seamlessly while retaining scalability and interfaces familiar to HPC users.

  • The latest Windows Server beta has a surprising feature: Support for Linux containers
  • VMware wants the support of open-source developers
  • Public Money? Public Code!

    31 organisations ask to improve public procurement of software

    Today, on 13 September 2017, 31 organisations are publishing an open letter. The letter calls for lawmakers to advance legislation requiring publicly financed software that has been developed for the public sector be made available under a Free and Open Source Software licence.

  • WordPress to ditch React library over Facebook patent clause risk

    Automattic, the company behind the popular open source web publishing software WordPress, has said it will be pulling away from using Facebook’s React JavaScript library over concerns about a patent clause in Facebook’s open source license.

    In a blog post explaining the decision yesterday, WordPress’ Matt Mullenweg said Automattic had hoped to officially adopt React for WordPress — noting it has already used it for the Calypso ground-up rewrite of WordPress.com a few years ago, and had started using it for its major Gutenberg core project.

    But he reveals it’s changed its mind after seeing Facebook dig in behind the patent clause — which was recently added to the Apache Software Foundation’s (ASF) list of disallowed licenses.

  • Havenlabs' Open Source 3D Printed Utility Band Offers Simple Functionality for Amputees
  • Bluetooth problem could let hackers take control of Apple, Samsung and Google devices

    Millions of mobile phones, laptops and smart home devices could be at risk of hacking after researchers discovered a way to take over devices using the Bluetooth connection.

Syndicate content

More in Tux Machines

OpenSUSE fonts – The sleeping beauty guide

Pandora’s box of fonts is one of the many ailments of the distro world. As long as we do not have standards, and some rather strict ones at that, we will continue to suffer from bad fonts, bad contrast, bad ergonomics, and in general, settings that are not designed for sustained, prolonged use. It’s a shame, because humans actually use computers to interface with information, to READ text and interpret knowledge using the power of language. It’s the most critical element of the whole thing. OpenSUSE under-delivers on two fonts – anti-aliasing and hinting options that are less than ideal, and then it lacks the necessary font libraries to make a relevant, modern and pleasing desktop for general use. All of this can be easily solved if there’s more attention, love and passion for the end product. After all, don’t you want people to be spending a lot of time interacting, using and enjoying the distro? Hopefully, one day, all this will be ancient history. We will be able to choose any which system and never worry or wonder how our experience is going to be impacted by the choice of drivers, monitors, software frameworks, or even where we live. For the time being, if you intend on using openSUSE, this little guide should help you achieve a better, smoother, higher-quality rendering of fonts on the screen, allowing you to enjoy the truly neat Plasma desktop to the fullest. Oh, in the openSUSE review, I promised we would handle this, and handle it we did! Take care. Read more

Today in Techrights

Direct Rendering Manager and VR HMDs Under Linux

  • Intel Prepping Support For Huge GTT Pages
    Intel OTC developers are working on support for huge GTT pages for their Direct Rendering Manager driver.
  • Keith Packard's Work On Better Supporting VR HMDs Under Linux With X.Org/DRM
    Earlier this year Keith Packard started a contract gig for Valve working to improve Linux's support for virtual reality head-mounted displays (VR HMDs). In particular, working on Direct Rendering Manager (DRM) and X.Org changes needed so VR HMDs will work well under Linux with the non-NVIDIA drivers. A big part of this work is the concept of DRM leases, a new Vulkan extension, and other changes to the stack.

Software: Security Tools, cmus, Atom-IDE, Skimmer Scanner

  • Security Tools to Check for Viruses and Malware on Linux
    First and foremost, no operating system is 100 percent immune to attack. Whether a machine is online or offline, it can fall victim to malicious code. Although Linux is less prone to such attacks than, say, Windows, there is no absolute when it comes to security. I have witnessed, first hand, Linux servers hit by rootkits that were so nasty, the only solution was to reinstall and hope the data backup was current. I’ve been a victim of a (very brief) hacker getting onto my desktop, because I accidentally left desktop sharing running (that was certainly an eye opener). The lesson? Even Linux can be vulnerable. So why does Linux need tools to prevent viruses, malware, and rootkits? It should be obvious why every server needs protection from rootkits — because once you are hit with a rootkit, all bets are off as to whether you can recover without reinstalling the platform. It’s antivirus and anti-malware where admins start getting a bit confused. Let me put it simply — if your server (or desktop for that matter) makes use of Samba or sshfs (or any other sharing means), those files will be opened by users running operating systems that are vulnerable. Do you really want to take the chance that your Samba share directory could be dishing out files that contain malicious code? If that should happen, your job becomes exponentially more difficult. Similarly, if that Linux machine performs as a mail server, you would be remiss to not include AV scanning (lest your users be forwarding malicious mail).
  • cmus – A Small, Fast And Powerful Console Music Player For Linux
    You may ask a question yourself when you see this article. Is it possible to listen music in Linux terminal? Yes because nothing is impossible in Linux. We have covered many popular GUI-based media players in our previous articles but we didn’t cover any CLI based media players as of now, so today we are going to cover about cmus, is one of the famous console-based media players among others (For CLI, very few applications is available in Linux).
  • You Can Now Transform the Atom Hackable Text Editor into an IDE with Atom-IDE
    GitHub and Facebook recently launched a set of tools that promise to allow you to transform your Atom hackable text editor into a veritable IDE (Integrated Development Environment). They call the project Atom-IDE. With the release of Atom 1.21 Beta last week, GitHub introduced Language Server Protocol support to integrate its brand-new Atom-IDE project, which comes with built-in support for five popular language servers, including JavaScript, TypeScript, PHP, Java, C#, and Flow. But many others will come with future Atom updates.
  • This open-source Android app is designed to detect nearby credit card skimmers
    Protecting our data is a constant battle, especially as technology continues to advance. A recent trend that has popped up is the installation of credit card skimmers, especially at locations such as gas pumps. With a simple piece of hardware and 30 seconds to install it, a hacker can easily steal credit card numbers from a gas pump without anyone knowing. Now, an open-source app for Android is attempting to help users avoid these skimmers.