Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 16 Sep 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Security: Vista 10 Woes, Linux FUD and More

Filed under
Security
  • Caution: KB4515384 is breaking audio on Windows 10

    If you’ve already installed KB4515384, and you want to try and fix the audio problem before you attempt the uninstall it, there is really only solution that you can try. Open the Control Panel sound settings.

    On the Playback tab, double-click your speakers to open their Properties. The properties window should have an ‘Enhancements’ tab though, it may be missing as in the case of the screenshot below. If the tab is there, go to it and enable all enhancements, and click Apply. Next, disable them all, and click Apply again.

  • Lilocked ransomware (Lilu) affects thousands of Linux-based servers [Ed: This is not about "Linux"; they're repeating ZDNet (tabloid) talking points from their anti-Linux trolls, whom CBS hired to attack Linux (the real issue here is malware being installed)]

    A ransomware strain named Lilocked or Lilu has been affecting thousands of Linux-based servers all over the world since mid-July and the attacks got intensified by the end of August, ZDNet reports.

  • From PowerShell to auditing: Expand your cybersecurity know-how at SANS London 2019 [Ed: PowerShell is used a lot by CRACKERS. Why does The Register associate NSA back-doored stuff with security? (clue/hint: money)]
  • DigitalOcean Continues Working On Linux Core Scheduling To Make HT/SMT Safer

    With Hyper Threading continuing to look increasingly unsafe in data centers / shared computing environments in light of all the speculative execution vulnerabilities exposed thus far particularly with L1TF and MDS having no SMT-secure mitigation, DigitalOcean continues working on their Linux kernel "core scheduling" patches so they can still make use of HT/SMT in a sane and safe manner.

    DigitalOcean's core scheduling work is their way to make Hyper Threading safe by ensuring that only trusted applications run concurrently on siblings of a core. Their scheduler also tries to be smart about not using SMT/HT in areas where it could degrade performance.

Games: Puzzle Agent, Steam Play Proton and More

Filed under
Gaming
  • Gaming: Puzzle Agent

    Two lovely but short puzzle games: Puzzle Agent and Puzzle Agent II, follow agent Nelson Tethers in his quest to solve an obscure case in Scoggins, Minnesota: The erasers factory delivering to the White House stopped production – a dangerous situation for the US and the world. Tethers embarks on a wild journey.

  • Just some of the games coming to Linux in 2019, the September edition

    It's been quite a while since we had a listicle of interesting games gearing up for release on Linux in 2019, let's take a fresh look today.

    There's a huge amount coming and this list is by no means exhaustive (that would be impossible), plenty still to even be announced yet that I know of. This is just a nice and simple reminder on a few interesting titles you may have forgotten about or perhaps you might find something new.

  • Steam Play Proton 4.11-4 has been release into the wild

    Get ready for another weekend full of testing games, as Valve and CodeWeavers have put out a fresh official build of Steam Play Proton for your pleasure.

  • Proton 4.11-4 Released With Updated DXVK, Improved PS4 Controller Handling

    In time for any weekend gaming, Valve's team maintaining their Proton downstream of Wine for powering Steam Play to run Windows games on Linux has issued their v4.11-4 update.

    Proton 4.11-4 is another update to their Wine 4.11 derived branch. With Proton 4.11-4 comes integrated the new DXVK 1.3.4, D9VK 0.21-rc-p, and FAudio 19.09 as some prominent component updates.

TPC-71W next-generation Arm-Based Industrial Panel PC for IoT applications

Filed under
GNU
Linux
Hardware

Advantech Industrial IoT Group, announced TPC-71W – the new generation of its industrial panel PCs aimed at machine automation and web-terminal applications. TPC-71W is a cost-efficient, Arm-based industrial panel PC that features a 7” true-flat display with P-CAP multi-touch control, high resolution and an NXP Arm Cortex -A9 i.MX 6 dual/quad-core processor to deliver high-performance computing. The system also features a serial port with a 120Ω termination resistor that supports the CAN 2.0B protocol and offers a programmable bit rate of up to 1 Mb/sec. Equipped with the Google Chromium embedded web browser and support for various operating systems, including Android, Linux Yocto, and Linux Ubuntu with QT GUI toolkits, TPC-71W allows system integrators to easily develop and deploy a wide range of industrial applications.

Read more

Also: Raspberry Pi CM3+ based EagleEye Smart Camera Works with OpenCV and LabVIEW NI Vision

Stallman Under Fire for Views on Epstein

Filed under
GNU
  • Famed MIT Scientist Defends Epstein: Victims Were ‘Entirely Willing’

    While MIT engages in damage control following revelations the university’s Media Lab accepted millions of dollars in funding from Jeffrey Epstein, a renowned computer scientist at the university has fanned the flames by apparently going out of his way to defend the accused sex trafficker — and child pornography in general.

    Richard Stallman has been hailed as one of the most influential computer scientists around today and honored with a slew of awards and honorary doctorates, but his eminence in the academic computer science community came into question Friday afternoon when purportedly leaked email excerpts showed him suggesting one of Epstein’s alleged victims was “entirely willing.”

  • Prominent computer scientist at MIT argues definition of rape in defending money from dead sex offender

    Richard Stallman, founder of Cambridge's Free Software Foundation and a visiting scientist at MIT, argues that Jeffrey Epstein's victims were likely "entirely willing" and to stop besmirching the good name of deceased MIT AI guru Marvin Minsky just because he might have "had sex with one of Epstein’s harem."

    Vice reports Stallman made his comments on an MIT mailing list on which he objected to a protest being planned for next week over MIT's ties to the convicted sex offender long after his conviction.

  • Free software icon Richard Stallman has some moronic thoughts about pedophilia

    The world of academia is in turmoil over the shock discovery that disgraced financier Jeffrey Epstein funded several several prestigious science and technology research labs, including MIT’s Media Lab, long after his 2008 conviction for sex crimes involving children.

    For the late Epstein, his generous donations served to whitewash his tainted reputation. They were part of a well-sculpted PR effort that also included paid-for puff pieces in publications like Forbes and HuffPost, which emphasised his philanthropy, while conveniently ignoring his crimes.

  • Famed Computer Scientist Richard Stallman Described Epstein Victims As 'Entirely Willing'

    Richard Stallman, the computer scientist best known for his role in the free software movement, has joined the list of MIT men going out of their way to defend the university’s relationships with convicted sex offender Jeffrey Epstein.

    Selam Jie Gano, an MIT alum, posted on Medium about an email thread in which Stallman argued that the late Marvin Minsky—an AI pioneer accused of assaulting one of Epstein's victims, Virginia Giuffre—had not actually assaulted anyone.

  • MIT Community Horrified by Famed Researcher’s Epstein Outburst

    Since the July arrest of Jeffrey Epstein on charges of sex trafficking, a number of huge names in the world of tech — from Bill Gates to Elon Musk — have attempted to defend or deny any inkling of a relationship with the financier.

    But one prominent computer scientist is seemingly going out of his way to insert himself into the scandal: MIT Visiting Scientist Richard Stallman.

    MIT accepted millions of dollars in funding from Epstein, prompting one student group to organize a protest calling for the resignation of any senior MIT administrators who knew about the donations.

Events: Akademy and LibOCon

Filed under
KDE
LibO
  • Akademy Report

    “Who are you people?”

    That’s what the woman selling the ferry tickets at Varenna asked me once she realized I speaked Italian. She was definitely not used to a group of ~80 people wearing a blue badge. Another woman who was selling stuff on the street asked me if we were a school.

    It’s been an amazing week and a very productive Akademy. A lot has been discussed and a lot has been decided. On my side, I’ve hosted a Dolphin BoF where we discussed both boring things (e.g. where to send bugzilla notification mails) as well as the awesome new features we are getting into Dolphin. Alexander talked about the status of the KIO Fuse project, while Méven talked about his work on the kioslave for the recently used files.

  • Akademy 2019 Wednesday and Thursday BoF Wrapup

    Wednesday continued the Akademy BoFs, group sessions and hacking in the morning followed by the daytrip in the afternoon to Lake Como, to have some fun, get away from laptops and get to know each other better. Thursday was back to BoFs, meetings and hacking culminating in a wrapup session at the end covering the last two days so that what happened in the different rooms can be shared with everyone including those not present.

  • LibOCon 2019 Almeria - How to debug the Online conveniently

Linux 5.4 and Beyond

Filed under
Linux
  • Kernel Lockdown Feature Will Try To Land For Linux 5.4

    After going through 40+ rounds of revisions and review, the Linux kernel "LOCKDOWN" feature might finally make it into the Linux 5.4 mainline kernel.

    While not yet acted upon by Linus Torvalds with the Linux 5.4 merge window not opening until next week, James Morris has submitted a pull request introducing the kernel lockdown mode for Linux 5.4.

  • Linux 5.4 Pull Requests Begin With AMD EPYC Rome EDAC Support, 64-Bit ARM Updates

    Linux 5.3 isn't being released until this weekend after being delayed by one week, but already there have been a few early pull requests submitted for the to-be-opened Linux 5.4 merge window.

    The early Linux 5.4 material submitted so far includes:

    ARM64 updates come in with a growing number of contributors to this 64-bit ARM architecture code. This time around there is support for 52-bit virtual addressing, early random number generator (RNG) seeding by the bootloader, improved robustness of SMP booting, support for the NXP i.MX8 DDR PMU, and various other fixes and improvements.

  • Linux 5.4 Bringing Support For Lenovo's "PrivacyGuard" On Newer ThinkPads

    Newer high-end Lenovo ThinkPad laptops feature an option called "PrivacyGuard" for restricting the usable vertical and horizontal viewing angles of the LCD display, similar to what has been achievable previously using film covers and the like. With Linux 5.4 this feature will be supported by the kernel if concerned about others looking over your shoulders at your screen, etc.

    Lenovo PrivacyGuard allows restricting the usable vertical/horizontal angles of the laptop's LCD panel so that ideally no one else but the user can view the screen contents. Unlike film covers or other practices, PrivacyGuard can be easily enabled/disabled depending upon your location. PrivacyGuard hasn't worked under Linux up to this point but is coming now with Linux 5.4.

  • Support Is Being Worked On For Root File-System Support Over SMB Protocol

    More details on this work can be found via this patch series including the first patch with more documentation on this support for root file-systems via Samba shares.

    These patches aren't in the current CIFS for-next branch so it doesn't look like this functionality will be making it for Linux 5.4.

SUSE CaaS

Filed under
SUSE
  • The Next SUSE CaaS Platform is Here!

    The SUSE CaaS Platform team is excited to announce the availability of our new version 4 – a container management solution that is easier to deploy and manage at scale, richer than ever in security and control, and ready with the latest innovations!

  • SUSE Bolsters Security, Advanced Networking in SUSE CaaS Platform 4

    SUSE has revamped its SUSE CaaS Platform with a wide range of updates, including advanced networking for Kubernetes that will make it easier to configure networking with the platform, and has also bolstered its SUSE Cloud Application Platform with refinements such as improved user interface features.

    The biggest improvement to SUSE Container as a Service (CaaS) Platform 4, which is built for application developers, DevOps teams and Kubernetes container platform operators, is the new advanced networking for Kubernetes which is being brought in via the Cilium open source project, according to SUSE. Cilium works to transparently secure network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes.

Programming Leftovers

Filed under
Development
  • Highlights From The 2019 Pandas Hack

    Taking place simultaneously in Austin, Bentonville, and Dallas from August 16–18, the Pandas Hack was a weekend hackathon focused on providing updates and bug fixes to the pandas data science library.

  • Updated high-DPI support for Qt 5.14
    Hi all,
    
    We’ve recently merged several patches which improves Qt’s high-DPI support. The changes include:
    
    * Support for fractional device pixel ratios (e.g. Windows 150%)
    * Support per-screen DPI in more places like QStyle
    * Cleanup of configuration API and options.
    
    These fixes applies mostly to the AA_EnableHighDpiScaling type of high-DPI support where 
    the device independent coordinate system is set up by QtGui. Relevant platforms include Windows,
    X11, and Android. The new code and and config options are cross-platform though; it should be
    possible to develop and test on any platform (as long as you are not working on platform plugins).
    
    
  • Qt 5.14 Is Bringing Significantly Better HiDPI Support

    Besides KDE seeing its own HiDPI improvements like fractional scaling on Wayland recently landing, the Qt5 tool-kit is seeing more HiDPI improvements on its end too.

    With Qt 5.14 that is slated to be released before year's end there will be better HiDPI support for dealing with today's modern high pixel density displays. Some of the Qt 5.14 HiDPI improvements include support for fractional device pixel ratios, supporting per-screen DPIs more throughout the tool-kit, configuration API clean-ups, platform plug-in additions, an API for setting the rounding policy for the scaling factor, and expanding the supported environment variables for testing the functionality.

  • Reactive Foundation tackles next phase of software architecture

    “With the rise of cloud-native computing and modern application development practices, reactive programming addresses challenges with message streams and will be critical to adoption,” said Michael Dolan, VP of strategic programs at the Linux Foundation. “With the Reactive Foundation, the industry now has a neutral home for supporting the open source projects enabling reactive programming.”

    [...]

    RSocket builds on reactive streams to prevent outages and is designed to support microservices-based and cloud-native applications as a high-performance replacement of traditional HTTP. It enables long-lived streams on different transport connections, which is useful for mobile to server communication. The foundation will also seeks to expand the open-source community around RSocket and reactive programming.

    “After more than a decade of innovations, the reactive ecosystem is making it into mainstream adoption with Project Reactor, Spring Boot and the Spring Framework accelerating its adoption,” said Stephane Maldini, project reactor lLead at Pivotal. “Together, we can build hyper efficient, scalable distributed systems by rethinking the way we design them and by using the right protocol to coordinate them.”

Games: Dota Underlords, Natural Selection 2, Iron Danger

Filed under
Gaming
  • Dota Underlords to get 2 actually playable Underlords, the Duos team mode and more next month

    Valve have teased what they're calling 'The Big Update' to release in early October, with the final release due not long after that for the first official season.

    The news comes from the first of two smaller updates released over the last few days, all update notes can be seen here. What Valve said they will be doing is adding in 2 playable Underlords, the Duos team mode, 6 new Heroes, 3 new Alliances and an updated user interface. That will come sometime in the first part of October, with the "final stop" (the 1.0 release) to come shortly after with 2 more Underlords, the proper Battle Pass, the City Crawl and the start of the first season.

  • Unknown Worlds are dumping the Linux version of Natural Selection 2

    Some sad news to share this Friday evening, as Unknown Worlds Entertainment have announced they're calling it a day for the Linux version of Natural Selection 2.

    Posted in an official announcement on the NS2 website, they claim they're doing this as a result of it apparently being "more difficult to support and develop for the platform natively" including issues like not finding enough users with QA experience to help.

    Unlike what happened with Rust, they're not offering refunds to previous buyers. They say to claim a refund from Valve if you purchased it in the last "30" days which isn't even right, it's two weeks (and under two hours) on Valve's refund option. They will, however, continue their Linux server.

  • Story-driven tactical RPG with time manipulation mechanics 'Iron Danger' should come to Linux

    Here's some fun news, Iron Danger from Action Squad Studios sounds interesting and it's trying to set itself apart from the many turn-based tactical RPGs out there.

    With the fate of the entire world apparently in your hands you will deal with cosmic magic, monsters and colossal war machines in an attempt to save it. I like games that combine elements from different time periods, so you're dealing with both magic and machine here. You take on the role of Kipuna, a "simple village girl" who ends up gaining power over time itself and this is used during combat.

Wine 4.16

Filed under
Software
Gaming
  • Wine Announcement
    The Wine development release 4.16 is now available.
    
    What's new in this release (see below for details):
      - More reliable mouse grabbing in games.
      - Better cross-compilation support in WineGCC.
      - Improved compatibility with Windows debuggers.
      - Various bug fixes.
    
    
  • Wine 4.16 is out with 'more reliable mouse grabbing in games'

    The Wine team have opened up another bottle of the good stuff this evening, with the Wine 4.16 development release now available.

  • Wine 4.16 Bringing Better Compatibility With Windows Debuggers

    Wine 4.16 is out as the newest bi-weekly development snapshot leading up to the Wine 5.0 release in just a few more months.

    Wine 4.16 brings more reliable mouse grabbing for Windows games, better cross-compilation support with WineGCC, and improved compatibility with Windows debuggers.

The Sandy Bridge Core i7 3960X Benchmarked Against Today's Six-Core / 12 Thread AMD/Intel CPUs

Filed under
Graphics/Benchmarks

Complementing our recent AMD Ryzen 5 3600X Linux benchmarking, with recently having out the Intel Core i7 3960X Sandy Bridge Extreme Edition, here are benchmarks showing that previous $999 USD six-core / twelve-thread processor compared to today's Ryzen 5 3600X (and previous-generation Ryzen 5 2600X) as well as the Core i7 8700K.

As some Friday benchmarking fun, this article offers a fresh look at how the once high-end Core i7 3960X compared to today's AMD Ryzen 5 processors at six-cores / twelve-threads and also having in the similarly core/thread count Core i7 8700K.

Besides the Core i7 3960X having cost a great deal more ($999~1059 USD compared to the Ryzen 5 3600X at $250 USD), the i7-3960X has a 130 Watt TDP compared to the Zen 2 mid-range processor at 95 Watts. The i7-3960X carries a 3.3GHz base clock with 3.9GHz turbo frequency compared to the 3600X at 3.8GHz and boosting up to 4.4GHz.

Read more

Archman Linux: Pure Arch With Extra Flair

Filed under
Linux
Reviews

The distro's origin is Turkey. That by itself is not an issue, but the reach of the Archman community's language localization seems a bit short.

In numerous documentation and website displays, the use of English is a bit awkward. The flawed English does not seem to be a factor within the operating system itself though. Still, if you are struggling to deal with Arch idiosyncrasies, side-stepping some of the phraseology can add to the frustration.

Distros based on Arch Linux usually are not a good starting choice for newcomers to the Linux operating system. Users need a better handle on how Linux works to use Arch-based distros successfully. Considerable background reading is necessary for things to make sense with minimal frustration.

Arch Linux distros in general are not ideal operating systems for users with little Linux experience. Developers of distros such as Archman Linux are trying to change that reputation. Archman Linux can be a good second OS to use as a tool for learning more about how Linux works.

Read more

3rd gen kit for embedded linux self-training is Raspberry Pi B-based

Filed under
Linux

The 3rd generation Embedded Linux Learning Kit from Intellimetrix includes a Raspberry Pi 3B board, a Pi HAT with peripherals, power supply, cables and Linux software. It also features a manual tailored specifically for self-teaching yourself embedded Linux.

Intellimetrix has announced the immediate availability of the third generation of its Embedded Linux Learning Kit (E.L.L.K.). The firm touts it as a complete, hands-on way to get started using embedded Linux. Intellimetrix is a consulting firm specializing in real-time and embedded training and software development.

Read more

Why the founder of Apache is all-in on blockchain

Filed under
OSS

As Behlendorf tells the story, Apache came out of an environment when "we might have had a more beneficent view of technology companies. We still thought of them as leading the fight for individual empowerment."

At the same time, Behlendorf adds, "there was still a concern that, as the web grew, it would lose its character and its soul as this kind of funky domain, very flat space, supportive of freedoms of speech, freedoms of thought, freedoms of association that were completely novel to us at the time, but now we take for granted—or even we have found weaponized against us."

This led him to want Apache to address concerns that were both pragmatic in nature and more idealistic.

The pragmatic aspect stemmed from the fact that "iteratively improving upon the NCSA web server was just easier and certainly a lot cheaper than buying Netscape's commercial web server or thinking about IIS or any of the other commercial options at the time." Behlendorf also acknowledges, "it's nice to have other people out there who can review my code and [to] work together with."

There was also an "idealistic notion that tapped into that zeitgeist in the '90s," Behlendorf says. "This is a printing press. We can help people publish their own blogs, help people publish their own websites, and get as much content liberated as possible and digitized as possible. That was kind of the web movement. In particular, we felt it would be important to make sure that the printing presses remained in the hands of the people."

Read more

Events and Shows: IBC 2019, User Error and Ubuntu Podcast

Filed under
OSS
  • Open Source at IBC 2019

    Showcasing two brand new Open Source software demonstrations featuring the Xilinx high-performance Zynq UltraScale+ MPSoC, and the Magic Leap One augmented reality headset.

  • Splitting Fun and Profit | User Error 74

    It's another #AskError episode. The finances of social situations and FOSS projects, automated vehicles, and ways to cheer up.

  • Ubuntu Podcast from the UK LoCo: S12E23 – Wing Commander

    This week we’ve been playing Pillars of Eternity. We discuss boot speed improvements for Ubuntu 19.10, using LXD to map ports, NVIDIA Prime Renderer switching, changes in the Yaru theme and the Librem 5 shipping (perhaps). We also round up some events and some news from the tech world.

    It’s Season 12 Episode 23 of the Ubuntu Podcast! Alan Pope and Mark Johnson are connected and speaking to your brain.

Programming: Bash/Command Line, Python and More

Filed under
Development
HowTos
  • Add leading zeroes that aren't really leading

    A leading zero can be a useful addition to a number string, and there are several ways to add one or more leading zeroes on the command line. The addition is a little less straightforward if the leading zero sits inside a non-numeric string. This post deals with a couple of such cases.

  • Always Launch Terminal as root User (sudo) in Ubuntu

    While working with the Ubuntu command line, the Terminal, we come across situations that require us to log in as root again and again. Ubuntu does that for protecting our system in order to avoid any user or script that opens the Terminal for any malicious activities that put your privacy and system at risk. Root allows far more access than a standard user needs on the command line. With root in action, features that make Ubuntu more secure are no longer working for you. Just consider running a web browser as root!

  • Fastest Python function to slugify a string

    The code is 7-8 years old and relates to a migration when MDN was created as a Python fork from an existing PHP solution.

    I couldn't help but to react to the fact that it's a list and it's looped over every single time. Twice, in a sense. Python has built-in tools for this kinda stuff. Let's see if I can make it faster.

  • Should you use "dot notation" or "bracket notation" with pandas?

    If you prefer bracket notation, then you can use it all of the time! However, you still have to be familiar with dot notation in order to read other people's code.

    If you prefer dot notation, then you can use it most of the time, as long as you are diligent about renaming columns when they contains spaces or collide with DataFrame methods. However, you still have to use bracket notation when creating new columns.

  • Solving Sequence Problems with LSTM in Python's Keras Library

    Time series forecasting refers to the type of problems where we have to predict an outcome based on time dependent inputs. A typical example of time series data is stock market data where stock prices change with time. Similarly, the hourly temperature of a particular place also changes and can also be considered as time series data. Time series data is basically a sequence of data, hence time series problems are often referred to as sequence problems.

  • How the Worlds of Linux and Windows Programming Converged

    Once upon a time, the world of developers was split into two halves: One half was composed of Windows developers, who created most of the productivity apps that powered PCs (and, occasionally, servers). The other half comprised Linux and Unix developers, whose work focused on server-side development. Today, however, as the worlds of Windows and Linux move ever closer together, the distinction between Windows and Linux developers is disappearing. Gone are the days when you had to specialize in one ecosystem or the other.

Red Hat: Edge Computing, Red Hat Success Stories, OpenShift 4.2 and More

Filed under
Red Hat
  • 10 edge computing myths, debunked

    Edge computing can mean different things to different technology leaders – from “anything that’s not in the cloud” to “the practice of capturing, storing, processing, and analyzing data nearest to where the data is generated.” As important as knowing what edge computing is, however, is understanding what it is not.

    [...]

    “Edge can vary based on computing, storage, and where you engage streaming data,” says Jason Mann, VP of IoT at SAS. It will also vary based on your point of view, adds Hopkins. The enterprise edge will look different than a cloud vendor’s or a telco’s edge.

  • Red Hat Success Stories: Reducing friction in Southeast Asia banking and more

    Wondering how Red Hat is helping its customers to succeed? Last month we published six customer success stories that highlight how we've helped customers gain efficiency, cut costs, and transform the way they deliver software. Read on to find out how Ascend Money, Heritage Bank, Generali Switzerland, and others have worked with Red Hat to improve their business.

    [...]

    To improve the efficiency of its application processes, Ascend Money decided to migrate its legacy applications to a standardized platform using Red Hat technology. With assistance from Red Hat Consulting, Ascend Money moved both its legacy applications and new cloud-native services to OpenShift Container Platform, providing a single platform for IT and developers to collaborate across cloud environments.

  • OpenShift 4.2 Disconnected Install

    In a previous blog, it was announced that Red Hat is making the OpenShift nightly builds available to everyone. This gives users a chance to test upcoming features before their general availability. One of the features planned for OpenShift 4.2 is the ability to perform a “disconnected” or “air gapped” install, allowing you to install in an environment without access to the Internet or outside world.

  • Develop with Node.js in a container on Red Hat Enterprise Linux

    In my previous article, Run Red Hat Enterprise Linux 8 in a container on RHEL 7, I showed how to start developing with the latest versions of languages, databases, and web servers available with Red Hat Enterprise Linux 8, even if you are still running RHEL 7. In this article, I’ll build on that base to show how to get started with Node using the current RHEL 8 application stream versions of Node.js and Redis 5.

    From my perspective, using Red Hat Enterprise Linux 8 application streams in containers is preferable to using software collections on RHEL 7. While you need to get comfortable with containers, all of the software installs in the locations you’d expect. There is no need to use scl commands to manage the selected software versions. Instead, each container gets an isolated user space. You don’t have to worry about conflicting versions.

    In this article, you’ll create a Red Hat Enterprise Linux 8 Node.js container with Buildah, and run it with Podman. The code will be stored on your local machine and mapped into the RHEL 8 Node.js container when it runs. You’ll be able to edit the code on your local machine as you would any other application. Because it is mapped via a volume mount, the changes you make to the code will be immediately visible from the container, which is convenient for dynamic languages that don’t need to be compiled. This method isn’t the way you’d want to do things for production, but it gets you started developing quickly and should give you essentially the same development inner loop as you’d have when developing locally without containers. This article also shows how you can use Buildah to build an image with your completed application that you could use for production.

    Additionally, you’ll set up the Red Hat Enterprise Linux 8 Redis application stream in a container that is managed by systemd. You’ll be able to use systemctl to start and stop the container just as you would for a non-container installation.

Security: FOSS Updates, Windows Spying as 'Security', Linux Package Management

Filed under
Security
  • Security updates for Friday

    Security updates have been issued by Debian (curl, dnsmasq, and golang-go.crypto), Mageia (docker, firefox, flash-player-plugin, ghostscript, links, squid, sympa, tcpflow, thunderbird, and znc), openSUSE (srt), Oracle (.NET Core, kernel, libwmf, and poppler), Scientific Linux (firefox), SUSE (cri-o, curl, java-1_8_0-ibm, python-SQLAlchemy, and python-urllib3), and Ubuntu (curl and expat).

  • Microsoft Issues New Windows 10 Update Warning

    Meanwhile, the Windows Latest reports the Start menu stops working for some users who have upgraded to KB4515384 with Windows 10 delivering the following errors: “We’ll try to fix it the next time you sign in” and “Critical Error - Your Start menu isn’t working”

  • Heads up: Microsoft is back to snooping with this month’s Win7 and 8.1 'security-only' patches

    Two months ago, the July Win7 security-only patch was found to install telemetry software, triggered by newly installed scheduled tasks called ProgramDataUpdater, Microsoft Compatibility Appraiser, and AitAgent. As best I can tell, Microsoft never admitted that its security-only patch dropped a telemetry component.

    The August security-only update didn’t include that bit of snooping, so it looked like the July snooping was a one-off aberration.

    Now we’re learning that the September security-only patches for both Win 7 and Win 8.1 have this, shall we say, feature.

    [...]

    What information is Microsoft collecting? I don’t know. Telemetry is frequently downplayed as being largely uninteresting blobs of unattributed data. If that’s the case, why is Microsoft collecting it now, after all these years? It hasn’t even acknowledged (as best I can tell) that it's collecting it via security-only patches.

  • Security Issues with PGP Signatures and Linux Package Management

    In discussions around the PGP ecosystem one thing I often hear is that while PGP has its problems, it's an important tool for package signatures in Linux distributions. I therefore want to highlight a few issues I came across in this context that are rooted in problems in the larger PGP ecosystem.

    Let's look at an example of the use of PGP signatures for deb packages, the Ubuntu Linux installation instructions for HHVM. HHVM is an implementation of the HACK programming language and developed by Facebook. I'm just using HHVM as an example here, as it nicely illustrates two attacks I want to talk about, but you'll find plenty of similar installation instructions for other software packages. I have reported these issues to Facebook, but they decided not to change anything.

Syndicate content

More in Tux Machines

Fedora: GSoC, Fedora Program Management, PHP, Fedora Infrastructure, Test Day and EPEL

  • Fedora Community Blog: GSoC summer 2019: Fedora Gooey Karma

    The day GSoC projects list was published I started sorting out all the organizations that I’d enjoy working with. Being a Linux user/enthusiast I filtered down to a bunch of Linux distros and desktop managers. Sorting out all the projects, Fedora-Gooey-Karma seemed to be a project that suited the skills I have. Once I was sure that Fedora Gooey Karma is a project that I would love to work on during the summer, I mailed @sumantro about the project. We talked about the project on mails.

  • Fedora Community Blog: FPgM report: 2019-37

    Here’s your report of what has happened in Fedora Program Management this week. Fedora 31 Beta is go! I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

  • PHP version 7.2.23RC1 and 7.3.10RC1

    Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests (for x86_64 only), and also as base packages. RPM of PHP version 7.3.10RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux. RPM of PHP version 7.2.23RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 29 or remi-php72-test repository for Enterprise Linux.

  • Karsten Hopp: Onboarding Fedora Infrastructure

    I'm using / working on Fedora since FC-1 and just recently joined the Infrastructure team.

  • Fedora Community Blog: Fedora 31 Gnome Test Day 2019-09-18

    Wednesday, 2019-09-18 is the Fedora 31 Gnome Test Day! As part of changes Gnome 3.34 in Fedora 31, we need your help to test if everything runs smoothly!

  • EPEL Bug: Bash errors on recent EL-8 systems.

    Last week, I got asked about a problem with using EPEL-8 on Oracle Enterprise Linux 8 where trying to install packages failed due to bad license file. I duplicated the problem on RHEL-8 which had not happened before some recent updates.

Games: CodeWeavers, gamepad and Cascade

  • Linux 5.4 To Fix Many Newer 64-bit Windows Games On Wine / Steam Play

    A kernel patch from CodeWeavers is landing in the Linux 5.4 kernel and will help some 64-bit Windows games run nicely under Wine (and the likes of CrossOver / Valve's Proton) with newer Intel and AMD systems. With the few x86 Assembly patches for Linux 5.4 is a UMIP addition by CodeWeavers' Brendan Shanks that ends up being quite important for running a number of Windows games under Proton/Wine on newer AMD/Intel Linux systems.

  • You may want to hold off on Linux Kernel 5.3 and systemd 243 if you use a gamepad

    Did you do a big system upgrade recently and notice you're having gamepad issues? You're not alone. Time to downgrade perhaps. To be clear this might only be an issue for the more bleeding-edge distributions which update more often, or those of you who are doing some manual updates to their system. The distributions that update more slowly like Ubuntu are likely unaffected right now.

  • Cascade – a turn-based text arcade game

    I wrote this game about 20 years ago. Glad to see it still compiled out of the box on the latest Linux distro! Download it from here. If anyone can remember the name or any details of the original 1980s MS-DOS game that I copied the idea from, please let me know in the comments.

GNOME's Sammy Fung and Bin Li

  • Molly de Blanc: Meet the GNOMEies: Sammy Fung

    Sammy is a freelancer, community organizer, and GNOME enthusiast from Hong Kong. For almost 20 years, Sammy has been using, GNOME and building community in Asia.

  • Bin Li: GUADEC 2019

    Thessaloniki is very peaceful place, every morning I liked to walk along the seaside to the venue. As usual, it was a great and enjoyable GUADEC, thanks to everyone who helped to make it. In core days I attended a lot of great talks in this year, I learned a lot of latest status of GNOME, and here are my favorite talks, “Managing GNOME Sessions with Systemd“, “State of the Shell“, “Packing up Boxes“, “Modernizing Desktop Linux Development with Containers“, “Is the Linux Desktop Really Dead?“. I also enjoy watching Lighting talks every year. In this year Britt Yazel’s lighting talks, I knew the GUADEC App was based on Connfa, and it’s also an open source project. This App is very convenient, I could check schedule at any time.

SUSE: YaST Development Sprint 84 and SUSE 'in Space'

  • Highlights of YaST Development Sprint 84

    The YaST Team finished yet another development sprint last week and we want to take the opportunity to let you all glance over the engine room to see what’s going on. Today we will confess an uncomfortable truth about how we manage the Qt user interface, will show you how we organize our work (or at least, how we try to keep the administrative part of that under control) and will give you a sneak peak on some upcoming YaST features and improvements. Let’s go for it!

  • Lunar Vacation Planning

    HPE, one of SUSE’s most important partners in High-Performance Computing and the advancement of science and technology, is now building NASA’s new supercomputer named “Aitken” to support Artemis and future human missions to the moon. HPE’s “Aitken” supercomputer will be built at NASA’s Ames Research Center and will run SUSE Linux Enterprise HPC (co-located where the Pleiades supercomputer – also SUSE-based – has been advancing research for several years). Aitken will run extremely complex simulations for entry, descent and landing on the moon as part of the Artemis program. The missions include landing the next humans on the lunar south polar region by 2024 (on the rim of the Shackleton crater, which experiences constant indirect sunlight for a toasty -300 degrees Fahrenheit).