Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 23 Apr 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story OSS Leftovers Roy Schestowitz 21/04/2018 - 5:25am
Story today's howtos Roy Schestowitz 21/04/2018 - 5:21am
Story Security: Updates, IBM, Elytron and Container Vulnerability Scanning Roy Schestowitz 21/04/2018 - 4:45am
Story NetBSD 8.0 RC1 Available, Bringing Initial USB 3.0 Support & Spectre/Meltdown Mitigation Roy Schestowitz 21/04/2018 - 4:43am
Story Graphics: AMD, Intel and Vulkan Roy Schestowitz 21/04/2018 - 4:05am
Story Games Leftovers Roy Schestowitz 21/04/2018 - 4:03am
Story Red Hat Rebranding and Shares Roy Schestowitz 21/04/2018 - 3:07am
Story Databases: Revenue Shift and PostgreSQL Roy Schestowitz 21/04/2018 - 3:06am
Story How to Turn Any Linux PC Into a Kodi-Based HTPC With Kodibuntu Roy Schestowitz 21/04/2018 - 3:04am
Story Android Leftovers Rianne Schestowitz 20/04/2018 - 8:22pm

Malware in Microsoft, Bugs in Android Apps

Filed under
Android
Google
Microsoft
Web

Spyder – The Scientific Python IDE for Data Science

Filed under
Development

I don’t know how many of our readers are research scientists, data analysts, etc. but today, we introduce an IDE that is ideal for Python development and it goes by the name of Spyder.

Spyder is an Open Source IDE written in Python for Python development with a focus on research, data analysis, and scientific package creation. It boasts a well-planned User Interface with interactive options, customizable layouts, and toggle-able sections.

Its features include a multi-language editor with automatic code completion, real-time code analysis, go-to definitions, etc. It also contains a history log, developer tools, a documentation viewer, a variable explorer, and an interactive console, among other perks.

Read more

LWN on Linux: 'Secure' Boot, AF_XDP Patch, 4.17 Release and 'Beep'

Filed under
Linux
  • Kernel lockdown locked out — for now

    As the 4.17 merge window opened, it seemed possible that the kernel lockdown patch set could be merged at last. That was before the linux-kernel mailing list got its hands on the issue. What resulted was not one of the kernel community's finest moments. But it did result in a couple of evident conclusions: kernel lockdown will almost certainly not be merged for 4.17, but something that looks very much like it is highly likely to be accepted in a subsequent merge window.

    As a reminder: the purpose of the lockdown patches is to enforce a distinction between running as root and the ability to run code in kernel mode. Proponents of UEFI secure boot maintain that this separation is necessary; otherwise the promise of secure boot (that the system will only run trusted code in kernel mode) cannot be kept. Closing off the paths by which a privileged attacker could run arbitrary code in kernel mode requires disabling a number of features in the kernel; see the above-linked article for the details. Most users will never miss the disabled features, but there are always exceptions.

    [...]

    One other aspect of this issue that came up briefly is the fear that, if Linux looks like a tool that can be used to compromise secure-boot systems running Windows, that Microsoft might blacklist the signing key and render Linux unbootable on most x86 hardware. David Howells expressed this worry, for example. Greg Kroah-Hartman said, though, that he has researched this claim numerous times and it has turned out to be an "urban myth".

  • Accelerating networking with AF_XDP

    The Linux network stack does not lack for features; it also performs well enough for most uses. At the highest network speeds, though, any overhead at all is too much; that has driven the most demanding users toward specialized, user-space networking implementations that can outperform the kernel for highly constrained tasks. The express data path (XDP) development effort is an attempt to win those users back, with some apparent success so far. With the posting of the AF_XDP patch set by Björn Töpel, another piece of the XDP puzzle is coming into focus.

  • The first half of the 4.17 merge window

    As of this writing, 5,392 non-merge changesets have been pulled into the mainline repository for the 4.17 release. The 4.17 merge window is thus off to a good start, but it is far from complete. The changes pulled thus far cover a wide part of the core kernel as well as the networking, driver, and filesystem subsystems.

  • What the beep?

    A "simple" utility to make a system beep is hardly the first place one would check for security flaws, but the strange case of the "Holey Beep" should perhaps lead to some rethinking. A Debian advisory for the beep utility, which was followed by another for Debian LTS, led to a seemingly satirical site publicizing the bug (and giving it the "Holey Beep" name). But that site also exploits a new flaw in the GNU patch program—and the increased scrutiny on beep has led to more problems being found.

Games: Cities: Skylines - Parklife expansion, Supposedly Wonderful Future, Serious Sam 4

Filed under
Gaming

Graphics: AMD, RADV, RadeonSI, Mesa 18.0.1

Filed under
Graphics/Benchmarks
  • AMDGPU DRM Gets "GFXOFF" Patches To Turn Off Graphics Engine

    AMD's Huang Rui has posted a set of 20 patches providing "GFXOFF" support for the AMDGPU Direct Rendering Manager Linux kernel driver.

    GFXOFF is a new graphics processor feature that allows for powering off the graphics engine when it would otherwise be idle with no graphics workload. Obviously, this would equate to a potentially significant power savings with that engine being able to be shut-off.

  • RADV Driver Lands Support For Vulkan's New Descriptor Indexing Extension

    Earlier this month with the Vulkan 1.1.72 specification update was the new VK_EXT_descriptor_indexing extension that is quickly being well received by developers.

    The VK_EXT_descriptor_indexing extension allows for creating large descriptor sets made up of all their combined resources and selecting those resources via dynamic indexes in a shader.

  • RadeonSI Now Appears To Support "RX Vega M" With Intel Core CPUs

    One of the most common Linux hardware questions I've received dozens of times in the past few weeks alone has been over the support for "RX Vega M" Vega-based graphics processors found on select newer Intel Kabylake CPUs. It appears RadeonSI at least should now support these Radeon graphics on Intel CPUs.

  • mesa 18.0.1
  • Mesa 18.0.1 Released With A Number Of Fixes

    In addition to Mesa 17.3.9 being released today, Mesa 18.0.1 also rolled out the door as the first point release to last quarter's Mesa 18.0 series.

    Mesa 18.0.1 features improvements to its Meson build system support, several RADV Vulkan driver fixes, various fixes to the Gallium3D Nine (D3D9) state tracker, various Intel driver fixes, several core Mesa improvements, and then the other random smothering of fixes collected over the past few weeks.

Programming: nGraph Compiler, JavaScript Trademark, PyPI and Pip

Filed under
Development
  • Intel Opens Up nGraph Source Code For DNN Model Compiler

    Intel tonight announced they are open-sourcing their nGraph compiler code, which serves as a framework-neutral deep neural network model compiler.

    Intel claims with nGraph and Xeon Scalable hardware that researchers can obtain up to 10x performance improvements over previous TensorFlow integrations, as one example. Besides TensorFlow, nGraph also supports PyTorch, MXNet, Neon, Caffe2, and CNTK while also planning to support other frameworks moving forward.

  • Why it's finally time to give up on the name JavaScript

    An iOS developer has apparently received a cease and desist notice from Oracle over the use of the word "JavaScript" in the title of their app. The developer, Tyanya Software, shared the notice on perennial internet soapbox Reddit to seek advice on how to fight the order.

    [...]

    If user reviews are any indication, the app is not even particularly good, with reviewers stating things such as "Not ready for production," "Does not work as advertised," and "Waste of money, don't buy this." The last update to the app was in 2014, which the changelog notes was only an upgrade to add support for iOS 8. The app developer is at least honest about the intent behind the unwieldy name for the app, saying in a Reddit comment that "we game the App Store ranking by adding all the keywords to the app name."

    While Oracle has a duty to protect their trademarks, this type of legal bludgeoning underscores a historical problem that has been left unaddressed for too long: JavaScript is a terrible name for the thing being described.

    It has nothing to do with Java, an actual product developed by Sun (now owned by Oracle). JavaScript was developed at Mozilla, and the name was changed during beta releases of Netscape Navigator 2.0 from "LiveScript" to "JavaScript." It has, for some time, caused confusion among casual web users about the difference between Java and JavaScript. Given that ECMAScript is also a trademarked term, it seems best to revert to calling the language "LiveScript" to undercut trademark-related legal posturing.

    [...]

    Oracle declined to comment on this story.

  • New PyPI launched

    The new PyPI has been launched. Browser traffic and API calls (including "pip install") have been redirected from the old pypi.python.org to the new site. The old PyPI will shut down on April 30. LWN covered the new PyPI last week.

  • Pip 10.0 has been released

    The release of pip 10.0 has been announced. Some highlights of this release include the removal of Python 2.6 support, limited PEP 518 support (with more to come), a new "pip config" command, and other improvements.

Meltdown/PTI Mitigation Impact On BSDs vs. Linux

Filed under
Graphics/Benchmarks
Linux
BSD

Besides the fresh BSD/Linux disk performance tests, some other tests I ran on various BSDs and Linux distributions this week was looking at the performance impact of Intel Meltdown CPU vulnerability mitigation on each of them, namely the performance impact of using kernel page-table isolation.

On DragonFlyBSD 5.2, TrueOS 18.03, Ubuntu 16.04, Ubuntu 18.04, and Clear Linux I ran tests when the mitigation was enabled and then again when it was off for seeing the performance impact.

Read more

Red Hat and Fedora Leftovers

Filed under
Red Hat
  • Enterprise Node.js on OpenShift, April 19th, 12 p.m. EDT

    The next online DevNation Live Tech Talk is Thursday, April 19th at 12pm EDT. The topic is “Enterprise Node.js on Red Hat OpenShift” presented by Lance Ball, and hosted by Burr Sutter. The popularity of JavaScript on the front end and the JSON format for data has led to a “JavaScript Everywhere” movement with Node.js at the center. Node.js offers developers an event-driven, non-blocking I/O model that is perfect for high concurrency, low-latency applications that run across distributed devices. Its reactive architecture makes it an ideal technology for containerized microservices architectures you’ve been hearing so much about.

  • President to President with Luc Villeneuve, Red Hat Canada

    ITWC President Fawn Annan gets to the point with Red Hat’s general manager for Canada. Villeneuve speaks about building the open source technology firm in the country, the unique differences when dealing with the Quebec market, and how he fosters a positive culture in the workplace. Plus, he dishes on how his experience in journey hockey taught him how to build a successful sales team.

  • Be mindful of jumping into an open source project too soon: RedHat CTO

    Open source software has long been seen as a movement towards collaborative development. In a conversation with BusinessLine, Chris Wright, Vice-President & CTO at RedHat, talks about some of the challenges the open source community is facing and why it is important to set expectations right when it comes to promoting open source software. Edited excerpts:

  • DevOps Tool Market Global Manufacturers: Chef, Atlassian, Saltstac, Red Hat and Docker Inc.
  • Two sizzlers stock’s are not to be missed: Red Hat, Inc. (RHT), Navient Corporation (NAVI)
  • Fedora Community Blog: Fedora meetup at Pune – March 2018

    Long time we did not had any meetup at Pune, Maharashtra, India, so we decided to get started again. Details about this meetup are available at Fedora Wiki page.

    Planning for meetup started 1 month before. Initially Ompragash proposed to have meetup.com account for Fedora Pune to get more awareness. Later dropped this plan, since this is not only Fedora Pune level topic but applicable for all Fedora events.

  • Fedora 28 Beta – dnf system-upgrade

    Used DNF to remove duplicate rpms, reinstalled the new kernel and libwbclient, and corrected GNOME’s right-click behaviour, and all is well.

Security Leftovers

Filed under
Security

Devices Leftovers

Filed under
Linux
Hardware

‘No Company Is So Important Its Existence Justifies Setting Up a Police State’

Filed under
GNU
Interviews

You’re talking about very — about specific manifestations, and in some cases in ways that presuppose a weak solution.

What is data privacy? The term implies that if a company collects data about you, it should somehow protect that data. But I don’t think that’s the issue. I think the problem is that it collects data about you period. We shouldn’t let them do that.

I won’t let them collect data about me. I refuse to use the ones that would know who I am. There are unfortunately some areas where I can’t avoid that. I can’t avoid even for a domestic flight giving the information of who I am. That’s wrong. You shouldn’t have to identify yourself if you’re not crossing a border and having your passport checked.

With prescriptions, pharmacies sell the information about who gets what sort of prescription. There are companies that find this out about people. But they don’t get much of a chance to show me ads because I don’t use any sites in a way that lets them know who I am and show ads accordingly.

So I think the problem is fundamental. Companies are collecting data about people. We shouldn’t let them do that. The data that is collected will be abused. That’s not an absolute certainty, but it’s a practical, extreme likelihood, which is enough to make collection a problem.

A database about people can be misused in four ways. First, the organization that collects the data can misuse the data. Second, rogue employees can misuse the data. Third, unrelated parties can steal the data and misuse it. That happens frequently, too. And fourth, the state can collect the data and do really horrible things with it, like put people in prison camps. Which is what happened famously in World War II in the United States. And the data can also enable, as it did in World War II, Nazis to find Jews to kill.

In China, for example, any data can be misused horribly. But in the U.S. also, you’re looking at a CIA torturer being nominated to head the CIA, and we can’t assume that she will be rejected. So when you put this together with the state spying that Snowden told us about, and with the Patriot Act that allows the FBI to take almost any database of personal data without even talking to a court. And what you see is, for companies to have data about you is dangerous.

And I’m not interested in discussing the privacy policies that these companies have. First of all, privacy policies are written so that they appear to promise you some sort of respect for privacy, while in fact having such loopholes that the company can do anything at all. But second, the privacy policy of the company doesn’t do anything to stop the FBI from taking all that data every week. Anytime anybody starts collecting some data, if the FBI thinks it’s interesting, it will grab that data.

And we also know that the FBI and other such agencies are inclined to label protesters as terrorists. So that way they can use laws that were ostensibly adopted to protect us from terrorists to threaten a much larger number of us than any terrorist could.

Read more

Also: Numerical Analysis Software Global Market Analysis & Forecast: Analytica, Matlab, GNU Octave, Plotly, FlexPro

Today in Techrights

Filed under
News

3 tips for organizing your open source project's workflow on GitHub

Filed under
OSS

Managing an open source project is challenging work, and the challenges grow as a project grows. Eventually, a project may need to meet different requirements and span multiple repositories. These problems aren't technical, but they are important to solve to scale a technical project. Business process management methodologies such as agile and kanban bring a method to the madness. Developers and managers can make realistic decisions for estimating deadlines and team bandwidth with an organized development focus.

Read more

How will the GDPR impact open source communities?

Filed under
OSS

The General Data Protection Regulation (GDPR) was approved by the EU Parliament on April 14, 2016, and will be enforced beginning May 25, 2018. The GDPR replaces the Data Protection Directive 95/46/EC which was designed "to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy."

The aim of the GDPR is to protect the personal data of individuals in the EU in an increasingly data-driven world.

Read more

Trisquel 9.0 Development Plans and Trisquel 8.0 Release

Filed under
GNU
Linux
  • Trisquel 9.0 development plans

    Just as we release Trisquel 8.0, the development of the next version begins! Following the naming suggestions thread I've picked Etiona, which sounds good and has the fewest search results.

    We currently do our development in a rented dedicated server in France, and although it is functional it has many performance and setup issues. It has 32 gigs of RAM, which may sound like plenty but stays below the sweet spot where you can create big enough ramdisks to compile large packages without having to ever write to disk during the build process, greatly improving performance. It also has only 8 cores and rather slow disks. The good news is that the FSF has generously decided to host a much larger dedicated build server for us, which will allow us to scale up operations. The new machine will have fast replicated disks, lots of RAM and two 12 core CPUs.

    Along with renewing the hardware, we need to revamp the software build infrastructure. Currently the development server runs a GitLab instance, Jenkins and pbuilder-based build jails. This combination was a big improvement from the custom made scripts of early releases, but it has some downsides that have been removed by sbuild. Sbuild is lighter and faster and has better crash recovery and reporting.

  • Trisquel 8.0 LTS Flidas

    Trisquel 8.0, codename "Flidas" is finally here! This release will be supported with security updates until April 2021. The first thing to acknowledge is that this arrival has been severely delayed, to the point where the next upstream release (Ubuntu 18.04 LTS) will soon be published. The good news is that the development of Trisquel 9.0 will start right away, and it should come out closer to the usual release schedule of "6 months after upstream release".

    But this is not to say that we shouldn't be excited about Trisquel 8.0, quite the contrary! It comes with many improvements over Trisquel 7.0, and its core components (kernel, graphics drivers, web browser and e-mail client) are fully up to date and will receive continuous upgrades during Flidas' lifetime.
    Trisquel 8.0 has benefited from extensive testing, as many people have been using the development versions as their main operating system for some time. On top of that, the Free Software Foundation has been using it to run the Libreplanet conference since last year, and it has been powering all of its new server infrastructure as well!

FOSS Events in Europe: Rust, foss-north, KubeCon + CloudnativeCon Europe 2018

Filed under
OSS
  • Rust loves GNOME Hackfest: Day 1

    This is a report of the first day of the Rust loves GNOME Hackfest that we are having in Madrid at the moment. During the first day we had a round of introductions and starting outlining the state of the art.

  • Madrid GNOME+Rust Hackfest, part 1

    I'm in Madrid since Monday, at the third GNOME+Rust hackfest! The OpenShine folks are kindly letting us use their offices, on the seventh floor of a building by the Cuatro Caminos roundabout.

    I am very, very thankful that this time everyone seems to be working on developing gnome-class. It's a difficult project for me, and more brainpower is definitely welcome — all the indirection, type conversion, GObject obscurity, and procedural macro shenanigans definitely take a toll on oneself.

  • Five days left

    I use to joke that the last week before foss-north is the worst – everything is done, all that is left is the stress.

  • KubeCon + CloudnativeCon Europe 2018

    The Cloud Native Computing Foundation’s flagship conference will be taking place in Copenhagen from May 2-4. It will cover Kubernetes, Prometheus OpenTracing, Fluentd, Linkerd, gRPC, CoreDNS, and other key technologies in cloud native computing.

Programming: Taxonomy of Tech Debt, Python and More

Filed under
Development
  • A Taxonomy of Tech Debt

    Hi there. I’m Bill “LtRandolph” Clark, and I’m the engineering manager for the Champions team on LoL. I’ve worked on several different teams on League over the past years, but one focus has been consistent: I’m obsessed with tech debt. I want to find it, I want to understand it, and where possible, I want to fix it.

    When engineers talk about any existing piece of technology - for example League of Legends patch 8.4 - we often talk about tech debt. I define tech debt as code or data that future developers will pay a cost for. Countless blog posts, articles, and definitions have been written about this scourge of software development. This post will focus on types of tech debt I’ve seen during my time working at Riot, and a model for discussing it that we’re starting to use internally. If you only take away one lesson from this article, I hope you remember the “contagion” metric discussed below.

  • 6 Python datetime libraries

    Once upon a time, one of us (Lacey) had spent more than an hour staring at the table in the Python docs that describes date and time formatting strings. I was having a hard time understanding one specific piece of the puzzle as I was trying to write the code to translate a datetime string from an API into a Python datetime object, so I asked for help.

  • Getting started with Anaconda Python for data science
  • How to install the Moodle learning management system
  • Anatomy of a JavaScript Error
  • Is DevOps compatible with part-time community teams?
Syndicate content

More in Tux Machines

Thunderbolt 3 in Fedora 28

  • The state of Thunderbolt 3 in Fedora 28
    Fedora 28 is around the corner and I wanted to highlight what we did to make the Thunderbolt 3 experience as smooth as possible. Although this post focuses on Fedora 28 for what is currently packaged and shipping, all changes are of course available upstream and should hit other distributions in the future.
  • Thunderbolt 3 Support Is In Great Shape For Fedora 28
    Red Hat developers have managed to deliver on their goals around improving Thunderbolt support on the Linux desktop with the upcoming Fedora 28 distribution update. This has been part of their goal of having secure Thunderbolt support where users can authorize devices and/or restrict access to certain capabilities on a per-device basis, which is part of Red Hat's Bolt project and currently has UI elements for the GNOME desktop.

New Heptio Announcements

Android Leftovers

New Terminal App in Chome OS Hints at Upcoming Support for Linux Applications

According to a Reddit thread, a Chromebook user recently spotted a new Terminal app added to the app drawer when running on the latest Chrome OS Dev channel. Clicking the icon would apparently prompt the user to install the Terminal app, which requires about 200 MB of disk space. The installation prompt notes the fact that the Terminal app can be used to develop on your Chromebook. It also suggests that users will be able to run native apps and command-line tools seamlessly and securely. Considering the fact that Chrome OS is powered by the Linux kernel, this can only mean one thing. Read more