Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 15 Aug 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Games: Bad Pad, Stage 9, Gladiabots, City of the Shroud, Getting Over It with Bennett Foddy

Filed under
Gaming
  • Hard rock musical comedy metroidvania platformer 'Bad Pad' officially released

    Sometimes games get practically no attention which is such a shame, Bad Pad [Official Site] is one such game that deserves a little more as it's actually pretty good. It just left Early Access last week too, so if you're in the mood for a musical platformer that has a sprinkle of comedy and gore then it's one for you to take a good look at.

    What's interesting about it isn't just that it pulls in elements from games like Super Meat Boy with both the difficulty, movement style and the gory deaths but also the metroidvania-style gameplay and the (pretty good) music that goes along with it to tell the story.

  • Set Phasers to fun! Stage 9 lets you explore the Enterprise-D from Star Trek The Next Generation on Linux

    Are you as excited as I am about the news of Sir Patrick Stewart returning as Jean-Luc Picard in a new Star Trek series? Well, now you can nerd out in style with Stage 9 which let's you explore the Enterprise-D from Star Trek The Next Generation.

    Sent in by a reader, who also happens to be one of the people working on it, Stage 9 aims to recreate the entirety (inside and out) of the Enterprise-D using Unreal Engine 4. They also gave me a little fun fact, that the Linux version seems to be more popular than the Mac version.

  • Real-time tactical RPG 'City of the Shroud' has a Linux demo build available for testing

    City of the Shroud, a real-time tactical RPG just recently launched on Steam and it turns out it's had a Linux demo build for testing for a long time, with hardly anyone stepping up to check it out.

    This post on Steam, open since October 2016 seemed to have no one reply to it until June this year. Now it's actually getting some attention, the developer has actually put up a new build (make sure to use the newer build in that later post). To be clear, you don't need to own it to test it, as it's an external demo download.

  • Gladiabots, the AI combat arena now has a test release for Linux on Steam

    Fancy having a team of robots you program with drag and drop AI fight in an arena? As that's exactly what you will be doing in Gladiabots.

    It's been available on itch.io for a while, with it just now entering Early Access on Steam. Today, the developer put up a Linux version in an opt-in beta on Steam named "new-platforms". If you do try it, you can let them know how it runs in this post on Steam. The itch version has worked pretty well for me, but as usual your experience may vary.

  • Getting Over It with Bennett Foddy now has a Linux build for testing

    Getting Over It with Bennett Foddy is a rather popular punishing climbing game, made as a tribute to Jazzuo's 2002 B-Game classic 'Sexy Hiking' and it now has a Linux build.

    Originally, you needed to opt into a Beta to access it. Going by the posts in the announcement thread on Steam, it seems you might not need to opt into anything now.

Phoronix on Threadripper 2900 Series

Filed under
Graphics/Benchmarks
Linux
Hardware
  • Threadripper 2900 Series Temperature Monitoring Sent In For Linux 4.19 Then Backported

    As expected, the CPU temperature monitoring support within the "k10temp" hwmon driver has seen the patches sent in today to be updated for the AMD Threadripper 2900 series CPU support. These patches are going into the Linux 4.19 kernel merge window but slated to be back-ported to the currently supported stable kernel series.

  • AMD Threadripper 2950X Offers Great Linux Performance At $900 USD

    The embargo has expired now for talking about Threadripper 2 performance figures... First up are our initial Threadripper 2950X Linux benchmarks. In this article are the most interesting metrics for this 16-core / 32-thread processor while in the just-published AMD Threadripper 2990WX Linux Benchmarks are a lot more figures complemented by the 2950X and other CPUs plus power consumption numbers, etc. This article is most useful if specifically focused on the performance of the Threadripper 2950X that comes in at $899 USD.

  • AMD Threadripper 2990WX Cooling Performance - Testing Five Heatsinks & Two Water Coolers

    The 32-core / 64-thread AMD Threadripper 2990WX carries a 250 Watt TDP rating, thus the cooling performance is quite important especially if you don't want to hit any thermal throttling with this $1799 USD processor. Fortunately, the 2990WX doesn't require water cooling but actually can work quite well with high-end air heatsinks too. For adding some perspective on the cooling requirements of the Threadripper 2990WX, here are benchmarks of five heatsinks and two all-in-one water cooling systems.

  • AMD Threadripper 2990WX Linux Benchmarks: The 32-Core / 64-Thread Beast

    Whether you are compiling a lot of code, rendering models with Blender, or running various scientific workloads with OpenMP or MPI, the AMD Threadripper 2990WX is capable of delivering immersive Linux performance with its 32-cores and 64 total threads. While coming in at $1800 USD, the AMD Threadripper 2990WX can deliver better performance than the more expensive Intel Core i9 7980XE. Beyond being mesmerized about the performance today with this high-end desktop/workstation processor with the many thread-happy Linux workloads we encounter daily, this 32-core Zen+ processor has us even more eager to see AMD's next-generation Zen2-based EPYC CPUs next year.

GNU Linux-libre 4.18

Filed under
GNU
Linux
  • GNU Linux-libre 4.18-gnu

    Two new drivers had blob requests and were cleaned up (psp-dev crypto
    and icn8505 touchscreen), one was removed (atom isp), plenty needed
    adjustments.

    There are some new firmware loading interfaces starting with
    firmware_request (rather than request_firmware). The deblob-check
    script was adjusted to look for uses thereof. firwmare_request_nowarn
    is one of the new interfaces, and it almost looks like we could use it,
    since it doesn't log any errors if the firmware is not there, but it
    still looks for and asks for non-Free Software, so I decided to disable
    it just like request_firmware.

  • GNU Linux-libre 4.18-gnu Released As The Latest Deblobbed Kernel

    Hot off the release of the upstream Linux 4.18 kernel, the GNU folks have released GNU Linux-libre 4.18-gnu that is their deblobbed version that strips out any "non-free" device driver support, removes the ability to load binary-only kernel modules and not being able to load firmware blobs either.

    With the Linux-libre 4.18 release they had to clean-up some new drivers to fit their strict standards on code freedom, removed one more driver (Atom ISP), and make adjustments to other existing code.

Graphics: SIGGRAPH and XDC2018

Filed under
Graphics/Benchmarks
  • Radeon Pro WX 8200 Launches As "Best Workstation Graphics Performance Under $1,000"

    It's SIGGRAPH week and AMD has used this annual graphics conference to announce the Radeon Pro WX 8200, which they are saying is able to offer the best workstation graphics card performance in the sub-$1,000 USD category.

    The Radeon Pro WX 8200 is intended to be used for visualizations, VR, photo-realistic rendering, and other professional graphics workloads. The Pro WX 8200 features a High Bandwidth Cache Controller (HBCC), enhanced pixel engine on, ECC memory, and is built on their Vega GPU architecture. The WX 8200 features 8GB of HBM2 memory and the graphics card is rated for a 230 Watt TDP.

  • XDC2018 Will Have Many Interesting Talks On Vulkan, AR/VR, Wayland & More

    Just over one month away is XDC2018 as the annual X.Org Developers' Conference where a variety of X.Org, Wayland, Mesa, Vulkan, and OpenGL talks will take place. This year's schedule is particularly packed and full of interesting information.

    XDC2018 is being hosted in Spain and running from 26 to 28 September at the University of A Coruña. The proposal for talks at XDC2018 are now over and the proposed sessions can be found on this Wiki page. Below is a look at some of the interesting talks slated for this open-source graphics/driver conference next month.

KDE and GNOME: CMake, CPU Usage and Student Work on Pitivi

Filed under
KDE
GNOME
  • Qt1 CMake port and more Akademy crazyness

    So, my plans was always finish the full KDE1 port, and now on Akademy i have some time to get back to this pet project. Starting on Qt1 porting entirely to CMake because the experience on Qt2 was so good that i decided going back to that and do some of the same love on Qt1.

    KDE 1 for that new port next. For now, i’m working on github, so https://github.com/heliocastro/qt1

  • KDE Plasma 5.14's Lock Screen Will No Longer Eat Your CPU Resources On Old Hardware

    With KDE Plasma 5 right now it turns out that if you have relied upon CPU-based software rendering, when hitting Plasma's lock-screen it would actually go CPU-wild -- as far as maxing out the CPU to 100% utilization, thereby consuming a lot of power and generating excess heat. That will be fixed for KDE Plasma 5.14.0.

    Since May has been a bug report about the KScreenLocker greeter process going to 100% CPU usage and needing to wait 5~10 seconds after entering the user password before the screen would actually unlock. Several others also reported similar issues of this lock-screen managing to consume a lot of the CPU resources, including on ARM boards and older hardware.

  • [GSoC’18] Pitivi’s UI Polishing – Final Report

    As part of Google Summer of Code 2018, I worked on the project Pitivi: UI Polishing. This is my final report to showcase the work that I have done during the program.

  • Pitivi's User Interface Is Getting Better Thanks To GSoC, Plus Other GNOME Improvements

    If you have been less than satisfied with the user-interface of the Pitivi non-linear open-source video editor for Linux, you may want to try out their next release.

    Student developer Harish Fulara spent his summer working on polishing the open-source video editor's interface as part of Google Summer of Code 2018.

Security: Defcon 2018, Cortana and Windows Updates That Break Windows

Filed under
Security

today's howtos

Filed under
HowTos

Review: NomadBSD 1.1

Filed under
Reviews
BSD

One of the most recent additions to the DistroWatch database is NomadBSD. According to the NomadBSD website: "NomadBSD is a 64-bit live system for USB flash drives, based on FreeBSD. Together with automatic hardware detection and setup, it is configured to be used as a desktop system that works out of the box, but can also be used for data recovery."

The latest release of NomadBSD (or simply "Nomad", as I will refer to the project in this review) is version 1.1. It is based on FreeBSD 11.2 and is offered in two builds, one for generic personal computers and one for Macbooks. The release announcement mentions version 1.1 offers improved video driver support for Intel and AMD cards. The operating system ships with Octopkg for graphical package management and the system should automatically detect, and work with, VirtualBox environments.

Nomad 1.1 is available as a 2GB download, which we then decompress to produce a 4GB file which can be written to a USB thumb drive. There is no optical media build of Nomad as it is designed to be run entirely from the USB drive, and write data persistently to the drive, rather than simply being installed from the USB media.

Read more

Also: Happy Bob's Libtls tutorial

Tesla Software Code

Filed under
OSS
Security
  • Tesla Will Open-Source Its Vehicle Security Software In Push For Safer Vehicles

    Tesla has also directly communicated with hackers to improve its vehicles’ software. Back in 2016, Keen Security Lab, a white hat hacker group based in China, was able to remotely hack a Model S through a compromised WiFi hotspot, conducting one of the first known instances of a Tesla being hacked. Keen Security Lab contacted Tesla after they successfully compromised the electric car, and Tesla promptly pushed an update to address the vulnerability.

  • Tesla Plans to Open-Source Its Vehicle Security Software for Free to Other Automakers

    Believing he has the best solution, Elon Musk plans to make Tesla’s vehicle security software open source so other automakers can adopt the technology for "a safe self-driving future for all." On top of "specialized encryption" for "multiple sub-systems," future Tesla vehicles will ensure drivers always have "override authority" in the event their cars become "wacky."

  • Elon Musk Plans To Open Source Tesla Software Code

    One of the biggest advantages of open sourcing your software is allowing the independent security researchers to access the code and spot the vulnerabilities that might go unnoticed during the internal auditing.

  • Tesla plans to open source its car security software to other automakers for free

    According to the Electrek, with the rise of autonomous driving and car networking technology, the risk of malicious attacks on cars increased. Tesla CEO Elon Musk believes that the company’s car safety software is the best solution, and he plans to open source car safety software to other automakers for a safer autopilot future.

    Musk has publicly expressed concern about hackers attacking car systems. He said that fully blocking ” hacking” is Tesla’s primary security task.

Build Your Own Linux Single Board Computer

Filed under
GNU
Linux
Hardware

We are fortunate enough to have a huge choice of single-board computers before us, not just those with a bare-metal microcontroller, but also those capable of running fully-fledged general purpose operating systems such as GNU/Linux. The Raspberry Pi is probably the best known of this latter crop of boards, and it has spawned a host of competitors with similarly fruity names. With an entire cornucopia to choose from, it takes a bit more than evoking a berry to catch our attention. The form factors are becoming established and the usual SoCs are pretty well covered already, show us something we haven’t seen before!

[Marcel Thürmer] may have managed that feat, with his Blueberry Pi. On the face of it this is just Yet Another SBC With A Fruity Pi Name, but what caught our attention is that unlike all the others, this is one you can build yourself if you want. It’s entirely open-source, but it differs from other boards that release their files to the world in that it manages to keep construction within the realm of what is possible on the bench rather than the pick-and-place. He’s done this by choosing an Alwinner V3, an SoC originally produced for the action camera market that is available in a readily-solderable TQFP package. It’s a choice that has allowed him to pull off another constructor-friendly feat: the board is only two layers, so it won’t break the bank to have it made.

Read more

The House of Elive Linux Revamped!

Filed under
GNU
Linux
Debian

I visited the www.elivecd.org, the page that houses Elive. This is one Linux distro that caught my eye in 2009 and that I have been following ever since.

The site is being redecorated and renovated, which is a great change to reflect the polished nature of the distro that Thanatermesis (Samuel Flores Baggen) crafts there.

Read more

Also: DebConf in Taiwan!

Security Leftovers

Filed under
Security
  • #DEFCON DHS Says Collaboration Needed for Secure Infrastructure and Elections

    Speaking at DEFCON 26 in Las Vegas on the subject of “Securing our Nation's Election Infrastructure”, Jeanette Manfra, assistant secretary, Office of Cybersecurity and Communications from the Department of Homeland Security stressed the need for public and private sector collaboration.

    She said that “instead of thinking of individual risk and your own part, try to think about enterprise and government as a whole.”

    In terms of critical infrastructure, Manfra said that this is “purely voluntary in the private sector” and includes “everyone working for yourself or your company, and this includes academic institutions and the broader private and public partnership to work together to figure our critical infrastructure.”

    She went on to talk about the concept of collective defense, saying that government is “one player in the community,” and with companies and citizens on the front line with government sectors “we have to share information and be transparent and build trust with individuals and entities that we have not done before.”

  • The Enigma of AI & Cybersecurity

    We've only seen the beginning of what artificial intelligence can do for information security.

    Alan Turing is famous for several reasons, one of which is that he cracked the Nazis' seemingly unbreakable Enigma machine code during World War II. Later in life, Turing also devised what would become known as the Turing test for determining whether a computer was "intelligent" — what we would now call artificial intelligence (AI). Turing believed that if a person couldn't tell the difference between a computer and a human in a conversation, then that computer was displaying AI.

    AI and information security have been intertwined practically since the birth of the modern computer in the mid-20th century. For today's enterprises, the relationship can generally be broken down into three categories: incident detection, incident response, and situational awareness — i.e., helping a business understand its vulnerabilities before an incident occurs. IT infrastructure has grown so complex since Turing's era that it can be months before personnel notice an intrusion.

  • Open-source snafu leaves patient data exposed [Ed: They never generalise like this about proprietary software]

    Researchers at cyber security outfit Project Insecurity discovered dozens of security bugs in the OpenEMR system, which is described as the “most popular open source electronic health records and medical practice management solution”.

    Many of the flaws were classified as being of high severity, leaving patient records and other sensitive information within easy reach of would-be hackers.

    One critical flaw meant that an unauthenticated user was able to bypass the patient portal login simply by navigating to the registration page and modifying the URL, Project Insecurity reported in its findings.

  • Open Source Security Podcast: Episode 109 - OSCon and actionable advice

Let’s share

Filed under
OSS

“Information wants to be free” goes the slogan of the social movement encouraging open-source software, file sharing and a permissive legal environment for modifying and distributing the creative works in the form of open content or free content by using the internet and other forms of media. The free software and open access movements are among the most important developments after the rise of the world wide web. Swartz was not the only internet activist who believed in the concept of an open and free internet. There were people like Richard Stallman, who gave birth to the term “free software”, free as in freedom, not free as in no cost.

The aura of the information age is not just about new ideas but about a shift in the paradigms of communication and control. In this age of digital feudalism, we do not actually own the products we buy, but we are merely granted limited use of them as long as we continue to pay the rent. The radical expansion of intellectual property (IP) rights threatens to reach the point where they suppress any and all other rights of the individual and society. The current copyright laws have hindered creativity and resulted in a read-only internet culture in which we only consume information/content, despite technology advances that make it easy to create and contribute to culture. Copyright law doesn’t extend neatly to the digital world and the digital rights management tools the industry is endeavouring to develop to maintain copyright control are dampening the growth of a rich read-or-write culture.

We need to bring that open-source mentality to the content layer. Two-thirds of all websites run on open-source software, but most of the premium academic resources remain closed behind digital gates. The Directory of Open Access Journals reports that nearly 4,000 publications are available to the masses via the internet, a number that grows rapidly each year. It is essential to liberate data, liberate knowledge — especially data that taxpayers have already paid for.

Thanks to the Free Culture movement, vast knowledge repositories like Wikipedia and Stack Exchange and open access efforts like the science article sharing site arXiv.org have flourished as they permit content to be re-used for free and built upon, and many major websites offer Creative Commons (CC) licensing as part of their user interfaces (UI). In 2012, Google launched a worldwide campaign named Take Action for building a free and open world wide web. Here is the kernel of Google’s argument: “A free and open world depends on a free and open internet. Governments alone, working behind closed doors, should not direct its future. The billions of people around the globe who use the internet should have a voice”.

Read more

DXVK 0.65

Filed under
Gaming

Linux 4.19 and More

Filed under
Linux
  • New ARM SoCs & Boards To Be Supported By The Linux 4.19 Kernel

    Hardware support improvements coming for Linux 4.19 aren't limited to the x86 space but a lot of new ARM hardware support is also being introduced in this imminent kernel cycle.

    While the Linux 4.19 kernel merge window isn't quite open yet -- it should open tonight, following the release of Linux 4.18 -- the new feature work is already staged. There is the for-next arm-soc.git branch.

  • F2FS In Linux 4.19 Will Fix Big Performance Issue For Multi-Threaded Reads

    The Linux 4.19 kernel updates for the Flash-Friendly File-System (F2FS) should bring much faster performance for multi-threaded sequential reads -- as much as multiple times faster.

    Two years ago F2FS dropped its write-pages lock on the basis it could improve multi-threading performance... 4KB writes across 32 threads went up from 25 to 28MB/s on some tests done on the developer's hardware. While it was a minor win for multi-threaded writes, it turns out dropping the write-pages lock took a major toll on the multi-threaded read performance. Now with Linux 4.19, that write-pages lock is being restored.

  • SoundWire For Linux Preps Support For Multiple Masters

    Back in Linux 4.16 the SoundWire subsystem was added to the staging area as the MIPI standard for a low-power, two-wire sound bus that can support multiple audio streams and primarily utilized by small audio peripherals like IoT and mobile devices. With the next Linux kernel cycle, the SoundWire support is being improved upon.

Sparky 5.5 RC

Filed under
GNU
Linux

There are new iso images of SparkyLinux 5.5 Release Candidate available to download.
Sparky 5 follows rolling release model and is based on Debian testing “Buster”.

ISO images of Sparky 5.5 RC provides bug fixing found in the 5.5 dev20180725 release.

Read more

Akademy 2018 Day 1

Filed under
KDE

Akademy 2018 got off to a wet start with rains accompanying all attendees pouring into Vienna for KDE's largest annual community conference. Although the Pre-Registration event was held on Day Zero (Friday the 10th) and it was a fun-filled affair, Akademy kicked off in earnest on Saturday, with talks, panels and demonstrations. Read on to find out about Day 1 of Akademy and all that transpired:

Read more

The Release of Linux 4.18

Filed under
Linux
  • Linux 4.18

    One week late(r) and here we are - 4.18 is out there.

    It was a very calm week, and arguably I could just have released on
    schedule last week, but we did have some minor updates. Mostly
    networking, but some vfs race fixes (mentioned in the rc8 announment
    as "pending") and a couple of driver fixes (scsi, networking, i2c).
    Some other minor random things (arm crypto fix, parisc memory ordering
    fix). Shortlog appended for the (few) details.

    Some of these I was almost ready to just delay to until the next merge
    window, but they were marked for stable anyway, so it would just have
    caused more backporting. The vfs fixes are for old races that are
    really hard to hit (which is obviously why they are old and weren't
    noticed earlier). Some of them _have_ been seen in real life, some of
    them probably need explicit help to ever trigger (ie artificial delays
    just to show that "yes, this can actually happen in theory").

    Anyway, with this, the merge window for 4.19 is obviously open, and
    I'll start pulling tomorrow. I already have a couple of dozen pull
    requests pending due to the one-week delay of 4.18, but keep them
    coming.

    Linus

  • The 4.18 kernel is out

    Linus has released the 4.18 kernel. "It was a very calm week, and arguably I could just have released on schedule last week, but we did have some minor updates.

  • Linux 4.18 Kernel Officially Released

    Following the one week setback, the Linux 4.18 kernel is now officially available just a little more than two months since the cycle officially began.

    Linux 4.18 is now shipping and the latest kernel carrying the continued "Merciless Moray" codename.

Syndicate content

More in Tux Machines

Oracle Yields GraphPipe

  • Oracle open sources Graphpipe to standardize machine learning model deployment
    Oracle, a company not exactly known for having the best relationship with the open source community, is releasing a new open source tool today called Graphpipe, which is designed to simplify and standardize the deployment of machine learning models. The tool consists of a set of libraries and tools for following the standard.
  • Oracle open-sources Graphpipe to make it easier to deploy machine learning models
    Oracle today open-sourced Graphpipe, a tool created to make it easy to serve machine learning models in the cloud made by popular frameworks like TensorFlow, MXNet, Caffe2, and PyTorch. Graphpipe was designed to simplify the deployment of machine learning for use on mobile apps and IoT devices, as well as web services for end users or AI for internal use at companies. “Graphpipe is an attempt to standardize the protocol by which you speak to a remotely deployed machine learning model, and it includes some reference servers that allow you to deploy machine learning models from existing frameworks very easily in an efficient way,” Oracle cloud architect Vish Abrams told VentureBeat in a phone interview. Prior to joining Oracle, Abrams led efforts at NASA to open-source the OpenStack cloud computing platform.
  • Oracle open sources GraphPipe, a new standard for machine learning models
    Machine learning is expected to transform industries. However, its adoption in the enterprise has been slower than some might expect because it's difficult for organizations to deploy and manage machine learning technology on their own. Part of the challenge is that machine learning models are often trained and deployed using bespoke techniques, making it difficult to deploy models across servers or within different departments.
  • Oracle offers GraphPipe spec for machine learning data transmission
    Oracle has developed an open source specification for transmitting tensor data, which the company wants to become a standard for machine learning. Called GraphPipe, the specification provides a protocol for network data transmission. GraphPipe is intended to bring the efficiency of a binary, memory-mapped format while being simple and light on dependencies. There also are clients and servers for deploying and querying machine learning models from any framework.
  • Oracle releases GraphPipe, an open-source tool for deploying AI models
    Major tech firms regularly open-source internal software projects, but it’s not often that Oracle Corp.’s name comes up in this context. Today marked one of those occasions. The database giant this morning released GraphPipe, a tool for easing the deployment of machine learning models. Development on the project was led by Oracle cloud architect Vish Abrams, an open-source veteran who previously worked at NASA as part of the team that created the OpenStack data center operating system.
  • Oracle Open Sources GraphPipe for 'Dead Simple' Machine Learning Deployment

A 'Bridge' for GNU/Linux Games

  • Valve seems to be working on tools to get Windows games running on Linux
    Valve appears to be working on a set of "compatibility tools," called Steam Play, that would allow at least some Windows-based titles to run on Linux-based SteamOS systems. Yesterday, Reddit users noticed that Steam's GUI files (as captured by SteamDB's Steam Tracker) include a hidden section with unused text related to the unannounced Steam Play system. According to that text, "Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems."
  • Valve could be working on compatibility tools to make gaming on Linux easier than ever
    Something to look forward to: Gaming on Linux has never been the ideal experience, and the lack of AAA game compatibility is one of the main reasons for this. That's where Valve comes in, apparently - the company seems to be quietly working on a compatibility tool of its own, called "Steam Play." It seems Valve could be taking another shot at bringing Linux to the forefront of PC gaming if recently-discovered Steam GUI files are anything to go by. Curious Reddit users dug into Steam database files obtained by Steam Tracker. Recent updates to the database include numerous hints at something called "Steam Play," which is beginning to sound like a compatibility tool of sorts.
  • Steam may be getting tools that will enable Windows games to run in Linux
    Valve announced the Linux-based SteamOS in 2013, just prior to the reveal of the vaguely console-like Steam Machine PCs. It was a big, bold move that ultimately petered out: Valve ditched the Steam Machines section of its website in April, aalthough you can still hit it directly if you know the URL.
  • Looks like Steam’s getting built-in tools to run Windows games on Linux
    A few lines of code uncovered in Steam suggest that Valve is working on compatibility tools to allow users to play games regardless of operating system. Put another way, Steam’s going to let you run Windows games on Mac and Linux with a set of software built directly into the client. Uncovered strings all come under the “Steam_Settings_Compat” header, and all reference back to Steam Play. That’s currently the moniker Valve used to distinguish games that come as a single purchase playable across Windows, Mac, and Linux, but the strings suggest a new definition on the way.
  • Rumour: Valve May Be Adding Windows Steam Game Compatibility to Linux
    In a very interesting move, sleuths over at GamingOnLinux appear to unearthed evidence that Valve is experimenting with tools that could allow Windows Steam games to be playable on Linux operating systems. Up until this point, a game has to be specifically developed for Linux in order to be compatible with Unix-based operating systems. There are workarounds available right now, but it’s notoriously unreliable and a major hassle to get sorted. However, updates posted to the Steam Database github indicates Valve is at least testing an automatic method for running Windows games on Linux. Picking through the github notes, the tool appears to be called ‘Steam Play’, which the compatibility info says “Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems.”

Security: Updates, IPSec, Elections, AWS and Surveillance

  • Security updates for Wednesday
  • Cisco, Huawei, ZyXel, and Huawei patch Cryptographic IPSEC IKE Vulnerability
  • 11-year-old shows it’s child’s play to mess with elections
    At the DefCon Voting Village in Las Vegas last year, participants proved it was child’s play to hack voting machines: As Wired reported, within two minutes, democracy-tech researcher Carsten Schürmann used a novel vulnerability to get remote access to a WinVote machine. This year, it was literally child’s play: the DefCon village this past weekend invited 50 kids between the ages of 8 and 16 to compromise replicas of states’ websites in the so-called “DEFCON Voting Machine Hacking Village.”
  • Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
    Both adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections. Two 11-year-old budding hackers last week at DEF CON in Las Vegas used SQL injection attack code to break into a replica of the Florida Secretary of State's website within 15 minutes, altering vote count reports on the site. Meanwhile, further down the hall in the adult Voting Machine Hacking Village at Caesars Palace, one unidentified hacker spent four hours trying to break into a replica database that housed the real, publicly available state of Ohio voter registration roll. He got as far as the secured server — penetrating two layers of firewalls with a Khali Linux pen testing tool — but in the end was unable to grab the data from the database, which included names and birthdates of registered voters.
  • How Netflix Secures AWS Cloud Credentials
    Netflix has long been the poster child for being an "all-in-the-cloud" organization. The streaming media service relies on Amazon Web Services (AWS) for infrastructure and computing resources that it uses to operate.
  • Researchers Reveal Security Vulnerabilities in Tracking Apps
    Millions of users around the world regularly install tracker apps on their Android devices to help them keep track of friends and loved ones. Some of those tracker apps, however, contain vulnerabilities that could potentially enable an attacker to track the users of the apps. Researchers from the Fraunhofer Institute for Secure Information Technology detailed 37 vulnerabilities found in 19 mobile tracking apps in a session at Defcon in Las Vegas on Aug. 11. The researchers responsibly disclosed the flaws to Google and noted that, as of the time of their presentation, 12 of the apps had been removed from the Google Play store, leaving seven still publicly available and vulnerable. "In this project it was very easy to find vulnerabilities," security researcher Siegfried Rasthofer said. "There were no sophisticated exploits."

L1TF/Foreshadow News and Benchmarks

  • Three More Intel Chip Exploits Surface
  • Spectre-like “Foreshadow” Flaw In Intel CPUs Can Leak Your Secrets
  • QEMU 3.0 Brings Spectre V4 Mitigation, OpenGL ES Support In SDL Front-End
    QEMU 3.0 is now officially available. This big version bump isn't due to some compatibility-breaking changes, but rather to simplify their versioning and begin doing major version bumps on an annual basis. As an added bonus, QEMU 3.0 comes at a time of the project marking its 15th year in existence. QEMU 3.0 does amount to being a big feature release with a lot of new functionality as well as many improvements. Changes in QEMU 3.0 include Spectre V4 mitigation for x86 Intel/AMD, improved support for nested KVM guests on Microsoft Hyper-V, block device support for active mirroring, improved support for AHCI and SCSI emulation, OpenGL ES support within the SDL front-end, improved latency for user-mode networking, various ARM improvements, some POWER9 / RISC-V / s390 improvements too, and various other new bits.
  • How the L1 Terminal Fault vulnerability affects Linux systems
    Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?
  • An Early Look At The L1 Terminal Fault "L1TF" Performance Impact On Virtual Machines
    Yesterday the latest speculative execution vulnerability was disclosed that was akin to Meltdown and is dubbed the L1 Terminal Fault, or "L1TF" for short. Here are some very early benchmarks of the performance impact of the L1TF mitigation on the Linux virtual machine performance when testing the various levels of mitigation as well as the unpatched system performance prior to this vulnerability coming to light.
  • Phoronix Test Suite 8.2 M2 Released With Offline Improvements, L1TF/Foreshadow Reporting
    The second development snapshot of the upcoming Phoronix Test Suite 8.2-Rakkestad to benchmark to your heart's delight on Linux, macOS, Windows, Solaris, and BSD platforms from embedded/SBC systems to cloud and servers.
  • The Linux Benchmarking Continues On The Threadripper 2950X & 2990WX
    While I haven't posted any new Threadripper 2950X/2990WX benchmarks since the embargo expired on Monday with the Threadripper 2 Linux review and some Windows 10 vs. Linux benchmarks, tests have continued under Linux -- as well as FreeBSD. I should have my initial BSD vs. Linux findings on Threadripper 2 out later today. There were about 24 hours worth of FreeBSD-based 2990WX tests going well albeit DragonFlyBSD currently bites the gun with my Threadripper 2 test platforms. More on that in the upcoming article as the rest of those tests finish. It's also been a madhouse with simultaneously benchmarking the new Level 1 Terminal Fault (L1TF) vulnerability and the performance impact of those Linux mitigations on Intel hardware will start to be published in the next few hours.