Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 14 Dec 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Most Secure Operating Systems, VPN for GNU/Linux, and Latest GNU/Linux FUD

Filed under
GNU
Linux
Security
  • What’s the most secure operating system?

    Linux has a family of different free versions (known as distributions, or distros) to choose from, based on users’ computer skills. If you’re just getting started, check out Mint or Ubuntu. And because Linux is open-source, users can make copies of modified systems and give them away to friends in need.

  • Choose the Right VPN for Linux in 2019
  • Cryptomining campaign pulls new ‘Linux Rabbit’ malware out of its black hat [Ed: No, it's not ‘Linux Rabbit’ but ‘Weak Password Rabbit’; calling it Linux is rather misleading, distracts from the real problem.]
  • Linux malware: is it so hard to get it right? [Ed: Recognising Catalin Cimpaun for what he really is (and has always been): a clickbaiting troll. For CBS to employ him for ZDNet says a lot about the agenda.]

    Once again, so-called security researchers and tech writers have combined to provide misinformation about trojanised SSH scripts which can be run on a Linux server after said server is compromised through a brute-force attack and root status attained. And they call it Linux malware!
    Security firm ESET and ZDNet writer Catalin Cimpanu have both got it wrong in the past — the latter on numerous occasions as he simply does not seem to understand anything about the Linux security model — but both continue to persist in trying to pursue the topic. ESET has gone in the wrong direction on torrent files and clients too.

    Arguably, there is reason to do so: Linux and malware in the same headline do still serve as some kind of clickbait.

    [...]

    Cimpanu was more descriptive, but again made the same fundamental mistake. Malware can be created for any operating system, but the crucial question is how do you get it onto that system?

    [...]

    Cimpanu's former employer, Bleeping Computer, was also prone to screw-ups of this nature. Here is the editor of Bleeping Computer, Lawrence Abrams, expounding on ransomware targeting Linux servers.

    But then Bleeping Computer is a relatively small operation. One would have thought that ZDNet, which has tons of resources, would have a little more editorial quality control.

Now you can run nginx on Wasmjit on all POSIX systems

Filed under
OS
Linux
Server
BSD

Wasmjit team announced last week that you can now run Nginx 1.15.3, a free and open source high-performance HTTP server and reverse proxy, in user-space on all POSIX system.

Wasmjit is a small embeddable WebAssembly runtime that can be easily ported to most environments. It primarily targets a Linux kernel module capable of hosting Emscripten-generated WebAssembly modules. It comes equipped with a host environment for running in user-space on POSIX systems. This allows you to run WebAssembly modules without having to run an entire browser. Getting Nginx to run had been a major goal for the wasmjit team ever since its first release in late July.

Read more

Nextcloud 15 goes social, enforces 2FA and gives you a new generation real-time document editing

Filed under
OSS

Nextcloud 2018 ends the year with a big announcement: Nextcloud 15 is here! This release marks a big step forward for communication and collaboration with others in a secure way, introducing...

Read more

Winterize your Bash prompt in Linux

Filed under
Linux
HowTos

Hello once again for another installment of the Linux command-line toys advent calendar. If this is your first visit to the series, you might be asking yourself what a command-line toy even is? Really, we're keeping it pretty open-ended: It's anything that's a fun diversion at the terminal, and we're giving bonus points for anything holiday-themed.

Maybe you've seen some of these before, maybe you haven't. Either way, we hope you have fun.

Read more

GNOME Devs Experiment with a Refreshed GTK & Icon Theme

Filed under
GNOME

Now, if you’re a regular reader of this site then may recall our post on a new GNOME icon theme back in July. At the time only a handful of core GNOME apps had been given newly redesigned icons.

Fast forward a season or so and not only is the give-core-apps-new-icons initiative well underway, but the redesign effort has extended to other parts of the desktop experience, including the default theme.

Modernising the look and feel of GNOME apps and the shell is a) a bit overdue and Cool happening as part of a wider update to GNOME design guidelines. The idea is to give the desktop a distinct yet consistent appearance.

Read more

Programming: Python, Mozilla and HowTos

Filed under
Development
Moz/FF

Open source autonomous driving project to build on 96Boards SBCs

Filed under
Linux

Linaro, Tier IV, and Apex.AI have co-founded an Autoware Foundation to establish an open source platform for autonomous vehicles built around Tier IV’s Linux/ROS based Autoware stack and some future 96Boards SBCs.

Japan-based intelligent vehicle technology company Tier IV has joined with Arm-backed Linaro and autonomous driving software firm Apex-AI to launch the Autoware Foundation. The not-for-profit organization will develop open source hardware and software built around the Linux and ROS based Autoware software developed by Tier IV, which sells small electrical vehicles (EVs) that run Autoware.

Read more

Events: KubeCon, The Spindle, Fedora 29 Release Party Novi Sad

Filed under
OSS
  • Red Hat KubeCon Seattle 2018 Events & Demos

    Stop by the Red Hat booth D1 to explore 1:1 demos and speak with our open source specialists. We’ll be giving away Red Hat beanies, stickers, Command Line Hero coloring books and more, while supplies last.

  • Future Session #10 Open Innovation & Open Design

    On November 27th 2018, The Spindle, in collaboration with HumanityX, organised a Future Session about global technological developments and open innovation & open design. Participants to this meeting came from various organisations, sectors, and backgrounds, which provided fruitful input and discussions, especially during the workshop part of the session.

    The session was led by expert Diderik van Wingerden, who is an Open Source Innovation expert and pragmatic idealist. To find out more about Diderik and his work, visit www.think-innovation.com. You can find Diderik’s presentation and the material that he used for this session here.

    Introduction to Technological Trends

    Diderik started off by presenting a great selection of today’s technological trends and developments, among which virtual reality, big (open) data, artificial intelligence (AI), blockchain, 3D printing, open source & open design, internet of things and robots & drones.

  • Fedora 29 Release Party Novi Sad

    Fedora 29 Release Party was held at University of Novi Sad in Serbia like our previous events. Around 50 Fedorians were presents, and I am happy to report that I saw a lot of new faces.

Security: Google+, Tails, Thunderbolt and More

Filed under
Security
  • Google to Shut Down Google+ 4 Months Earlier After Second Data Hack

    Google+ still hadn’t recovered from the data leak it suffered in October. And now it has to go through the same fortune yet again. The company today announced that a new security loophole found last month can impact 52.5 million users. The data of these users can be taken from the apps that use the API of Google+.

    The data of the 52.5 million users consists of their personal information like name, age, occupation, and email address. Even if the accounts are set on private, developers will be able to access the profile information due to the security bug. Even if the information was set to private, developers had easy access to the data of the users.

  • An evil Penguin grabs the persistence partition’s key of a friend’s Tails operating system
  • Pop the Box

    Let[s] talk a little about this box. In this HTB machine we will see only one port is open and that will be the http one , we will fireup the dirbuster to find the different files and directories inside that website. We will came to know about the phpbash file from where we will be getting code execution. After getting the ever shell we will enumerate more and will be able to find the way to escalate the privileges and became root. This time I have made two video[s] the first one will be on getting our first reverse shell on the box and the second one will be on how we will be able to escalate the privileges. Hope you guys will enjoy it. In last but not the least I have uploaded some file[s] from which you will be able to learn about bash scripting, python and you will learn about the cronjob working.

  • Linux 4.21 Will Better Protect Against Malicious Thunderbolt Devices

    Linux 4.21 is set to further improve the system security around potentially malicious Thunderbolt devices.

    The new protection with Linux 4.21 is the enabling of IOMMU-based direct memory access (DMA) protection from devices connected via Thunderbolt. PCI Express Address Translation Services (PCIe ATS) is also disabled to prevent possibly bypassing that IOMMU protection, per this pull.

Server: Intel, Red Hat, Amazon, Google, Lenovo and SUSE

Filed under
Server
  • Intel Launches Open-Source Deep Learning Reference Stack Powered By Clear Linux & Kata

    The Intel Deep Learning Reference Stack is an integrated, performance-focused open-source stack built atop their Clear Linux distribution, utilizes their Kata Containers technology, the Intel Math Kernel Library, and supports TensorFlow and other machine learning frameworks.

  • Open Source's Evolution in Cloud-Native DevOps

    “Open source, and especially the open source community, are constantly coming up with new tools, approaches and best practices to solve business use cases in the cloud native world. Not a day goes by where we don’t see a new tool, library or framework seeing the light on GitHub that is solving key problems that adopters of cloud native run into as they start rolling out more applications through a DevOps delivery pipeline,” Andreas Grabner, a DevOps activist, for Dynatrace, said. “Thanks to the openness of the community and the willingness to share best practices with others, open source is a core building block of the cloud native movement. The flipside of this, however, is that many organizations are overwhelmed with the constant change in open source offerings.”

  • OpenShift & Kubernetes: Where We’ve Been and Where We’re Going Part 1

    As we approach the end of another year for Red Hat OpenShift and Kubernetes, and another Kubecon, which I believe will be even bigger than the last, it’s a great time to reflect on both where we’ve been and where we’re going. In this blog I will look back over the past 4+ years since Red Hat first got involved in the Kubernetes project, where we have focused our contributions and the key decisions that got us to this point. Then in Part II, I will look ahead at some of the areas we’re focusing on now and into the future.

  • Red Hat Satellite 6.4.1 is now generally available

    Red Hat Satellite 6.4.1 is now generally available. The main drivers for the 6.4.1 release are upgrade and stability fixes. Thirteen bugs have been addressed in this release - the complete list is at the end of the post. The most notable issue is compatibility with Red Hat Enterprise Linux 7.6.

    There is one erratum for the server and one for the hosts. The install ISOs will be updated soon, but customers registered via Red Hat Subscription Manager can update via `foreman-maintain` as described in the upgrade guide today.

  • How AWS Lambda Serverless Works

    Four years ago, Amazon Web Services (AWS) launched a revolution with the debut of its Lambda service. Rather than being an expansion of existing virtual machine services that provide cloud based servers, Lambda offered users a different promise - the promise of 'serverless' computing.

  • How Google Is Improving Kubernetes Container Security

    The open-source Kubernetes container orchestration project has become increasingly important in recent years as organizations rely on it to deploy applications. With the increased reliance has come increased scrutiny on security, especially at Google, which hosts a managed Kubernetes service called Google Kubernetes Engine (GKE).

    In a call with press ahead of the KubeCon conference that runs Dec. 11-13 in Seattle, Maya Kaczorowski, product manager, Security & Privacy, at Google, outlined the steps Google is taking to help secure Kubernetes now and into the future.

  • Cumulus Networks Partners with Lenovo to Deliver Networking Switches for the Open, Modern Data Center

    Together, Lenovo and Cumulus Networks provide operational efficiency with the robust Linux ecosystem, scalability with Ethernet VPN, and a simplified cloud-based operational model. Lenovo fulfills its promise of vendor flexibility, while at the same time delivering true open switch products that enable organizations to choose the OS best suited for its business.

  • SAP HANA Systemreplication Automation with SUSE HA on Alibaba Cloud
  • Red Hat collaborates with Google, SAP, IBM and others on Knative to deliver hybrid serverless workloads to the enterprise

Games: Doom's' 25th Anniversary, Unvanquished, Star Ruler 2, Humble Indie Mega Week

Filed under
Gaming
  • Game Engine Black Book: DOOM

    Today is Doom's' 25th anniversary. To mark the occasion, Fabien Sanglard has written and released a book, Game Engine Black Book: DOOM.

  • DOOM Changed the Game 25 Years Ago Today

    Doom was one of the most influential video games of all time. It was state of the art in 1993, and it was literally a game changer.

    It’s hard to overstate just how much it changed the character of video gaming. Looking through the eyes of an action game’s hero was a novel experience, one first made possible by John Carmack and John Romero with their previous hit, Wolfenstein 3D.

    This game was everywhere. You couldn’t walk into a computer store in the 90s without seeing it on half a dozen screens. Shops would run it on their best, fastest computer to demonstrate how fast that computer was. The bigger and more powerful the computer got, the faster the game ran on the computer, and the top of the line 486 and Pentium computers could display the game full-screen at 30 frames per second—something that had mostly been impossible with a 3D game up until that point. People would buy new computers just to run that game; chances are it made more money for the hardware makers than it did for Id.

  • Cumulus Networks Partners with Lenovo, Unvanquished Game Announces First Alpha in Almost Three Years, KDE Frameworks 5.53.0 Released, Git v2.20.0 Is Now Available and Major Milestone WordPress Update

    Developers of the open-source game Unvanquished announce a new alpha release, Unvanquished Alpha 51 today, marking their first release in almost three years. According to Phoronix, the beta should drop soon as well. See the game's website for details.

  • Star Ruler 2 Now Available to Install via Snap in Ubuntu

    Star Ruler 2, a space 4X / RTS hybrid developed by Blind Mind Studios, now can easily installed in Ubuntu 16.04, Ubuntu 18.04 and higher via Snap package.

  • Humble are doing an 'Indie Mega Week' that's worth a look for some cheap Linux games

    Take the chill off with some toasty new games, now with money off in the Humble Indie Mega Week sale.

Windows 10 Sends Your Activity History to Microsoft, Even if You Tell It Not To

Filed under
Microsoft

Windows 10 collects an “Activity History” of applications you launch on your PC and sends it to Microsoft. Even if you disable or clear this, Microsoft’s Privacy Dashboard still shows an “Activity History” of applications you’ve launched on your PCs.

This problem was recently discussed on Reddit, and it’s pretty easy to confirm. Head to Settings > Privacy > Activity History and disable “Send my activity history to Microsoft.” It was already disabled on our PC, so it made this easy to test.

Read more

today's howtos

Filed under
HowTos

Rescue your Linux with Elinks text browser

Filed under
Software

I contemplated long and hard what title to use for this article, because the topic is somewhat convoluted. So let me explain. Say you have a Linux box that suddenly refused to boot into the desktop environment. For instance, you may have just installed graphics drivers, but they are not loading, and you don't get any graphical interface. Only a text shell. The old runlevel 3 stuff.

At this point, rescuing the system will usually require three things: skill, access to the Web, and some extra files, like updated drivers, new kernel, whatever. The first one comes with you, but the two other two, well, for most people, going about the Web is not doable without a browser, which means UI. Except, not really. You can use a text browser, and in this article, I'll show you how to use Elinks to search the Web, grab packages and drivers, and fix your box. After me.

Read more

Adiantum File-System Encryption Support Ready For Linux 4.21

Filed under
Linux

Adiantum, Google's newly developed crypto algorithm to replace their planned use of the controversial Speck, is ready to begin providing speedy file-system encryption support for low-end devices with the upcoming Linux 4.21 merge window.

Adiantum is intended to be eventually used by low-end Android Go devices where their limited SoCs don't provide any hardware crypto extensions. As covered back in November, Adiantum was added to the Linux kernel's crypto subsystem is staging it ahead of Linux 4.21.

Read more

The PCLinuxOS Magazine Graphics Special Edition, Volume 1

Filed under
PCLOS

The PCLinuxOS Magazine staff is pleased to announce the release of the Graphics Special Edition, Volume 1 of the PCLinuxOS Magazine. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw.

today's leftovers

Filed under
Misc
  • Mad Dog 21/21: Hat In Hand

    IBM’s acquisition of Red Hat is for Ginni Rometty as vital and significant as Lou Gerstner’s development of IBM’s services business in the 1990s. If IBM can properly integrate Red Hat, IBM’s legacy businesses and strategic initiatives will all be reinvigorated. This is not merely desirable, but absolutely necessary. Without the Red Hat acquisition, IBM is threatened with advancing torpidity and imminent decline. For IBM right now, it is Red Hat do or die.

    Red Hat’s Enterprise Linux operating system already contributes to the viability of IBM’s server offerings. But when an IBM hardware customer, let’s say a mainframe shop, installs RHEL it does so with other Linux alternatives on other platforms looming as contenders. Until now, those contenders could argue that IBM’s hardware is not the most prominent platform for RHEL, and therefore not the primary recipient of updates, security fixes and enhancements. That will no longer be the case. IBM will be able to assert its prominence in the Red Hat universe. A similar case can now be made for services arrangements that include the use of Red Hat products. When it comes to strategic initiatives, IBM will be able to combine its AI technologies including Watson related services, with Red Hat products and services. Basically, IBM’s position in competition with HP, Microsoft and Oracle will be enhanced, even if Red Hat continues to assert its independence and self-direction.

  • How Open Policy Agent Works to Secure Cloud-Native Workloads

    A core element of IT security is having proper policies in place that define what is and what isn't allowed for a given process or entity.

    In the cloud-native world, where there are multiple distributed elements that can live in different deployment modalities, the challenge of defining and implementing policy is nontrivial, but that's the challenge that the Open Policy Agent (OPA) project is looking to solve. In a session at the DockerCon Europe 2018 event in Barcelona, Spain, this week, Torin Sandall, software engineer at Strya, and Justin Cormack, software engineer at Docker, outlined how OPA can help to create and enforce security.

  • QtWS post (-scriptum)

    This week I was briefly in Berlin for the Qt World Summit, or QtWS for short. I was there to run the KDE booth as part of the exposition at the summit, rather than to do any talks (or, for that matter, watch any). First, a bunch of thanks are in order: to Sari and Milja from Moodboard for organising most of the things, to Katica from the Qt Company for doing PR on the show floor, to Kai and Roman from KDE for standing at the booth with me, and to the 700-or-so attendees for listening to us when we talk about KDE as a community, about KDE Frameworks and Plasma in laptops, tablets, phones and embedded. Thanks also to Paul and kde-promo for getting us some nice source material for stickers and shirts.

  • Fedora 30 To Finally Use GnuPG 2 As The Default

    While many Linux distributions have moved past GnuPG 1 and some no longer even packaging it, Fedora Linux continues using GnuPG 1 as the default gpg, but that is likely to change with Fedora 30.

  • Please test GnuTLS 3.6 in experimental

    GnuTLS 3.6.x has been marked stable with release 3.6.5. Binary packages are available in experimental. - Please test! FWIW I have rebuilt all reverse build-dependencies without finding GnuTLS-triggered build errors.

  • Two printers with one Rpi?

    Last time I tried printing with the raspberry pi I had only one machine to try with now I have two. Lets see if the Pi can handle two instances of AtCore and control two 3d printers at the same time. This is a follow up to AtCore takes to the pi. So please read that for more about the RPi setup. This post is in video form, please enjoy.

  • Arch Linux ARM on the Allwinner NanoPi A64

    I've obtained two NanoPi A64's a long while ago and recently thought of setting them up as a HA cluster as an exercise. Since setting it up with real hardware is a lot more fun then with VM's or containers. And I wanted to try out aarch64 and see how well that fares on mainline Linux.

  • Electron and the Decline of Native Apps
  • Phoronix Test Suite 8.4.1 Released For Better BSD Support, RHEL7 Bug Workaround

    Phoronix Test Suite 8.4.1 is now available as a minor but important update to last month's Phoronix Test Suite 8.4-Skiptvet release.

OSS Leftovers

Filed under
OSS
  • How Can We Bring FOSS to the Virtual World?

    Will the free and open-source revolution end when our most personal computing happens inside the walled gardens of proprietary AI VR, AR, MR, ML and XR companies? I ask, because that's the plan.

    [...]

    Buying all this is the cost of entry for chefs working in the kitchen, serving apps and experiences to customers paying to play inside Magic Leap's walled garden: a market Magic Leaps hopes will be massive, given an investment sum that now totals close to $2 billion.

    The experience it created for me, thanks to the work of one early developer, was with a school of digital fish swimming virtually in my physical world. Think of a hologram without a screen. I could walk through them, reach out and make them scatter, and otherwise interact with them. It was a nice demo, but far from anything I might crave.

    But I wondered, given Magic Leap's secretive and far-advanced tech, if it could eventually make me crave things. I ask because immersive doesn't cover what this tech does. A better adjective might be invasive.

  • Open source will be the next big thing for the channel

    With cloud vendors developing more industry-specific solutions, channel partners must also hone in on vertical industry knowledge to capitalise on these markets. 

    Flexibility will also be a key selling point which open source solutions provide: enterprises are seeking a hybrid-cloud approach to eliminate vendor lock-in, which means they’re likely to benefit from working with open source channel partners.

    With the rapid development and maturity that open source solutions provide, a shift toward higher adoptions rates in cloud workloads on Linux will become the new norm.

  • AI & data science: Open source makes NSE smart and secure

    National Stock Exchange of India (NSE which used V-SAT to transmit data securely in 1993, had shifted to Red Hat open source later. In the last few years it has been strengthening that partnership further with the integration of cloud infrastructure in its data systems to not simply improve data security, but also to implement Artificial Intelligence (AI) and data science in its systems. The implementation of cloud-based AI platform enables NSE to clock a daily turnover of Rs 3,00,000 crore with 1.2 billion daily transactions. It is the largest stock exchange in India in terms of market volume and market share.
    Says Yatrik R Vin, CFO, NSE India, “There are certain cases on which we use open source’s capabilities extensively. They are risk management at client and investor level, cost reductions and making our systems talk to the public without manual intervention.” He reminisces that during the financial crisis of 2008, not a single rupee was affected, because of the risk management capabilities of the eight-sigma level open source core systems that were in use at NSE India.

  • List of Twitters of Free Software Projects and Communities
  • OpenSMTPD proc filters & fc-rDNS

     

    I have committed full proc filtering support today, allowing a standalone filter to perform all kind of filtering on every single phase of an SMTP session.

  •  

  • TenFourFox FPR11 available

    TenFourFox Feature Parity Release 11 final is now available for testing (downloads, hashes, release notes). Issue 525 has stuck, so that's being shipped and we'll watch for site or add-on compatibility fallout (though if you're reporting a site or add-on that doesn't work with FPR11, or for that matter any release, please verify that it still worked with prior versions: particularly for websites, it's more likely the site changed than we did). There are no other changes other than bringing security fixes up to date. Assuming no problems, it will go live tomorrow evening as usual.

Programming Leftovers

Filed under
Development
  • C Programming Language - Introduction

    This tutorial is the first part of a C programming language course on Linux. C is a procedural programming language that was designed by American computer scientist Dennis Ritchie. Please note that we'll be using Linux for all our examples and explanation. Specifically, we'll be using Ubuntu 18.04 LTS.

  • DSF 2019 Board Election Results

    I'm pleased to announce the winners of our 2019 DSF Board of Directors election.

    [...]

    This year we had 17 great candidates and while not everyone can get elected each year I hope they all consider running again in the 2020 election.

    Another item of note with this election is that our Board is now comprised of two thirds women, which is a first for the DSF.

  • coloured shell prompt
  • Create multiple threads to delete multiple files with python
Syndicate content

More in Tux Machines

Android Leftovers

The Linux terminal is no one-trick pony

Welcome to another day of the Linux command-line toys advent calendar. If this is your first visit to the series, you might be asking yourself what a command-line toy even is. We’re figuring that out as we go, but generally, it could be a game, or any simple diversion that helps you have fun at the terminal. Some of you will have seen various selections from our calendar before, but we hope there’s at least one new thing for everyone. Read more

Android Leftovers

today's leftovers

  • Get notifications for your patches
    We are trialing out a new feature that can send you a notification when the patches you send to the LKML are applied to linux-next or to the mainline git trees.
  • A simple blank makes the difference
    OFX is the Open Financial eXchange protocol used by various financial institutions in a few countries. KMyMoney provides an OFX client implementation using the open source LibOFX library allowing users to import transactions directly from the bank’s server without using the detour through a web-browser and a downloaded file into the ledger of the application.
  • Fractal December'18 Hackfest (part 1)
    The Tuesday 11th started the second Fractal Hackfest. I've organized this hackfest in Seville, the city where I studied computer science and here I've a lot of friends in the University so is a good place to do it here. The weather was important too for the hackfest selection, in December Seville is a good choice because the weather is not too cold, we're having sunny days. The first day was a good day, thinking about some relevant issues and planning what we want to do. We talked about the work needed for the interface split, about the E2EE support, new features and the need for a new release. We're having some problems with the internet connection, because the University has a restricted network policy and we ask for the guess internet connection the Monday, but we're still waiting.
  • Unexpected fallout from /usr merge in Debian
    Back in 2011, Harald Hoyer and Kay Sievers came up with a proposal for Fedora to merge much of the operating system into /usr; former top-level directories, /bin, /lib, and /sbin, would then become symbolic links pointing into the corresponding subdirectories of /usr. Left out of the merge would be things like configuration files in /etc, data in /var, and user home directories. This change was aimed at features like atomic upgrades and easy snapshots. The switch to a merged /usr was successful for Fedora 17; many other distributions (Arch, OpenSUSE, Mageia, just to name a few) have followed suit. More recently, Debian has been working toward a merged /usr, but it ran into some surprising problems that are unique to the distribution. Debian and its derivatives are definitely late to the /usr merge party. Systems running Debian testing that were initially installed before June 2018 still have /bin, /sbin, and /lib as normal directories, not as symbolic links. The same applies to Ubuntu 18.10. But both Debian and Ubuntu want to make the switch to a merged /usr. Debian tried, but it hit something completely unexpected. The Debian /usr merge history started in 2016, when Marco d'Itri got the usrmerge package into Debian unstable. This package contains a Perl script that converts an existing system into the state with a merged /usr. Also, a change was made to the debootstrap program (which installs a Debian system into a chroot), so that it could create the needed symbolic links by itself before installing any packages. The end result is the same in both cases. [...] The Debian package sed also has /bin/sed, not /usr/bin/sed. In the bug report, the problem is treated like a one-off issue, to be solved by a rebuild. However, on the debian-devel mailing list, Ian Jackson quickly pointed out that the problem is, in fact, due to /usr merge on the build daemons. He suggested that the change should be reverted. Dirk Eddelbuettel seconded that suggestion, and noted that he expects "much more breakage to follow". Indeed, similar problems were triggered in sympow, pari, and monitoring-plugins. Other bugs of this nature can be found by searching the Debian bug tracking system for a special tag (but this search also finds other kinds of issues). [...] The discussion is still in progress, though; no consensus has been reached. A bug was filed against debootstrap by Jackson to revert the change to merge by default for the next release of Debian. Due to the disagreement of the debootstrap maintainer to the proposed change, Jackson reassigned the bug to the Debian Technical Committee, which is the ultimate authority for resolving otherwise unresolvable technical disputes within Debian. There is also a request from the Debian backports FTP master that the default should be the same in Debian stable backports and in Debian testing. Emilio Pozuelo Monfort, a member of the release team, also spoke in favor of reverting to non-merged /usr in new installations. It is impossible to predict now how the Technical Committee will rule. In the worst case for /usr-merge proponents, proper introduction of a merged /usr into Debian may be delayed by a few more years. But, if it votes for keeping the status quo, new end-user systems in the next stable release of Debian will have merged /usr, old but upgraded ones won't, and the build daemons will reliably build packages suitable for both cases, just like what's planned for Ubuntu 19.04. No flag day is needed in this scenario, so it would follow the best Debian traditions of not forcing transitions onto users.
  • Compiz: Ubuntu Desktop's little known best friend
    The best part is that it takes no time at all to get up and running! I’ll show you how to transform Ubuntu into a desktop that is functionally similar to Mac.  
  • How to use TOAD The Open Source Android Deodexer
    Deodexing Android can be a time-consuming process which involves pulling /system files from your Android device, deodexing them using PC tools, and installing them back on your phone. Not to mention that whenever Google releases a new Android version, the process for deodexing ROMs alters – which means tools for deodexing need to play catchup. Many deodexing tools have become defunct due to lack of update from the developers. A new tool called TOAD (The Open Source Android Deodexer) has been released, which aims to not only be incredibly easy, its open-source nature allows the development community to keep it updated with the latest deodexing methods. TOAD utilizes batch files for processing odexed files, so new batch files can easily be added or modified by the development community.
  • Linux group plans show and tell
    The Linux Users’ Group of Davis presents Open Source Computing “Show and Tell” event, an informal open night to talk about and demonstrate programs, computer projects or tricks and tips. Feel free to bring something to show or tell for 10 minutes, from a Raspberry Pi project to tools or utilities that you find handy. Everyone is welcome to join in the fun, whether you’re a hobbyist, coder, enthusiast or sysadmin.
  • Windows 10 tip: Run Ubuntu Linux in an enhanced Hyper-V session [Ed: When Microsoft's Ad Bot (Ad Bought?) covers Ubuntu it's about putting it as a slave of Vista 10, complete with back doors]
  • ​MS-Linux? Lindows? Could Microsoft release a desktop Linux? [Ed: It’s like CBS wants to just hire pro-Microsoft slants; propaganda and clickbait.]
  • How Facebook Made a Universal Open Source Language for the Web
    THE CODE THAT runs the web is a melting pot of programming languages and technologies. JavaScript, the most popular language on the web, is the standard for writing code that runs in your browser. But the server side is much more diverse. Java (no relationship to JavaScript) remains popular, as do PHP, Python, and Ruby. Mobile app developers, meanwhile, have their own preferred languages, like Kotlin for writing Android apps or Apple's Swift for iOS.
  • C Programming Tutorial Part 2 - Preprocessors
    In the first part of our ongoing C programming tutorial series, we briefly touched on the preprocessing stage. In this tutorial, we will discuss it in a little more detail so that you have a basic idea about it before learning other C programming aspects.
  • Microsoft patches 'dangerous' zero-day already being exploited by [cracking] groups

    This vulnerability in kernel image ntoskrnl.exe was reported to Microsoft on 29 October by security vendor Kasperky Lab. Listed as CVE-2018-8611 and classified as 'important', it is a local privilege escalation bug. Kaspersky Lab researchers say it has already been exploited by [cracking] groups FruityArmor and SandCat.

  • Security updates for Thursday