Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 26 Jul 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Can you name these Linux distributions? Rianne Schestowitz 19/07/2016 - 4:48pm
Story OpenMandriva Lx 3.0 RC1 arrives!! Rianne Schestowitz 19/07/2016 - 4:35pm
Story Big Data/Hadoop Roy Schestowitz 19/07/2016 - 4:23pm
Story Open Hardware Roy Schestowitz 19/07/2016 - 4:16pm
Story Leftovers: OSS Roy Schestowitz 19/07/2016 - 3:46pm
Story ​The best Linux laptop: The 2016 Dell XPS 13 Roy Schestowitz 19/07/2016 - 3:41pm
Story ZTE ZMAX PRO is a premium Android smartphone with a shockingly low $99 price Rianne Schestowitz 19/07/2016 - 11:23am
Story Respinning Linux Rianne Schestowitz 19/07/2016 - 11:21am
Story today's leftovers Roy Schestowitz 19/07/2016 - 11:16am
Story Leftovers: Gaming Roy Schestowitz 19/07/2016 - 11:15am

Leftovers: Gaming

Filed under
Gaming

Comparing the DevOps and Open Source Movements

Filed under
OSS

DevOps has emerged as one of the next big things in the channel. But in many ways, the DevOps story is a replay of the history of open source software over the past several years. Here's what the DevOps and open source movements have in common.

The term DevOps refers to new methods of developing, delivering and deploying software. It prioritizes modularity, collaboration and continuity across all parts of the development process.

Read more

Also: Open Source Ansible Community Will Converge at AnsibleFest in San Francisco on July 28

today's leftovers

Filed under
Misc

Leftovers: OSS and Sharing

Filed under
OSS
  • An Introduction to Iridium, an Open Source Selenium and Cucumber Testing Tool

    Today I would like to introduce Iridium, an open source web testing tool built around Cucumber and Selenium and designed to make automated testing of web sites easy and accessible.

  • Commission Wants to Throw Out VistA (Again)

    A VistA commission report can be found here. Its text and conclusion are of the 'seen it before' variety multiple times in VistA's long history. Maybe the bureaucrats will finally succeed this time at murdering VistA after so many past attempts.

  • LLVM 3.8.1 Release

    LLVM 3.8.1 is now available! Download it now, or read the release notes.

  • LLVM 3.8.1 Released
  • Beware of Contradictory “Support”

    There are organizations that proclaim support for free software or the GNU Project, and teach classes in use of nonfree software.

    It's possible that they do some other things that really support free software, but those classes certainly don't. On the contrary, they work directly against the free software movement by promoting the use of the nonfree software. That increases the magnitude of the practical problem it is our mission to correct.

    Even worse, that grants nonfree software legitimacy. The basic point of the free software movement is that nonfree software is unjust and should not exist. That's why we need a movement to replace and eliminate it. Teaching how to use it asserts that it isn't a problem; that opposes the free software movement at the deepest level.

  • New release of the CEF Dashboard

    The Connecting Europe Facility (CEF) provides EUR 870 million for the creation of cross-border digital services in Europe, largely through the CEF building block Digital Service Infrastructure (DSI) (eDelivery, eID, eSignature, eTranslation and eInvoicing). Cross-border digital services are a fundamental aspect of the Digital Single Market, which aims to overcome digital barriers, with a projected value of EUR 415 billion to the European economy.

  • Luxembourg adopts the CIMF

    In May, the Government of Luxembourg became the first EU Member State to adopt the CIMF, a framework for Corporate Information Management tailored for the European Public Sector.

  • 10 Reasons Why You Should Learn Java Programming Language

    Why one should learn Java programming language? The answer to this question comprises of multiple reasons like its popularity, ease-to-learn nature, helpful open source tools and libraries etc. Gaining expertise in Java ensures a secure career with fat paychecks and the power to create applications with real-world applications.

Leftovers: Debian

Filed under
Debian

Security Leftovers

Filed under
Security
  • CISSP certification: Are multiple choice tests the best way to hire infosec pros?

    Want a job in infosec? Your first task: hacking your way through what many call the "HR firewall" by adding a CISSP certification to your resume.

    Job listings for security roles often list the CISSP (Certified Information Systems Security Professional) or other cybersecurity certifications, such as those offered by SANS, CompTIA, and Cisco, as a requirement. This is especially true in the enterprise space, including banks, insurance companies, and FTSE 100 corporations. But at a time when the demand for good infosec people sees companies outbidding each other to hire top talent, and ominous studies warn of a looming cybersecurity skills shortage, experts are questioning whether certifications based on multiple choice tests are really the best way to recruit the right people.

  • Pokémon Go on iOS gives full access to Google accounts

    Signing into Pokémon Go on iOS with a Google account gives the game full access to that account, according to a systems architect, Adam Reeve.

    The Android version of the game apparently does not have these issues.

    Reeve said that the security situation was not the same for all iOS users.

    Pokémon Go was released last week and has been a huge hit. It is the latest in a series of games from Nintendo but is made by a developer named Niantic, which is part owned by Google.

  • Pokémon Go shouldn’t have full access to your Gmail, Docs and Google account — but it does

    When you use Google to sign into Pokémon Go, as so many of you have already, the popular game for some reason grants itself (for some iOS users, anyway) the highest possible level of access to your Google account, meaning it can read your email, location history… pretty much everything. Why does it need this, and why aren’t users told?

  • Have you given Pokémon Go full access to everything in your Google account?

    Gamers who have downloaded the Pokémon Go augmented reality game were given a scare on Monday, after noticing that the app had apparently been granted “full access” to their Google accounts.

    Taken at face value, the permissions would have represented a major security vulnerability, albeit one that only appeared to affect players who signed up to play the game using their Google account on Apple devices.

  • Pokémon Go Was Never Able To Read Your Email [Updated]

    Here’s even more confirmation that Pokémon Go never had the ability to access your Gmail or Calendar. A product security developer at Slack tested the token provided by Pokémon Go and found that it was never able to get data from services like Gmail or Calendar.

  • HTTPS is not a magic bullet for Web security

    We're in the midst of a major change sweeping the Web: the familiar HTTP prefix is rapidly being replaced by HTTPS. That extra "S" in an HTTPS URL means your connection is secure and that it's much harder for anyone else to see what you're doing. And on today's Web, everyone wants to see what you're doing.

    HTTPS has been around nearly as long as the Web, but it has been primarily used by sites that handle money—your bank's website, shopping carts, social networks, and webmail services like Gmail. But these days Google, Mozilla, the EFF, and others want every website to adopt HTTPS. The push for HTTPS everywhere is about to get a big boost from Mozilla and Google when both companies' Web browsers begin to actively call out sites that still use HTTP.

  • Now it’s easy to see if leaked passwords work on other sites

    Over the past few months, a cluster of megabreaches has dumped account credentials for a mind-boggling 642 million accounts into the public domain, where they can then be used to compromise other accounts that are protected by the same password. Now, there's software that can streamline this vicious cycle by testing for reused passcodes on Facebook and other popular sites.

  • What serverless computing really means [iophk: "securityless"]

    Arimura even goes as far as to use the controversial “no-ops,” coined by former Netflix cloud architect Adrain Cockcroft. Again, just as there will always be servers, there will always be ops to run them. Again, no-ops and serverless computing take the developer’s point of view: Someone else has to worry about that stuff, but not me while I create software.

  • An open letter to security researchers and practitioners

    Earlier this month, the World Wide Web Consortium's Encrypted Media
    Extensions (EME) spec progressed to Draft Recommendation phase. This is
    a controversial standard for transmitting DRM-encumbered videos, and it
    marks the very first time that the W3C has attempted to standardize a
    DRM system.

    This means that for the first time, W3C standards for browsers will fall
    under laws like the DMCA (and its international equivalents, which the
    US Trade Representative has spread all over the world). These laws allow
    companies to threaten security researchers who disclose vulnerabilities
    in DRM systems, on the grounds that these disclosures make it easier to
    figure out how to bypass the DRM.

    Last summer, the Copyright Office heard from security researchers about
    the effect that DRM has on their work; those filings detail showstopper
    bugs in consumer devices, cars, agricultural equipment, medical
    implants, and voting machines that researchers felt they couldn't
    readily publish about, lest they face punitive lawsuits from the
    companies they embarrassed.

Fedora: The Latest

Filed under
Red Hat
  • Event report: Fedora 24 release party Pune

    Last Saturday we had the Fedora 24 release party in Pune. This was actually done along with our regular Fedora meetup, and in the same location. We had a few new faces this time. But most of the regular attendees attended the meetup.

  • Hosting your own Fedora Test Day

    Many important packages and software are developed for Fedora every day. One of the most important parts of software development is quality assurance, or testing. For important software collections in Fedora, there are sometimes concentrated testing efforts for pulling large groups of people in who might not always help test. Organizing a Fedora Test Day is a great way to help expose your project and bring more testers to trialing a new update before it goes live.

  • Farewell Pharlap

    Korora "was born out of a desire to make Linux easier for new users" and one way of achieving that aim was the development of Pharlap, a tool for the simple installation of third party drivers. However times change and sadly it is time to say goodbye to Pharlap which will not be included in Korora 24.

    This decision was not taken lightly and there are many reasons behind the move.

  • Creating a reproducible build system for Docker images

    As the population of DevOps practitioners grows greater in size, so does the Linux container userbase, as these often go hand in hand. In the world of Linux container implementations, Docker is certainly the most popular for server-side application deployments as of this writing. Docker is a powerful tool that provides a standard build workflow, an imaging format, a distribution mechanism, and a runtime. These attributes have made it a very attractive for developer and operations teams alike as it helps lower the barrier between these groups and establishes common ground.

Android Leftovers

Filed under
Android
  • Alphabet (GOOGL) Announces Free Android Training In India As It Retakes Smartphone Lead

    Alphabet (NASDAQ: GOOGL) announced that it would begin training 2 million developers in India on Android as the company tries to take market share from the iOS ecosystem. The free Android Skilling program will be introduced across public and private universities, training schools and the government’s National Skills Development Corporation of India. India is expected to have the largest developer population with 4 million people by 2018, overtaking the U.S.

  • Google aims to train two million Indian Android devs by 2018

    Google will train two million Android developers across India over the next three years.

    Mountain View will provide complete training in its Android operating system under a new program that is paired with the Modi Government's "Skill India" program.

    The course kicks off with Android Developer Fundamentals available in universities and the National Skills Development Corporation of India.

  • Google to train 2 million Indian Android developers

    Google has announced its new “Android Fundamentals” training program, which aims to train and certify up to two million Android developers in India. An Android Fundamentals training course, soon to be available online and at schools country-wide, is focused on training, testing and certifying Android developers to prepare students for careers using Android technology.

  • Samsung Galaxy Note 7 leaks in three new pics

    Earlier today, it was reported that the Samsung Galaxy Note 7 might be the most expensive product in the productivity-purposed phablet line so far, starting at roughly $910 in Europe. It seems that was not to be the only leak of the day however, as three images have surfaced via Steve Hemmerstoffer of nowhereelse.fr who has Tweeted no less than three different images of Samsung’s up and coming creation. Here is the first:

  • Android Nougat may contain traces of NOT for users of custom CAs

    Google will sweeten the forthcoming Nougat release of Android by changing the way apps work with certificate authorities (CAs) and simplifying APIs.

    The changes will affect only some apps and users, Android security team software engineer Chad Brubaker says .

    The changes mean Google will not automatically trust user-selected CAs. Instead, all Android devices running Nougat and later versions of Android will run a standard set of Google-trusted AOSP certificate authorities, forcing some developers to change their apps if non-trusted certificate authorities are needed.

  • First Nokia Android Device, P1 Rumoured To Have 3GB RAM, HD Display

    If you have used Nokia, you will remember the rugged Nokia 3310 and other smartphones that could break a wall and still survive. Nokia is back to making smartphones but Android operating system.

  • How to live stream Android games to YouTube and Twitch

    Watching people play live video games from anywhere in the world has become a surprisingly huge phenomenon in recent years. Twitch is now a game-streaming juggernaut while YouTube has embraced gaming and live streaming in a big way, and seemingly everyday people have become well-paid Internet personalities because they play video games and chat.

  • Six Points on The Samsung Galaxy Note 7: AKA The Best Android Phone of 2016

Anki Cozmo: AI toy robot gets open-source SDK for programming, hacking

Filed under
Hardware
OSS

Bodhi 4.0.0 Time Line, First Woman Debian TC

Filed under
-s

The top story today in Linux news is the controversy following the removal of Nano from the GNU umbrella. Original maintainer Christian Allegretta had to address the resulting rumors that threaten the community. Elsewhere, Jeff Hoogland posted an updated time line for Bodhi 4.0 and the Debian project welcomes its first woman Technical Committee member. Linus is on the hot seat again after losing his patience over commenting style and the Korora project is dropping their driver manager Pharlap.

Read more

Leftovers: Gaming

Filed under
Gaming

FOSS Events

Filed under
OSS
  • Polyglot – Learn, Share, Collaborate – Hackfest 2016!!

    So for this HACKFEST 2016, wondered how would it be if we could share the learning through a wiki and collaboratively maintain an up-to-date content. I had a hunch that this might be a problem that many would have faced and would be good to solve.

  • How not to get help in open source

    In her lightning talk at Great Wide Open 2016, Emily Dunham shares the most common ways people shoot themselves in the foot while looking for help with an open source project:

    Ask for experts
    Leave IRC after asking your question
    Withholding information
    Asking permission to ask a question
    Going where the experts aren't
    Being offensive

  • Having a Gas at Texas Linux Fest 2016

    Texas Linux Fest 2016 is in the books, safely tucked away in the annals of free open source history, The wonderful folks who make TLF happen were again gracious enough to give Reglue a booth in the expo hall, and for those who are watching from home, space in any TLF expo hall ain’t cheap. Just like last year, Reglue Vice President Carolyn Huxley was gracious enough to work our booth and answer questions like, “What’s a Reglue?” My personal thanks for her help.

Web browsers for GNU/Linux

Filed under
Web
  • Best Graphical Web Browsers for Linux

    Web Browsers is one of the top most contributor of Computer desktops. As we know, we can’t do any work in system without browser help like, for browsing something, checking mails, net banking access, chatting, etc.., here I’m going to show you modern web browsers which is in active, under development and widely using in Linux Desktops.

  • Latest Vivaldi Browser Snapshot Improves Tab Hibernation on GNU/Linux Distros

    Today, July 11, 2016, Vivaldi released a new snapshot version for all supported platforms, including GNU/Linux, Mac OS X, and Microsoft Windows, bringing multiple fixes and improvements.

Git 2.9 Version Control System Gets Its First Point Release with 28 Improvements

Filed under
Development

Coming approximately one month since the launch of the massive Git 2.9 update, the first point release in the series, Git 2.9.1, is now available for download on all supported platforms.

Read more

Exclusive: These could be Google's upcoming Android Wear smartwatches

Filed under
Android

As we reported last week, Google is in the process of building two Android Wear smartwatches. At the time, we were unable to show you the watches themselves. Today, that changes - what you see in the image above could be codename "Angelfish" and "Swordfish," Google's two Assistant-enabled wearables that we believe will be released after the new Nexus phones.

Read more

Also: Google's Android Wear 'Angelfish', 'Swordfish' Smartwatches Leaked in Images

Samsung Z2 Documentation Image Leak, The Next Tizen Smartphone

Filed under
Linux

Samsung Z2 Documentation Leak

We have been talking about the upcoming Samsung Z2 smartphone for a while now and today we have seen some leaked documentation surface that looks like it is part of the official user manual of Samsung’s next Tizen based Smartphone. As we exclusively reported earlier this year the device will carry the model number SM-Z200F.

Read more

LeapDroid claims to be the fastest Android emulator for your PC

Filed under
Android

When it comes to running Android on your PC, short of installing the Android x86 project, you can get by with an emulator. With that, this program called Bluestacks is probably the most popular. Enter LeapDroid, a new emulator which claims to be the “world’s fastest” Android emulator on PC. I guess we have to try it to believe it.

Read more

Open-source Linux a step closer to automotive use

Filed under
Linux

Although it may seem like Apple CarPlay and Android Auto are all the rage for dashboard infotainment systems, open-source Linux proponents haven't conceded the battle yet. The Automotive Grade Linux (AGL) project announced the release of its Unified Code Base 2.0, implementing new in-vehicle entertainment support desired by automakers and drivers.

The new code base adds support for audio routing, rear-seat entertainment systems and apps. It follows the version 1.0 release at CES earlier this year.

Read more

Syndicate content

More in Tux Machines

Games for GNU/Linux

  • Stardew Valley is now in beta for Linux
    The Stardew Valley developer tweeted out a password for a beta, but after discussing it with them on their forum I was able to show them that we can't actually access it yet. While what I was telling them may not have been entirely correct (SteamDB is confusing), the main point I made was correct. Normal keys are not able to access the beta yet, but beta/developer keys can, as it's not currently set for Linux/Mac as a platform for us.
  • Physics-based 3D puzzler Human: Fall Flat released on Steam for Linux
    Human: Fall Flat is an open-ended physics puzzler with an optional local co-op mode, developed by No Brakes Games, and available now on Steam for Linux.
  • 7 Mages brings a touch more of traditional dungeon crawling to Linux
    Controlling a party of adventurers, exploring dungeons and fighting weird magical creatures is an RPG tradition as old as the genre. Expect all that and more in this modern iteration of the classical dungeon crawler.

Linux and Graphics

Security News

  • Security advisories for Monday
  • EU to Give Free Security Audits to Apache HTTP Server and Keepass
    The European Commission announced on Wednesday that its IT engineers would provide a free security audit for the Apache HTTP Server and KeePass projects. The EC selected the two projects following a public survey that took place between June 17 and July 8 and that received 3,282 answers. The survey and security audit are part of the EU-FOSSA (EU-Free and Open Source Software Auditing) project, a test pilot program that received funding of €1 million until the end of the year.
  • What is your browser really doing?
    While Microsoft would prefer you use its Edge browser on Windows 10 as part of its ecosystem, the most popular Windows browser is Google’s Chrome. But there is a downside to Chrome – spying and battery life. It all started when Microsoft recently announced that its Edge browser used less battery power than Google Chrome, Mozilla Firefox or Opera on Windows 10 devices. It also measured telemetry – what the Windows 10 device was doing when using different browsers. What it found was that the other browsers had a significantly higher central processing unit (CPU), and graphics processing unit (GPU) overhead when viewing the same Web pages. It also proved that using Edge resulted in 36-53% more battery life when performing the same tasks as the others. Let’s not get into semantics about which search engine — Google or Bing — is better; this was about simple Web browsing, opening new tabs and watching videos. But it started a discussion as to why CPU and GPU usage was far higher. And it relates to spying and ad serving.
  • Is Computer Security Becoming a Hardware Problem?
    In December of 1967 the Silver Bridge collapsed into the Ohio River, killing 46 people. The cause was determined to be a single 2.5 millimeter defect in a single steel bar—some credit the Mothman for the disaster, but to most it was an avoidable engineering failure and a rebuttal to the design philosophy of substituting high-strength non-redundant building materials for lower-strength albeit layered and redundant materials. A partial failure is much better than a complete failure. [...] In 1996, Kocher co-authored the SSL v3.0 protocol, which would become the basis for the TLS standard. TLS is the difference between HTTP and HTTPS and is responsible for much of the security that allows for the modern internet. He argues that, barring some abrupt and unexpected advance in quantum computing or something yet unforeseen, TLS will continue to safeguard the web and do a very good job of it. What he's worried about is hardware: untested linkages in digital bridges.
  • Your Smart Robot Is Coming in Five Years, But It Might Get Hacked and Kill You
    A new report commissioned by the Department of Homeland Security forecasts that autonomous artificially intelligent robots are just five to 10 years away from hitting the mainstream—but there’s a catch. The new breed of smart robots will be eminently hackable. To the point that they might be re-programmed to kill you. The study, published in April, attempted to assess which emerging technology trends are most likely to go mainstream, while simultaneously posing serious “cybersecurity” problems. The good news is that the near future is going to see some rapid, revolutionary changes that could dramatically enhance our lives. The bad news is that the technologies pitched to “become successful and transformative” in the next decade or so are extremely vulnerable to all sorts of back-door, front-door, and side-door compromises.
  • Trump, DNC, RNC Flunk Email Security Test
    At issue is a fairly technical proposed standard called DMARC. Short for “domain-based messaging authentication reporting and conformance,” DMARC tries to solve a problem that has plagued email since its inception: It’s surprisingly difficult for email providers and end users alike to tell whether a given email is real – i.e. that it really was sent by the person or organization identified in the “from:” portion of the missive.
  • NIST Prepares to Ban SMS-Based Two-Factor Authentication
    The US National Institute of Standards and Technology (NIST) has released the latest draft version of the Digital Authentication Guideline that contains language hinting at a future ban on SMS-based Two-Factor Authentication (2FA). The Digital Authentication Guideline (DAG) is a set of rules used by software makers to build secure services, and by governments and private agencies to assess the security of their services and software. NIST experts are constantly updating the guideline, in an effort to keep pace with the rapid change in the IT sector.
  • 1.6m Clash of Kings forum accounts 'stolen'
    Details about 1.6 million users on the Clash of Kings online forum have been hacked, claims a breach notification site. The user data from the popular mobile game's discussion forum were allegedly targeted by a hacker on 14 July. Tech site ZDNet has reported the leaked data includes email addresses, IP addresses and usernames.
  • Hacker steals 1.6 million accounts from top mobile game's forum
    [Ed: vBulletin is proprietary software -- the same crap Canonical used for Ubuntu forums]

The saga continues with Slackware 14.2

Slackware is the oldest surviving Linux distribution and has been maintained since its birth by Patrick Volkerding. Slackware has a well deserved reputation for being stable, consistent and conservative. Slackware is released when it is ready, rather than on a set schedule, and fans of the distribution praise its no-frills and no-fuss design. Slackware adheres to a "keep it simple" philosophy similar to Arch Linux, in that the operating system does not do a lot of hand holding or automatic configuration. The user is expected to know what they are doing and the operating system generally stays out of the way. The latest release of Slackware, version 14.2, mostly offers software updates and accompanying hardware support. A few new features offer improved plug-n-play support for removable devices and this release of Slackware ships with the PulseAudio software. PulseAudio has been commonly found in the audio stack of most Linux distributions for several years, but that is a signature of Slackware: adding new features when they are needed, not when they become available. In this case PulseAudio was required as a dependency for another package. Slackware 14.2 is available in 32-bit and 64-bit builds for the x86 architecture. There is also an ARM build. While the main edition of Slackware is available as an installation disc only, there is a live edition of Slackware where we can explore a Slackware-powered desktop environment without installing the distribution. The live edition can be found on the Alien Base website. Both the live edition and the main installation media are approximately 2.6GB in size. For the purposes of this review I will be focusing on the main, installation-only edition. Booting from the install media brings us to a text screen where we are invited to type in any required kernel parameters. We can press the Enter key to take the default settings or wait two minutes for the media to continue booting. A text prompt then offers to let us load an alternative keyboard layout or use the default "US" layout. We are then brought to a text console where a brief blurb offers us tips for setting up disk partitions and swap space. The helpful text says we can create partitions and then run the system installer by typing "setup". Read more