Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 19 Sep 20 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

VIA’s unfortuante open source deja vu

Filed under
Hardware
OSS

blogs.the451group: Deja vu, the experience of experiencing something that you feel you’ve experienced before, hit me while reading about hardware maker VIA and its latest forays and fumbles in open source.

“OS Wars: The Movie” - Cast Of Actors

Filed under
OS

bizriver.com: In a not too distant present, at a not too distant Interweb, you will bear witness to one of the greatest dramas of our time. An epic battle between equally powerful forces as they struggle for dominance and the hearts and minds of the “Now” generation. I introduce to you, now, the cast of “OS Wars: The Movie”

Linux File Systems: Ready for the Future?

Filed under
Linux

earthweb.com: My article three weeks ago on Linux file systems set off a firestorm unlike any other I've written in the decade I've been writing on storage and technology issues. My intentions were to relate my experience as an HPC storage consultant and my knowledge of file systems and operating systems to advise readers on the best course of action.

Hands on: Plasma continues to advance in KDE 4.1 beta 1

Filed under
KDE

arstechnica.com: The KDE development community has issued the first official KDE 4.1 beta. This release includes the Kontact PIM suite and significant improvements to KDE's Plasma desktop layer.

Give Me 3 Synths, Part 3

Filed under
Software

linuxjournal.com: In this final installment to the series I'll double your reading pleasure by presenting two new Linux softsynths. Such a deal, two reviews for the price of one!

Quick look at Kubuntu 8.04 KDE 4 Remix

Filed under
KDE
Ubuntu

Frederik's Blog: A few weeks ago, a researcher at work received a new HP 6910p laptop. As he's a Kubuntu Linux user, we decided to try the new Kubuntu 8.04 KDE 4 remix to get an idea of all the new features in KDE 4.

The Browser Wars : Firefox, Opera, Safari, Internet Explorer and Flock

Filed under
Software

aren-fly.blogspot: Things have finally started moving back towards a level playing field. Internet Explorer’s dominancy is no longer absolute, and web surfers now have lots of choice when deciding which browser they should use.

Novell ushers in Moonlight

Filed under
Software

linux.com: Earlier this month Novell quietly released Moonlight -- a Linux client for Microsoft's Silverlight technology. Silverlight is a .Net-based cross-browser, cross-platform plugin for delivering rich media to the Internet. In a nutshell, it is Microsoft's version of Adobe Flash.

Also: Mono, The Road To Hell: Final Proof

some howtos:

Filed under
HowTos
  • How to Add a Feature to Perl 5

  • Install Nvidia Video Drivers and AWN on Fedora 9
  • Screencasts in Ubuntu, part 1
  • Add keyboard shortcuts with KeyTouch
  • Ebuild Protip: Use emerge --debug to figure out what's happening
  • Linux / UNIX View Only Configuration File Directives
  • Argument list too long
  • Ubuntu Tip:How To Get Flash Working in Opera 9.27

Firefox 3 will Kill 3 Birds with 1 Stone

Filed under
Moz/FF

junauza.com: The release date of the third major edition of the hottest web browser on the planet is just around the corner. Firefox has really come a long way and has already revolutionized the way people browse the web. Let's look ahead and analyze the potential impact of this forthcoming mega release.

Also: Firefox 3: The Semantic Web Browser?

Interview: Joel Cohen, writer and associate producer of The Simpsons

Filed under
Linux
Interviews

redhatmagazine.com: Joel Cohen is an Emmy award-winning writer and associate producer of The Simpsons. He’s also a keynote speaker at the Red Hat Summit this June. The show is all hand-drawn and digitally animated, and the movie was too. For that purpose, crudely animated scenes were produced with Red Hat Enterprise Linux.

Burn Your CDs and DVDs! K3b Review

Filed under
Software

vivapinkfloyd.blogspot: K3b is the KDE CD/DVD burner, capable of burning data CDs/DVDs, as well as CD/DVD ISO images, create audio CDs, rip audio CDs and video DVDs. Statistics show it is the favourite burning application of Linux users.

Compiz 0.7.6 Released

Filed under
Software

phoronix.com: Just shy of two months since Compiz 0.7.4 was released, Compiz 0.7.6 is now available. This update has a rewritten Place plug-in to dramatically improve multi-output behavior, configurable multi-output behavior, removed plane plug-in in favor of the wall plug-in, removed cube wallpaper painting in favor of the Compiz Fusion wallpaper plug-in, panel and desktop selection mode is now available in the switcher plug-in, and improved painting behavior.

PCMan Lightweight Alternative File Manager

Filed under
Software

tombuntu.com: PCMan File Manager (or PCManFM) is a lightweight alternative to GNOME’s Nautilus file manager or Konqueror/Dolphin in KDE. I found it to be an excellent option for more sophisticated GNOME users, as well as those with slower computers.

Slitaz Linux 20080518: Pretty, but not very useful

Filed under
Linux

techiemoe.com: Slitaz is one of an increasing number of distributions that came to me out of the blue via a random suggestion. These are quickly becoming my favorites because very often I'm pleasantly surprised by them. At just about 25 megabytes, Slitaz qualifies for the "ultra-lightweight" division.

Will we Ever Have a GPL Test Case?

Filed under
OSS

ostatic.com: The GNU General Public License is nearly 20 years old (version 1 came out in 1989). In that time there have been at least 100 million lawsuits filed in the US (and that's a conservative estimate). Amazingly enough, not one of those millions of court cases has actually tested the GPL's validity. How can that be - and is it a problem for the open source software movement?

Fedora Nightlife Project Harnesses Idle Computer Power

ostatic.com: Nightlife will give people the ability "to donate idle capacity from their own computers to an open, general-purpose Fedora-run grid for processing socially beneficial work and scientific research that requires access to large amounts of computing power.

Firefox takes aims at wrong record

Filed under
Moz/FF

daniweb.com/blogs: Now I am not averse to a little innovative marketing, and let's face it Mozilla and Firefox certainly know how to milk the hyperbole cow, but I cannot help but wonder if downloads in a day is the record they ought to be aiming at.

Review: Mandriva Linux 2008 Spring

Filed under
MDV

linux.com: Last month Mandriva announced its latest Spring edition. Despite a few minor glitches, after several weeks of testing the two Mandriva flavors, I have finally come across a distro that gives you the best of the GNU/Linux and proprietary worlds in terms of ease of use, range of software, and stability.

Gnome "2.24 Maybe" Apps

Filed under
Software

ibeentoubuntu.com: Right now, there are three applications proposed for the Gnome desktop which are not out of the running, but definitely aren't near crossing the finish line.

Syndicate content

More in Tux Machines

The Top 50 Programming Languages to Learn Coding

Gone are the days when a handful of people were considered as top computer programmers and developers. The dawn of the digital age has now made it possible to everyone to play with codes and write a computer program. What all this need is to have a solid grasp of emerging technology and programming languages. However, it is not as easy as it seems since there are a large number of programming languages out there and choosing one and master in it might be challenging. Thus, before getting started into the world of coding, you must make the right choice and come up with the one that best suited for you. Read more Also: How to use C++ Pointers

Free Software and OSS Leftovers

  • Benefits Of Using Odoo For Small Businesses

    In this tutorial, we will be showing you how using Odoo can benefit a small or medium-sized business. As times have progressed, businesses big and small have become more complex in their operations. With several departments having to function and share information to one another, the need for an integrated system has grown by leaps and bounds. More and more small business are implementing ERP systems. In fact, once an ERP system is implemented, it often becomes the backbone of many corporate-scale businesses. Such systems can seamlessly integrate business lifecycles, such as production, inventory management, order processes, and more. An example of this system would be Odoo, one of the most popular ERP systems currently available.

  • Best WordPress Backup Plugins 2020

    It is at most important to keep multiple backups of your WordPress site. In case the website is compromised or any plugin update breaks your site, WordPress backups can help you restore it quickly. Mainly, a WordPress site consists of three important parts, the database, user-created files such as plugins, themes, and uploaded files, and finally the WordPress core files. If anyone of these three parts is missing or corrupted, the website will not function properly or will not function at all. When we create a backup, we create a backup of the site database and the user-created files. WordPress core files can be downloaded and installed separately.

  • FSF: Volunteers needed: Help maintain our webmail page

    The Free Software Foundation (FSF) needs your help! We are looking for several reliable volunteers to keep our Free Software Webmail Systems page up to date, and respond to community questions about webmail programs as they come in. Between 1,000 and 2,000 visitors check out this resource every month, and we want to make sure our recommendations are accurate! If you're interested, please contact us at campaigns@fsf.org. Our Free Software Webmail Systems page is used to share resources for people interested in using their email over the Web without compromising their freedom. Many webmail systems meet at least some of our standards for respecting users, including compliance with GNU LibreJS standards, but they're constantly changing, and new services are popping up every day. When sites listed on this page change their services for the better or the worse, they don't tend to notify us, which means that some vigilance is required to make sure that this resource stays useful.

  • Parsing PAN-OS logs using syslog-ng

    Version 3.29 of syslog-ng was released recently including a user-contributed feature: the panos-parser(). It is parsing log messages from PAN-OS (Palo Alto Networks Operating System). Unlike some other networking devices, the message headers of PAN-OS syslog messages are standards-compliant. However, if you want to act on your messages (filtering, alerting), you still need to parse the message part. The panos-parser() helps you create name-value pairs from the message part of the logs. From this blog you can learn why it is useful to parse PAN-OS log messages and how to use the panos-parser().

  • Intel Releases HAXM 7.6.5 Execution Manager

    Intel has debuted a new version of HAXM, its Hardware-Accelerated Execution Manager that serves as an accelerator for the Android Emulator and QEMU via Intel VT enabled CPUs.

  • Update devices remotely with this open source tool

    The ability to access, connect, and manage multiple devices remotely through a single account is important. Going a step further, being able to completely update devices remotely is another way for sysadmins to reduce effort and minimize headaches. UpdateHub is an open source solution that allows you to do complete device updates, including firmware and bootloaders, remotely. Its goal is to make it easier to do device updates and reduce rework and risk, whether you're updating thousands of devices or managing small deployments. UpdateHub handles all aspects of over-the-air (OTA) updates, including package integrity and authenticity, while you take care of your other work.

  • Daniel Stenberg: My first 15,000 curl commits

    I’ve long maintained that persistence is one of the main qualities you need in order to succeed with your (software) project. In order to manage to ship a product that truly conquers the world. By continuously and never-ending keeping at it: polishing away flaws and adding good features. On and on and on.

Graphics: Taiwins 0.2, Etnaviv, V3DV, Libre-SOC, X.Org/FreeDesktop.org and More

  • Taiwins 0.2 is out
    Hi all,
    
    A long while ago [1]. I introduced the Taiwins wayland compositor. It was
    built upon libweston. It turned out despite my attempts, I couldn't get my
    patches to merge in libweston. Libweston has quite a few bugs and missing
    features to fit the role of a daily driver.
    
    These past few months, Taiwins was going through a long refactoring process
    in migrating from libweston. Today, taiwins uses a very thin layer of
    wlroots for hardware abstraction, the next release will target on removing
    the reliance of wlroots as well. Today it has the features of:
    
    - dynamic window management.
    - extensible and easy configuration through lua.
    - very efficient GL renderer, updates only the damages.
    - a widget system and you can create widgets through lua as well.
    - built-in shell and application launcher.
    - configurable theme.
    - emacs-like key sequence based binding system.
    - built-in profiler and rendering debugger.
    
    Along the way, I developed Twobjects [2], a backend agnostic wayland object
    implementation for compositors. This library implements basic wayland
    protocols as well as various other wayland protocols like 'xdg-shell' and
    many more. Using twobjects, you can focus on building your own unique
    features for the compositor and let it handle the most tedious protocol
    implementations.It doesn't expose everything as `wl_signals` like wlroots
    does, so you don't need to write additional glue code for it.
    
    Taiwins is still in development but missing features are getting less and
    less, you can check out its website https://taiwins.org or if you would
    like to help, check out the project page https://github.com/taiwins/taiwins
    for getting started.
    
    Thanks,
    Xichen
    
    
  • Taiwins 0.2 Released As Modular Wayland Compositor That Supports Lua Scripting

    Back in May the Taiwins Wayland compositor was announced as a compact compositor based on Libweston while Thursday marked its second release. With Taiwins 0.2 the switch was made from using libweston as a basis for the compositor to now using Sway's WLROOTS library. Libweston was dropped over open bugs and other issues and in part the ability to get patches easily merged back into upstream libweston. So with the shortcomings of the Weston library, Taiwins 0.2 is now running on WLROOTS. However, by the next release they hope to have their thin layer over WLROOTS removed so that library isn't needed either.

  • Etnaviv Gallium3D Adds On-Disk Shader Cache Support

    Etnaviv as the open-source, reverse-engineered OpenGL graphics driver for Vivante graphics IP now has support for an on-disk shader cache.

  • V3DV Developers Lay Out Plans For Upstreaming The Raspberry Pi 4 Vulkan Driver In Mesa

    Building off the V3DV driver talk at XDC2020 about this open-source Vulkan driver for the Raspberry Pi 4 driver, the Igalia developers responsible for this creation have laid out their plans on getting this driver upstream within Mesa. In a mailing list post today they note they are down to just 18 test cases failing for the Vulkan CTS while 106,776 tests are passing for this Vulkan Conformance Test Suite. Vulkan games like the respun versions of Quake 1-3 and OpenArena are working along with various game emulators. Various Vulkan demos also run well too.

  • Libre-SOC Still Persevering To Be A Hybrid CPU/GPU That's 100% Open-Source

    The project that started off as Libre-RISC-V with aims to be a Vulkan accelerator but then decided on the OpenPOWER ISA rather than RISC-V is still moving ahead under the "Libre-SOC" branding. Libre-SOC continues to be led by Luke Kenneth Casson Leighton and this week he presented both at the OpenPOWER Summit and X.Org Developers' Conference (XDC2020) on his Libre-SOC dreams of having a 100% fully open SoC on both the software and hardware sides while being a hybrid CPU/GPU. Similar to the original plans when targeting RISC-V that it would effectively be a SoC but with new vector instructions optimized for graphics workloads, that's still the plan albeit now using OpenPOWER as a base.

  • X.Org Is Getting Their Cloud / Continuous Integration Costs Under Control

    You may recall from earlier this year that the X.Org/FreeDesktop.org cloud costs were growing out of control primarily due to their continuous integration setup. They were seeking sponsorships to help out with these costs but ultimately they've attracted new sponsors while also better configuring/optimizing their CI configuration in order to get those costs back at more manageable levels.

  • Intel Submits More Graphics Driver Updates For Linux 5.10

    Building off their earlier Intel graphics driver pull request of new material queuing ahead of the Linux 5.10 cycle, another round of updates were submitted on Friday.

  • Mike Blumenkrantz: Long Week

    Once again, I ended up not blogging for most of the week. When this happens, there’s one of two possibilities: I’m either taking a break or I’m so deep into some code that I’ve forgotten about everything else in my life including sleep. This time was the latter. I delved into the deepest parts of zink and discovered that the driver is, in fact, functioning only through a combination of sheer luck and a truly unbelievable amount of driver stalls that provide enough forced synchronization and slow things down enough that we don’t explode into a flaming mess every other frame. Oops. I’ve fixed all of the crazy things I found, and, in the process, made some sizable performance gains that I’m planning to spend a while blogging about in considerable depth next week. And when I say sizable, I’m talking in the range of 50-100% fps gains.

  • Watch the ACO shader compiler and Vulkan Ray Tracing talks from XDC 2020

    With XDC 2020 (X.Org Developers Conference) in full swing, we've been going over the various presentations to gather some interesting bits for you. Here's more on the ACO shader compiler and Vulkan Ray Tracing. You can find more info on XDC 2020 in the previous article, and be sure not to miss our round-up of Valve developer Pierre-Loup Griffais talk about Gamescope. More talks were done across yesterday, with the first one we're mentioning here being from Timur Kristóf who is currently a contractor for Valve who talked about ACO (the newer Mesa shader compiler for AMD graphics). The idea behind ACO which Valve announced back in 2019, for those not aware, is to give a smoother Linux gaming experience with less (or no) stuttering with Vulkan with faster compile times for shaders. Kristóf goes over lots of intricate details from being in the experimental stages to eventually the default in Mesa with it now having support across 5 different generations of AMD GPUs.

Security Leftovers

  • Zerologon – hacking Windows servers with a bunch of zeros

    The big, bad bug of the week is called Zerologon. As you can probably tell from the name, it involves Windows – everyone else talks about logging in, but on Windows you’ve always very definitely logged on – and it is an authentication bypass, because it lets you get away with using a zero-length password. You’ll also see it referred to as CVE-2020-1472, and the good news is that it was patched in Microsoft’s August 2020 update.

  • Rethinking Security on Linux: evaluating Antivirus & Password Manager solutions

    Recently I had an experience that let me re-evaluate my approach to Security on Linux. I had updated my Desktop computer to the latest openSUSE Leap (15.2) version. I also installed the proprietary Nvidia drivers. At random points during the day I experienced a freeze of my KDE desktop. I cannot move my mouse or type on my keyboard. It probably involves Firefox, because I always have Firefox open during these moments. So for a couple of days, I try to see in my logs what is going on. In /var/log/messages (there is a very nice YaST module for that) you can see the latest messages. Suddenly I see messages that I cannot explain. Below, I have copied some sample log lines that give you an impression of what was happening. I have excluded the lines with personal information. But to give you an impression: I could read line for line the names, surnames, addresses and e-mail addresses of all my family members in the /var/log/messsages file. [...] I needed to find out what was happening. I needed to know if a trojan / mallware was trying to steal my personal information. So I tried searching for the ZIP archive which was referenced. This might still be stored somewhere on my PC. I used KFind to lookup all files which were created in the last 8 hours. And then I found a lot of thumbnail files which were created by… Gwenview. Stored in a temp folder. I started to realize that it might not be a hack, but something that was rendering previews, just like in Gwenview. I checked Dolphin and detected that I had the preview function enabled. I checked the log files again. Indeed, whenever I had opened a folder with Dolphin, all Word and Excel files in that folder were ‘processed’. I browsed several folders after deleting Calligra and there were no more log lines added. I re-installed the Calligra suite and noticed the calligra-extras-dolphin package. I browsed the same folders and indeed, the log lines started appearing all over again. I had found the culprit. It wasn’t a hack.

  • New vulnerabilities allow hackers to bypass MFA for Microsoft 365

    Critical vulnerabilities in multi-factor authentication (MFA) implementation in cloud environments where WS-Trust is enabled could allow attackers to bypass MFA and access cloud applications such as Microsoft 365 which use the protocol according to new research from Proofpoint. As a result of the way Microsoft 365 session login is designed, an attacker could gain full access to a target's account including their mail, files, contacts, data and more. At the same time though, these vulnerabilities could also be leveraged to gain access to other cloud services from Microsoft including production and development environments such as Azure and Visual Studio. Proofpoint first disclosed the these vulnerabilities publicly at its virtual user conference Proofpoint Protect but they have like existed for years. The firm's researchers tested several Identity Provider (IDP) solutions, identified those that were susceptible and resolved the security issues.

  • NIST Password Guidelines

    The National Institute of Standards and Technology (NIST) defines security parameters for Government Institutions. NIST assists organizations for consistent administrative necessities. In recent years, NIST has revised the password guidelines. Account Takeover (ATO) attacks have become a rewarding business for cybercriminals. One of the members of the top management of NIST expressed his views about traditional guidelines, in an interview “producing passwords that are easy to guess for bad guys are hard to guess for legitimate users.” (https://spycloud.com/new-nist-guidelines). This implies that the art of picking the most secure passwords involves a number of human and psychological factors. NIST has developed the Cybersecurity Framework (CSF) to manage and overcome security risks more effectively.

  • Steps of the cyber kill chain

    The cyber kill chain (CKC) is a traditional security model that describes an old-school scenario, an external attacker taking steps to penetrate a network and steal its data-breaking down the attack steps to help organizations prepare. CKC is developed by a team known as the computer security response team. The cyber kill chain describes an attack by an external attacker trying to get access to data within the perimeter of the security Each stage of the cyber kill chain shows a specific goal along with that of the attacker Way. Design your Cyber Model killing chain surveillance and response plan is an effective method, as it focuses on how the attacks happen. Stages include,

  • Security updates for Friday

    Security updates have been issued by Arch Linux (chromium and netbeans), Oracle (mysql:8.0 and thunderbird), SUSE (rubygem-rack and samba), and Ubuntu (apng2gif, gnupg2, libemail-address-list-perl, libproxy, pulseaudio, pure-ftpd, samba, and xawtv).

  • The new BLESA Bluetooth security flaw can keep billions of devices vulnerable

    Billions of smartphones, tablets, laptops, and Linux-based IoT devices are now using Bluetooth software stacks that are potentially susceptible a new security flaw. Titled as BLESA (Bluetooth Low Energy Spoofing Attack), the vulnerability impacts devices running the Bluetooth Low Energy (BLE) protocol.

  • Are you backing up ransomware with your data?
  •              
  • German Hospital Hacked, Patient Taken to Another City Dies
                     
                       

    German authorities said Thursday that what appears to have been a misdirected hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment.

  •  
  • Woman dies during a ransomware attack on a German hospital [iophk: Windows kills]
                     
                       

    The cyberattack was not intended for the hospital, according to a report from the German news outlet RTL. The ransom note was addressed to a nearby university. The attackers stopped the attack after authorities told them it had actually shut down a hospital.

  •                
  • Windows Exploit Released For Microsoft ‘Zerologon’ Flaw
                     
                       

    Proof-of-concept (PoC) exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies’ Active Directory domain controllers (DCs).

                       

    The vulnerability, dubbed “Zerologon,” is a privilege-escalation glitch (CVE-2020-1472) with a CVSS score of 10 out of 10, making it critical in severity. The flaw was addressed in Microsoft’s August 2020 security updates. However, this week at least four public PoC exploits for the flaw were released on Github, and on Friday, researchers with Secura (who discovered the flaw) published technical details of the vulnerability.