Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 14 Aug 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Which Ubuntu Flavor Should You Choose?

Filed under
Ubuntu

So, you just decided to switch to using a Linux distro and you’ve come to the decision that Ubuntu is the one for you. But while you were doing your research you came across tags like Ubuntu flavours and derivatives – “what are the differences?” you ask. Also, why are there so many versions and what is the alpha-beta-LTS business all about?

Today, I’ll give you the perfect weighing scale to help you choose which Ubuntu version to use as well as give you a fundamental understanding of why there are “so many” versions.

Read more

GNOME Pomodoro: A Time Utility Tool That Increases Productivity

Filed under
GNOME

Hello readers, today I’ll be covering on how to increase your productivity and this applies to all types of computer users, especially Linux, just kidding. Tongue Believe me most of us who work on computers have suffered back pain, eye strain, stress, and then end up getting frustrated. However, did you know that one can fix all those issues by managing time in intervals and a short break in between? Yes, that’s right, read on below how you can go about that using GNOME Pomodoro.

Read more

DEF CON 26 Reports

Filed under
OSS
Security

KDE Frameworks 5.49.0 Released for KDE Plasma 5.13 with over 200 Improvements

Filed under
KDE

KDE Frameworks consists of more than 70 add-on libraries for the open-source and cross-platform Qt application framework that offers a wide range of commonly needed functionality, as well as many core components and apps that are required for the KDE Plasma desktop environment to function correctly.

For the past several years, new KDE Frameworks versions are published every month in the second Saturday of the month, and KDE Frameworks 5.49.0 is the release the KDE Project prepared for the month of August 2018, bringing various improvements and addressing numerous bugs.

Read more

Also: KDE Frameworks 5.49 Released With Many Changes

Canonical Releases New Linux Kernel Live Patch for Ubuntu 18.04 LTS & 16.04 LTS

Filed under
Linux
Ubuntu

Available for Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr), the new kernel live patch fixes a total of five security vulnerabilities, including the recently disclosed critical TCP flaw (CVE-2018-5390) discovered by Juha-Matti Tilli, which could allow a remote attacker to cause a denial of service.

The rebootless kernel security patch also addresses a vulnerability (CVE-2018-13405) in the inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 that could allow a local user to escalate his/her privileges by creating a file with an unintended group ownership and then make the file executable and SGID (Set Group ID).

Read more

Dropbox To End Sync Support For All Filesystems Except Ext4 on Linux

Filed under
News

Dropbox is thinking of limiting the synchronization support to only a handful of file system types: NTFS for Windows, HFS+/APFS for macOS and Ext4 for Linux.
Read more

Linux Foundation and DRM

Filed under
Linux
  • Academy and Linux Launch Software Foundation [iophk: "FUD + DRM"]

    The ASWF is the result of a two-year investigation by the Academy’s Science and Technology Council into the use of Open Source Software (OSS) across the motion picture industry. The survey found that more than 80% of the industry uses open source software, particularly for animation and visual effects. However, this widespread use of OSS has also created challenges including siloed development, managing multiple versions of OSS libraries (“versionitis”) and varying governance and licensing models that need to be addressed in order to ensure a healthy open source ecosystem.

  • Hollywood taps the Linux Foundation to create a home for its open-source projects

    Some 13 companies are listed as founding members alongside the Academy, including The Walt Disney Co., video game giant Epic Games Inc. and DreamWorks Animation LLC. A sizable portion of the foundation’s remaining backers hail from the tech industry. Among them are Intel Corp., Cisco Systems Inc. and Google LLC’s cloud division.

Security Leftovers

Filed under
Security
  • Practical Web Cache Poisoning

    In this paper I'll show you how to compromise websites by using esoteric web features to turn their caches into exploit delivery systems, targeting everyone that makes the mistake of visiting their homepage.

    I'll illustrate and develop this technique with vulnerabilities that handed me control over numerous popular websites and frameworks, progressing from simple single-request attacks to intricate exploit chains that hijack JavaScript, pivot across cache layers, subvert social media and misdirect cloud services. I'll wrap up by discussing defense against cache poisoning, and releasing the open source Burp Suite Community extension that fueled this research.

  • IBM's proof-of-concept 'DeepLocker' malware uses AI to infect PCs
  • Hack causes pacemakers to deliver life-threatening shocks

    At the Black Hat security conference in Las Vegas, researchers Billy Rios and Jonathan Butts said they first alerted medical device maker Medtronic to the hacking vulnerabilities in January 2017. So far, they said, the proof-of-concept attacks they developed still work. The duo on Thursday demonstrated one hack that compromised a CareLink 2090 programmer, a device doctors use to control pacemakers after they’re implanted in patients.

  • Bad infrastructure means pacemakers can be compromised before they leave the factory

    # Windoze kills

    The new research is some of the most chilling to date. Rios and Butts have found vulnerabilities in Medtronic's infrastructure for programming and updating the pacemakers and their programming terminals (which run Windows XP!) (Windows XP!!). By attacking Medtronic's cloud infrastructure, the pair can poison all the devices as they leave the factory, or corrupt them once they're in the field.

  • Hackable implanted medical devices could cause deaths, researchers say

    To take control of the pacemaker, Rios and Butts went up the chain, hacking the system that a doctor would use to program a patient’s pacemaker. Their hack rewrote the system to replace the background with an ominous skull, but a real hack [sic] could modify the system invisibly, while ensuring that any pacemaker connected to it would be programmed with harmful instructions. “You can obviously issue a shock,” Butts said, “but you can also deny a shock.” Because the devices are implanted for a reason, he added, withholding treatment can be as damaging as active attempts to harm.

  • AWS does a guff in a bucket and exposes GoDaddy's dirty laundry

    Details included usage stats from GoDaddy, pricing and negotiated discounted rates from Amazon. More worryingly, there's also server config information, CPU specs, hostnames, operating systems and server loads.

    [...]

    GoDaddy was given a chance to plug the leaks, but after five weeks, UpGuard decided to act, as GoDaddy still hadn't locked things down.

  • Amazon AWS error exposes info on 31,000 GoDaddy servers

    Data leaks are par for the course these days, and the latest company to be involved in one is GoDaddy. The company, which says it's the world's top domain name registrar with over 18 million customers, is the subject of a new report from cybersecurity firm UpGuard that was shared exclusively with Engadget. In June, cyber risk analyst Chris Vickery discovered files containing detailed server information stored in an unsecured S3 bucket -- a cloud storage service from Amazon Web Services. A look into the files revealed multiple versions of data for over 31,000 GoDaddy systems.

  • Hackers [sic] Could Cause Havoc By Pwning Internet-Connected Irrigation Systems

    The researchers studied three different Internet of Things devices that help control irrigation and found flaws that would allow malicious hackers [sic] to turn them on remotely in an attempt to drain water. The attacks don’t rely on fancy hacking techniques or hard to find vulnerabilities, but to make a real, negative impact on a city’s water reserves, the hackers [sic] would need to take control of a lot of sprinklers. According to the researcher’s math, to empty an average water tower, hackers [sic] would need a botnet of 1,355 sprinklers; to empty a flood water reservoir, hackers [sic] would need a botnet of 23,866 sprinklers.

    The researchers say their attacks are innovative not because of the techniques, but because they don’t rely on targeting a city’s critical infrastructure itself, which is (or should be) hardened against hackers [sic]. Instead, it attacks weak Internet of Things devices connected to that infrastructure.

  • Windows BitPaymer ransomware scores a hole in one: US PGA takes a hit

    Malicious attackers have launched a Windows ransomware attack on the servers of the PGA of America golf tournament which began at the Bellerive County Club in St Louis on Thursday.

    Allan Liska, a ransomware expert from security form Recorded Future, told iTWire that the ransomware in question appeared to be BitPaymer.

  • Hacking [sic] a Brand New Mac Remotely, Right Out of the Box

    That attack, which researchers will demonstrate Thursday at the Black Hat security conference in Las Vegas, targets enterprise Macs that use Apple's Device Enrollment Program and its Mobile Device Management platform. These enterprise tools allow employees of a company to walk through the customized IT setup of a Mac themselves, even if they work in a satellite office or from home. The idea is that a company can ship Macs to its workers directly from Apple's warehouses, and the devices will automatically configure to join their corporate ecosystem after booting up for the first time and connecting to Wi-Fi.

  • In-the-wild router exploit sends unwitting users to fake banking site

    The vulnerability works against DLink DSL-2740R, DSL-2640B, DSL-2780B, DSL-2730B, and DSL-526B models that haven’t been patched in the past two years. As described in disclosures here, here, here, here, and here, the flaw allows attackers to remotely change the DNS server that connected computers use to translate domain names into IP addresses.

  • In-vehicle wireless devices are endangering emergency first responders

    In late 2016, security researcher Justin Shattuck was on assignment for an organization that was under a crippling denial-of-service attack by a large number of devices, some of which appeared to be hosted inside the network of a large European airport. As he scanned the airport’s network from the Internet—and later, with the airport operators’ permission, from inside the network—he was eventually able to confirm that the devices were indeed part of several previously unseen botnets that were delivering record-setting denial-of-service attacks on websites.

  • Breaking Down the Door to Emergency Services through Cellular IoT Gateway

    Nearly two years have passed since we first started observing cellular gateways distributing packets across the internet. Today, we are only scratching the surface of what will inevitably turn into years of future research and discoveries before the world has tackled the problem of IoT devices being deployed without security considerations. For now, this article includes the following, and will be followed up with future research and discoveries.

    • The existence of cellular IoT devices that are not properly configured is allowing attackers to easily leverage remote administration for nefarious purposes.
      • The improperly configured devices we discovered and tested had either default administration credentials (such as admin:12345), or they required no authentication at all.
    • The absence of logging capabilities on these devices ensures that nefarious activities cannot be tracked.
    • Because most of the use cases for cellular IoT are for moving fleets, devices that need tracking, or remote critical infrastructure, virtually all of them have GPS coordinates. Excessive information disclosure, such as providing GPS coordinates publicly without requiring authentication (as some devices we discovered do) is giving attackers the ability to track fleet vehicles without ever breaking the law with unauthorized access. Yes, police cars can be tracked without breaking the law.
    • There is no bias on which industries or cellular device manufacturer will fall victim to threats emerging from cellular devices. Virtually every industry that requires some form of long-range, constant connectivity is impacted (and likely, most manufacturers) as development standards apply unilaterally.
    • As of July 28, 2018, we have identified more than 100,000 devices that are impacted online. 86% of the devices identified exist within the United States.
    • Attackers have been exploiting many of these systems since August 2016, if not earlier.
    • We have a defined list of impacted Sierra Wireless makes and models, however, we believe the problem to be widespread across all manufacturers of cellular IoT devices.

today's leftovers

Filed under
Misc
  • PGP Clean Room 1.0 Release

    After several months of work, I am proud to announce that my GSoC 2018 project, the PGP/PKI Clean Room, has arrived at a stable (1.0) release!

  • Review: The Binary Times Podcast

    I recently authored a detailed review of the Linux podcast scene, grilling 25 podcasts targeted at Linux and open source enthusiasts. Like any roundup of this type, it’s almost inevitable that a few podcasts missed my radar. One of these is The Binary Times Podcast. Apologies to the hosts of the show.

    To rectify matters, here’s my take on The Binary Times Podcast.

    This review is incorporated into my detailed review, so you can see where they rank among their peers.

  • Ubuntu Podcast from the UK LoCo: S11E22 – Catch-22 - Ubuntu Podcast

    It’s Season 11 Episode 22 of the Ubuntu Podcast! Alan Pope and Mark Johnson are connected and speaking to your brain.

  • Conference Report: Fullstack 2018 London

    I recently attended Fullstack 2018, “The Conference on JavaScript, Node & Internet of Things” with my colleagues from the Canonical Web Team in London. Fullstack attempts to cover the full spectrum of the JS ecosystem – frontend, backend, IoT, machine learning and a number of other topics. While I attended a broad range of talks, I’ll just mention those that I think are most pertinent to the work we are doing currently in the web team.

  • Dropbox Client Will Only Support Ext4 Filesystems On Linux Beginning November 7

    Beginning November 7, 2018, the Dropbox client will only support the Ext4 filesystem on Linux. The news, coming from the Dropbox forums, mentions that the only supported filesystems will be Ext4 for Linux, NTFS for Windows, and HFS+ or APFS for Mac.

  • Opera Wants to Be World's First PC Web Browser with a Built-In Crypto Wallet

    Opera Software announced that it plans to bring its famous crypto wallet used on the Opera for Android mobile web browser to the desktop on Linux, Mac, and Windows platforms, in an upcoming Opera for PC stable release.

    Opera was already the world's first web browser to introduce a built-in crypto wallet when Opera Software announced it for its Opera for Android mobile web browser, allowing users to do seamless transactions on the Internet while promoting the adoption of cryptocurrencies by the mainstream.

  • Opera opens its PC browsers to crypto

    - Opera to soon ship crypto wallet access with its PC browser

    - Opera PC browser will give users access to the built-in crypto wallet in Opera for Android

    - After strong interest in the private beta, Opera is opening the crypto wallet to a larger audience for testing.

6 Reasons Why Linux Users Switch to BSD

Filed under
BSD

Wonder why people use BSD? Read some of the main reasons that compel people to use BSD over Linux.
Read more

Open Source FUD and Openwashing

Filed under
OSS
  • 5G futures: Why Huawei when open source may be the new black?

    So, the Australian government has a big decision to make about whether it will allow Huawei to be a provider of Australia’s 5G communications network that will power the internet of things for us. The national security concerns with having the large Chinese firm take on such an important role have been outlined well by ASPI’s cyber policy team and others in a series of recent Strategist posts.

    The big question people have asked, though, is, if not Huawei, then what? Ex-head of the UK’s GCHQ signals intelligence organisation Robert Hanigan, for example, has said, ‘The dilemma for western governments is that Chinese technology is no longer derivative or cheap, it’s often world-leading. Do we cut ourselves off from this technology by banning it, or find ways of managing the risk?’ It sounds like there’s an inevitability to embracing the solutions of China’s big tech firms, either now or sometime in the future.

    But that may well be just plain wrong. Rather than asking who’s the alternative supplier to Huawei, the better question might be, why would Australia go with an outdated approach to hardware and software provision at a time when new approaches might play to industry

  • The Top 3 Open Source Tools for AWS Incident Response

    Welcome to our third blog on incident response in the cloud. The first two posts primarily focused on the built-in capabilities from cloud service providers that can help your incident response efforts. We also discussed how to configure your Amazon Web Services (AWS) environment to take advantage of those features.

    Today, we are going to look at some tools that are extremely helpful for responding to cloud incidents. I’m only going to look at open source tools for AWS in this post, so you can go download and play with them in your training or test environment now.

  • WhiteSource Launches Free Open Source Vulnerability Checking [Ed: InfoQ is promoting/pushing proprietary software from Microsoft buddy (they co-author anti-FOSS papers)]
  • SD Times news digest: WhiteSource’s free vulnerability checker, Julia 1.0, and the Blockchain Learning Center

    WhiteSource is making its Vulnerability Checker available for free for developers to detect if their solutions contain any of the 50 most critical open-source bugs out there today. The checker will enable users to import and scan any library as well as check if their projects are susceptible to the most recent and common bugs.

Programming/Development: Julia 0.7 and Rust

Filed under
Development
  • Julia 0.7 arrives but let's call it 1.0: Data science code language hits milestone on birthday

    Julia, the open-source programming language with a taste for science, turned 1.0 on Thursday, six years after its public debut in 2012. The occasion was presented on YouTube, live from JuliaCon 2018 in London.

    Created by Jeff Bezanson, Stefan Karpinski, Viral Shah, and Alan Edelman, the language was designed to excel at data science, machine learning, and scientific computing.

    That's a niche – a rather substantial one these days – also served by Python and R, among other languages. However, the Julia aspires to be better, undaunted by being ranked 50 on Tiobe's programming language popularity index for August 2018. For what it's worth, Python presently sits at number 4 while R comes in at 18.

  • Julia 1.0 Programming Language Released

    Julia, the LLVM-based, speed-focused, dynamic and optional typing, full-featured programming language focused on numerical computing has reached the version 1.0 milestone.

    The Julia language has been in the works for nearly a decade while now the 1.0 milestone has been reached. Julia remains committed to its key focus areas for the language. With Julia 1.0 the developers are committing to language API stability.

  • Rust's Low-Level Graphics Abstraction Layer Is Showing A Lot Of Potential

    The Rust programming language's "GFX-RS" initiative that is backed by Mozilla continues working on exposing a universal "Vulkan-like" graphics API within Rust that in turn would have back-ends for Vulkan, OpenGL, Metal, and Direct3D 11/12 in order to reach all major platforms. Early benchmark results are quite promising for GFX-RS.

Budgie Desktop, KDE and GNOME

Filed under
GNU
KDE
Linux
GNOME
  • Summertime Solus | The Roundup #7

    For those that missed our announcements of last week’s Hackfest, you can watch it via the video embedded below. Most of this roundup will cover the work that has been done since the last roundup (in the specific sections in this blog) as well as the Hackfest, so if you don’t want to sit through the 10 hours of content, feel free to just keep reading.

  • Solus Linux & Its Budgie Desktop Seeing Summer 2018 Improvements

    The Solus Project has shared some of the work they've been engaged in this summer with their Linux distribution as well as their GTK3-based Budgie Desktop Environment.

  • Community Data Analytics Are Going to Akademy

    If you are interested in community data analytics, you will have several opportunities to discuss them during Akademy.

    Firstly, there will be my talk titled Bringing Community Data Analysis Back to KDE (why the hell did I use "Analysis" there... I only used "Analytics" everywhere so far, odd). It will happen on Saturday at 15:30 in room IE7. The slot is a bit small for the topic, but I'll try my best to create interest. Indeed you can catch me around talks to chat about it, and...

    Secondly, there will be a BoF "Discussing Community Data Analytics" on Monday at 10:30 in room 127. We hope to see people coming up with interesting questions to explore or willing to lend a hand in those explorations. See you there!

  • The birth of a new runtime

    Runtimes are a core part of the flatpak design. They are a way to make bundling feasible, while still fully isolating from the host system. Application authors can bundle the libraries specific to the application, but don’t have to care about the lowlevel dependencies that are uninteresting (yet important) for the application.

    Many people think of runtimes primarily as a way to avoid duplication (and thus bloat). However, they play two other important roles. First of all they allow an independent stream of updates for core libraries, so even dead apps get fixes. And secondly, they allow the work of the bundling to be shared between all application authors.

    [...]

    This runtime has the same name, and its content is very similar, but it is really a complete re-implementation. It is based on a new build system called BuildStream, which is much nicer and a great fit for flatpak. So, no more Yocto, no more buildbake, no multi-layer builds!

    Additionally, it has an entire group of people working on it, including support from Codethink. Its already using gitlab, with automatic builds, CI, etc, etc. There is also a new release model (year.month) with a well-defined support time. Also, all the packages are much newer!

    Gnome is also looking at using this as the basics for its releases, its CI system and eventually the Gnome runtime.

Red Hat and Fedora: OpenShift, Finance, and Improving Fedora's App Backend

Filed under
Red Hat

Intel IWD Wireless Daemon v0.6 Released

Filed under
Linux

Out today is a new version of IWD, the Intel-developed wireless daemon for Linux systems. IWD v0.6 is the latest version which is actually a quick follow-up release to address bugs from IWD v0.5 issued this morning.

IWD 0.5 added support for using agents with EAP-GTC methods, improved support for "known networks" management, support for Simultaneous Authentication of Equals, now exposes supported modes of operation, and can support D-Bus auto-activation via systemd.

Read more

Kernel, LF and Graphics: New Features, Hyperledger Global Forum, RadeonSI Gallium3D

Filed under
Graphics/Benchmarks
Linux
  • Linux 4.19 Certainly Is Going To Be A Big Kernel

    At the end of July I outlined some of the changes queued for Linux 4.19 while since then several more notable additions have become aligned for this next kernel cycle following the one week delay of Linux 4.18.

    Linux 4.18 should be out this weekend, which itself is bringing many changes, and in turn will mark the opening of the two week long merge window for 4.19.

  • Linux Live Kernel Patching Is On The Way For 64-bit ARM

    It's been a while since having any advancements to report on the live kernel patching front for being able to deploy primarily Linux kernel security fixes without having to reboot the system. There is some new progress on that front to report on now and that is the 64-bit ARM (ARM64/AArch64) support getting squared away.

  • Linux EDAC Support For AMD's Great Horned Owl

    The latest Linux kernel patch is for supporting ECC error detection via the Error Detection And Correction (EDAC) code with AMD's Great Horned Owl.

    Great Horned Owl is the codename for Family 17h Model 11h hardware, which is what launched back in February as the Ryzen Embedded V1000 series chips.

  • Linux Kernel Expectations For AMD Threadripper 2

    If you have already pre-ordered your AMD Threadripper 2990WX processor or just planning to be an early customer of that high-end desktop processor or the Threadripper 2950X, you may be wondering about Linux requirements from these new high-end AMD CPU offerings. Here's the gist of the Linux support state of AMD Zen+ CPUs for those wanting to get ready for Threadripper 2.

    There's still a few days to go until the global embargo expires for sharing Threadripper 2990WX/2950X performance benchmarks and reviews, at which time you'll be able to see my full Linux analysis of these new processors with plenty of tests... But for today we're just talking in general terms about Linux support requirements.

  • Keynote Sneak Peek for Hyperledger Global Forum – See Who’s Speaking

    Attend Hyperledger Global Forum to see real uses of distributed ledger technologies for business and to learn how these innovative technologies run live in production networks across the globe today. Hyperledger Global Forum will cut through the hype and focus on adoption. Attendees will see first-hand how the largest organizations in the world go beyond experimentation to lead blockchain production applications with measurable impact. Make your plans now to attend the premier blockchain event of 2018.

  • More OpenGL Extensions For RadeonSI Are The Latest In A Flurry Of Interesting Activity

    Marek Olšák has continued his busy work on the RadeonSI Gallium3D driver by implementing more extensions and adjusting various limits/constants to match the behavior of their proprietary driver.

    In the past few days Marek has fleshed out the EQAA GL extensions, ASTC compression for Gallium drivers, and yesterday was EXT_gpu_shader4 support for vintage/legacy OpenGL 2 applications.

  • Intel SSD 660p: 512GB Of NVMe Storage For $99 USD

Security: Crowdfense, Windows, Linux, Black Hat 2018 and More

Filed under
Security
Syndicate content

More in Tux Machines

5 of the Best Linux Educational Software and Games for Kids

Linux is a very powerful operating system, and that explains why it powers most of the servers on the Internet. Though it may not be the best OS in terms of user friendliness, its diversity is commendable. Everyone has their own need for Linux. Be it for coding, educational purposes or the internet of things (IoT), you’ll always find a suitable Linux distro for every use. To that end, many have dubbed Linux as the OS for future computing. Because the future belongs to the kids of today, introducing them to Linux is the best way to prepare them for what the future holds. This OS may not have a reputation for popular games such as FIFA or PES; however, it offers the best educational software and games for kids. These are five of the best Linux educational software to keep your kids ahead of the game. Read more

Kernel: NSA Code/Algorithm in Linux, Performance Superiority Over Windows, and Linux Foundation News

  • Linux 4.18 brings support for Vega M, Volta GV100 and, er, SPECK
    AFTER A WEEK'S DELAY, Linux kernel 4.18 stable has arrived. Announcing the release on Sunday, head of Linuxing Linus Torvalds said: "One week late(r) and here we are - 4.18 is out there. It was a very calm week, and arguably I could just have released on schedule last week, but we did have some minor updates." One notable change is that there's been a lot of code ditched - around 100,000 lines of obsolete code has been slashed.
  • The AMD Threadripper 2990WX shows even higher numbers when benchmarked on Linux
    Phoronix has done a performance comparison of the AMD Threadripper 2990WX in Windows 10 Pro and Linux and the results show Threadripper numbers significantly lower under Windows 10 Pro than in Linux. In some tests such as 7-Zip Compression, the Threadripper 2990WX posted almost 58% higher scores in Linux compared to Windows 10 Pro implying that Linux is a better OS of choice when testing high core count CPUs.
  • Diversity Empowerment Summit Highlights Importance of Allies
    Diversity and inclusion are hot topics as projects compete to attract more talent to power development efforts now as well as build their ranks to carry the projects into the future. The Diversity Empowerment Summit co-located with Open Source Summit coming up in Vancouver August 29-31, will offer key insights to help your project succeed in these endeavors. Although adoption of diversity and inclusion policies is generally seen as simply the right thing to do, finding good paths to building and implementing such policies within existing community cultures continues to be challenging. The Diversity Empowerment Summit, however, provides hard insights, new ideas, and proven examples to help open source professionals navigate this journey.
  • Hollywood rolls out red carpet for open source developers
    The launch of the ASWF is almost like creating a GitHub for the developers behind motion pictures, but open source is nothing new to the film industry. It dates back about 20 years, Andy Maltz, managing director of the Science and Technology Council at the Academy, told CIO Dive. Film "is the only art form that has a fundamental reliance on technology," he said. The film industry's use of tech dates back to photochemical technologies and proceeds to today's digital image capture.

Microsoft Openwashing and Infiltration Tactics

Debian GNU/Linux project to mark 25th birthday on Thursday

The Debian GNU/Linux project will turn 25 on Thursday, with the Linux distribution having made its debut on 16 August in 1993 under the leadership of the late Ian Murdock. In its original manifesto, Murdock stated: "Many distributions have started out as fairly good systems, but as time passes attention to maintaining the distribution becomes a secondary concern." Maintaining a Debian system was made simple after some developers created a package management system known as apt. Apt — and its derivatives like aptitude and synaptic — have served to make the task of updating a Debian system simple. With apt, the secondary concern that Murdock referred to was effectively taken care of. Incidentally, there are now about 29,000 packages available in Debian. Read more Also new (Debian-related news):

  • DebConf 18
  • Google Summer of Code 2018- Final Report
    This project aims at developing tools and packages which would simplify the process for new applicants in the open source community to get the required setup. It would consist of a GUI/Wizard with integrated scripts to setup various communication and development tools like PGP and SSH key, DNS, IRC, XMPP, mail filters along with Jekyll blog creation, mailing lists subscription, project planner, searching for developer meet-ups, source code scanner and much more! The project would be free and open source hosted on Salsa (Debian based Gitlab) I created various scripts and packages for automating tasks and helping a user get started by managing contacts, emails, subscribe to developer’s lists, getting started with Github, IRC and more.