Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 23 Nov 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story LibreELEC Embedded Linux OS Now Compatible with Windows 10 Fall Creators Update Rianne Schestowitz 21/11/2017 - 4:27pm
Story Canonical Releases Major Kernel Update for Ubuntu 16.04 to Fix 13 Security Flaws Rianne Schestowitz 21/11/2017 - 4:25pm
Story Graphics: NVIDIA and AMD Roy Schestowitz 21/11/2017 - 2:28pm
Story Ubuntu Boot Times From Linux 4.6 To 4.15 Kernels Roy Schestowitz 21/11/2017 - 2:26pm
Story Games: Humble Store, LWJGL, Beamdog, GOG and Retro Roy Schestowitz 21/11/2017 - 2:08pm
Story Security: MuddyWater, DJI, Updates, Reproducible Builds and Excel Roy Schestowitz 21/11/2017 - 2:06pm
Story today's howtos Roy Schestowitz 21/11/2017 - 2:04pm
Story Android Leftovers Rianne Schestowitz 21/11/2017 - 12:54pm
Story 7 tools for analyzing performance in Linux with bcc/BPF Rianne Schestowitz 21/11/2017 - 12:34pm
Story Why the open source community needs a diverse supply chain Rianne Schestowitz 21/11/2017 - 12:32pm

Security: Amazon, Microsoft, and John Draper

Filed under
Security
  • Amazon security camera could be remotely disabled by rogue couriers

    However, researchers from Rhino Security Labs found attacking the camera's Wi-Fi with a distributed denial of service attack, which sends thousands of information requests to the device, allowed them to freeze the camera. It would then continue to show the last frame broadcast, rather than going offline or alerting the user it had stopped working.

  • Pentagon contractor leaves social media spy archive wide open on Amazon

    A Pentagon contractor left a vast archive of social-media posts on a publicly accessible Amazon account in what appears to be a military-sponsored intelligence-gathering operation that targeted people in the US and other parts of the world.

    The three cloud-based storage buckets contained at least 1.8 billion scraped online posts spanning eight years, researchers from security firm UpGuard's Cyber Risk Team said in a blog post published Friday. The cache included many posts that appeared to be benign, and in many cases those involved from people in the US, a finding that raises privacy and civil-liberties questions. Facebook was one of the sites that originally hosted the scraped content. Other venues included soccer discussion groups and video game forums. Topics in the scraped content were extremely wide ranging and included Arabic language posts mocking ISIS and Pashto language comments made on the official Facebook page of Pakistani politician Imran Khan.

  • Pirated Microsoft Software Enabled NSA Hack says Kaspersky

    Earlier reports accused Kaspersky's antivirus software which was running on the NSA worker's home computer to be the reason behind the Russian spies to access the machine and steal important documents which belonged to NSA hacking unit, Equation Group.

  • Iconic hacker booted from conferences after sexual misconduct claims surface

    John Draper, a legendary figure in the world of pre-digital phone hacking known as "phreaking," has been publicly accused of inappropriate sexual behavior going back nearly two decades.

    According to a new Friday report by BuzzFeed News, Draper, who is also known as "Captain Crunch," acted inappropriately with six adult men and minors between 1999 and 2007 during so-called "energy" exercises, which sometimes resulted in private invitations to his hotel room. There, Draper allegedly made unwanted sexual advances.

    As a result of the new revelations, Draper, 74, is now no longer welcome at Defcon. Michael Farnum, the founder of HOU.SEC.CON, told Ars on Friday afternoon that Draper, who had been scheduled to speak in April 2018, was disinvited.

Debian Developers

Filed under
Development
Debian
  • Joey Hess: stupid long route

    Yesterday, I surpassed all that, and I did it in a way that hearkens right back to the original story. I had two computers, 20 feet apart, I wanted one to talk to the other, and the route between the two ended up traveling not around the Earth, but almost the distance to the Moon.

    I was rebuilding my home's access point, and ran into a annoying bug that prevented it from listening to wifi. I knew it was still connected over ethernet to the satellite receiver.

    I connected my laptop to the satellite receiver over wifi. But, I didn't know the IP address to reach the access point. Then I remembered I had set it up so incoming ssh to the satellite receiver was directed to the access point.

  • I am now a Debian Developer

    On the 6th of April 2017, I finally took the plunge and applied for Debian Developer status. On 1 August, during DebConf in Montréal, my application was approved. If you’re paying attention to the dates you might notice that that was nearly 4 months ago already. I was trying to write a story about how it came to be, but it ended up long. Really long (current draft is around 20 times longer than this entire post). So I decided I’d rather do a proper bio page one day and just do a super short version for now so that someone might end up actually reading it.

  • Freexian’s report about Debian Long Term Support, October 2017

    Like each month, here comes a report about the work of paid contributors to Debian LTS.

Programming: GNU Nano, Software Engineering Talent Shortage, HHVM (PHP)

Filed under
Development
GNU
  • GNU Nano Latest Version 2.9.0

    GNU nano 2.9.0 "Eta" introduces the ability to record and
    replay keystrokes (M-: to start and stop recording, M-;
    to play the macro back), makes ^Q and ^S do something
    useful by default (^Q starts a backward search, and ^S
    saves the current file), changes ^W to start always a
    forward search, shows the number of open buffers (when
    more than one) in the title bar, no longer asks to press
    Enter when there are errors in an rc file, retires the
    options '--quiet' and 'set quiet' and 'set backwards',
    makes indenting and unindenting undoable, will look in
    $XDG_CONFIG_HOME for a nanorc file and in $XDG_DATA_HOME
    for the history files, adds a history stack for executed
    commands (^R^X), does not overwrite the position-history
    file of another nano, and fixes a score of tiny bugs.

  • GNU Nano Text Editor Can Now Record & Replay Keystrokes

    GNU Nano 2.9 is now available as the latest feature release of this popular CLI text editor and it's bringing several new capabilities.

    First up, GNU Nano 2.9 has the ability to record and replay keystrokes within the text editor. M-: is used to start/stop the keystroke recording session while M-; is used to playback the macro / recorded keystrokes.

  • 2018's Software Engineering Talent Shortage— It’s quality, not just quantity

    The software engineering shortage is not a lack of individuals calling themselves “engineers”, the shortage is one of quality — a lack of well-studied, experienced engineers with a formal and deep understanding of software engineering.

  • HHVM 3.23

    HHVM 3.23 is released! This release contains new features, bug fixes, performance improvements, and supporting work for future improvements. Packages have been published in the usual places, however we have rotated the GPG key used to sign packages; see the installation instructions for more information.

  • Facebook Releases HHVM 3.23 With OpenSSL 1.1 Support, Experimental Bytecode Emitter

    HHVM 3.23 has been released as their high performance virtual machine for powering their Hack programming language and current PHP support.

    As mentioned back in September though, Facebook will stop focusing on PHP 7 compatibility in favor of driving their own Hack programming language forward. It's after their next release, HHVM 3.24, in early 2018 they will stop their commitment to supporting PHP5 features and at the same time not focus on PHP7 support. Due to the advancements made by upstream PHP on improving their performance, etc, Facebook is diverting their attention to instead just bolstering Hack and thus overtime the PHP support within HHVM will degrade.

Linux 4.14 File-System Benchmarks: Btrfs, EXT4, F2FS, XFS

Filed under
Graphics/Benchmarks

Our latest Linux file-system benchmarking is looking at the performance of the mainline Btrfs, EXT4, F2FS, and XFS file-systems on the Linux 4.14 kernel compared to 4.13 and 4.12.

In looking to see how the file-system/disk performance has changed if at all under the newly released Linux 4.14 kernel, I carried out some 4.12/4.13/4.14 benchmarks using Btrfs/EXT4/F2FS/XFS while freshly formatting the drive each time and using the default mount options.

Read more

Also: Freedreno Gallium3D Supports A Fair Amount Of OpenGL 4.x

Canonical Releases Snapcraft 2.35 with Support for Ubuntu 14.04 LTS and Solus

Filed under
Ubuntu

Snapcraft 2.35 comes approximately two months after the September release of Snapcraft 2.34, and it's a major update that finally adds support for the Ubuntu 14.04 LTS (Trusty Tahr) operating system series, which is maintained by Canonical for five years, until April 2019.

Ubuntu 14.04 LTS support in Snapcraft is particularly important for running Snaps based on ROS (Robot Operating System) Indigo, which is based on this LTS Ubuntu release. In addition, Snapcraft also appears to have received support for the Solus Linux-based operating system.

Read more

Snaps Are Coming to Ubuntu 18.04 by Default, Kubuntu Could Also Adopt Them

Filed under
Ubuntu

Snap, the universal Linux binary format from Canonical, allows us to run the most recent versions of apps on day one. The developers of the Ubuntu MATE official Ubuntu flavor pioneered the concept of Snaps by default for their distribution with the release of Ubuntu MATE 17.10 (Artful Aardvark) by shipping a tiny PulseAudio mixer command-line app to get the pulse of the community.

As things went well on their side and no issues were reported by users so far, now the Ubuntu team laid down plans on a mechanism that should allow users to install Snaps on a freshly installed Ubuntu 18.04 LTS (Bionic Beaver) operating system from the ISO image.

Read more

BlackArch Linux Ethical Hacking and Penetration Testing OS Drops 32-Bit Support

Filed under
Linux

The announcement was published this morning on their website and Twitter account, as it looks like the BlackArch developers plan to remove the 32-bit ISO images and respective repositories soon, urging all those running BlackArch on 32-bit PCs to upgrade to the 64-bit version of the operating system as soon as possible.

"Following 9 months of deprecation period, support for the i686 architecture effectively ends today. By the end of November, i686 packages will be removed from our mirrors and later from the packages archive," said the devs. "We wish to thank all of BlackArch's users, mirrors, and supporters. Thanks for your help."

Read more

Also: BlackArch Linux Distro For Ethical Hacking Drops 32-bit Support

Raspberry Pi Digital Signage OS Updated to Debian Stretch, Chromium 62 Browser

Filed under
Linux
Debian

Raspberry Digital Signage 10.0 is the latest release of the operating system designed for deployment on digital signage infrastructures, backed by the tiny Raspberry Pi computer. It comes six months after the release of version 9.0 with a complete rebase on the latest Debian GNU/Linux 9 "Stretch" operating system series.

Marco Buratto announces the release of Raspberry Digital Signage 10.0 today, saying that it's utilizing the latest and greatest Chromium 62 open-source web browser, which features improved HTML5 video playback capabilities, better Adobe Flash support, as well as overall H264/AVC video playback performance improvements.

Read more

Open Linux – Beyond distributions, regressions and rivalry

Filed under
GNU
Linux

I love Linux. Which is why, whenever there’s a new distro release and it’s less than optimal (read, horrible), a unicorn dies somewhere. And since unicorns are pretty much mythical, it tells you how bad the situation is. On a more serious note, I’ve started my autumn crop of distro testing, and the results are rather discouraging. Worse than just bad results, we get inconsistent results. This is possibly even worse than having a product that works badly. The wild emotional seesaw of love-hate, hope-despair plays havoc with users and their loyalty.

Looking back to similar tests in previous years, it’s as if nothing has changed. We’re spinning. Literally. Distro releases happen in a sort of intellectual vacuum, isolated from one another, with little to no cross-cooperation or cohesion. This got me thinking. Are there any mechanisms that could help strengthen partnership among different distro teams, so that our desktops looks and behave with more quality and consistency?

Read more

Security: PeopleSoft, DJI, IoT, Amazon, Microsoft, ​Google, Ad Blocking and Codewarz

Filed under
Security
  • Oracle rushes out 5 patches for huge vulnerabilities in PeopleSoft app server

    Oracle issued a set of urgent security fixes on Tuesday that repair vulnerabilities revealed today by researchers from the managed security provider ERPScan at the DeepSec security conference in Vienna, Austria. The five vulnerabilities include one dubbed "JoltandBleed" by the researchers because of its similarity to the HeartBleed vulnerability discovered in OpenSSL in 2014. JoltandBleed is a serious vulnerability that could expose entire business applications running on PeopleSoft platforms accessible from the public Internet.

    The products affected include Oracle PeopleSoft Campus Solutions, Human Capital Management, Financial Management, and Supply Chain Management, as well as any other product using the Tuxedo 2 application server. According to recent research by ERPScan, more than 1,000 enterprises have their PeopleSoft systems exposed to the Internet, including a number of universities that use PeopleSoft Campus Solutions to manage student data.

  • Man gets threats—not bug bounty—after finding DJI customer data in public view

    DJI, the Chinese company that manufactures the popular Phantom brand of consumer quadcopter drones, was informed in September that developers had left the private keys for both the "wildcard" certificate for all the company's Web domains and the keys to cloud storage accounts on Amazon Web Services exposed publicly in code posted to GitHub. Using the data, researcher Kevin Finisterre was able to access flight log data and images uploaded by DJI customers, including photos of government IDs, drivers licenses, and passports. Some of the data included flight logs from accounts associated with government and military domains.

  • New Study Finds Poorly Secured Smart Toys Lets Attackers Listen In On Your Kids

    We've long noted how the painful lack of security and privacy standards in the internet of (broken) things is also very well-represented in the world of connected toys. Like IOT vendors, toymakers were so eager to make money, they left even basic privacy and security standards stranded in the rear view mirror as they rush to connect everything to the internet. As a result, we've seen repeated instances where your kids' conversations and interests are being hoovered up without consent, with the data frequently left unencrypted and openly accessible in the cloud.

    With Luddites everywhere failing to realize that modern Barbie needs a better firewall, this is increasingly becoming a bigger problem. The latest case in point: new research by Which? and the German consumer group Stiftung Warentest found yet more flaws in Bluetooth and wifi-enabled toys that allow a total stranger to listen in on or chat up your toddler:

  • Amazon Key flaw makes entering your home undetected a possibility
  • How to fix a program without the source code? Patch the binary directly
  • ​Google Home and Amazon Echo hit by big bad Bluetooth flaws
  • Senator urges ad blocking by feds as possible remedy to malvertising scourge

    A US Senator trying to eradicate the Internet scourge known as malvertising is proposing that all federal agencies block ads delivered to worker computers unless advertisers can ensure their networks are free of content that contains malicious code.

    In a letter sent today, Oregon Senator Ron Wyden asked White House Cybersecurity Coordinator Rob Joyce to begin discussions with advertising industry officials to ensure ads displayed on websites can't be used to infect US government computers. If, after 180 days, Joyce isn't "completely confident" the industry has curbed the problem, Wyden asked that Joyce direct the US Department of Homeland Security to issue a directive "requiring federal agencies to block the delivery to employees' computers of all Internet ads containing executable code."

    "Malware is increasingly delivered through code embedded in seemingly innocuous advertisements online," Wyden wrote. "Individuals do not even need to click on ads to get infected: this malicious software, including ransomware, is delivered without any interaction by the user."

  • Weekend code warriors prepare to clash in Codewarz

    If you didn't have any weekend plans yet—or maybe even if you did—and you're interested in scratching your programming itch, there's something to add to your calendar. Codewarz, a programming competition that presents participants with 24 coding challenges, is running its first live event starting at 1pm Eastern on November 18 and ending at 9pm on November 20.

    This is not a hacking competition—it’s strictly coding. Participants can use their language of choice as long as it's one of the 15 supported by the event: the various flavors of C, Python, Node.js, Scala, PHP, Go, Ruby, and even BASH. (Sorry, no one has asked them to support ADA or Eiffel yet.) There's no compiling required, either. Each submitted solution is run in an interpreted sandbox on a Linux machine for evaluation and scoring. And the challenges run the gamut from beginner (things like text parsing, math and basic networking) to advanced (more advanced parsing and math, hashing, cryptography, and forensics challenges).

KVM & Xen Don't Change Much With Linux 4.15

Filed under
Linux

There are a ton of exciting improvements building up in Linux 4.15, but not too much on the virtualization front.

The Kernel-based Virtual Machine (KVM) work this time around isn't too exciting with no big ticket items debuting for Linux 4.15. KVM for this next kernel release finally has Python 3 support within the Python script that collects runtime statistics from the KVM kernel module. Most of the other work is relatively small additions and fixes. There is some optimizations to ARM's timer handling, PowerPC support for running in a hashed page table MMU mode and single-threaded mode support on POWER9, s390 prep work for exitless interrupts and crypto, and on the x86 front are some fixes, improved emulation in a few areas, and other small work.

Read more

Software: Wpm, Wanna, Atelier, Narabu

Filed under
Software
  • Wpm – Measure Your Typing Speed From Terminal

    How is your weekend going, folks? Today, I’d like to share a command line utility that makes your weekend useful. Say hello to Wpm, a command line utility to test and improve your typing speed. Using Wpm, you can check and measure your typing speed from Terminal in words per minute. You may already be using any GUI-based utilities for this purpose. However, Wpm has many features that any GUI based typing speed tester utilities have.

  • Wanna – A Modern Eye Candy To-Do List App

    Today, we introduce to you a new project that is described in its GitHub page as an implementation of a 21st-century to-do list app. And who will beg to differ when the app is so spectacular it comes along with its own workflow and well-stated philosophy.

    Wanna is a modern cross-platform and open-source Electron-based To-Do list application with a focus on time management.

  • Monitoring 3DPrinters with Atelier

    One of the features that were asked a lot of times on our Telegram groups was the ability to monitor the 3DPrinter via a stream feed.

    Since we released the beta version of the AtCore couple weeks ago, we are trying now to get more work done with Atelier.

    In our project, Atelier is the interface running above AtCore. So it has a lot of more features than the AtCore TestClient has.

  • Introducing Narabu, part 6: Performance

    Narabu is a new intraframe video codec. You probably want to read part 1, part 2, part 3, part 4 and part 5 first.

    Like I wrote in part 5, there basically isn't a big splashy ending where everything is resolved here; you're basically getting some graphs with some open questions and some interesting observations.

Linux 4.15, Linux 4.16, and Linux Foundation's CNCF and CII

Filed under
Linux
  • Linux 4.15 Gets Fixed To Report Current CPU Frequency Via /proc/cpuinfo

    A change recently in the Linux kernel led the CPU MHz reported value via /proc/cpuinfo to either be the nominal CPU frequency or the most recently requested frequency. This behavior changed compared to pre-4.13 kernels while now it's been fixed up to report the current CPU frequency.

  • Linux 4.16 Will Be Another Big Cycle For Intel's DRM Driver

    We are just through week one of two for the Linux 4.15 merge window followed by eight or so weeks after that before this next kernel is officially released. But Intel's open-source driver developers have already begun building up a growing stack of changes for Linux 4.16 when it comes to their DRM graphics driver.

  • CNCF Wants You to Use 'Certified Kubernetes'
  • Open Source Threat Modeling

    Application threat modeling is a structured approach to identifying ways that an adversary might try to attack an application and then designing mitigations to prevent, detect or reduce the impact of those attacks. The description of an application’s threat model is identified as one of the criteria for the Linux CII Best Practises Silver badge.

Linux World Domination and Microsoft Corruption in Munich

Filed under
GNU
Linux

Programming/Development: 'DevOps', NumPy, Google SLING

Filed under
Development
  • 5 DevOps leadership priorities in 2018

    This week, DevOps professionals gathered in San Francisco to talk about the state of DevOps in the enterprise. At 1,400 attendees, the sold-out DevOps Enterprise Summit has doubled in size since 2014 – a testament to the growth of the DevOps movement itself.

    With an ear to this event and an eye on the explosion of tweets coming out of it, here are five key priorities we think IT leaders should be aware of as they take their DevOps efforts into the new year.

  • NumPy Plan for dropping Python 2.7 support

    The Python core team plans to stop supporting Python 2 in 2020. The NumPy project has supported both Python 2 and Python 3 in parallel since 2010, and has found that supporting Python 2 is an increasing burden on our limited resources; thus, we plan to eventually drop Python 2 support as well. Now that we're entering the final years of community-supported Python 2, the NumPy project wants to clarify our plans, with the goal of to helping our downstream ecosystem make plans and accomplish the transition with as little disruption as possible.

  • Google SLING: An Open Source Natural Language Parser

    Google Research has just released an open source project that might be of interest if you are into natural language processing. SLING is a combination of recurrent neural networks and frame based parsing.

    Natural language parsing is an important topic. You can get meaning from structure and parsing is how you get structure. It is important in processing both text and voice. If you have any hope that Siri, Cortana or Alexa are going to get any better then you need to have better natural language understanding - not just the slot and filler systems currently in use.

Graphics: AMDGPU, Radeon, Intel DRM

Filed under
Graphics/Benchmarks
  • AMDGPU DC Code Lands For Linux 4.15 Kernel

    Linus Torvalds has accepted the AMDGPU DC display code pull request for the Linux 4.15 kernel. AMD Linux users can now rejoice!

    Overnight David Airlie sent in the AMDGPU DC pull request for Linux 4.15 and since then Linus Torvalds was active on the kernel mailing list ranting about AMD header files and other unrelated to DC code. He was also pulling in other PRs... It was getting a bit worrisome, given the DC code not being in pristine shape, but it was exciting as heck to see this evening that he did go ahead and pull in the 132 thousand lines of new kernel code to land this AMDGPU DC. Linus hasn't provided any commentary about DC on the kernel mailing list as of writing.

  • Radeon VCN Encode Support Lands In Mesa 17.4 Git

    It's an exciting day for open-source Radeon Linux users today as besides the AMDGPU DC pull request (albeit still unmerged as of writing), Radeon VCN encoding support has landed in Mesa Git.

  • The - Hopefully - Final Stab At Intel Fastboot Support

    Intel's Maarten Lankhorst has sent out what could be the final patches for enabling "fastboot" support by default within their DRM graphics driver.

Raspberry Digital Signage 10

Filed under
GNU
Linux

It shows web pages from Internet, LAN or internal sources (a WordPress installation comes already installed by default on the SD card); there is no way to escape this view but rebooting the machine.

Marco Buratto has released Raspberry Digital Signage 10.0 today, which comes with the latest and greatest Chromium build (featuring advanced HTML5 capabilities, Adobe Flash support and H264/AVC video acceleration), so you can display more attractive resources, more easily.

Read more

Syndicate content

More in Tux Machines

Security: Uber, Replacing x86 Firmware, 'IoT' and Chromebook

  • Key Dem calls for FTC to investigate Uber data breach

    A key Democrat is calling on the Federal Trade Commission (FTC) to investigate a massive Uber breach that released data on 57 million people, as well as the company's delay in reporting the cyber incident.

  • Multiple states launch probes into massive Uber breach
  • Replacing x86 firmware with Linux and Go

    The problem, Minnich said, is that Linux has lost its control of the hardware. Back in the 1990s, when many of us started working with Linux, it controlled everything in the x86 platform. But today there are at least two and a half kernels between Linux and the hardware. Those kernels are proprietary and, not surprisingly, exploit friendly. They run at a higher privilege level than Linux and can manipulate both the hardware and the operating system in various ways. Worse yet, exploits can be written into the flash of the system so that they persist and are difficult or impossible to remove—shredding the motherboard is likely the only way out.

  • Connected sex-toy allows for code-injection attacks on a robot you wrap around your genitals

    However, the links included base-64 encoded versions of the entire blowjob file, making it vulnerable to code-injection attacks. As Lewis notes, "I will leave you to ponder the consequences of having an XSS vulnerability on a page with no framebusting and preauthed connection to a robot wrapped around or inside someones genitals..."

  • Chromebook exploit earns researcher second $100k bounty
    For Google’s bug bounty accountants, lightning just struck twice. In September 2016, an anonymous hacker called Gzob Qq earned $100,000 (£75,000) for reporting a critical “persistent compromise” exploit of Google’s Chrome OS, used by Chromebooks. Twelve months on and the same researcher was wired an identical pay out for reporting – yes! – a second critical persistent compromise of Google’s Chrome OS. By this point you might think Google was regretting its 2014 boast that it could confidently double its maximum payout for Chrome OS hacks to $100,000 because “since we introduced the $50,000 reward, we haven’t had a successful submission.” More likely, it wasn’t regretting it at all because isn’t being told about nasty vulnerabilities the whole point of bug bounties?
  • Why microservices are a security issue
    And why is that? Well, for those of us with a systems security bent, the world is an interesting place at the moment. We're seeing a growth in distributed systems, as bandwidth is cheap and latency low. Add to this the ease of deploying to the cloud, and more architects are beginning to realise that they can break up applications, not just into multiple layers, but also into multiple components within the layer. Load balancers, of course, help with this when the various components in a layer are performing the same job, but the ability to expose different services as small components has led to a growth in the design, implementation, and deployment of microservices.

Lumina 1.4 Desktop Environment Debuts with New Theme Engine and ZFS Integrations

Lumina 1.4.0 is a major release that introduces several new core components, such as the Lumina Theme Engine to provide enhanced theming capabilities for the desktop environment and apps written in the Qt 5 application framework. The Lumina Theme Engine comes with a configuration utility and makes the previous desktop theme system obsolete, though it's possible to migrate your current settings to the new engine. "The backend of this engine is a standardized theme plugin for the Qt5 toolkit, so that all Qt5 applications will now present a unified appearance (if the application does not enforce a specific appearance/theme of it’s own)," said the developer in today's announcement. "Users of the Lumina desktop will automatically have this plugin enabled: no special action is required." Read more

today's leftovers

  • qBittorrent 4.0 Is a Massive Update of the Open-Source BitTorrent Client
    qBittorrent, the open-source and cross-platform BitTorrent client written in Qt for GNU/Linux, macOS, and Windows systems, has been updated to version 4.0, a major release adding numerous new features and improvements. qBittorrent 4.0 is the first release of the application to drop OS/2 support, as well as support for the old Qt 4 framework as Qt 5.5.1 or later is now required to run it on all supported platforms. It also brings a new logo and a new SVG-based icon theme can be easily scaled. Lots of other cosmetic changes are present in this release, and the WebGUI received multiple enhancements.
  • FFmpeg Continues Working Its "NVDEC" NVIDIA Video Decoding Into Shape
    Earlier this month the FFmpeg project landed its initial NVDEC NVIDIA video decoding support after already supporting NVENC for video encoding. These new NVIDIA APIs for encode/decode are part of the company's Video Codec SDK with CUDA and is the successor to the long-used VDPAU video decoding on NVIDIA Linux boxes. That NVDEC support has continued getting into shape.
  • Kobo firmware 4.6.10075 mega update (KSM, nickel patch, ssh, fonts)
    A new firmware for the Kobo ebook reader came out and I adjusted the mega update pack to use it. According to the comments in the firmware thread it is working faster than previous releases. The most incredible change though is the update from wpa_supplicant 0.7.1 (around 2010) to 2.7-devel (current). Wow.
  • 3.5-inch Apollo Lake SBC has dual mini-PCIe slots and triple displays
    Avalue’s Linux-friendly, 3.5-inch “ECM-APL2” SBC features Apollo Lake SoCs, 2x GbE, 4x USB 3.0, 2x mini-PCIe, triple displays, and optional -40 to 85°C. Avalue’s 3.5-inch, Apollo Lake based ECM-APL single-board computer was announced a year ago, shortly after Intel unveiled its Apollo Lake generation. Now it has followed up with an ECM-APL2 3.5-incher with a slightly different, and reduced, feature set.
  • 7 Best Android Office Apps To Meet Your Productivity Needs
    Office application is an essential suite that allows you to create powerful spreadsheets, documents, presentations, etc., on a smartphone. Moreover, Android office apps come with cloud integration so that you can directly access the reports from the cloud, edit them, or save them online. To meet the productivity need of Android users, the Play Store offers an extensive collection of Android office apps. But, we have saved you the hassle of going through each one of them and provided you a list of the best office apps for Android. The apps that we have picked are all free, although some do have Pro version or extra features available for in-app purchases. You can also refer to this list if you’re looking for Microsoft Office alternatives for your PC.

Servers and Red Hat