Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 19 Mar 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Security: JavaScript, WinRAR, Wi-Fi, Android and More

Filed under
  • A new rash of highly covert card-skimming malware infects ecommerce sites

    Group-IB has dubbed the JavaScript sniffer GMO after the gmo[.]il domain it uses to send pilfered data from infected sites, all of which run the Magento e-commerce Web platform. The researchers said the domain was registered last May and that the malware has been active since then. To conceal itself, GMO compresses the skimmer into a tiny space that’s highly obfuscated and remains dormant when it detects the Firebug or Google Developer Tools running on a visitor’s computer. GMO was manually injected into all seven sites, an indication that it is still relatively fledgling.

  • Nasty WinRAR bug is being actively exploited to install hard-to-detect malware

    Nasty code-execution bug in WinRAR threatened millions of users for 14 years
    The flaw, disclosed last month by Check Point Research, garnered instant mass attention because it made it possible for attackers to surreptitiously install persistent malicious applications when a target opened a compressed ZIP file using any version of WinRAR released over the past 19 years. The absolute path traversal made it possible for archive files to extract to the Windows startup folder (or any other folder of the archive creator’s choosing) without generating a warning. From there, malicious payloads would automatically be run the next time the computer rebooted.

  • How a wireless keyboard lets [intruders] take full control of connected computers

    The attacks can be carried out by anyone who is within range of an affected keyboard set and takes the time to build the hardware that exploits the replay and injection flaws. Normally, that distance is about 30 feet, but the use of special antennas could extend that range. That leaves open the possibility of attacks from hackers in nearby offices or homes.

    Friday’s SySS advisory said that there is currently no known fix for the vulnerabilities. It said company researchers privately reported the vulnerability to Fujitsu. The disclosure timeline is: [...]

  • Security researchers reveal defects that allow wireless hijacking of giant construction cranes, scrapers and excavators

    Using software-defined radios, researchers from Trend Micro were able to reverse-engineer the commands used to control massive industrial machines, including cranes, excavators and scrapers; most of these commands were unencrypted, but even the encrypted systems were vulnerable to "replay attacks" that allowed the researchers to bypass the encryption.

  • [Older] Attacks Against Industrial Machines via Vulnerable Radio Remote Controllers: Security Analysis and Recommendations

    In our research and vulnerability discoveries, we found that weaknesses in the controllers can be (easily) taken advantage of to move full-sized machines such as cranes used in construction sites and factories. In the different attack classes that we’ve outlined, we were able to perform the attacks quickly and even switch on the controlled machine despite an operator’s having issued an emergency stop (e-stop).

    The core of the problem lies in how, instead of depending on wireless, standard technologies, these industrial remote controllers rely on proprietary RF protocols, which are decades old and are primarily focused on safety at the expense of security. It wasn’t until the arrival of Industry 4.0, as well as the continuing adoption of the industrial internet of things (IIoT), that industries began to acknowledge the pressing need for security.

  • How Ethereum Applications Earn A+ Security Ratings

    More than 1.2 million ethereum applications have used a little-known security tool to help them avoid the costly errors arising from self-executing lines of code known as smart contracts.

    Launched by ethereum technology startup Amberdata back in October, the free tool is available for anyone in the general public to interpret the security of active applications on the ethereum blockchain. Smart contracts with bugs that have been exploited have led to huge losses, even to the tune of hundreds of millions.

    The automated service scans for common vulnerabilities found in smart contract code and generates a letter grade rating (e.g. A, B, or C) for the security of a decentralized application (dapp).

    The feature is one of the many tools encouraging best practice and increased transparency between dapp developers and end-users in the ethereum ecosystem.

  • How to protect your router

    Currently, there are a variety of open source and OpenVPN capable routers to choose from, but the most popular models are the Linksys AC3200 and the Netgear Nighthawk AC1900.

  • Fighting Crypto Hacks: Company Tackles Security Issues in Ethereum Smart Contracts

    A decentralized, open-source crypto platform based on the Ethereum protocol named Callisto Network offers users free-of-charge smart contract security audits. The company wants to support them in the battle against cyber criminals and help developers solve security issues in Ethereum codes.

  • Just Android things: 150m phones, gadgets installed 'adware-ridden' mobe simulator games

    Android adware found its way into as many as 150 million devices – after it was stashed inside a large number of those bizarre viral mundane job simulation games, we're told.

    The so-called Simbad malware was built into mobile gaming titles such as Real Tractor Farming Simulator, Heavy Mountain Bus Simulator 2018, and Snow Heavy Excavator Simulator, according to infosec research biz Check Point today.

  • Google sinks more than 200 Android apps infected with SimBad adware

    The adware campaign made use of malware dubbed SimBad, which sits within a malicious software development kit called 'RXDrioder' and can perform actions after an infected Android device is booted. SimBad then connects back to a control and command server where it receives instructions from the malicious actors controlling it.

  • How To Secure Privileged Access In An Organisation
  • Open-source 64-ish-bit serial number gen snafu sparks TLS security cert revoke runaround
  • 25% of software vulnerabilities remain unpatched for more than a year [Ed: How about back doors in proprietary software? These can never be patched, they're there by design and the user cannot change the code ]
  • Shmoocon 2019, Conor Patrick’s ‘Building And Selling Solo: An Open Source Secure Hardware Token’

Istio/Tetrate Funding

Filed under
  • Tetrate emerges from stealth to bring service mesh to the enterprise

    The architects of open source *service* mesh technology Istio and Envoy have broken off to set up an enterprise-grade solution aimed at large-scale customers.

  • Tetrate raises $12.5 million to manage microservices with open source software

    San Francisco startup Tetrate, which develops an app management platform for hybrid and multicloud environments, today emerged from stealth with $12.5 million in a funding round led by Dell Technologies Capital, with participation from 8VC, Intel Capital, Rain Capital, and Samsung Next. The startup also attracted individual investments from a number of industry executives, including former Cisco chief development officer Pankaj Patel, Yubico chief product officer Guido Appenzeller, and WeWork’s Shiva Rajaraman.

  • Tetrate Launches Istio Service Mesh Offering

    Tetrate this week emerged from stealth to launch what it describes as an enterprise-class implementation of a service mesh based on the open source Istio project.

    Fresh off raising $12.5 million in funding, Tetrate’s goal is to deliver a service mesh based on Istio that will span both modern containerized applications running on Kubernetes and legacy applications running on virtual machines and bare-metal servers, says CEO Varun Talwar.

Season of Docs

Filed under

Raspberry Pi alternatives: best single-board computers

Filed under

But Raspberry Pi isn’t the only single board computer out there; there is a myriad range of pocket-sized PCs aimed at toppling Pi’s domination. They’re able to perform an immense array of tasks, from complex robotics to supporting gaming platforms or media centres. Some of these offer more than the Raspberry Pi 3 B+, with increased memory, quicker processors and more features.

Read more

Also: HiFive1 Rev B wireless open source RISC-V development platform

Vivaldi and Firefox Compared, TenFourFox FPR13 Now Available

Filed under
  • Vivaldi vs. Firefox: A user's perspective

    However, it has yet to win over the spot as my default browser. For that, I rely on Firefox. But why? I decided to use both browsers side-by-side for a few weeks to find out what it is about Vivaldi that prevents me from making the switch on a permanent basis. The end results, surprisingly, had me even more confused as to which I should be running (I'll confess what tipped the scales in a moment.).


    At this point, Vivaldi does a good job of mimicking the efficiency of Firefox. There's little more customization to be done. And yet, Firefox is still my default. Why? What is it about Firefox that makes me select it over Vivaldi? Unfortunately, the answer lies in one particular aspect that is not likely to change.

    You see, as an advocate of open source software, with all things being equal I will always go with the open source option. Now, if Vivaldi had the upper hand over Firefox with a particular feature or usability that I couldn't get with the open source equivalent, I'd happily set Vivaldi as my default (as I'm not a purist). But until said time, the open-source browser remains as my default.

    What does that say? Simple. With a few quick tweaks, Vivaldi is as efficient and solid a browser as Firefox. Outside of being open source, there is nothing Firefox can do that Vivaldi cannot mimic. Truth be told, if we're looking at a feature-for-feature comparison, Vivaldi easily comes out on top.

    Now, if Vivaldi were to shift to an open source license, I'd kick Firefox off that "Default" curb and go about my day, humming Spring's melody. Until then, Vivaldi will only come out to play for testing, or when Firefox Nightly (which is the version I use at the moment) has problems with a particular site.

  • Cameron Kaiser: TenFourFox FPR13 available

    TenFourFox Feature Parity Release 13 final is now available for testing (downloads, hashes, release notes). I added Olga's minimp3 patch for correctness; otherwise, there are no additional changes except for several security updates and to refresh the certificate and TLD stores. As usual it will go live Monday evening Pacific time assuming no difficulties.

    I have three main updates in mind for TenFourFox FPR14: expanding FPR13's new AppleScript support to allow injecting JavaScript into pages (so that you can drive a web page by manipulating the DOM elements within it instead of having to rely on screen coordinates and sending UI events), adding Olga's ffmpeg framework to enable H.264 video support with a sidecar library (see the previous post for details on the scheme), and a possible solution to allow JavaScript async functions which actually might fix quite a number of presently non-working sites.

Linux Foundation Leftovers: More of the Past Week's Coverage

Filed under
  • The Linux Foundation Unveils CommunityBridge for Open Source Developers

    This program is available to encourage participation by mentees from traditionally underrepresented or marginalized groups in technology and open source communities, including, but not limited to, persons identifying as LGBTQ, women, persons of color, and/or persons with disabilities.

  • New CI/CD Foundation Draws Tech’s Big Beasts, Open Source Donations

    CloudBees, Google, Netflix all donate open source CI/CD platforms to the new foundation

    The world’s leading tech companies have teamed up to launch a new foundation aimed at improving industry standardisation and oversight in continuous integration and delivery (CI/CD) – an automated software testing and development practice.

    The Continuous Delivery Foundation (CDF), a project initiated by CloudBees, will be staffed and operated by the Linux Foundation. Its 22 founding members include CapitalOne, CloudBees, GitLab, Google, Microsoft, Netflix, and Red Hat.

  • Alluxio Joins Cloud Native Computing Foundation (CNCF)
  • Alluxio adds support for more than 1 billion files
  • Broadcom introduces enterprise support for Open Mainframe Project's Zowe framework

    As the first open source project based on IBM's z/OS, Zowe provides the framework and capabilities to accelerate mainframe application development via modern DevOps tools, while introducing new levels of automation and infrastructure management.

  • Broadcom Introduces Enterprise Support for Open Mainframe Project's Zowe Framework
  • Google to be the founding member of CDF (Continuous Delivery Foundation)

    The formation of CDF was announced at the Linux Foundation Open Source Leadership Summit on Tuesday. CDF will act as a “vendor-neutral home” for some of the most important open source projects for continuous delivery and specifications to speed up the release pipeline process.

  • “The CDF will foster collaboration among open source projects that span the whole software delivery lifecycle.”

    Big news coming over from the CloudBees team that announces the launch of the Continuous Delivery Foundation (CD Foundation or CDF), a foundation that will operate under the umbrella of the Linux Foundation. CloudBees was the leading voice in this launch initiative, but the CDF was realized in collaboration with the Jenkins Community, Google and the Linux Foundation itself.

    To learn more about this announcement and what it has in store for the developer community, we invited Kohsuke Kawaguchi, the creator of Jenkins, to give us some insight into the goals of CDF, the details around project donations and more!

  • Continuous Delivery Foundation aims to boost success of open source projects

    An industry group made up of 22 members is launching a Continuous Delivery Foundation (CDF) to develop, nurture and promote open source projects, best practices and industry specifications related to continuous delivery.

    Founding members of the CDF include the Linux Foundation, Google, Microsoft, Netflix, Red Hat, CloudBees and the Jenkins Community

  • Continuous Delivery Foundation hopes to bring rhyme and reason to CI/CD

    At the Open Source Leadership Summit (OSLS), the Linux Foundation introduced, with a host of partners, the Continuous Delivery Foundation (CDF). Its goal? The not-so-modest one of bringing sense to continuous integration and continuous delivery (CI/CD).

  • Node.js and JS foundations are merging to form OpenJS

    The Linux Foundation today unveiled several major collaborative partnerships as it looks to cement the development of various open source projects that power much of the web.

    First off, the Node.js Foundation and the JS Foundation, which the Linux Foundation launched in 2016, are merging to form the OpenJS Foundation. The merger between the two chief organizations that focus on JavaScript comes six months after they publicly began to explore such a possibility with their communities.

  • Intel, Linux Foundation Launch Open Source Silicon Groups

    The Linux Foundation on Monday announced its new CHIPS (Common Hardware for Interfaces, Processors and Systems) Alliance with member companies Google, Western Digital, Esperanto Technologies, and SiFive. On the same day tech heavyweights Intel, Alibaba, Cisco, Dell EMC, Facebook, Google, Hewlett Packard Enterprise (HPE), Huawei, and Microsoft formed a consortium to develop open interconnect technology called Compute Express Link (CXL).


    Fellow chipmaker Nvidia, which this week outbid Intel to buy Mellanox Technologies for $6.9 billion, is notably not a member of the CXL Consortium.

Programming: JTAG, IDEs, C++, Java and Python

Filed under
  • Open source JTAG switcher improves multi-processor designs

    Debug tools supplier Lauterbach has released its JTAG Switcher VHDL source code into the public domain under the MIT Open Source License...

  • 5 Best Open Source IDEs for Java Programming Language

    Whether you are an experienced Java programmer or you are just getting into the game, you will definitely use an Integrated development environment (IDE). A Java IDE is software that houses all the necessary tools, libraries and other resources that are needed for Java programming.

  • 11 Free Resources For Learning C/C++ Programming

    C/C++ has been declared “dead” a million times over the years as Java and Python continue to grow in popularity, but still the language persists. It is one of the most widely used programming languages in most technical fields, powering backend systems that these other languages run on the front end and is also embedded into the programming of just about every machine and electronic device out there. Whether it’s engineering, high-end game programming, or robotics, C/C++ is a must, which is why we compiled 11 free resources for learning C/C++ programming to help you get started.

  • CIDLib C++ dev tool goes open source

    CIDLib, a general-purpose C++ development environment, is now open source. Note that it does use some third-party code, including a version of the Scintilla engine as the CML language source editor and parts of the standard JPEG libraries to provide JPEG file format support.

    CDLib is not based on standard C++/STL libraries but has a far lighter use of templates than what has been commonplace, making it more debuggable, developer Dean Roddey said.

  • SAP Open Sources Java SCA Tool
  • 5 Best Open Source IDEs For Python Developers

    Python is one of the best future-oriented programming languages out there. All thanks to its versatility and large developer community. Python allows you to solve complex problems in fewer lines of code. Either you want to make a career in Artificial Intelligence, Machine Learning or Data Science, you will always see python developers are being preferred over others.

    However, all these things are next to impossible in lack of a good Integrated Development Environment or IDE. If you are from a programming background, you definitely know how important it is to choose the right IDE. It doesn’t only enable you to write code faster but also helps in debugging. Today, I will share some best IDEs for Python developers that you can use to make your job simpler and easier.

  • Further modifying the Bollinger Bands features
  • ut the power bar on the game scene
  • Weekly Python StackOverflow Report: (clxix) stackoverflow python report

Openwashing and Attacks on Free Software Licensing

Filed under

Google Linux-Based Consoles and Chromebooks

Filed under
  • The first Android Q beta hints at Google's bold gaming plan

    Google has released the first beta of Android Q. It won’t give the software its official moment in the spotlight until the Google I/O conference in May, of course, but we already know some important information about its direction.

  • All signs point to a Google game console announcement at GDC

    Normally, Google showing up to the Game Developers Conference isn't a huge deal. The company does this pretty much every year—Android smartphones and Google Play are a pretty big gaming platform, after all—and it shows up with livestreams and blog posts and all the usual festivities. This year, though, is different. Google has been sending out vague teasers since last month for a GDC event, but as the date approaches, the company has been dropping more and more hints of exactly what it is announcing: Google is launching video game hardware for the Project Stream platform.

  • Google Chrome will soon support Nintendo Switch controllers

    Google Chrome may soon have native support for both the Nintendo Switch Pro controller and its Joy-Cons, according to an article from 9to5Google.

    A new commit in Chromium’s Gerrit source code, titled “Improve support for Nintendo Switch gamepads”, was discovered by both 9to5Google and Owen Williams.

  • Next@Acer event scheduled for April 11; new Chromebooks expected

    I also have a slight inkling on what new devices we might see announced but I’m still researching and checking with some sources, so it’s premature to share anything just yet. Stay tuned though.

Five in running for leader of Debian GNU/Linux project

Filed under

When it rains, it tends to pour. This seems true in the case of the Debian GNU/Linux project elections, with five developers putting their hands up to contest for the post of leader, after nobody was in the running three days out from the initial date for the closing of nominations.
On Friday, as iTWire reported, just one developer, Joerg Jaspert, had said he would be contesting the post.

Another four developers have now joined the ranks: Jonathan Carter, Sam Hartman, Martin Michlmayr and Simon Richter.

Michlmayr has been leader twice before, in 2003 and 2004. A quiet, introspective type, he is the most experienced of the five candidates.

Read more

Also: How Debian Almost Failed to Elect a Project Leader

6 Best Free Linux Electronic Medical Records Software

Filed under

In developed countries, healthcare workers represent a significant proportion of the working population. For example, in the United Kingdom, more than 1 million people work for the National Health Service, a publicly funded healthcare system. Medical software therefore has a huge market to tap. Whatever stage of a country’s economic development, health care is one of the most important elements in society.

This article focuses on software that provides Electronic Medical Records (EMR) functionality. This type of record is used in a hospital and doctor’s surgery to capture medical information, reducing the amount of physical records, and the costs associated in storing them. EMR software can make an appreciable difference to improve a medical organisation’s efficiency and raise quality standards. For example, it reduces storage costs, minimises medical errors, provides statistical reporting, and assists clinical studies.

Open source EMR software has an important role to play. In a resource poor country, commercial healthcare computer software may simply not be affordable. Alternatively, developed countries can make significant savings in IT costs by using an open source EMR system without compromising on patient care.

To provide in insight into the quality of software that is available, we have compiled a list of 6 high quality open source EMR software. Here’s our rating for each program.

Read more

Also: Best Music Players for elementary OS

Availability of KDE Plasma 5.15 on GNU/Linux Distros

Filed under

We are getting excited as Plasma 5.15 has been released (since 12 February 2019) and we soon want to test it. I have tested it on Neon and it is lightweight and very impressive. This list is for you wanting to test Plasma as quick as possible by downloading GNU/Linux distros with built-in Plasma 5.15. They are Neon 5.15, Kubuntu 19.04, Chakra, KaOS, and openSUSE Tumbleweed. You can download the ISO images from links I mentioned below and quickly run a LiveCD session of them. Additionally, I also mentioned Kubuntu 18.10 and Fedora 30 on the separate section below as they don't bundle it but make it available through repositories. Anyway, go ahead and happy testing!

Read more

Also: The Second Return of the Fluffy Bunny

Games: Mars Underground, GameCube Controllers With SDL2, Wine-Staging 4.4

Filed under
  • Mars Underground emerges on Windows and Linux

    The first day at a new school is always a challenge. It's even more challenging when you keep reliving the same day over and over, Bill Murray style, as you will in indie developer Moloch Media's newly released Mars Underground.

    In this unusual "apocalyptic adventure," the titular Mars finds himself waking up to the same school day each morning, only for the world to end once again every night to start all over again. Except it's not entirely the same, as "with each cycle new items can be picked up and topics unlocked." Players will need to "solve brain damaging mysteries" while exploring the many opportunities the time loop presents. You can choose to "take experimental prescription drugs. Talk to a toilet. Get hit by a car. Humiliate yourself repeatedly. All in the name of figuring out what on earth is going on" as you progress through branching story paths.

  • You Can Now Use Your Old GameCube Controllers With SDL2 Games

    Linux game porter Ethan Lee has taken a break from his FNA-XNA/FAudio/Wine hacking to add support to the SDL2 library for the GameCube controller adapter intended for Nintendo's Wii U / Switch devices. 

    Nintendo's adapter allows for old GameCube controllers to be used with the Wii U and Switch platforms, since the old GameCube Controllers do not offer a USB connection. Or now thanks to this support within SDL2, the GameCube Controllers can be enjoyed for some Linux gaming in SDL2-using titles.

  • Wine-Staging 4.4 Down To 770 Patch Delta, Addresses Six Year Old Bug About Silverlight

    Re-based off Friday's release of Wine 4.4, Wine-Staging 4.4 is now available though the delta compared to upstream is now many patches lighter thanks to some of the work being upstreamed.

    Wine-Staging 4.4 is only about 770 patches on top of the "vanilla" Wine, compared to not too far back when the patch delta was well over 800 patches. Over the past two weeks many patches were upstreamed including the addition of the new MSIDB tool for manipulating MSI databases representing a bulk of the mainlined code. There was also code merged around improving the D3D8 validate pixel shader function, WMCreateSyncReader, MSVIDC32, and other bits.

Linux 5.1 Will Let You Treat PMEM Like 3DXPoint Optane NVDIMMs Back As System RAM

Filed under

With broader availability expected soon for Intel Optane NVDIMMs backed by 3DXPoint memory, which offers a new means of speedy persistent memory, patches have landed in Linux 5.1 to optionally treat this persistent memory just like system RAM.

Read more

Overview of Latest KDE Changes

Filed under
  • KDE Usability & Productivity: Week 62

    Week 62 for KDE’s Usability & Productivity initiative is here, and we didn’t let up! We’ve got new features, bugfixes, more icons… we’ve got everything!

  • KDE Plasma 5.16 Will Let You Reboot Into The UEFI Setup Screen

    Similar to Microsoft Windows, KDE Plasma 5.16 is picking up an option on the shutdown screen for letting users reboot into their UEFI setup screen where supported.

    Rather than trying to hit the right key on the initial system start-up for entering the UEFI/BIOS setup screen, Plasma 5.16 is adding the option to its shutdown screen. This functionality is achieved in cooperation with Logind for setting the proper bit to allow this to happen. It's a simple but very useful option especially for enthusiasts.

Linux Support in Hardware: Mali and NicomSoft

Filed under
  • The Lima Gallium3D Driver Is Aiming To Be Merged In Mesa

    While there is the Panfrost Gallium3D driver that has been advancing rapidly within mainline Mesa for Arm's Mali newer Midgard/Bifrost architectures, the Lima driver might finally see the light of day in mainline Mesa for Mali's older 400/450 series graphics engine. 

    Lima is the open-source driver effort originally started seven years ago Luc Verhaegen but then the project ceased and more recently Qiang Yu has been working on resurrecting and advancing this original open-source, reverse-engineered Arm Mali graphics driver effort.

  • Virtual ARP 2500 For Linux

    Following on from the original release in January, NicomSoft tells us that the G2500 Virtual Analog synth, the virtual ARP 2500, has now also been released for Linux together with updates for the Mac and Windows versions.

'CryptoSink' Security Scare

Filed under
  • Cryptojacking Takes a New Turn in CryptoSink Campaign

    Researchers from F5 Labs reported on March 14 that they have discovered a new cryptojacking campaign that is abusing unpatched Elasticsearch servers.

    Unauthorized cryptocurrency mining, commonly referred to as "cryptojacking," is an attack trend that started in 2017 and hit a peak in mid-2018. With a cryptojacking attack, a hacker makes use of a system or server resources to help mine cryptocurrency. F5 Labs is dubbing the cryptojacking campaign it discovered "CryptoSink" as the attackers are identifying systems that have already been compromised by cryptojacking and are "sinkholing" or redirecting the competitive mining effort. When the competitive cryptojacking effort is sinkholed, it is effectively shut down in favor of the new CryptoSink effort.

  • New cryptominer targets Elasticsearch on Windows, Linux

    A new cryptomining campaign that targets both Windows and Linux systems running the Elasticsearch search and analytics engine has been detailed by researchers from F5 Networks.
    Andrey Shalnev and Maxim Zavodchik said in a blog post that the campaign, which they have named Cryptosink, was using a five-year-old vulnerability in Elasticsearch to gain entry to the servers.

    The initial infection vector was a malicious HTTP request that targeted Elasticsearch.


    The malware was also able to backdoor the server by adding the SSH keys of the person who was carrying out the attack.

    And it used several command and control servers, with the current live one being in China.

    Shalnev and Zavodchik said the rise of cryptomining botnets and the decline in crypto currency value meant there was tough competition among the various currencies.

Server: Facebook, Cumulus Linux and WordPress

Filed under
  • Facebook debuts Minipack, an open modular switch for datacenters

    During a keynote at the 2019 Open Compute Project (OCP) Global Summit in San Jose, Facebook today debuted Minipack, a modular whitebox network switch platform it claims is the first of its kind with an “open” design.

    “We are excited to work with the community to develop an ecosystem around Minipack,” said director of engineering at Facebook Hans-Juergen Schmidtke in a statement. “[It’s] the next generation of open, modular switch platforms that is more flexible, scalable and efficient for modern data centers.”

  • Cumulus' Linux OS first to support Facebook's modular Minipack

    Cumulus Linux will be the first network operating system to fully support Minipack, Facebook’s modular switch platform.

    Minipack is half the height of its Facebook-designed big brother, Backpack, and uses half the power. It was developed by hardware maker Edgecore Networks.

    Cumulus’ support for Minipack was announced at the Open Compute Project (OCP) Global Summit in San Jose this week.. The company also said that its Linux based OS will be available pre-installed on Minipack directly from the vendor or through Edgecore.

  • One-third of the web!

    WordPress now powers over 1/3rd of the top 10 million sites on the web according to W3Techs. Our market share has been growing steadily over the last few years, going from 29.9% just one year ago to 33.4% now. We are, of course, quite proud of these numbers!

    The path here has been very exciting. In 2005, we were celebrating 50,000 downloads. Six years later, in January 2011, WordPress was powering 13.1% of websites. And now, early in 2019, we are powering 33.4% of sites. Our latest release has already been downloaded close to 14 million times, and it was only released on the 21st of February.

Syndicate content

More in Tux Machines

Security: Updates, "US Huawei Blackballing Efforts" and Microsoft's Back Doors Keep Crackers Busy

  • Security updates for Tuesday
  • US Huawei Blackballing Efforts Stall Due To Lack Of 'Actual Facts'
    During the Trump era, the US government has dramatically ramped up claims that Chinese hardware vendor Huawei is a nefarious spy for the Chinese government, blackballing it from the U.S. telecom market. From pressuring U.S. carriers to drop plans to sell Huawei phones to the FCC's decision to ban companies from using Huawei gear if they want to receive federal subsidies, this effort hasn't been subtle. While Huawei should never be confused with a saint (what telecom company would be?) there's several problems with the effort. The biggest being that despite a decade of hand-wringing and one eighteen month investigation by the US government, there's still no public evidence Huawei uses its network gear to spy on Americans. That's not sitting well with countries we've asked to join along in the fun.
  • Sorry, Linux. We know you want to be popular, but cyber-crooks are all about Microsoft for now
    Eight out of the ten most exploited vulnerabilities tracked by threat intelligence biz Recorded Future in 2018 targeted Microsoft products – though number two on its list was, surprise surprise, a Flash flaw. The most exploited vuln in the firm's hall of shame was a remote code execution flaw in Windows' VBScript engine that could pwn users who opened a booby-trapped web page with Internet Explorer. "Exploit kits associated with this vulnerability were noted to spread the malware Trickbot through phishing attacks," said Recorded Future in a report published today. The Flash vuln was none other than one exploited by North Korean state-backed hackers – first detected by South Korea's CERT, which discovered a flood of booby-trapped MS Office documents, web pages, spam messages and more.

Graphics and Games: NVIDIA, Orbital/Vulkan, Cataclysm and System Shock 3

  • NVIDIA Shows Off Quake II Path-Traced Using Vulkan RTX/Ray-Tracing
    ne of the demos NVIDIA is showing off this week at their GPU Technology Conference is Quake II being path-traced using a Vulkan port of the game and adapted to handle VK_NV_ray_tracing functionality paired with the latest GeForce RTX GPUs. Q2VKPT is a path-traced version of Quake II started by a former NVIDIA intern and is rendered using Vulkan and does support Linux.
  • Orbital: A PlayStation 4 Emulator That Is Emulating The PS4's AMD GPU Using Vulkan
    Orbital is an open-source project providing a virtualization-based PlayStation 4 emulator that is still in its early stages but what interests us is its technical details including the use of Vulkan/SPIR-V. Orbital leverages QEMU and other open-source components. At this stage it's not running any PS4 games but is able to boot into safe mode on PS4 5.xx kernels.
  • Cataclysm - Dark Days Ahead, a free and open source turn-based survival game had a huge update
    It occurred to me today, that no one here at GOL seems to have ever written about the free and open source turn-based survival game Cataclysm - Dark Days Ahead. Okay, so what is it? A classic roguelike with a survival theme, set in a post-apocalyptic procedurally generated world.
  • System Shock 3 may see Linux support, OtherSide still working on Underworld Ascendant for Linux
    OtherSide Entertainment have teased out a new short video of System Shock 3 and it may see Linux support. Not to be confused with the crowdfunded System Shock reboot that Nightdive Studios are currently working on. System Shock 3 is being made with some of the original team behind the first two games as well like Warren Spector, so it should remain faithful to the series while being a rather nice upgrade in visuals.

Stable kernels 5.0.3, 4.20.17, 4.19.30, 4.14.107 and 4.9.164

  • Linux 5.0.3
    I'm announcing the release of the 5.0.3 kernel. All users of the 5.0 kernel series must upgrade. The updated 5.0.y git tree can be found at: git:// linux-5.0.y and can be browsed at the normal git web browser:
  • Linux 4.20.17
  • Linux 4.19.30
  • Linux 4.14.107
  • Linux 4.9.164

Firefox 66 Released

Firefox now prevents websites from automatically playing sound. You can add individual sites to an exceptions list or turn blocking off. Read more Also: Firefox 66 Arrives - Blocks Auto-Playing Sounds, Hides Title Bar By Default For Linux