Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 17 Aug 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Blog entry Watson claimed And Seantrel Henderson Bills jersey 2018 naghiyever 16/08/2018 - 2:43am
Story Rodrigo Siqueira's Work on VKMS Roy Schestowitz 16/08/2018 - 2:35am
Story Games: SteamPlay, The Free Ones, Crazy Justice, State of Mind, Graveyard Keeper, Boyfriend Dungeon, Red Alert & Tiberian Sun Roy Schestowitz 16/08/2018 - 2:30am
Story Kernel: Speck/NSA, Big Networking Update, 64-bit ARM, Locking Down the Kernel Roy Schestowitz 16/08/2018 - 2:25am
Story Graphics: Intel, Mesa, DRM, and NVIDIA Roy Schestowitz 16/08/2018 - 2:22am
Story Android Leftovers Rianne Schestowitz 15/08/2018 - 6:50pm
Story today's leftovers Roy Schestowitz 15/08/2018 - 4:19pm
Story Software: FOSS Alternatives Roy Schestowitz 15/08/2018 - 4:17pm
Story ACPI and Power Management Updates Merged into Linux 4.19, Partitions on Linux Roy Schestowitz 15/08/2018 - 4:16pm
Story OSS Leftovers Roy Schestowitz 15/08/2018 - 4:11pm

How to display data in a human-friendly way on Linux

Filed under
Linux
HowTos

Not everyone thinks in binary or wants to mentally insert commas into large numbers to come to grips with the sizes of their files. So, it's not surprising that Linux commands have evolved over several decades to incorporate more human-friendly ways of displaying information to its users. In today’s post, we look at some of the options provided by various commands that make digesting data just a little easier.

Read more

KDE and GNOME GSoC: Falkon, WikiToLearn, Nautilus and Pitivi

Filed under
KDE
Google
GNOME
  • The Joy of GSoC Smile

    Wooo... this is the last day of coding phase of GSoC. I am writing this blog to share my experience and work done in the coding phase. I want to specially thank my mentor David Rosca for his help, suggestions and reviews. This was my first exposure to the KDE community and I am proud that it was great. I really enjoyed the whole program from proposal submission - intermediate evals - then now this final evaluation. Also, I had learned a lot working on my project. Frankly speaking, I didn't knew about i18n and l10n much but with the help of my mentor now I have a quite good understanding of how these works and are implemented. I can truly say this was one of my best summer vacations.

  • What’s next for WikiToLearn?

    Google Summer of Code is finishing and many things have been done on WikiToLearn since previous post. A little recap is needed.

    Talking with mentors has been crucial because they told me to focus on finishing CRUD interaction with API backend instead of working on “history mode” viewer.

  • GSoC 2018 Final Evaluation

    As GSoC is coming to an end, I am required to put my work altogether in order for it to be easily available and hopefully help fellow/potential contributors work on their own projects. 

    [...]

    At its prestige, through this project we will have tests both for most critical and used operations of Nautilus, and for the search engines we use. Further on, I’ll provide links for all of my merge requests and dwell a bit on their ins and outs while posting links to my commits:

  • GTK+ 4 and Nautilus </GSoC>

    Another summer here at GNOME HQ comes to an end. While certainly eventful, it unfortunately did not result in a production-ready Nautilus port to GTK+ 4 (unless you don’t intend to use the location entry or any other entry, but more on that later).

  • Pitivi Video Editor Gains UI Polish, Video Preview Resizing

    The latest Google Summer of Code 2018 is allowing some excellent work to be done on some excellent open source projects.

    Among them Pitivi, the non-linear video editor built using GTK and Gstreamer and offering up a basic video editing feature set.

    Over the past few months, Harish Fulara, a Computer Science student, has worked on improving the application’s greeter dialog and on adding support dynamic resizing of the video preview box.

Security: OpenPGP, Oracle, DEFCON, Faxploit

Filed under
Security
  • OpenPGP key expiration is not a security measure

    There seems to be some recurring confusion among Gentoo developers regarding the topic of OpenPGP key expiration dates. Some developers seem to believe them to be some kind of security measure — and start arguing about its weaknesses. Furthermore, some people seem to think of it as rotation mechanism, and believe that they are expected to generate new keys. The truth is, expiration date is neither of those.

  • Vulnerability in Java VM Component of Oracle Database allows for Whole System Compromise
  • #DEFCON Vote Hacking Village Refute NASS 'Unfair' Claims

    DEFCON has hit back at criticisms levied at it by the National Association of Secretaries of State (NASS) over the introduction of an area designed to test voting machines.

    In a statement released on 9th August, the NASS said that while it applauded “the goal of DEFCON attendees to find and report vulnerabilities in election systems" it felt it was important to point out that work has been done by states' own information technology teams, and also named the Department of Homeland Security (DHS), the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), the private sector, the National Guard and universities as being involved “to enhance and reinforce their cyber postures with penetration testing, risk and vulnerability assessments and many other tools.”

  • How to hack an election, according to a former NSA hacker

    As we find out more about Russia's interference in the 2016 United States presidential election, former NSA hacker and TrustedSec CEO David Kennedy reveals what it would take to hack an election. Kennedy also reveals how France was able to protect themselves. Following is a transcript of the video.

    David Kennedy: What's interesting with the election systems is that as they become more and more electronic, and people can use computer systems to actively go in and cast your votes at the actual ballots, those are all susceptible to attack.

    What the government has tried to do is a technique called air gapping, which means that they're not supposed to be hooked up to the internet or have the ability to communicate the internet, so they can be not hacked by hackers. Essential databases that are used to count the ballots and actually cast votes is connected to multiple networks and the internet. And we're seeing intrusions occur, and so as we're using electronic voting as a method to conduct actual voter ballots, it's a very, very susceptible system. Most of the systems are out of date. Most of the systems aren't protected against hacks. There's definitely possibilities for other influences to have a direct impact on our elections themselves.

  • Faxploit: Breaking the Unthinkable
  • HP Fax Protocol Flaw Exposes Whole Enterprise Network to Exploit

    Check Point has discovered a new vulnerability in HP’s range of office fax machines that allow hackers to exploit a fax number related flaw and gain access to the remainder of the company’s enterprise network. This exploit is not limited to any one product or any particular company’s setup, but it encompasses all of HP’s office fax machines and all-in-one devices that have a faxing system integrated within them.

Legacy OS 2017 - Ghost of Linux past

Filed under
GNU
Linux

I am quite sad. I was really looking forward to testing Legacy OS. I like quirky, unique stuff, and the Magic Scripts impressed me so much back in the day that I was more than enthused giving this distro a go. Alas, all my expectations were shattered. From boot problems to network problems to basic browsers, the karma just wasn't there. This feels like an ancient project resurrected into the modern era, but not well adapted to it.

Hopefully, these issues can be ironed out, and then I'll take Legacy OS for another spin. At the moment, the 2017 edition feels wrong, and it doesn't have enough critical quality to warrant testing and tweaking and trying to work around some of the inherent issues. Just too much trouble. Ah well. Maybe some day. Take care.

Read more

Velt/OS: A Material Design-Themed Desktop Environment

Filed under
GNU
Linux

When it comes to desktop environments, there is a set of popular DEs like GNOME, KDE, Xfce etc. Perhaps Lumina was one of the newest addition to the desktop environment family, until now.

Let me introduce Velt/OS to you. It’s a material design inspired desktop environment mainly for Arch Linux. The project is in the experimental phase and being ‘slowly’ developed.

Read more

Graphics: NVIDIA, Mesa and Vulkan

Filed under
Graphics/Benchmarks
  • May the Source Be with You: NVIDIA Open Sources Material Definition Language SDK

    Security, customizability, flexibility and cost are a few of the benefits of open-source software for developers.

    They’ll get all these and more from NVIDIA’s Material Definition Language software development kit, which is available starting today as open source.

    MDL software — a set of tools that integrate the precise look and feel of real-world materials into rendering applications — has long been supported by developers. It gives end-users the freedom to share physically based materials and lights between supporting applications.

    For example, an MDL material — such as a specific piece of carpeting, upholstery or clothing — created in Allegorithmic Substance Designer can be saved to a library and then used in any other supporting application, like Adobe Dimension CC.

  • NVIDIA Announces Open-Source MDL SDK

    In addition to announcing the Turing-based Quadro RTX GPUs with GDDR6 memory, NVIDIA used SIGGRAPH 2018 to announce their open-sourcing of the MDL SDK.

    The MDL SDK is the Material Definition Language and is a programming language for defining physically-based materials for rendering, The MDL code can then be converted into GLSL, NVIDIA PTX, x86 instructions, or LLVM IR for making these assets more portable.

  • Mesa 18.1.6 Released With Build System Updates, Various OpenGL/Vulkan Driver Fixes

    Mesa 18.1.6 is now available as the latest point release for Mesa 18.1 as the Q2'2018 release of this collection of open-source graphics drivers/infrastructure.

    Mesa 18.1.6 just ships with over three dozen fixes compared to v18.1.5 from a few weeks back. The Mesa 18.1.6 release includes various Gallium3D fixes, different Autotools/Meson build system updates, corrections to MSAA corruption with AMD Vega, a DRIRC option to allow Metro Redux to work properly (again), support for using INTEL_DEBUG for setting Intel shader disk cache flags, and various other random fixes throughout.

  • Vulkan 1.1.83 Released With Minor Documentation Updates For SIGGRAPH

    The Khronos Group has released Vulkan 1.1.83 as a routine maintenance update to the Vulkan 1.1 graphics/compute API to coincide with the start of ACM SIGGRAPH 2018 in Vancouver.

    Vulkan 1.1.83 doesn't introduce any new extensions but just corrects a variety of documentation issues. It does prepare for some new extensions though as some extra bits are now reserved for pending vendor extensions. These reserved bits appear to be for some NVIDIA extension work.

Linux 4.19 Features and More on Release of Linux 4.18

Filed under
Linux
  • XArray Proposed For Merging In The Linux 4.19 Kernel

    Matthew Wilcox who most recently has been employed by Microsoft is looking to get the new XArray data structure added to the Linux 4.19 kernel.

    Earlier this year Wilcox was hoping for XArray in Linux 4.17 but that didn't pan out but he believes it is ready for Linux 4.19. XArray is intended to eventually replace the radix tree data structure in the Linux kernel. XArray's advantages include locking support as part of its design, memory not being pre-loaded, and page cache improvements in using XArray.

  • Btrfs Gets Fixes & Low-Level Improvements With Linux 4.19

    David Sterba of SUSE sent in the Btrfs file-system updates today for the Linux 4.19 kernel merge window.

    The most noticeable change with Btrfs for Linux 4.19 is that it now supports defragging opened read-only files that have read-write permissions. Btrfs in Linux 4.19 is also carrying some validation improvements, error code handling improvements, tree checker improvements, some fsync fixes, a possible deadlock fix, resetting the on-disk device stats value after replacing a drive, and a variety of other code clean-ups and bug fixes.

  • Linux 4.18 Benefits from Energy-Aware Scheduling on ARM

    The fourth major milestone release for the Linux kernel was officially announced by Linus Torvalds on Aug. 12 with the general availability of Linux 4.18.

    Linux 4.18, required a somewhat uncommon eight release candidates and follows the Linux 4.17 release that was announced on June 3.

    "One week late(r) and here we are - 4.18 is out there," Linus Torvalds wrote in his release announcement. "It was a very calm week, and arguably I could just have released on schedule last week, but we did have some minor updates."

    [...]

    Linux 4.18 also integrated a new asynchronous I/O interface that improves system polling performance.

  • Linux Kernel 4.18 Keeps Things Solid and Secure

    Linus Torvalds published the 4.18 kernel on Sunday, one week later than expected. This has a been a rocky release... and it’s all Android's fault (more or less).

    You see, Android systems lack tmpfs, the temporary file systems you usually see hanging off your /tmp directory. In regular Linux systems, a tmpfs is stored in memory and holds data that applications may need to retrieve at short notice or share with other programs. Instead, Android allocates a chunk of memory (called ashmem) that does the same thing. However, a change introduced to ashmem in 4.18-rc7 made the open source version of Android crash. Unfortunately, all this came to light the week before the final release of 4.18 was due. Nine patches later and the problem was still not totally resolved, so Linus decided to roll back the whole thing and wait another week for the things to calm down.

Mozilla: Licensing Edgecases, TLS, Chatra, Send and Rust

Filed under
Moz/FF
  • Licensing Edgecases

    While I’m not a lawyer – and I’m definitely not your lawyer – licensing questions are on my plate these days. As I’ve been digging into one, I’ve come across what looks like a strange edge case in GPL licensing compliance that I’ve been trying to understand. Unfortunately it looks like it’s one of those Affero-style, unforeseen edge cases that (as far as I can find…) nobody’s tested legally yet.

    I spent some time trying to understand how the definition of “linking” applies in projects where, say, different parts of the codebase use disparate, potentially conflicting open source licenses, but all the code is interpreted. I’m relatively new to this area, but generally speaking outside of copying and pasting, “linking” appears to be the critical threshold for whether or not the obligations imposed by the GPL kick in and I don’t understand what that means for, say, Javascript or Python.

  • TLS 1.3 Published: in Firefox Today

    On friday the IETF published TLS 1.3 as RFC 8446. It’s already shipping in Firefox and you can use it today. This version of TLS incorporates significant improvements in both security and speed.

    Transport Layer Security (TLS) is the protocol that powers every secure transaction on the Web. The version of TLS in widest use, TLS 1.2, is ten years old this month and hasn’t really changed that much from its roots in the Secure Sockets Layer (SSL) protocol, designed back in the mid-1990s. Despite the minor number version bump, this isn’t the minor revision it appears to be. TLS 1.3 is a major revision that represents more than 20 years of experience with communication security protocols, and four years of careful work from the standards, security, implementation, and research communities (see Nick Sullivan’s great post for the cool details).

  • Chatting with your website visitors through Chatra

    When I started the blog, I didn’t add a message board below each article because I don’t have the time to deal with spam. Due to broken windows theory, if I leave the spam unattended my blog will soon become a landfill for spammers. But nowadays many e-commerce site or brand sites have a live chatting box, which will solve my problem because I can simply ignore spam, while interested readers can ask questions and provide feedbacks easily. That’s why when my sponsor, Chatra.io, approached me with their great tool, I fell in love with it right away and must share it with everyone.

  • Send: Going Bigger

    Send encrypts your files in the browser. This is good for your privacy because it means only you and the people you share the key with can decrypt it. For me, as a software engineer, the challenge with doing it this way is the limited API set available in the browser to “go full circle”. There’s a few things that make it a difficult problem.

    The biggest limitation on Send today is the size of the file. This is because we load the entire thing into memory and encrypt it all at once. It’s a simple and effective way to handle small files but it makes large files prone to failure from running out of memory. What size of file is too big also varies by device. We’d like everyone to be able to send large files securely regardless of what device they use. So how can we do it?

    The first challenge is to not load and encrypt the file all at once. RFC 8188 specifies a standard for an encrypted content encoding over HTTP that is designed for streaming. This ensures we won’t run out of memory during encryption and decryption by breaking the file into smaller chunks. Implementing the RFC as a Stream give us a nice way to represent our encrypted content.

  • Never patterns, exhaustive matching, and uninhabited types (oh my!)

    One of the long-standing issues that we’ve been wrestling with in Rust is how to integrate the concept of an “uninhabited type” – that is, a type which has no values at all. Uninhabited types are useful to represent the “result” of some computation you know will never execute – for example, if you have to define an error type for some computation, but this particular computation can never fail, you might use an uninhabited type.

Security: 'Smartphones', Aporeto Security, Oracle Holes, Hacknet and Updates

Filed under
Security
  • 25 Smartphone Models Found Shipping With Severe Firmware Flaws: Defcon 2018

    Smartphones from small as well as big OEMs are under the radar. OEMs such as ZTE, Leagoo, and Doogee have been included in the list of insecure Android device manufacturers previously as well. Leagoo and Doogee have been reported to come preinstalled with apps that have banking trojans.

  • Aporeto Security and Red Hat OpenShift in Action

    In this short video, we demonstrate how Aporeto integrates with Red Hat OpenShift and leverages the platform’s native capabilities to extract application identity metadata to enforce security.

    Aporeto enforces security uniformly in hybrid and multi-cloud environments and abstracts away the complexities of the underlying infrastructure. As you leverage OpenShift to expand beyond the data center, you can use Aporeto to extend your security policies no matter where your application and its services run.

  • Oracle has flagged a vulnerability that could “completely compromise” customer databases

    Oracle is calling on its customers to immediately patch a security vulnerability that can lead to “complete compromise of the Oracle Database”.

    The vulnerability was found in the Java VM component of the vendor’s database server, but attacks may “significantly impact additional products”, according to a notice on the US National Vulnerability Database.

  • Hacknet gets 'Educational' pricing plan to help teach students about cyber security

    Although primarily intended for entertainment, Hacknet’s simulation is based on real cyber-security principles, while its user interface implements actual Unix commands

  • Security updates for Monday

OSS: Startups, Tesla, Hortonworks and Amazon Openwashing

Games: TerraTech, Rings of Saturn, Steam Controller, Insurgency: Sandstorm

Filed under
Gaming
  • Open-world vehicle builder 'TerraTech' has left Early Access

    I absolutely love games that let me build something, drive around and blow stuff up so I've been enjoying my time with TerraTech which is now out.

    Unlike Robocraft, TerraTech isn't just about building a powerful vehicle and destroying everyone. While it does have a PvP multiplayer mode, the main dish is actually the open-world single-player environment. That's not all it has to offer, as it also has creative mode to do whatever you want, a sumo fighting mode and a gauntlet challenge mode as well.

  • Rings of Saturn is a hard sci-fi, top-down space simulator coming soon to Linux

    Space sim Rings of Saturn [Official Site] was announced earlier this month, with a promise of a realistic top-down experience and it actually looks surprisingly good.

    Seems to have come out of nowhere, at least to me, I can't remember hearing literally anything about this before discovering it today. While the trailer doesn't really offer all that much, what it does show makes me firmly want to know more.

  • SC Controller, incredibly useful UI/Driver for the Steam Controller has a new release

    If you ever have issues with games not picking up your Steam Controller correctly, you should probably take a look at the excellent SC Controller [GitHub] project.

    The latest release v0.4.4, that was made available yesterday adds in some interesting new features. A pretty important one, is the new "relative joystick camera" mode, which acts just like the Joystick Camera mode on Steam. Some games (like twin-stick shooters) don't always hold the position of your thumb on the right pad to continually fire, this mode should fix it for games where it doesn't work as expected.

  • Insurgency: Sandstorm is looking real good in the latest videos, Linux version should come in the first couple updates

    Insurgency: Sandstorm [Steam] is the new tactical FPS from New World Interactive that will be coming to Linux. There's new videos out to show it off and we have an update for you about Linux support.

Direct3D 10/DXVK

Filed under
Graphics/Benchmarks
Gaming
  • DXVK Merges Direct3D 10 API Support

    Separate from the "DXUP" initiative, the popular DXVK project for accelerating Direct3D 11 atop Vulkan now has support itself for Direct3D 10.

  • DXVK expands with Direct3D 10 over Vulkan in Wine, also info on the new Direct3D 9-to-11 project

    There's so many incredible things going on around Wine right now it's hard to keep track. DXVK is now expanding to support Direct3D 10 over Vulkan in Wine.

    Talking about it on the official GitHub account in this issue, the main developer of DXVK said it works in a similar way to DXUP with it being a "very thin wrapper around the existing D3D11 interfaces, while allowing for better interoperability between the two APIs.".

Canonical/Ubuntu: Newsletter, Kubernetes and Design

Filed under
Ubuntu
  • Ubuntu Weekly Newsletter 540
  • Deploying Kubernetes on Public Clouds is hard – or is it?

    Recently, there’s been talk about how Kubernetes has become hard to deploy and run on virtual substrates such as those offered by the public clouds. Indeed, the cloud-specific quirks around infrastructure provisioning, including storage, networking assets such as load balancers, and overall access control (IAM) differs from cloud to cloud provider. It is safe to assume that it also differs between your on-prem IaaS implementation or virtualized infrastructure and the public cloud APIs.

    With all the public Container-as-a-Service (CaaS) offerings available to you, why would you deploy Kubernetes to a generic IaaS substrate anyway? There are many reasons for doing so.

  • Design and Web team summary – 13 August 2018

    Welcome to the latest work and updates from the design and web team.

    The team manages all web projects across Canonical. From www.ubuntu.com to the Juju GUI we help to bring beauty and consistency to all the web projects.

Zorin OS 12.4 Released – More Secure and Compatible than Ever Before

Filed under
GNU
Linux

We are pleased to announce the release of Zorin OS 12.4. This new release brings together the latest software updates, bug fixes, performance enhancements and hardware support out of the box.

Zorin OS 12.4 introduces an updated hardware enablement stack. The newly-included Linux kernel 4.15, as well as an updated X server graphics stack, add compatibility for newer computers and hardware in Zorin OS. In addition, new patches for system vulnerabilities are included in this release, so you can have the peace of mind knowing that you’re using the most secure version of Zorin OS ever.

After installing Zorin OS 12.4, you will have the latest versions of the pre-installed packages. That means fewer software updates will need to be downloaded after installing Zorin OS onto your computer.

Read more

A Look At The Windows 10 vs. Linux Performance On AMD Threadripper 2990WX

Filed under
Graphics/Benchmarks

Complementing the extensive Linux benchmarks done earlier today of the AMD Threadripper 2990WX in our review (as well as on the Threadripper 2950X), in this article are our first Windows 10 vs. Linux benchmarks of this 32-core / 64-thread $1799 USD processor. Tests were done from Microsoft Windows 10 against Clear Linux, Ubuntu 18.04, the Arch-based Antergos 18.7-Rolling, and openSUSE Tumbleweed.

Read more

today's leftover

Filed under
Misc
  • Linux 4.18 Arrives With Some Big Changes
  • IBM S/390 Linux 4.19 Kernel Code Sees More Spectre Updates, Boot Code Rework

    The IBM System/390 "s390" architecture code has seen a number of improvements for Linux 4.19.

    Highlights of the s390 code updates sent in today for the just-opened Linux 4.19 kernel merge window include:

  • Hollywood Casts Open Source Software in Starring Role

    Amazing news out of Variety, the entertainment website, this weekend: Hollywood is going open source. The Academy of Motion Picture Arts and Sciences — best known for ‘The Oscars’ award ceremony — has teamed up with the Linux Foundation to launch the Academy Software Foundation (ASWF).

  • SIGGRAPH 2018: OpenCL-Next Taking Shape, Vulkan Continues Evolving

    It's a busy week folks as besides the AMD Threadripper 2 performance embargo expiring, it is also SIGGRAPH 2018 week in Vancouver and as well the start of the Linux 4.19 kernel cycle... No longer under wraps are the Khronos announcements from this annual graphics conference. Continue reading to learn about the latest happenings for the various Khronos industry-standard APIs and efforts like Vulkan and OpenCL-Next.

  • Dropbox drops any file system but ext4 on Linux

    Come November 7, cloud storage and synchronization provider Dropbox will drop support for any file system on Linux but ext4.

    In fact, Dropbox announced that it will support only four file systems on desktop systems going forward. Company representative Jay revealed as much on the official Dropbox forum.

  • How to display data in a human-friendly way on Linux
  • Wine Had A Successful GSoC 2018, Better Direct3D Game Benchmarks

    The Wine project once again participated in Google Summer of Code (GSoC) for furthering their open-source agenda of better support for Windows programs on Linux and other operating systems.

    The projects achieved this year were for better automated game benchmarks and implementing a subset of the concurrency namespace. (There also was a project originally listed for implementing missing bits of the Direct3D API, but that doesn't seen to have panned out and is no longer listed.)

  • Congratulations: Hanno Böck and co-authors win Pwnie!

    Congratulations to security researcher and Gentoo developer Hanno Böck and his co-authors Juraj Somorovsky and Craig Young for winning one of this year’s coveted Pwnie awards!

  • Gentoo booth at the FrOSCon, St. Augustin, Germany

    s last year, there will be a Gentoo booth again at the upcoming FrOSCon “Free and Open Source Conference” in St. Augustin near Bonn! Visitors can meet Gentoo developers to ask any question, get Gentoo swag, and prepare, configure, and compile their own Gentoo buttons.

  • Official Debian testing OpenStack image news

    A few things happened to the testing image, thanks to Steve McIntire, myself, and … some debconf18 foo!

  • Remember Palm? They will be back with a 3.3-inch mini smartphone

    The device is still known as Pepito, but the smartphone seems to be almost ready for commercial debut. However, instead of embracing the modern large-display smartphone phenomenon, the revived Palm will stick to its core principles — smaller and pocketable phones. Therefore, if the leaks are to be believed, then the Palm Pepito will sport a 3.3-inch touchscreen display with 720p picture resolution. It will be powered by Qualcomm’s Snapdragon 435 processor paired with 3GB of RAM and 32GB of internal storage.

  • Android Pie Smartphones List: Will My Phone Get Android 9 Update?

    Now that Android Pie is live, the first thing that comes to our mind is when my Android device will receive the new update. The exciting new features of Android P and the whole gesture navigation thing is not something anyone would want to miss.

  • Huawei Mate 20 Lite To Come With A 2K Display 6GBs Of Ram And Kirin 710 According to Leaks

    The Mate series have generally been Huawei’s flagship phablet series. The Mate 10 did great with consumers and reviewers alike. Infact Huawei also came out with the Mate 10 lite which had Huawei’s own Kirin 659 chip. The Kirin 659 chip at the time performed somewhat similar to the Snapdragon 625.

  • A bit more on privacy respecting health monitor / fitness tracker

    A few days ago, I wondered if there are any privacy respecting health monitors and/or fitness trackers available for sale these days. I would like to buy one, but do not want to share my personal data with strangers, nor be forced to have a mobile phone to get data out of the unit. I've received some ideas, and would like to share them with you. One interesting data point was a pointer to a Free Software app for Android named Gadgetbridge. It provide cloudless collection and storing of data from a variety of trackers. Its list of supported devices is a good indicator for units where the protocol is fairly open, as it is obviously being handled by Free Software. Other units are reportedly encrypting the collected information with their own public key, making sure only the vendor cloud service is able to extract data from the unit. The people contacting me about Gadgetbirde said they were using Amazfit Bip and Xiaomi Band 3.

Red Hat and Fedora

Filed under
Red Hat
Syndicate content

More in Tux Machines

Linux Scaling Benchmarks With The AMD Threadripper 2990WX In Various Workloads

While yesterday were the benchmarks showing how Linux games struggle to scale past a few CPU cores/threads, in this article is a look at the scaling performance of various applications/workloads under Linux up to 64 threads using the AMD Threadripper 2990WX. Here's a look at how the Linux performance changes in a variety of applications from one to sixty-four threads with this new HEDT processor. The benchmarks today are for mostly curiosity sake about Linux and the Threadripper 2990WX, particularly on the impact of 32 threads (cores) to 64 threads with SMT, etc. In the next few days is a much more interesting comparison and that is looking at the Windows Server 2019 vs. Linux performance on the Threadripper 2990WX at various SMT and CCX configurations. That should reveal a lot about Windows' scaling abilities given the immense interest this week in the Windows vs. Linux Threadripper performance. But for today are just these reference numbers. Read more

AryaLinux: A Distribution and a Platform

I’ll be honest, if you’re just a standard desktop user, AryaLinux is not for you. Although you can certainly get right to work on the desktop, if you need anything outside of the default applications, you might find it a bit too much trouble to bother with. If, on the other hand, you’re a developer, AryaLinux might be a great platform for you. Or, if you just want to see what it’s like to build a Linux distribution from scratch, AryaLinux is a pretty easy route. Even with its quirks, AryaLinux holds a lot of promise as both a Linux distribution and platform. If the developers can see to it to build a GUI front-end for the alps package manager, AryaLinux could make some serious noise. Read more

Lennart Jern: How Do You Fedora?

Lennart Jern is a Swedish-speaking Finn, who has been living in Umeå, Sweden, for about three years. He was born and raised in southern Finland where he obtained his master’s degree in applied mathematics. His time at university exposed Lennart’s true passion. “While at the university, I realized that computer science was really what I wanted to work with.” In order to follow his dream of working in computer science he moved to Sweden with his wife to pursue a master’s program in computer science. After a short while he had learned enough to land a job with a local startup. “I’m working with cloud/distributed systems, specifically with tools like kubernetes and OpenShift.” Lennart’s first contact with Linux was in 2006. Some of the computers in his high school were running OpenSuse. He installed Ubuntu’s Hardy Heron in 2008 and has been using Linux ever since. Read more

Security: WebAssembly, HTTP Tokens and More

  • The Problems and Promise of WebAssembly
    WebAssembly is a format that allows code written in assembly-like instructions to be run from JavaScript. It has recently been implemented in all four major browsers. We reviewed each browser’s WebAssembly implementation and found three vulnerabilities. This blog post gives an overview of the features and attack surface of WebAssembly, as well as the vulnerabilities we found. [...] Overall, the majority of the bugs we found in WebAssembly were related to the parsing of WebAssembly binaries, and this has been mirrored in vulnerabilities reported by other parties. Also, compared to other recent browser features, surprisingly few vulnerabilities have been reported in it. This is likely due to the simplicity of the current design, especially with regards to memory management. There are two emerging features of WebAssembly that are likely to have a security impact. One is threading. Currently, WebAssembly only supports concurrency via JavaScript workers, but this is likely to change. Since JavaScript is designed assuming that this is the only concurrency model, WebAssembly threading has the potential to require a lot of code to be thread safe that did not previously need to be, and this could lead to security problems. WebAssembly GC is another potential feature of WebAssembly that could lead to security problems. Currently, some uses of WebAssembly have performance problems due to the lack of higher-level memory management in WebAssembly. For example, it is difficult to implement a performant Java Virtual Machine in WebAssembly. If WebAssembly GC is implemented, it will increase the number of applications that WebAssembly can be used for, but it will also make it more likely that vulnerabilities related to memory management will occur in both WebAssembly engines and applications written in WebAssembly.
  • Detecting Bomb And Guns Using Normal WiFi: Researchers Find A New Way
    The test was able to give out accurate results on 15 different objects ranging in there different categories — Metal, liquid, and non-dangerous items. While it’s not clear whether the government will adopt and use the newly developed tracking method in public places, this certainly looks like the best way to stop guns and bombs get into school premises.
  • What OpenShift Online customers should know about L1TF OpenShift SRE Security
    On Aug. 14, 2018, information was released about another set of “speculative execution” issues with Intel microprocessor hardware known as “L1 Terminal Fault”. As with earlier issues like Spectre and Meltdown, this information was coordinated with the release of updated software solutions to help mitigate the issue. At the time the embargo was lifted, the OpenShift SRE team worked to begin remediation (detailed below) on all OpenShift Online clusters. All Pro clusters finished remediation shortly before 18h00 EDT August 14, 2018. All Starter clusters were patched as of 23h30 EDT August 14, 2018.
  • L1TF (AKA Foreshadow) Explained in 3 Minutes from Red Hat
  • Google bod wants cookies to crumble and be remade into something more secure
    A key member of the Google Chrome security team has proposed the death of cookies to be replaced with secure HTTP tokens. This week Mike West posted his "not-fully-baked" idea on GitHub and asked for comments. "This isn't a proposal that's well thought out, and stamped solidly with the Google Seal of Approval," he warns. "It's a collection of interesting ideas for discussion, nothing more, nothing less." So far, people are largely receptive to the idea while pointing to the complexities that exist in trying to replace something that has become an everyday part of online interaction.
  • Mozilla Recommend a Privacy Extension That Is Tracking Your Web History
    Web Security, a Firefox extension with over 200,000 current users, tracks every website users visit and stores that information on a German web server. The extension was recommended by Mozilla in a blog post last week about add-ons that improve users’ privacy. Mozilla has since edited the post, removing Web Security.