Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 24 Oct 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

OpenStack: Newton, OpenStack Day, and Contributors

Filed under
  • OpenStack Newton promises better resiliency, scalability and security

    OpenStack has released the latest edition of its popular open-source Infrastructure-as-a-Service (IaaS) cloud: Newton. With broad industry support from more than 200 vendors — including Cisco, Dell, HP Enterprise, IBM, Intel, Oracle, Rackspace, Red Hat, SUSE and VMware — this version should quickly see wide deployment.

    This release features numerous new features. Perhaps the most important is simply making OpenStack easier to use. OpenStack is powerful, but it’s notoriously hard to master. While OpenStack classes are becoming more common, even with help, mastering OpenStack isn’t easy.

  • Lessons learned as an OpenStack Day organizer
  • Recognizing OpenStack Cloud Contributors--Including Those Who Don't Code

    Although it is still a very young cloud computing platform, each week there is more evidence of how entrenched OpenStack has become in enterprises and even in smaller companies. In fact, just this week, we reported on findings that show OpenStack adoption in the telecom industry to be widespread.

    Contributors are a big part of what has driven OpenStack's success, and as the OpenStack Summit approaches, there are several new initiatives being put in place to serve up recognition for meaningful contributors. Notably, the recognition is going to partially go to those who actually contribute code, but there will also be recognition of other forms of giving to OpenStack.

KDE Leftovers

Filed under
  • How to make animated videos with Krita

    There are lots of different kinds of animation: hand-drawn, stop motion, cut-out, 3D, rotoscoping, pixilation, machinima, ASCII, and probably more. Animation isn't easy, by any means; it's a complex process requiring patience and dedication, but the good news is open source supplies plenty of high-quality animation tools.

    Over the next three months I'll highlight three open source applications that are reliable, stable, and efficient in enabling users to create animated movies of their own. I'll concentrate on three of the most essential disciplines in animation: hand-drawn cel animation, digitally tweened animation, and stop motion. Although the tools are fairly specific to the task, these principles apply to other styles of animation as well.

    You can read about some of the more technical details about animation in Animation Basics by Nikhil Sukul.

  • Kdenlive 16.08.2 Open-Source Video Editor Released with Over 35 Improvements

    Today, October 13, 2016, Kdenlive developer Farid Abdelnour announced the release and immediate availability of the second maintenance update to the Kdenlive 16.08 open-source video editor software project.

    Distributed as part of the soon-to-be-released KDE Applications 16.08.2 software suite for the latest KDE Plasma 5.8 LTS desktop environment, Kdenlive 16.08.2 is here five weeks after the release of the previous maintenance version with no less than 36 improvements and bug fixes, addressing keyframe, UI, workflow, compilation, and proxy clip rendering related issues reported by users.

  • Qt 5.6.2 Toolkit Officially Released with Almost 900 Improvements and Bug Fixes

    Today, October 12, 2016, the Qt Company, through Tuukka Turunen, announced the general availability of the second maintenance release to the long-term supported Qt 5.6 open-source and cross-platform GUI toolkit.

    Qt 5.6.2 is here four months after the release of the first maintenance version, Qt 5.6.1, bringing approximately 900 improvements and bug fixes to keep Qt 5.6 a stable and reliable release for Qt application developers on GNU/Linux, Mac OS X, and Microsoft Windows operating systems.

    "This is the second patch release to the long-term supported Qt 5.6, and there will still be more patch releases to come. While a patch release does not bring new features, it contains security fixes, error corrections and general improvements," says Tuukka Turunen in today's announcement.

Linux Graphics

Filed under

Games for GNU/Linux

Filed under

Authorities Opening Up

Filed under
  • NL Parliament makes open standards mandatory

    The use of open standards will be made mandatory for public administrations. A law proposal by MP Astrid Oosenbrug was adopted by the Parliament’s lower house yesterday. According to the MP, the open standards requirement will be one of several changes to the country’s administrative law, introduced next year. “The minister has earlier agreed to make open standards mandatory”, she said. “The parliament is making sure this actually happens.”

    The first public administration that should improve its use of open standards, is the Parliament’s lower house itself, MP Oosenbrug said. “Ironically, lower house published the adopted law on its website by providing a download link to a document in a proprietary format.”

  • France adds source code to list of documents covered by freedom of information laws

    French freedom of information law now treats source code as disclosable in the same way as other government records.

    The new "Digital Republic" law took effect Saturday, with its publication in France's Official Journal.

    It adds source code to the long list of government document types that must be released in certain circumstances: dossiers, reports, studies, minutes, transcripts, statistics, instructions, memoranda, ministerial replies, correspondence, opinions, forecasts and decisions.

    But it also adds a new exception to existing rules on access to administrative documents and reuse of public information, giving officials plenty of reasons to refuse to release code on demand.

    These rules already allow officials to block the publication of documents they believe threaten national security, foreign policy, personal safety, or matters before court or under police investigation, among things.

    Now they can oppose publication if they believe it threatens the security of government information systems.

  • CMPD launches 'Open Source Data' page to share police info with public

    Charlotte-Mecklenburg Police announced Wednesday the launch of its “Open Source Data” page on the department’s website.

    Police say the information source is a step forward in how they share information with the public and is an “opportunity for even greater accountability and transparency” with the Charlotte community. The department faced criticism in the wake of the Keith Scott shooting as protesters said CMPD should have been more transparent during their investigation of the incident.

Android and Tizen Leftovers

Filed under

Huawei Linux Devices

Filed under
  • Huawei Mate 9 leaked in flat and curved-screen variants

    Evan Blass has leaked renders of two variants of the upcoming Huawei Mate 9: a flat-screened and dual curved screen version that looks an awful lot like the Galaxy Note 7. While the wrapping will come off the new phone/s on November 3 in Munich, these renders are apparently the real deal and Blass’ sources have confirmed that the previously leaked Mate 9 specs are legit.

  • Huawei launches Honor 8 in India, along with Honor 8 Smart
  • Huawei Teases Honor S1 smartwatch, No mention of Android Wear

    Huawei is currently teasing their new smartwatch which is to be released under the Honor brand named as the Honor S1. The Chinese manufacturer has an event scheduled for October 18 at which we expect the S1 to be unveiled. But could it be running Tizen ? Huawei are already known as stating they will not release anymore Android wear smartwatches for the remainder of this year, so this leaves either Tizen or some other proprietary OS. According to a report in the JoongAng Ilbo newspaper Huawei are currently working with Samsung to deploy the Tizen operating system in its next smartwatches.

Security News

Filed under
  • Just Too Much Administration – Breaking JEA, PowerShell’s New Security Barrier

    Just Enough Administration (JEA) is a new Windows 10/Server 2016 feature to create granular least privilege policies by granting specific administrative privileges to users, defined by built-in and script-defined PowerShell cmdlets. Microsoft's documentation claimed JEA was a security boundary so effective you did not need to worry about an attacker stealing and misusing the credentials of a JEA user.

    But every JEA role capability example I found Microsoft had published had vulnerabilities that could be exploited to obtain complete system administrative rights, most of them immediately, reliably, and without requiring any special configuration. I find it hard to believe most custom role capabilities created by system administrators in the wild are going to be more secure than these, given the track record of the functionally similar features in Linux, the non-obvious nature of vulnerabilities, and the importance of dangerous cmdlets to routine system troubleshooting and maintenance.

    I recommended Microsoft invert what their JEA articles and documentation said about security. Instead of leading with statements that JEA was a security barrier, users with JEA rights should not be considered administrators, and their credentials do not need to be protected like real administrators with a note that this may not be the case if you are not careful; Microsoft's JEA documentation should lead with statements that JEA should not be treated like a security barrier and users with JEA rights and their credentials should be tightly controlled exactly like normal administrators unless the role capabilities have been strictly audited by security professionals. Additionally, the README files and comments of their example role capabilities should start with stern reminders of this.

  • Thousands of internet-connected devices are a security disaster in the making

    The first problem: many IoT devices, like those cameras, are consumer-oriented, which means their owners don't have a security-conscious IT department. "Individuals do not have the purchasing power of a large corporation," says John Dickson, principal of Denim Group, "so they cannot demand security features or privacy protections that a large corporation can of an a product or software vendor."

    PC Pitstop Vice President of Cyber Security Dodi Glenn points out that many IoT purchasers neglect basic security measures, failing to change passwords from obvious defaults. And even if they did want to secure their devices, there are limits to what they can do: "You can't secure these devices with antivirus applications."

  • A SSHowDowN in security: IoT devices enslaved through 12 year old flaw

    In what researchers call the "Internet of Unpatchable Things," a 12-year-old security flaw is being exploited by attackers in a recent spate of SSHowDowN Proxy attacks.

    The Internet of Things (IoT) is an emerging market full of Wi-Fi and networked devices including routers, home security systems, and lighting products. While the idea of making your home more efficient and automating processes is an appealing one, unfortunately, vendors en masse are considering security as an afterthought for thousands of devices now in our homes, leaving our data vulnerable.

  • Microsoft was unable to meaningfully improve the software

    Documents in a class-action lawsuit against Ford and its original MyFord Touch in-vehicle infotainment (IVI) system reveal that the company's engineers and even its top executive were frustrated with the problematic technology.

    The documents from the 2013 lawsuit show Ford engineers believed the IVI, which was powered by the SYNC operating system launched in 2010, might be "unsaleable" and even described a later upgrade as a "polished turd," according to a report in the Detroit News, which was confirmed by Computerworld.

    The SYNC OS was originally powered by Microsoft software. Microsoft continued releasing software revisions it knew were defective, according to the lawsuit.

    "In the spring of 2011, Ford hired Microsoft to oversee revisions, and hopefully the improvement, of the [software]. But ... Microsoft was unable to meaningfully improve the software, and Ford continued releasing revised software that it knew was still defective," the lawsuit states.

    Last week, a U.S. District Court judge certified the case as a class action.

  • Senator wants nationwide, all-mail voting to counter election hacks

    "It's not a question of if you're going to get hacked—it's when you're going to get hacked."

    Those were the words of Verizon CEO Lowell McAdam as he sought to assure investors last week that the company is still interested in purchasing Yahoo despite the massive data breach of Yahoo consumer accounts.

    Whether McAdam's words ring true for the hodgepodge of election systems across the US is anybody's guess. But in the wake of the Obama administration's announcement that the Russian government directed hacks on the Democratic National Committee and other institutions to influence US elections, a senator from Oregon says the nation should conduct its elections like his home state does: all-mail voting.

  • SourceClear Adds Atlassian Stack to Its Open Source Security Platform

    Open source security company SourceClear said it is integrating Atlassian’s suite of developer tools including Bitbucket Pipelines, JIRA Server, JIRA Cloud, and Bamboo into the company’s open source platform. The integration will result in automated security checks being a part of the developer workflow before they ship code.

Best affordable Android smartphones you can buy [October 2016]

Filed under

There are new smartphones hitting the market constantly, but which is the best to pick up when you’re trying to save a buck or two? We’ve seen some great launches this summer and we’re only expecting more over the coming months, but for now, let’s go over the best affordable Android smartphones you can go pick up today…

Read more

StormCrawler: An Open Source SDK for Building Web Crawlers with ApacheStorm

Filed under

StormCrawler (SC) is an open source SDK for building distributed web crawlers with Apache Storm. The project is under Apache license v2 and consists of a collection of reusable resources and components, written mostly in Java. It is used for scraping data from web pages, indexing with search engines or archiving, and can run on a single machine or an entire Storm cluster with exactly the same code and a minimal number of resources to implement.

Read more

Ubuntu 16.10 Provides Incremental Linux Desktop Improvements

Filed under

Canonical, the lead commercial sponsor behind the open-source Ubuntu Linux operating system, is set to debut its second major milestone release of 2016 on Oct. 13. The Ubuntu 16.10 release is named Yakkety Yak and follows the 16.04 Xenial Xerus release, which became generally available on April 21 and is a Long Term Support (LTS) release. The 16.10 release, however, is what Canonical considers to be a standard release. With an LTS, Canonical provides support for five years, while a standard release is supported only for nine months. In many respects, Ubuntu 16.10 is an incremental release and does not provide major new features, but rather a set of updated packages and minor improvements. Among the updated software are the open-source LibreOffice 5.2 productivity suite and the Firefox 48 web browser. Also of particular note is the fact that Ubuntu 16.10 is based on the latest Linux 4.8 kernel, which provides advanced hardware support and improved performance. The Ubuntu 16.10 milestone also provides a preview for the Unity 8 desktop. In this slide show, eWEEK takes a look at some of the features in the Ubuntu 16.04 Linux release.

Read more

Samsung’s 14nm wearable SoC debuts on Gear 3 watch

Filed under

Samsung unveiled a 14nm, dual Cortex-A53 “Exynos 7 Dual 7270” SoC with built-in LTE, which runs Tizen Linux on its new Gear S3 watch.

Samsung may be suffering through one of the worst months in its history, culminating with this week’s recall of the exploding Galaxy Note 7, but the company is so diverse it can also produce some feel-good news at the same time. This week, Samsung Electronics announced the beginning of mass production of a new wearables system-on-chip called the Exynos 7 Dual 7270. Billed as the first wearables-oriented SoC fabricated with a 14-nanometer (nm) FinFET process, the Exynos 7 Dual 7270 will first appear later this year in its Gear 3 smartwatches (see farther below).

Read more

Open-spec COM version of Chip SBC sells for $16

Filed under

The Next Thing unveiled a $16 COM version of the Chip SBC called the Chip Pro, plus a dev kit and a $6 SiP version of the Allwinner R8 SoC called the GR8.

The Next Thing, which gave us the $9-and-up Chip SBC and Chip-based PocketChip handheld computer, has unveiled a $16, open-spec computer-on-module version of the Chip called the Chip Pro. The Chip Pro measures 45 x 30mm compared to 60 x 40mm for the Chip. The Pro has half the RAM of the Chip with 256MB DDR3, and only 512MB NAND flash instead of 4GB NAND, but it retains the onboard WiFi and Bluetooth 4.2.

Read more

ExTiX 16.5 Is the First Stable Distro Based on Ubuntu 16.10 and LXQt 0.10.0

Filed under

Today, October 12, 2016, GNU/Linux developer Arne Exton proudly announced the release and immediate availability for download of his brand new ExTiX 16.5 Linux-based distribution for personal computers.

Read more

LibreELEC 8.0 "Krypton" to Be Based on Kodi 17 Media Center, Linux Kernel 4.8

Filed under

On October 11, 2016, the LibreELEC development team announced the availability of a new Alpha pre-prelease version of the upcoming LibreELEC 8.0 "Krypton" operating system based on the latest Kodi Media Center software.

Read more

6 reasons to choose Android over iPhone

Filed under

Earlier this week my colleague Steve Kovach gave you a quick list of reasons why you should buy the iPhone over any Android alternative. They’re all perfectly valid.

As someone who owns and uses phones from both sides of the fence, though, I thought it’d be fun to see if I could still take the opposite tack.

So consider this a counterpoint. If you don’t want to hop on the Apple train, here are a few time-tested advantages Google’s mobile OS has over its rival from Cupertino.

Read more

Based on Ubuntu 16.04 LTS, the Release Candidate of Black Lab Linux 8.0 Is Here

Filed under

After informing us earlier today, October 12, 2016, about the fact that the Black Lab Linux project has become a commercial product, Black Lab Software CEO Robert Dohnert announced the release of Black Lab Linux 8.0 RC1.

Read more

GNOME 3.22 Desktop Environment Gets Its First Point Release, Brings Improvements

Filed under

As expected, today, October 12, 2016, GNOME 3.22.1 has been announced by GNOME developer Frederic Peters as the first point release of the stable GNOME 3.22 desktop environment for GNU/Linux operating systems.

Read more

Syndicate content

More in Tux Machines

Android Leftovers

Security News

  • How your DVR was hijacked to help epic cyberattack
    Technology experts warned for years that the millions of Internet-connected "smart" devices we use every day are weak, easily hijacked and could be turned against us. The massive siege on Dyn, a New Hampshire-based company that monitors and routes Internet traffic, shows those ominous predictions are now a reality. An unknown attacker intermittently knocked many popular websites offline for hours Friday, from Amazon to Twitter and Netflix to Etsy. How the breach occurred is a cautionary tale of the how the rush to make humdrum devices “smart” while sometimes leaving out crucial security can have major consequences.
  • Find Out If One of Your Devices Helped Break the Internet
    Security experts have been warning for years that the growing number of unsecured Internet of Things devices would bring a wave of unprecedented and catastrophic cyber attacks. Just last month, a hacker publicly released malware code used in a record-breaking attack that hijacked 1.5 million internet-connected security cameras, refrigerators, and other so-called “smart” devices that were using default usernames and passwords. On Friday, the shit finally hit the fan.
  • Once more, with passion: Fingerprints suck as passwords
    Fingerprints aren’t authentication. Fingerprints are identity. They are usernames. Fingerprints are something public, which is why it should really bother nobody with a sense of security that the FBI used them to unlock seized phones. You’re literally leaving your fingerprints on every object you touch. That makes for an abysmally awful authentication token.
  • Strengthen cyber-security with Linux
    Using open source software is a viable and proven method of combatting cyber-crime It’s encouraging to read that the government understands the seriousness of the loss of $81 million dollars via the hacking of Bangladesh Bank, and that a cyber-security agency is going to be formed to prevent further disasters. Currently, information security in each government department is up to the internal IT staff of that department.
  • Canonical announces live kernel patching for Ubuntu
    Canonical, the company behind the Ubuntu GNU/Linux distribution, has announced that it will provide a live kernel patching services for version 16.04 which was released in April.
  • Everything you know about security is wrong
    If I asked everyone to tell me what security is, what do you do about it, and why you do it. I wouldn't get two answers that were the same. I probably wouldn't even get two that are similar. Why is this? After recording Episode 9 of the Open Source Security Podcast I co-host, I started thinking about measuring a lot. It came up in the podcast in the context of bug bounties, which get exactly what they measure. But do they measure the right things? I don't know the answer, nor does it really matter. It's just important to keep this in mind as in any system, you will get exactly what you measure. [...] If you have 2000 employees, 200 systems, 4 million lines of code, and 2 security people, that's clearly a disaster waiting to happen. If you have 20, there may be hope. I have no idea what the proper ratios should be, if you're willing to share ratios with me I'd love to start collecting data. As I said, I don't have scientific proof behind this, it's just something I suspect is true.
  • Home Automation: Coping with Insecurity in the IoT
    Reading Matthew Garret’s exposés of home automation IoT devices makes most engineers think “hell no!” or “over my dead body!”. However, there’s also the siren lure that the ability to program your home, or update its settings from anywhere in the world is phenomenally useful: for instance, the outside lights in my house used to depend on two timers (located about 50m from each other). They were old, loud (to the point the neighbours used to wonder what the buzzing was when they visited) and almost always wrongly set for turning the lights on at sunset. The final precipitating factor for me was the need to replace our thermostat, whose thermistor got so eccentric it started cooling in winter; so away went all the timers and their loud noises and in came a z-wave based home automation system, and the guilty pleasure of having an IoT based home automation system. Now the lights precisely and quietly turn on at sunset and off at 23:00 (adjusting themselves for daylight savings); the thermostat is accessible from my phone, meaning I can adjust it from wherever I happen to be (including Hong Kong airport when I realised I’d forgotten to set it to energy saving mode before we went on holiday). Finally, there’s waking up at 3am to realise your wife has fallen asleep over her book again and being able to turn off her reading light from your alarm clock without having to get out of bed … Automation bliss!

Microsoft Corruption, Rejections, and Struggles

  • Microsoft licensing corruption scandal in Romania has ended on October 3rd
    This scandal covers buying Microsoft licensees for Romanian administration from 2004 to 2012 for total 228 millions USD. During the investigation was found that more than 100 people, former ministers, mayor of Bucuresti and businessman are involved in this corruption scandal and more than 20 millions euro are paid as bribes.
  • 49ers Colin Kaepernick, Chip Kelly review Microsoft Surface tablets, which Bill Belichick is ‘done’ using
    Ranting about Microsoft’s unreliable, sideline tablets is not a top priority for 49ers coach Chip Kelly and quarterback Colin Kaepernick, not with a five-game losing streak in tow for Sunday’s game against the Tampa Bay Buccaneers. But both Kelly and Kaepernick confirmed this week that they’ve experienced problems with the Microsoft Surface tablets. They’re just not as fed up with them as New England Patriots coach Bill Belichick, who’s lambasted the imperfect technology for years and finally declared this week: “I’m done with the tablets.”
  • Windows: When no growth is an improvement
    Research firms like IDC and Gartner have continued to forecast contraction, not expansion, in the PC business. Only when enterprise migrations to Windows 10 kick into gear do analysts see a reversal of the industry’s historic slump. That isn’t expected to happen until next year.

Parsix GNU/Linux 8.10 "Erik" & 8.15 "Nev" Receive Latest Debian Security Updates

After releasing the first Test build of the upcoming Parsix GNU/Linux 8.15 "Nev" operating system a couple of days ago, today, October 23, 2016, the Parsix GNU/Linux development team announced the availability of new security updates for all supported Parsix GNU/Linux releases. Parsix GNU/Linux 8.10 "Erik" is the current stable release of the Debian-based operating system, and it relies on the Debian Stable (Debian GNU/Linux 8 "Jessie") software repositories. On the other hand Parsix GNU/Linux 8.15 "Nev" is the next major version, which right now is in development, but receives the same updates as the former. Read more