Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 25 Sep 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Games: Steam Play, Valve, PlayOnLinux and Lots of Native Ports Roy Schestowitz 24/09/2018 - 6:36pm
Story Android Leftovers Rianne Schestowitz 1 24/09/2018 - 6:25pm
Story Zynq UltraScale+ module runs Linux at industrial temperatures Rianne Schestowitz 24/09/2018 - 5:58pm
Story Desktops You Don't Control Anymore Roy Schestowitz 24/09/2018 - 5:58pm
Story Sabri Haddouche Finds Crashy Bugs Roy Schestowitz 1 24/09/2018 - 5:54pm
Story Mir Release 1.0 Roy Schestowitz 1 24/09/2018 - 5:48pm
Story Ubuntu 18.10 Performance Is Looking Up, But Clear Linux Still Leads In Many Tests Roy Schestowitz 24/09/2018 - 5:46pm
Story LAS 2018 Roy Schestowitz 2 24/09/2018 - 5:38pm
Story today's howtos Roy Schestowitz 24/09/2018 - 11:16am
Story An open source resistance takes shape as tech giants race to map the world Roy Schestowitz 24/09/2018 - 11:07am

GSConnect v13 Alpha Includes Do Not Disturb Feature, Experimental Bluetooth And SMS/Contacts Sync

Filed under
GNOME

The v13 alpha release is a rewrite with changes to the architecture, settings and default behavior, and it includes new features like Do Not Disturb, experimental Bluetooth and SMS/Contacts sync, and more.

GSConnect is a Gnome Shell implementation of KDE Connect, which integrates Android devices with the Gnome desktop. Using it you can mirror notifications from your phone to your desktop (and the other way around), control a desktop music player from your phone, browse your phone wirelessly from your desktop, synchronize the clipboard between Android devices and your desktop, and much more.

GSConnect v13 alpha requires Gnome Shell version 3.28 or newer, and one of the most interesting changes for users is probably the new Do Not Disturb button which lets users silence mobile device notifications:

Read more

Introducing Red Hat Quay

Filed under
Red Hat

Embracing container orchestration has many implications for an enterprises’ technology stack. An image registry becomes a critical component of the deployment pipeline. Red Hat Quay is a mature enterprise-centric container image registry which has a rich history of meeting the needs of cloud native technologists.

When Red Hat acquired CoreOS earlier this year, we were looking to amplify our leadership in enterprise container-based solutions. CoreOS at the time had two primary products, Tectonic and Quay. Quay was added directly into Red Hat’s portfolio of products and renamed Red Hat Quay.

Read more

Also: FPgM report: 2018–38

Security: Windows/NSA Back Doors and Exploits (EternalBlue), Rust Flaw, Roughtime, DDOS Hype and "The Lucy Gang"

Filed under
Security
  • Leaked NSA Exploits Shifting From Ransomware To Cryptocurrency Mining

    This report, from Zack Whittaker at TechCrunch, says there's really no endpoint in sight for the unintended consequences of exploit hoarding. But at this point, it's really no longer the NSA or Microsoft to blame for the continued rampage. Stats from Shodan show more than 300,000 unpatched machines in the United States alone.

    EternalBlue-based malware still runs rampant, but the focus has shifted from ransom to cryptocurrency. An unnamed company recently watched the NSA's exploit turn its computers into CPU ATMs.

    [...]

    There will never be a full accounting of the damage done. Yes, the NSA never thought its secret stash would go public, but that doesn't excuse its informal policy of never disclosing massive vulnerabilities until it's able to wring every last piece of intel from their deployment. And there's a chance this will happen again in the future if the agency isn't more proactive on the disclosure front. It was foolhardy to believe its tools would remain secret indefinitely. It's especially insane to believe this now.

  • The Rust Programming Language Blog: Security advisory for the standard library

    The Rust team was recently notified of a security vulnerability affecting the standard library’s str::repeat function. When passed a large number this function has an integer overflow which can lead to an out of bounds write. If you are not using str::repeat, you are not affected.

    We’re in the process of applying for a CVE number for this vulnerability. Fixes for this issue have landed in the Rust repository for the stable/beta/master branches. Nightlies and betas with the fix will be produced tonight, and 1.29.1 will be released on 2018-09-25 with the fix for stable Rust.

  • Cloudflare Secures Time With Roughtime Protocol Service

    If time is money, then how important is it to secure the integrity of time itself? Time across many computing devices is often synchronized via the Network Time Protocol (NTP), which isn't a secure approach, but there is another option.

    On Sept. 21, Cloudflare announced that it is deploying a new authenticated time service called Roughtime, in an effort to secure certain timekeeping efforts. The publicly available service is based on an open-source project of the same name that was started by Google.

    "NTP is the dominant protocol used for time synchronisation and, although recent versions provide for the possibility of authentication, in practice that‘s not used," Google's project page for Roughtime states. " Most computers will trust an unauthenticated NTP reply to set the system clock meaning that a MITM [man-in-the-middle] attacker can control a victim’s clock and, probably, violate the security properties of some of the protocols listed above."

  • DDoS Vulnerability Can Disrupt The Whole Bitcoin Infrastructure [Ed: Latest FUD about Bitcoin. A DDOS attack can disrupt anything at sufficient capacity levels, including Wall Street and ANY financial market.]
  • Crippling DDoS vulnerability put the entire Bitcoin market at risk
  • This Russian botnet mimics your click to prevent Android device factory resets

    According to researchers from Check Point, the botnet has been developed by a group of Russian-speaking hackers known as "The Lucy Gang," and demos have already been provided to potential subscribers to the system looking for Malware-as-a-Service (MaaS) solutions.

    Botnets are a thorn in the side for cybersecurity firms, hosting providers, and everyday businesses alike. The systems are made up of enslaved devices including mobile devices, Internet of Things (IoT) gadgets, and PCs.

Games: The Gardens Between and More to Come From Feral Interactive

Filed under
Gaming
  • The beautiful puzzle adventure 'The Gardens Between' is now out with native Linux support

    The Gardens Between from The Voxel Agents looks like a fantastic puzzle adventure and it's now available with native Linux support.

  • Feral Interactive are teasing ANOTHER new Linux port

    As a reminder, Feral Interactive have only recently release Life is Strange: Before the Storm and Total War: Warhammer II is confirmed to be coming this autumn. On top of that, last month they also put up another teaser that we're still guessing.

    I wouldn't be surprised if they do try to get more ports out earlier now, especially with Steam Play which would eat into their Linux port sales. Anyway…looks like 2018 really will be another great year for Linux gaming!

    The amount of Linux games Feral has ported now is kind of ridiculous: XCOM, XCOM 2, Tomb Raider, Rise of the Tomb Raider, Mad Max, Shadow of Mordor, HITMAN, F1 2017, Life is Strange, Life is Strange: Before the Storm, Dawn of War II, Dawn of War III, DiRT Rally and the list goes on.

FOSS Project Spotlight: Nitrux, a Linux Distribution with a Focus on AppImages and Atomic Upgrades

Filed under
GNU
Linux

Nitrux is a Linux distribution with a focus on portable, application formats like AppImages. Nitrux uses KDE Plasma 5 and KDE Applications, and it also uses our in-house software suite Nomad Desktop.

Read more

Outreachy Opens Applications For Open-Source Winter 2018 Internship Program

Filed under
OSS

For eligible students or others with time to participate, the winter 2018 round of the Outreachy program openened this week for applications.

This next round of the Outreachy program runs from December to March and accepted participants receive a $5,500 USD stipend as well as a $500 travel allowance. As is always the case with Outreachy, the program isn't limited to programming tasks but also include documentation, UI/UX work, illustrations, and other areas. These projects are very diverse and range from a coloring book to this year's VKMS work.

Read more

Mesa Can Finally Build With Almost No Compiler Warnings

Filed under
Graphics/Benchmarks

Quite a feat for modern open-source projects with large C/C++ code-bases developed over the years, Mesa3D can almost be compiled now without any warnings -- there's just one remaining.

When paired with the latest GCC 8 stable compiler, Mesa paired with some pending patches is down to just one compiler warning left in the build process -- quite an improvement compared to in the past with older versions of GCC and Mesa.

Read more

FOSS FUD, Openwashing, and Entryism

Filed under
OSS

FSF Interns and Debugging with GDB

Filed under
GNU
  • Sonali's Internship work on the Free Software Directory, part 2
  • Internship work on the Free Software Directory, part 2
  • Office Hours #0: Debugging with GDB

    This is a report on the first “office hours”, in which we discussed debugging Rust programs with gdb. I’m very grateful to Ramana Venkata for suggesting the topic, and to Tom Tromey, who joined in. (Tom has been doing a lot of the work of integrating rustc into gdb and lldb lately.)

    This blog post is just going to be a quick summary of the basic workflow of using Rust with gdb on the command line. I’m assuming you are using Linux here, since I think otherwise you would prefer a different debugger. There are probably also nifty graphical tools you can use and maybe even IDE integrations, I’m not sure.

Red Hat: Kevin M. Murai, Microsoft Puff Pieces, Red Hat CEO Optimistic About OpenShift 4.0 as RHEL Lags

Filed under
Red Hat

Security: Updates, Mirai and Singapore's Massive Breach

Filed under
Security
  • Security updates for Friday
  • Mirai botnet hackers [sic] avoid jail time by helping FBI

    The three men, Josiah White, 21, Dalton Norman, 22, and Paras Jha, 22, all from the US, managed to avoid the clink by providing "substantial assistance in other complex cybercrime investigations", according to the US Department of Justice. Who'd have thought young hacker [sic] types would roll over and show their bellies when faced with prison time....

  • A healthcare IT foundation built on gooey clay

    Today, there was a report from the Solicitor General of Singapore about the data breach of the SingHealth systems that happened in July.

    These systems have been in place for many years. They are almost exclusively running Microsoft Windows along with a mix of other proprietary software including Citrix and Allscript. The article referred to above failed to highlight that the compromised “end-user workstation” was a Windows machine. That is the very crucial information that always gets left out in all of these reports of breaches.

    I have had the privilege of being part of an IT advisory committee for a local hospital since about 2004 (that committee has disbanded a couple of years ago, btw).

    [...]

    Part of the reason is because decision makers (then and now) only have experience in dealing with proprietary vendor solutions. Some of it might be the only ones available and the open source world has not created equivalent or better offerings. But where there are possibly good enough or even superior open source offerings, they would never be considered – “Rather go with the devil I know, than the devil I don’t know. After all, this is only a job. When I leave, it is someone else’s problem.” (Yeah, I am paraphrasing many conversations and not only from the healthcare sector).

    I recall a project that I was involved with – before being a Red Hatter – to create a solution to create a “computer on wheels” solution to help with blood collection. As part of that solution, there was a need to check the particulars of the patient who the nurse was taking samples from. That patient info was stored on some admission system that did not provide a means for remote, API-based query. The vendor of that system wanted tens of thousands of dollars to just allow the query to happen. Daylight robbery. I worked around it – did screen scrapping to extract the relevant information.

    Healthcare IT providers look at healthcare systems as a cashcow and want to milk it to the fullest extent possible (the end consumer bears the cost in the end).

    Add that to the dearth of technical IT skills supporting the healthcare providers, you quickly fall into that vendor lock-in scenario where the healthcare systems are at the total mercy of the proprietary vendors.

Recoll – A Full-Text GUI Search Tool for Linux Systems

Filed under
Software

We wrote on various search tools recently like in 9 Productivity Tools for Linux That Are Worth Your Attention and FSearch, and readers suggested awesome alternatives. Today, we bring you an app that can find text anywhere in your computer in grand style – Recoll.

Recoll is an open-source GUI search utility app with an outstanding full-text search capability.

You can use it to search for keywords and file names on Linux distros and Windows. It supports most of the document formats and plugins for text extraction.

Read more

today's howtos

Filed under
HowTos

Linux Foundation for Sale

Filed under
Microsoft
  • Open Source Summit EU Registration Deadline, Sept. 22, Register Now to Save $150 [Ed: Microsoft is the "DIAMOND" sponsor of this event, the highest sponsorship level! Linux Foundation, or the Zemlin PAC, seems to be more about Microsoft than about Linux.]
  • Building a Secure Ecosystem for Node.js [Ed: Earlier today the Zemlin PAC did this puff piece for Microsoft (a sponsor)]
  • The Human Side of Digital Transformation: 7 Recommendations and 3 Pitfalls [Ed: New Zemlin PAC-sponsored and self-serving puff piece]

    Not so long ago, business leaders repeatedly asked: “What exactly is digital transformation and what will it do for my business?” Today we’re more likely to hear, “How do we chart a course?”

    Our answer: the path to digital involves more than selecting a cloud application platform. Instead, digital, at its heart, is a human journey. It’s about cultivating a mindset, processes, organization and culture that encourages constant innovation to meet ever-changing customer expectations and business goals.

    In this two-part blog series we’ll share seven guidelines for getting digital right. Read on for the first three.

Fedora: Fedora 29 Beta Soon, Fedora Is Looking For Help Testing Their New Silverblue, Fedora at Software Freedom Day

Filed under
Red Hat
  • Fedora 29 Beta Will Be Released Next Week

    After slipping last week, the highly anticipated Fedora 29 beta release will set sail next week.

    At Thursday's meeting on the state of the Fedora 29 beta bugs, it was decided that the beta is ready to ship. After five release candidates of the beta, the blocker bugs around installation problems, some GNOME bugs, and other blockers have been resolved.

  • Fedora Is Looking For Help Testing Their New Silverblue

    Fedora is hosting a test day today for testing their new Silverblue spin, formerly known as Fedora Atomic Workstation.

    With the Fedora 29 release due out in about one month it will be their first under the new Silverblue branding. Fedora Silverblue should be pretty much usable today, but by Fedora 30 next spring they are aiming for it to be in great shape.

    Silverblue sets up Fedora to excel at container-based computing, rely upon Flatpaks for desktop applications, support a variety of technologies and workflows via GNOME Software, and other modern approaches to OS development and software deployment.

  • Software Freedom Day – SFD

    Software Freedom Day (SFD) is a Technology Event held annually worldwide to promote and disseminate the benefits of Free Software, its Philosophy and related Technologies.

    On September 15th, I was invited to give a talk about Fedora, this event that took place at the National University of San Luis Gonzaga, Ica.

Q4OS 3.4 Centaurus, testing

Filed under
GNU
Linux
Debian

A significant update to the Q4OS Centaurus testing version is available for download, you can find 64bit iso image at the dedicated Testing releases site. Anybody is invited to try it out and report bugs and glitches.

This release brings quite significant changes and improvements, the most important one is that Q4OS switched to the Calamares installer. That offers nice new installation features, for example fully encrypt target system, easy disk drive partitioning and many others. Another important change is move to the new Trinity 14.0.6 development version. All dependencies from the current stable Q4OS Scorpion has been removed, so the Centaurus now becomes fully independent getting its own repositories and dependencies. Secure boot support has been improved too. The Calamares installer detects, if secure boot is active and adjusts the target system accordingly. If secure boot is switched off in the firmware, no Secure boot stuff is installed.

Q4OS Centaurus 3.4 is based on the current Debian 'Buster' and Trinity desktop 14.0.6 development branches. Q4OS Centaurus will be in development until Debian Buster becomes stable, and will be supported at least five years from the official release date.

Read more

Ubuntu: PlayOnLinux, Foundations Team, Ubuntu Podcast, Kubernetes, Graphics

Filed under
Ubuntu
  • How to install PlayOnLinux in Ubuntu Desktop 18.04

    If you need to install a Windows desktop app on Linux, your best bet is PlayOnLinux.

  • Help needed to improve proposed migration

    Every once in a while, in the Foundations team, we do a coding day. A year ago, Lukasz and I wrote a script, following an idea from Steve Langasek, to provide "hints" and help for the next steps necessary for a package to migrate from -proposed to -release.

    "ubuntu-archive-assistant" was born. I just pushed this to lp:ubuntu-dev-tools, after it being on its own in a separate git tree for a long while. I'd love to get help for feedback, as well as more people contributing fixes, etc. ubuntu-archive-assistant is designed to let you look at a specific package in -proposed and try to tell you what to do next to ensure it migrates from -proposed.

  • Ubuntu Podcast from the UK LoCo: S11E28 – Twenty-Eight and a Half Wishes - Ubuntu Podcast

    This week we’ve been playing Two Point Hospital and experimenting with ChromiumOS. We bring you some command line love and go over all your feedback.

  • Ubuntu does Kubernetes

    Canonical also does Kubernetes, but not in a ‘me too!’ kind of way. The Canonical Distribution of Kubernetes (CDK) is pure upstream Kubernetes tested across the widest range of clouds — from public clouds to private data centres, from bare metal to virtualised infrastructure.

  • Ubuntu 18.10's SDL2 Build Will Ship With Vulkan Support Enabled

    Released almost exactly one year ago to the day was SDL 2.0.6 that brought with it some Vulkan helpers. Finally with the upcoming Ubuntu 18.10 "Cosmic Cuttlefish" release, those Vulkan bits will be enabled.

  • NVIDIA PRIME in Ubuntu 18.04 and 18.10, and a call for testing

    Ubuntu 18.04 marked the transition to a new, more granular, packaging of the NVIDIA drivers, which, unfortunately, combined with a change in logind, and with the previous migration from Lightdm to Gdm3, caused (Intel+NVIDIA) hybrid laptops to stop working the way they used to in Ubuntu 16.xx and older.

More curl bug bounty

Filed under
OSS
Web

The idea is that sponsors donate money to the bounty fund, and we will use that fund to hand out rewards for reported issues. It is a way for the curl project to help compensate researchers for the time and effort they spend helping us improving our security.

Right now the bounty fund is very small as we just started this project, but hopefully we can get a few sponsors interested and soon offer "proper" rewards at decent levels in case serious flaws are detected and reported here.

If you're a company using curl or libcurl and value security, you know what you can do...

Read more

A Time Namespace Has Been Proposed For The Linux Kernel

Filed under
Development
Linux

A set of experimental patches were sent out on Wednesday for implementing a time namespace within the kernel, part of an effort that's been going on for more than a decade around time virtualization.

These 20 patches under a "request for comments" flag allow for per-namespace offsets to the system clocks, including for monotonic and boot-time clocks.

Read more

PostgreSQL 11 Beta 4 Released With JIT Compilation Disabled By Default

Filed under
Server
OSS

The fourth and likely last beta release of PostgreSQL 11 is now available.

One of the headlining features of PostgreSQL 11 was the new LLVM JIT compiler option but as of a few days ago it's been disabled by default due to some performance problems and at this stage seeming to really only help long and complex queries. But for those wanting to try out this just-in-time support can easily enable it with a configuration option in this beta as well as for the final release.

Read more

Syndicate content

More in Tux Machines

Software and Games: Hegemon, Gift of Parthax, Lutris

  • Hegemon – A Modular System Monitor Application Written In Rust
    When it comes to monitor running processes in Unix-like systems, the most commonly used applications are top and htop, which is an enhanced version of top. My personal favorite is htop. However, the developers are releasing few alternatives to these applications every now and then. One such alternative to top and htop utilities is Hegemon. It is a modular system monitor application written using Rust programming language.
  • Wizard arena-fighter 'Gift of Parthax' is now officially out on Linux
    Announced yesterday after a pretty short beta period, the magical arena fighting game Gift of Parthax is now officially available for Linux. Along with putting the Linux build out in public, their latest release also fixes a few bugs. The developer sent over a key and I've been testing it, the Linux version seems to be working really quite nicely. If you liked the idea of Wizard of Legend, but found it a little too fast for your tastes then Gift of Parthax might be a better fit although it's single-player only.
  • Lutris 0.4.20 is now out, to help you manage all your games plus some Overwatch testing
    I have to admit, the game manager Lutris [Official Site] has come along quite a bit since I last used it. Today, version 0.4.20 was made available. For those not aware of it, Lutris is an application that aims to give you a single place to manage all your games on Linux. It supports native games, Wine, various emulators and so on. The application itself is available under the GPL and the helper scripts to install games can be viewed before using them so it's quite nice.

today's howtos

OSS Leftovers

  • Editor's Corner—Open source is not 'one size fits all' [Ed: But that's a plus, not a minus. With proprietary software it's one unsuitable thing for everything; doesn't scale.]
    Open source communities are no doubt playing a key role in moving the telecommunications industry forward, but not everyone is on board the bandwagon. Over the past five months or so, we've spent a fair amount of time writing about open source groups and standards development organizations (SDOs) such as the Linux Foundation, MEF, Open Networking Foundation, OpenDaylight, the TM Forum and ETSI, and there's clearly more cooperation afoot for the good of the industry. But artificial intelligence startup B.Yond's chief marketing officer, Rikard Kjellberg, said his company has to be careful when it comes to choosing which open source community to commit its resources to. Kjellberg spoke to FierceTelecom on the heels of the AT&T Spark conference earlier this month.
  • Collabora Had Another Stellar Year For Open-Source Consulting
    The Collabora open-source consulting firm whose expertise spans from the Linux kernel to LibreOffice and X.Org had another successful year. The UK-based company last week reported their 2017 financial position last week providing a glimpse at the viability of open-source / free software consulting.
  • Daniel Stenberg: The Polhem prize, one year later
    Family and friends have gotten a rudimentary level of understanding of what curl is and what it does. I'm not suggesting they fully grasp it or know what an "internet protocol" is now, but at least a lot of people understand that it works with "internet transfers". It's not like people were totally uninterested before, but when I was given this prize - by a jury of engineers no less - that says this is a significant invention and accomplishment with a value that "can not be overestimated", it made them more interested. The little video that was produced helped:
  • Open Source Voice Assistant, Mycroft AI, Named Top Deal By KingsCrowd
  • Service providers increasingly adopt open source for their networks
    Communications service providers (CSPs) are increasingly keen to adopt open source technologies to deliver their services, according to research. At this week’s Open Networking Summit Europe in Amsterdam, delegates heard that DevOps, automation, cloud, big data and analytics, software-defined networking (SDN), and management and orchestration (MANO) were increasingly being supported by open source solutions. Commissioned research questioned 150 CSP representatives across 98 companies worldwide. It found that 98% of CSPs are “confident” that open networking solutions can achieve the same level of performance as traditional networking solutions.
  • Communications Service Providers Overwhelmingly Confident in Open Source Networking Solutions, Survey Finds
  • WLinux Distro for Windows Subsystem for Linux Now Available, openSUSE Call for Hosts, New Firefox Bug, Firefox Collecting Telemetry Data and Creative Commons Releases Significant CC Search Update
    In other Firefox news, the browser evidently is collecting telemetry data via hidden add-ons, ITWire reports. The ITWire post also quotes Mozilla's Marshall Eriwn, director of Trust and Security: "...we will measure Telemetry Coverage, which is the percentage of all Firefox users who report telemetry. The Telemetry Coverage measurement will sample a portion of all Firefox clients and report whether telemetry is enabled. This measurement will not include a client identifier and will not be associated with our standard telemetry."
  • This “Netflix For Open Source” Startup Helps Programmers Get Paid
    Open source developers, especially those who work on lesser known projects, do not get much attention or money for the work they do. While some developers are paid to work on open source projects as a part of their day jobs, they can get overwhelmed by the amount of work these projects require.
  • Portable Computing Language 1.2 Released For OpenCL On CPUs & More
    The Portable Computing Language (a.k.a. POCL or PortableCL) is the effort for getting OpenCL running on CPUs as well as other hardware for this open-source code-base that supports OpenCL 1.2 with some OpenCL 2.0+ functionality. The main "feature" of POCL 1.2 is support for LLVM Clang 7.0 as previously the support was limited to LLVM 6.0, but now this new version of LLVM is supported. The HWLOC 2.0 library is also now supported. There are also some minor feature additions like device-side printf being supported.
  • Robert O'Callahan: More Realistic Goals For C++ Lifetimes 1.0
    Over two years ago I wrote about the C++ Lifetimes proposal and some of my concerns about it. Just recently, version 1.0 was released with a blog post by Herb Sutter. Comparing the two versions shows many important changes. The new version is much clearer and more worked-out, but there are also significant material changes. In particular the goal has changed dramatically.

Money and Press for FOSS FUD firms