Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 17 Mar 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Raspbian Remix Lets You Create Your Own Spin That You Can Install on PC or Mac Rianne Schestowitz 15/03/2018 - 8:38pm
Story Benchmarks Of Russia's "Baikal" MIPS-Based Processors, Running Debian Linux Rianne Schestowitz 15/03/2018 - 8:36pm
Story Devices: Raspberry Pi, Arduino, LimeSDR and More Roy Schestowitz 15/03/2018 - 7:51pm
Story Stable kernels 4.15.10 and 4.14.27 Roy Schestowitz 15/03/2018 - 6:46pm
Story Games: Yorg, Clawface, Cendric, BATTLETECH, Surviving Mars Roy Schestowitz 15/03/2018 - 6:34pm
Story Faster app-launching in Cinnamon Roy Schestowitz 15/03/2018 - 6:22pm
Story Today in Techrights Roy Schestowitz 15/03/2018 - 5:31pm
Story Android Leftovers Rianne Schestowitz 15/03/2018 - 4:51pm
Story Some Windows Server 2016 vs. Linux Network Benchmarks Rianne Schestowitz 15/03/2018 - 4:45pm
Story Ubuntu 18.04 Versus Six Other Linux Distributions On AMD EPYC Rianne Schestowitz 15/03/2018 - 4:43pm

Security: AMD and Samba Flaws

Filed under

IPFire 2.19 - Core Update 119 released

Filed under

This is the release announcement for IPFire 2.19 – Core Update 119. It updates the toolchain of the distribution and fixes a number of smaller bug and security issues. Therefore this update is another one of a series of general housekeeping updates to make IPFire better, faster and of course more secure!

Read more

Also: NuTyX 10.1 available with cards 2.4.0

Adelaide Uni open sources venerable Ludwig editor

Filed under

The University of Adelaide will release the source code of the Ludwig editor, originally developed for use on VAX minicomputers.

Ludwig’ source code will be published on GitHub under the MIT Open Source Licence, the university announced today.

DEC’s first VAX system, the VAX-11/78, was unveiled in 1977. Adelaide Uni purchased three of the minicomputers in 1979.

The computers supported interaction through video terminals and replaced punch-card-driven systems that only offered batch processing and printed output,

Read more

Also: 4 reasons enterprise open source works best

5 open source card and board games for Linux

Filed under

Gaming has traditionally been one of Linux's weak points. That has changed somewhat in recent years thanks to Steam, GOG, and other efforts to bring commercial games to multiple operating systems, but many of those games are not open source. Sure, the games can be played on an open source operating system, but that is not good enough for an open source purist.

Read more

What legal remedies exist for breach of GPL software?

Filed under

Last April, a federal court in California handed down a decision in Artifex Software, Inc. v. Hancom, Inc., 2017 WL 1477373 (N.D. Cal. 2017), adding a new perspective to the forms of remedies available for breach of the General Public License (GPL). Sadly, this case reignited the decades-old license/contract debate due to some misinterpretations under which the court ruled the GPL to be a contract. Before looking at the remedy developments, it’s worth reviewing why the license debate even exists.

Read more

i.MX8M SBC on pre-order for $165

Filed under

Boundary Devices has launched a $165 “Nitrogen8M” SBC that runs Linux or Android on a quad-core i.MX8M with GbE, WiFi, BT, HDMI 2.0, mini-PCIe, MIPI-DSI and -CSI, 4x USB 3.0, and optional -40 to 85°C support.

Boundary Devices has updated its Nitrogen line of NXP i.MX based SBCs with a Nitrogen8M model that runs Android, Yocto, Ubuntu, Buildroot, or Debian based Linux on NXP’s i.MX8M. Available on pre-order starting at $165 with 2GB RAM, the SBC will ship this Spring.

Read more

Arduino Create expands to run Arduino on BeagleBone and Raspberry Pi

Filed under

Arduino announced an expansion of its Arduino Create development platform for deploying Arduino sketches on Linux systems to support Arm boards like the the Raspberry Pi and BeagleBone in addition to Intel boards like the UP Squared.

In November, Arduino announced a version of its Arduino Create toolkit that supports Intel-based systems running Linux, with specific support for a new UP Squared IoT Grove Development Kit. Today at the Embedded Linux Conference in Portland, where Arduino co-founder and CTO Massimo Banzi is a keynote speaker, Arduino announced an expansion of Arduino Create to support Arm boards. The platform provides optimized support for the Raspberry Pi and BeagleBone boards.

Read more

Neptune 5.0 Linux OS Released with KDE Plasma 5.12 LTS, Based on Debian Stretch

Filed under

Powered by the long-term supported Linux 4.14 kernel ported from Debian Stretch's Backports repository, Neptune 5.0 uses the latest KDE Plasma 5.12 desktop environment along with the KDE Applications 17.12 and KDE Frameworks 5.43.0 software suites. It also promises new ways to run the latest software versions.

"This version marks a new iteration within the Neptune universe. It switches its base to the current Debian Stable "Stretch" version and also changes slightly the way we will provide Updates for Neptune. We will no longer strive to bring in more recent versions of Plasma, Kernel or other software on our own," reads the release announcement.

Read more

SMARC module features hexa-core i.MX8 QuadMax

Filed under

iWave unveiled a rugged, wireless enabled SMARC module with 4GB LPDDR4 and dual GbE controllers that runs Linux or Android on NXP’s i.MX8 QuadMax SoC with 2x Cortex-A72, 4x -A53, 2x -M4F, and 2x GPU cores.

iWave has posted specs for an 82 x 50mm, industrial temperature “iW-RainboW-G27M” SMARC 2.0 module that builds on NXP’s i.MX8 QuadMax system-on-chip. The i.MX8 QuadMax was announced in Oct. 2016 as the higher end model of an automotive focused i.MX8 Quad family.

Read more

today's leftovers

Filed under

Graphics: XWayland and Mesa

Filed under
  • Per-Window Flipping In Present With XWayland Support Revised

    While the belated X.Org Server 1.20 is onto the release candidate stage, there still are some feature patches expected to land and among them is the per-window flipping support in the Present extension with support wired through for XWayland.

    Worked on last summer via GSoC 2017 was this support by Roman Gilg with a goal of reducing tearing in XWayland windowed environments by adding per-window page-flipping support to Present and wiring that up to XWayland so those X11 apps atop Wayland wouldn't be bound to using just one buffer.

  • Airlie Moves Ahead With His Plan For Soft FP64 For Mesa, OpenGL 4.3 For Evergreen GPUs

    Yesterday we wrote about David Airlie working on a fresh push to get "soft FP64" support in Mesa for allowing some older graphics cards on the R600g driver to then have OpenGL 4 support thanks to this double-precision floating-point support being their last blocker. That code is moving forward.

    The soft FP64 support within GLSL shaders is the work originally done by former GSoC contributor Elie Tournier. Airlie is preparing to merge that code along with various changes he has made since then, including the option for Gallium3D drivers to individually decide about opting in or not to this emulated FP64 support.

  • Mesa Developers Working To Figure Out How To Improve Their Release Process

    Following the very bumpy Mesa 17.3 releases, Mesa developers are currently discussing ideas for improving the release process moving forward.

    Mesa 17.3 was shipping with some nasty bugs that went uncaught among other issues leading some to feel that the 17.3 series has been their worst release in recent memory. But the good news is that's been igniting the discussion the past week about how to turn this situation around.

Server: Kubernetes, Apache Cassandra, and OpenStack Queens

Filed under
  • Container orchestration top trumps: Let's just pretend you don't use Kubernetes already

    Container orchestration comes in different flavours, but actual effort must be put into identifying the system most palatable.

    Yes, features matter, but so too does the long-term viability of the platform. There's been plenty of great technologies in the history of the industry, but what's mattered has been their viability, as defined by factors such as who owns them, whether they are open source (and therefore sustained by a community), or outright M&A.

    CoreOS, recently bought by Red Hat, offered Fleet. Fleet, alas for Fleet users, was discontinued because Kubernetes "won".

  • 6 ways Apache Cassandra prepares you for a multi-cloud future

    The incentives for enterprises to pursue a multi-cloud deployment strategy—a cloud-agnostic infrastructure, greater resilience, the flexibility that comes from not being reliant on any single vendor, to name just a few—have never been more compelling, and they are constantly increasing. Yes, the technological feat of implementing and managing deployments that straddle multiple clouds comes with some challenges. But as the need for this future-ready architecture increases, Apache Cassandra is a uniquely primed open source database solution for enabling such deployments.

  • How Containers Work in OpenStack Queens

    There are many different ways in which containers are used and enabled throughout the open-source OpenStack cloud platform. With the OpenStack Queens platform, which was released on Feb. 28, there are even more options than ever before.

    OpenStack has been supporting containers for several years, beginning with the nova-docker driver in the OpenStack Nova compute project that has now been deprecated. Among the different OpenStack container efforts in 2018 are Zun, Magnum, Kuryr, Kolla, LOCI, OpenStack-Helm and Kata containers.

  • The cost of hosting in the cloud

    Should we host in the cloud or on our own servers? This question was at the center of Dmytro Dyachuk's talk, given during KubeCon + CloudNativeCon last November. While many services simply launch in the cloud without the organizations behind them considering other options, large content-hosting services have actually moved back to their own data centers: Dropbox migrated in 2016 and Instagram in 2014. Because such transitions can be expensive and risky, understanding the economics of hosting is a critical part of launching a new service. Actual hosting costs are often misunderstood, or secret, so it is sometimes difficult to get the numbers right. In this article, we'll use Dyachuk's talk to try to answer the "million dollar question": "buy or rent?"

Software: VoIP, MAAS, Cozy, Calibre, KDE and GNOME

Filed under
  • Best Skype Alternatives for Linux

    When it comes to VoIP (voice over IP) calling, Skype is a popular choice. But Skype for Linux has some limitations, its not their premier platform, it comes with a cost and most importantly Skype isn’t open-source. So today we are going to have a look at the best Skype alternatives you can use on Linux. These alternatives will have lesser traffic compared to Skype and could prove to be very useful.

  • MAAS 2.4.0 Alpha 2 released!

    I’m happy to announce that MAAS 2.4.0 alpha 2 has now been released and is available for Ubuntu Bionic.

  • Cozy Audiobook Player for Linux adds HiDPI Support & Dark Mode

    A new version of Cozy, the GTK-based audiobook player for Linux desktops, is available to download. Cozy 0.5.6 isn’t a major update, but it does improve some welcome new features, including a new audiobook overview headed by tabs to switch switch between ‘recent’ listens, ‘author’ and ‘reader’ views.

  • Calibre 3.19 Supports PocketBook 740 Ereader

    Calibre is a free and open source EBook manager for Linux, MAC OS X and Microsoft Windows. Calibre team has announced the new release Calibre 3.19. The New release brought a quick support for the recently released PocketBook 740 Ereader.

    Calibre is a well managed EBook manager allows you to organize your EBook collections, edit EBooks with various types of formats, connecting to Ereader devices using wired and wireless connection, sharing and backing up your entire library, check the latest news and magazines from several news sources, and more.

  • Initial Plasma Mobile enablement on Librem 5 i.MX 6 test boards

    As many of you know, the Librem 5 phone will work with two options for your desktop environment, a GNOME based phone shell and Plasma Mobile. Working closely with the KDE community, we were able to install, run, and even see mobile network provider service on Plasma Mobile! The purpose of this article is to show the progress that has been made with Plasma Mobile on the current Librem 5 development board. Here, the setup steps and overcome challenges are highlighted.

  • Qt Creator 4.5.2 released

    We are happy to announce the release of Qt Creator 4.5.2!

    This release includes a workaround for an issue in Qt which makes Qt Creator’s summary progress bar and some other controls disappear (QTCREATORBUG-19716).

  • Network Stats Makes Its Way to Libgtop

    Hey there if you are reading this then probably network stats might be of some interest to you , but still if it doesn’t, just recall that while requesting this page you had your share of packets being transferred over the vast network and delivered to your system. I guess now you’d like to check out the work which has been going on in Libgtop and exploit the network stats details to your personal use.

  • Librsvg and Gnome-class accepting interns

    I would like to mentor people for librsvg and gnome-class this Summer, both for Outreachy and Summer of Code.

  • Slack's bait and switch

    We all know the real reason Slack has closed off their gateways. Their business model dictates that they should.

    Slack's business model is to record everything said in a workspace and then to sell you access to their record of your conversations.

today's howtos

Filed under

OSS Leftovers

Filed under
  • Internship programme to train students in open source

    Open source software provider SUSE, in partnership with Axiz and CTU Training Solutions, has introduced an internship programme aimed at upskilling graduates who seek a career in the open source field.

    According to SUSE, the programme, which combines both technical and theoretical skills, equips the 20 students with in-demand skills in Linux, cloud computing, storage, IT security, micro-services, and networking technologies, among others.

    The programme will also pair the students with companies seeking the right talent, allowing graduates to be absorbed into SUSE and Axiz partner/client organisations.

  • It's Happening: Substratum Network Announces Plan to Open-Source Its Software in Next Release

    Substratum Network ( is pleased to announce it will open-source its software in the next release to further its fight against cyber-censorship. Built as a foundation for the decentralized web, Substratum's mission is to ensure that all people have free and equal access to information, without impediment.

  • Anti-tracking browser extension Ghostery goes open source

    Ghostery, a provider of free software that makes your web browsing experience cleaner and safer by detecting and blocking third-party data-tracking technologies, announced that it is going open source and the code for its popular browser extension is now publicly available on GitHub.

    This move demonstrates Ghostery’s commitment to transparency, empowering the public to see how Ghostery works and what types of data it collects, as well as the ability to make contributions to its source code.

  • China develops open-source platform for AI development

    China has developed an open-source artificial intelligence platform as part of its plan to become a world leader in the technology by 2030, the country’s science and technology minister said, according to the Business Standard.

    “Open-source platforms are needed because AI can play a bigger role in development and make it easier for entrepreneurs to have access to resources,” Wan Gang said at a press conference.

  • Creating an Open Source Program for Your Company

    The recent growth of open source has been phenomenal; the latest GitHub Octoverse survey reports the GitHub community reached 24 million developers working across 67 million repositories. Adoption of open source has also grown rapidly with studies showing that 65% of companies are using and contributing to open source. However, many decision makers in those organizations using and contributing to open source do not fully understand how it works. The collaborative development model utilized in open source is different from the closed, proprietary models many individuals are used to, requiring a change in thinking.

    An ideal starting place is creating a formal open source program office, which is a best practice pioneered by Google and Facebook and can support a company’s open source strategy. Such an office helps explain to employees how open source works and its benefits, while providing supporting functions such as training, auditing, defining policies, developer relations and legal guidance. Although the office should be customized to a specific organization’s needs, there are still some standard steps everyone will go through.

  • Best 10 Free Accounting Software Packages for Small Business

    GnuCash provides a simple approach to bookkeeping and accounting for small businesses. This free accounting software is available for Android, Linux, Windows, OS X, FreeBSDm GNU and OpenBSD. The software manages invoices, accounts payable and receivable, as well as employee expenses and some payroll features.

  • Two new entries for the GNU Licenses FAQ

    We recently made some new additions to our resource Frequently Asked Questions about the GNU Licenses (FAQ). The FAQ is one of our most robust articles, covering common questions for using and understanding GNU licenses. We are always looking to improve our materials, so this week we've made some fresh updates.

    The first is an update to our entry on using works under the GNU General Public License (GPL) on a Web site. This entry explains that people are free to use modified versions of GPL'ed works internally without releasing source code, and that using GPL'ed code to run your site is just a special case of that. The problem was that the entry went on to explain how things are different when it comes to the Affero GNU General Public License (AGPL). That transition in the old entry wasn't quite as elegant as we would have liked, and so people were often writing to us to ask for clarification. They were getting confused about whether the comments on the AGPL also applied to the GPL. So we've updated that entry, and moved the information on the AGPL to its own entry. The updated text and new entry were both created by long-time licensing team volunteer Yoni Rabkin.

  • Can we automate open behaviors?

    When I began studying sales training and giving sales seminars, I realized I was discovering a few basic principles. These principles were applicable anywhere in the world—and they were as true in the past as they will be in the future. They pertained to fundamental aspects of my work: Finding customers, meeting customers, learning what customers want, choosing a product or service that would satisfy customers' needs, etc. One can enact these principles in various, situational ways. But the principles themselves are constant.

    Open organizations operate according to principles, too: transparency, inclusivity, adaptability, collaboration, and community. We can relate those principles to specific behaviors that propel the principles forward and keep them firmly rooted as part of the organization's culture.


  • Google NSynth Super puts Magenta AI into open-source synthesizer

    Google’s Magenta AI has spawned an unexpected hardware device, the NSynth Super synthesizer that uses machine learning to create new sounds. Based on the Magenta research project, it’s built using the NSynth neutral synthesizer that Google released last year, embodying the AI smarts in a tactile physical interface.

  • Open Source Hardware Video Game Music Player

    [Aidan Lawrence] likes classic synthesized video game music in the same way that other people “like” breathing and eating. He spent a good deal of 2017 working on a line of devices based on the Yamaha YM2612 used in the Sega Genesis to get his feet wet in the world of gaming synths, and is now ready to take the wraps off his latest and most refined creation.

  • ONF Launches New Open Source SDN Switching Platform – Stratum

    The Open Networking Foundation (ONF) is creating a new open source project that stems largely from Google’s desire for programmable white boxes that are easily interchangeable.

    The new project, named Stratum, will create a reference platform for a truly software-defined data plane along with a new set of software-defined networking (SDN) interfaces. Its goal is to provide a white box switch and an open software system.

  • Google Seeds Latest SDN Effort

    Google contributed code to an open-source project organized by the Open Networking Foundation (ONF), the latest effort in software-defined networks (SDNs). Stratum will use the P4 programming language and a handful of open-source interfaces to manage large networks for data centers and carriers.

    The group aims to release open-source code early next year, available on multiple networking chips and systems. So far, the project consists of a handful of software companies along with five chip vendors, five potential users, and four OEMs, including Barefoot Networks, Broadcom, Cavium, China Unicom, Dell EMC, Mellanox, and Tencent.

Red Hat Leftovers

Filed under
Red Hat

Mozilla Leftovers: New Release of Firefox and Lots More

Filed under
  • Latest Firefox available to users where they browse the web — laptop, Fire TV and the office. Plus, a chance to help with the next Firefox release!
  • Firefox 59 “Quantum” released

    Mozilla has released its Firefox 59.0 “Quantum” browser.

    The browser supports GNU/Linux, macOS, and Microsoft Windows desktop operating systems, and iOS and Android mobile devices.

  • Firefox 59 released, these are the key changes
  • Mozilla's Firefox 59 Released, New Agones Project, SparkyLinux 5.3 Available, Hunt for Exoplanets and More

    Mozilla's Firefox 59 is available for download. See the wiki for more information on its new features, including the "option to stop websites from asking to send notifications or access your device's camera, microphone, and location".

  • IT Pros and CIOs: sign up to try Firefox Quantum for Enterprise
  • Mozilla Open Policy & Advocacy Blog: Mozilla files response to European Commission ‘Fake news and online disinformation’ public consultation
  • Can Chrome Sync or Firefox Sync be trusted with sensitive data?
  • Mozilla Foundation is seeking a VP, Leadership Programs

    One of Mozilla’s biggest strengths is the people — a global community of engineers, designers, educators, lawyers, scientists, researchers, artists, activists and every day users brought together with the common goal of making the internet healthier.

    A big part of Mozilla Foundation’s focus over the past few years has been increasing both the size and diversity of this community and the broader moveme. In particular, we’ve run a series of initiatives — the Internet Health Report, MozFest, our fellowships and awards — aimed at connecting and supporting people who want to take a leadership role in this community. Our global community is the lynchpin in our strategy to grow a global movement to create a healthier digital world.

  • Side projects and swag-driven development

    Another option I keep hearing is to push Mozilla leadership into making side-projects real. That seems like a good option and I think it happens periodically. I sort of did this with Bleach. I spent tons of time trying to get Bleach turned into a real project and it sort of is now.

    Based on that experience, I think it requires a bunch of people and meetings to come to a consensus on validating the project's existence which is a lot of work and takes a lot of time. It's important that projects paid for by budgets have impact and value and all that--I get that--but the work to get a side-project to that point is unpleasant and time-consuming. I bet many side-projects can't pass muster to become a real project. I think what happens instead is that side-projects continue to exist in the misty "there be dragons" part of the Mozilla universe map until the relevant people leave and stuff breaks.

    There are probably other options.

    I've been wondering about an option where where the maintainers aren't locked into choosing between walking away and guilt-driven development for a project that's important, but for some reason doesn't have a critical mass and doesn't pass muster enough to turn into a real project.

    I started wondering if my problem with Standups is two fold: first, I have no incentive to work on it other than bad feelings, and second, it's a free service so no one else has incentive to work on it either.

    One incentive is getting paid in money, but that's messy, problematic, and hard to do. But what if we used a different currency? There's a lot of swag at Mozilla. What if we could use swag to drive development?

  • So, How’s Screenshots Doing?

    It’s been a bit over five months since we launched Firefox Screenshots in Firefox 56, and I wanted to take a moment to reflect on what’s happened so far and to look forward to what’s coming next.

    So far, our users have taken more than 67 million screenshots. This is a big number that makes my manager happy, but more interesting is how we got here.

  • March Add(on)ness is here

    Winter’s icy hand is releasing its grip, birds are returning from southern migration which means it’s that time of year where people everywhere rank things, put them in brackets and have them compete for bragging rights over who’s the best. It’s time for March Add(on)ness!

  • A Truly Responsive WebXR Experiment: A-Painter XR

    In our posts announcing our Mixed Reality program last year, we talked about some of the reasons we were excited to expand WebVR to include AR technology. In the post about our experimental WebXR Polyfill and WebXR Viewer, we mentioned that the WebVR Community Group has shifted to become the Immersive Web Community Group and the WebVR API proposal is becoming the WebXR Device API proposal. As the community works through the details of these these changes, this is a great time to step back and think about the requirements and implications of mixing AR and VR in one API.

Openwashing: Plus Codes, 'Open Innovation,' and Vatican

Filed under
  • Google Maps wants to simplify Indian address with open-source Plus Codes
  • Google’s new ‘Plus Codes’ are an open source, global alternative to street addresses [Ed: No, it is not "open source"; it makes addresses proprietary and more strictly controlled by Google]

    Google frequently touts that the “next billion users” will come from developing nations with different focuses and needs. To that end, the company has developed a number of optimized services, with the latest being a “simple and consistent addressing system that works across India and globally.

  • Time for 'Open Innovation,' Not Just Open Source

    Embedded open source software not only works; most our world runs on it today. That said, the real story is open innovation, of which open source licenses are simply one part.

    We can all agree that open source revolutionized the software industry. The effect has been profound on every segment from enterprise software to search and social networking. But it wasn’t always that way.  The late Jim Ready, founding father of embedded open source software, told me once that his early prospects told him that open source wouldn’t fly because they wouldn’t trust their code to a bunch of teenagers in some far-off part of the world. 

    Well, guess what? Embedded open source software not only works; most our world runs on it today.

    That said, the real story is open innovation, of which open source licenses are simply one part. Open innovation means looking outside traditional corporate silos to harness the collective knowledge of a global community of developers and using that community to create new and transformative things.  Open innovation in software is enabled by many things: GitHub, app stores and crowdsourcing platforms like Topcoder (founded by our investor and director Jack Hughes) being just a few. Once enabled, though, the innovation potential of this crowd is mind boggling.

  • Inside the Vatican's First-Ever Hackathon [iophk: "misuse of the term hackathon; hackathons are collaborative, this was an app contest not a hackathon"]


    They received consultation from 40 on-site mentors, many of whom represented Microsoft, Google, and other corporate sponsors of the event who taught the participants how to use their company’s tools and technologies [...]

Security Leftovers

Filed under
  • Hidden For 6 Years, ‘Slingshot’ Malware Hacks Your PC Through Your Router
  • Security updates for Tuesday
  • Microsoft Admits It Incorrectly Upgraded Some Windows 10 Users to v1709 [Ed: Windows Update is technically (not a joke) a botnet. It takes over people's PCs and hands them over for Microsoft to use up their CPU and bandwidth. Microsoft has ignored users' "update" settings since at least Windows XP days.]

    Microsoft admitted last week that it incorrectly updated some Windows 10 users to the latest version of the Windows 10 operating system —version 1709— despite users having specifically paused update operations in their OS settings.

    The admission came in a knowledge base article updated last week. Not all users of older Windows versions were forcibly updated, but only those of Windows 10 v1703 (Creators Update).

    This is the version where Microsoft added special controls to the Windows Update setting section that allow users to pause OS updates in case they have driver or other hardware issues with the latest OS version.

  • We Still Need More HTTPS: Government Middleboxes Caught Injecting Spyware, Ads, and Cryptocurrency Miners

    Last week, researchers at Citizen Lab discovered that Sandvine's PacketLogic devices were being used to hijack users' unencrypted internet connections, making yet another case for encrypting the web with HTTPS. In Turkey and Syria, users who were trying to download legitimate applications were instead served malicious software intending to spy on them. In Egypt, these devices injected money-making content into users' web traffic, including advertisements and cryptocurrency mining scripts.

    These are all standard machine-in-the-middle attacks, where a computer on the path between your browser and a legitimate web server is able to intercept and modify your traffic data. This can happen if your web connections use HTTP, since data sent over HTTP is unencrypted and can be modified or read by anyone on the network.

    The Sandvine middleboxes were doing exactly this. On Türk Telekom’s network, it was reported that when a user attempted to download legitimate applications over HTTP, these devices injected fake "redirect" messages which caused the user’s browser to fetch the file from a different, malicious, site. Users downloading common applications like Avast Antivirus, 7-Zip, Opera, CCleaner, and programs from had their downloads silently redirected. Telecom Egypt’s Sandvine devices, Citizen Lab noted, were using similar methods to inject money-making content into HTTP connections, by redirecting existing ad links to affiliate advertisements and legitimate javascript files to cryptocurrency mining scripts.

  • Let’s Encrypt takes free “wildcard” certificates live
  • GuardiCore Upgrades Infection Monkey Open Source Cyber Security Testing Tool
  • A Guide To Securing Docker and Kubernetes Containers With a Firewall
  • How IBM Helps Organizations to Improve Security with Incident Response

    Protecting organizations against cyber-security threats isn't just about prevention, it's also about incident response. There are many different organizations that provide these security capabilities, including IBM X-Force Incident Response and Intelligence Services (IRIS), which is led by Wendi Whitmore.

    In the attached video interview Whitmore explains how incident response works and how she helps organizations to define a winning strategy. Succeeding at incident response in Whitmore's view, shouldn't be focused just on prevention but on building a resilient environment.

Syndicate content

More in Tux Machines

lkml: remove eight obsolete architectures

In the end, it seems that while the eight architectures are extremely different, they all suffered the same fate: There was one company in charge of an SoC line, a CPU microarchitecture and a software ecosystem, which was more costly than licensing newer off-the-shelf CPU cores from a third party (typically ARM, MIPS, or RISC-V). It seems that all the SoC product lines are still around, but have not used the custom CPU architectures for several years at this point. Read more

If you hitch a ride with a scorpion… (Coverity)

I haven’t seen a blog post or notice about this, but according to the Twitters, Coverity has stopped supporting online scanning for open source projects. Is anybody shocked by this? Anybody? [...] Not sure what the story is with Coverity, but it probably has something to do with 1) they haven’t been able to monetize the service the way they hoped, or 2) they’ve been able to monetize the service and don’t fancy spending the money anymore or 3) they’ve pivoted entirely and just aren’t doing the scanning thing. Not sure which, don’t really care — the end result is the same. Open source projects that have come to depend on this now have to scramble to replace the service. [...] I’m not going to go all RMS, but the only way to prevent this is to have open tools and services. And pay for them. Read more

Easily Fund Open Source Projects With These Platforms

Financial support is one of the many ways to help Linux and Open Source community. This is why you see “Donate” option on the websites of most open source projects. While the big corporations have the necessary funding and resources, most open source projects are developed by individuals in their spare time. However, it does require one’s efforts, time and probably includes some overhead costs too. Monetary supports surely help drive the project development. If you would like to support open source projects financially, let me show you some platforms dedicated to open source and/or Linux. Read more

KDE: Kdenlive, Kubuntu, Elisa, KDE Connect

  • Kdenlive Café #27 and #28 – You can’t miss it
    Timeline refactoring, new Pro features, packages for fast and easy install, Windows version and a bunch of other activities are happening in the Kdenlive world NOW!
  • Kubuntu 17.10 Guide for Newbie Part 9
    This is the 9th article, the final part of the series. This ninth article gives you more documentations to help yourself in using Kubuntu 17.10. The resources are online links to certain manuals and ebooks specialized for Kubuntu basics, command lines usage, software installation instructions, how to operate LibreOffice and KDE Plasma.
  • KDE's Elisa Music Player Preparing For Its v0.1 Released
    We have been tracking the development of Elisa, one of several KDE music players, since development started about one year ago. Following the recent alpha releases, the KDE Elisa 0.1 stable release is on the way. Elisa developers are preparing the Elisa v0.1 release and they plan to have it out around the middle of April.
  • KDE Connect Keeps Getting Better For Interacting With Your Desktop From Android
    KDE Connect is the exciting project that allows you to leverage your KDE desktop from Android tablets/smartphones for features like sending/receiving SMS messages from your desktop, toggling music, sharing files, and much more. KDE Connect does continue getting even better.
  • First blog & KDE Connect media control improvements
    I've started working on KDE Connect last November. My first big features were released yesterday in KDE Connect 1.8 for Android, so cause for celebration and a blog post! My first big feature is media notifications. KDE Connect has, since it's inception, allowed you to remotely control your music and video's. Now you can also do this with a notification, like all Android music apps do! So next time a bad song comes up, you don't need to switch to the KDE Connect app. Just click next on the notification without closing you current app. And just in case you don't like notifications popping up, there's an option to disable it.