Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 23 Mar 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story LibreOffice 6.2.2 Office Suite Released with More Than 50 Fixes, Download Now Rianne Schestowitz 2 21/03/2019 - 5:02pm
Story Graphics: Gallium3D, NVIDIA, AMD Radeon and SVT-AV1 Roy Schestowitz 1 21/03/2019 - 4:47pm
Story Today in Techrights Roy Schestowitz 21/03/2019 - 4:39pm
Story Android Leftovers Rianne Schestowitz 21/03/2019 - 4:32pm
Story Benchmarking A 10-Core Tyan/IBM POWER Server For ~$300 USD Rianne Schestowitz 21/03/2019 - 4:15pm
Story today's leftovers Roy Schestowitz 21/03/2019 - 4:14pm
Story Server Leftovers Roy Schestowitz 21/03/2019 - 4:13pm
Story Top 10 New Linux SBCs to Watch in 2019 Rianne Schestowitz 21/03/2019 - 4:12pm
Story Fedora: Systemd, AskFedora, Varnish Roy Schestowitz 21/03/2019 - 4:11pm
Story Mozilla, Firefox and ChromeOS/Chrome Roy Schestowitz 21/03/2019 - 4:00pm

Security: Updates, Trust, IPFire 2.21 and Superuserss

Filed under
Security
  • 40 Linux Server Hardening Security Tips [2019 edition]
  • Why Trust Is Key for Cyber-Security Risk Management

    "Trust" is an often-overused term, but according to Rohit Ghai, president of RSA Security, trust is the key to understanding and managing digital risk.

    In a video interview with eWEEK, Ghai discusses his views on trust, where the concept of an artificial intelligence "digital twin" fits in and why there could well be a need to redefine industry cyber-security categories to better reflect how risk management technologies should work. He also provides insight into how RSA Security's products, including Archer, Netwitness and SecurID, fit together to help organizations provide trust and manage risk.

    "As long as we pay attention to the idea of risk and trust co-existing and taking a risk orientation to security, I think we'll be fine," Ghai said. "Trust is important. We are living in an era where people are losing faith or trust in technology, and we have to act now to restore it."

  • IPFire 2.21 - Core Update 129 is ready for testing

    The next release is available for testing - presumably going to be last release in the 2.21 series before we bring some bigger changes. This update has a huge number and significant changes for IPsec as well as many updates to the core system and various smaller bug fixes.

  • Superuser accounts: What they are and how to secure them

    Most security technologies are helpless in protecting against superusers because they were developed to protect the perimeter – but superusers are already on the inside. Superusers may be able to change firewall configurations, create backdoors and override security settings, all while erasing traces of their activity.

    Insufficient policies and controls around superuser provisioning, segregation and monitoring further heighten risks. For instance, database administrators, network engineers and application developers are frequently given full superuser-level access. Sharing of superuser accounts among multiple individuals is also a rampant practice, which muddles the audit trail. And in the case of Windows PCs, users often log in with administrative account privileges –far broader than what is needed.

Python Programming Leftovers

Filed under
Development

New From RMS: Install Fests: What to Do about the Deal with the Devil

Filed under
GNU
Linux

Install fests invite users to bring their computers so that experts can install GNU/Linux on them. This is meant to promote the idea of free software as well as the use of free software. In practice, these two goals conflict: users that want to reject nonfree software entirely need to choose their computers carefully to achieve that goal.

The problem is that most computers can't run with a completely free GNU/Linux distro. They contain peripherals, or coprocessors, that won't operate unless the installed system contains some nonfree drivers or firmware. This happens because hardware manufacturers refuse to tell us how to use their products, so that the only way to figure out how is by reverse engineering, which in most cases has not yet been done.

This presents the install fest with a dilemma. If it upholds the ideals of freedom, by installing only free software from 100%-free distros, partly-secret machines won't become entirely functional and the users that bring them will go away disappointed. However, if the install fest installs nonfree distros and nonfree software which make machines entirely function, it will fail to teach users to say no for freedom's sake. They may learn to like GNU/Linux, but they won't learn what the free software movement stands for. In effect, the install fest makes a tacit deal with the devil that suppresses the free software movement's message about freedom and justice.

The nonfree software means the user sacrifices freedom for functionality. If users had to wrestle with this choice, they could draw a moral lesson from it, and maybe get a better computer later. But when the install fest makes the compromise on the user's behalf, it shelters the user from the moral dimension; the user never sees that something other than convenience is at stake. In effect, the install fest makes the deal with the devil, on the user's behalf, behind a curtain so the user doesn't recognize that it is one.

I propose that the install fest show users exactly what deal they are making. Let them talk with the devil individually, learn the deal's bad implications, then make a deal—or refuse!

As always, I call on the install fest itself to install only free software, taking a strict stance. In this way it can set a clear moral example of rejecting nonfree software.

My new idea is that the install fest could allow the devil to hang around, off in a corner of the hall, or the next room. (Actually, a human being wearing sign saying “The Devil,” and maybe a toy mask or horns.) The devil would offer to install nonfree drivers in the user's machine to make more parts of the computer function, explaining to the user that the cost of this is using a nonfree (unjust) program.

Read more

Also: RMS article: "Install fests: What to do about the deal with the devil"

LinHES R8.6 Released

Filed under
GNU
Linux

The LinHES Dev team is pleased to announce the release of LinHES R8.6!

LinHES R8.6 updates MythTV to 30-fixes as well as updates to the kernel, system libraries, graphics drivers and many other parts of LinHES.

Release notes and upgrade instructions can be found here.

Read more

Also: Tails 3.13 is out

Debian and Ubuntu, Lies and Marketing

Filed under
Debian
Ubuntu
Misc
  • Jonathan Carter: Running for DPL

    I am running for Debian Project Leader, my official platform is published on the Debian website (currently looks a bit weird, but a fix is pending publication), with a more readable version available on my website as well as a plain-text version.

    Shortly after I finished writing the first version of my platform page, I discovered an old talk from Ian Murdock at Microsoft Research where he said something that resonated well with me, and I think also my platform.

  • Stephen Michael Kellat: Middle of March Meandering

    Eventually I intend to try Ubuntu Server installations to the three idle Raspberry Pi 3B+ boards. The ultimate goal there is for being able to offload video transcoding.

  • Ubuntu Weekly Newsletter Issue 570
  • Two-thirds of Android antivirus apps are worthless or worse

    Yes, you may as well change your wallpaper to say "no viruses allowed:" it'd be just as effective as the 170 antivirus products that detected fewer than 30 per cent of the 2000 malicious apps installed for testing purposes.

  • Why foldable smartphones are more fad than forever devices

    I've been a part of many industries and, without fail, each industry eventually resorts to gimmicks to sell a product. In some instances, the gimmick convinces consumers that the new product and is the must-have of the industry.

    [...]

    The smartphone industry is no stranger to such snake-oil salesmanship. We've seen pop-up selfie cameras, Samsung Air View, built-in projectors, the HTC kickstand, the Amazon Fire Phone, the Ubuntu Phone, LG Modules, smart scroll, Alcatel disco lights, Blackberry Storm, Samsung edge display, KnockOn Password, HTC U11, and Pixel squeezable sides.

    The point being, the smartphone industry is keen on bringing to light a plethora of gimmicks to try and woo users away from their current devices.

OSS Leftovers: foss-north 2019, LibrePlanet 2019, Public Health, Public Interest and Simon Phipps on 'FRAND'

Filed under
OSS
  • foss-north 2019: Training Day

    The 2019 incarnation of foss-north is less than a month away. This year we’re extending the conference in two directions: a training day and a community day. This time, I wanted to write about the training day.

    The training day, April 10, is an additional day for those who want to extend
    the conference with a day of dedicated training. I’m very happy to have two experienced and well known trainers on side: Michael Kerrisk and Chris Simmonds. Both has years of training experience.

    Michael will teach about the details in dynamic linking. The topic may seem trivial, but when you start scratching the surface, there are a lot of details to discover such as how to handle version compatibility, how symbol resolution really works, and so on. You can read more about the Building and Using Shared Libraries on Linux training here.

  • Your guide to LibrePlanet 2019, March 23-24!

    Are you planning on joining us for LibrePlanet 2019, coming up this weekend, March 23-24, at the Stata Center, Massachusetts Institute of Technology (MIT)? If you haven't registered yet, there's still time -- registration is open through Tuesday, March 19 at 10:00 EDT, and we also welcome walk-ins (space permitting)! Remember, students and Free Software Foundation (FSF) associate members get in gratis.

    We also hope you'll join us for the Friday night open house at the FSF office, here in Boston -- you can pick up your badge early to skip the line Saturday morning (more details below).

  • Will this new openness to open source heed past lessons?

     

    We set out to demonstrate how open source could work in the NHS for both vendors and users, and to dispel many of the myths that existed about open source. We created the NHS Open Source Foundation (now The Apperta Foundation), a not-for-profit designed to act as a custodian for quality assured NHS open source software, adapting the model developed by OSERA in the US for VistA.
     

    We identified a number of issues which we worked hard to address.

  • France’s economic council wants a greater European role for free software

     

    The European Union should encourage the use of free software, for example by setting quotas in public procurement and financing its development, says France’s Economic, Social and Environmental Council (Conseil économique, social et environnemental, or CESE). The constitutional consultative assembly sees free software, sharing and reuse as strategic parts of the European digital culture.

  • Release of Opinion Paper on Open Source and FRAND by OFA Fellow Simon Phipps

    The question if Open Source Software can be combined with a FRAND (fair, reasonable, and non-discriminatory) regime is often at the centre of the debate. Possibly, this question though is not the deciding one, as such a legal compatibility would require that Open Source developers would collaborate under such a regime.

    OpenForum Europe is very excited to publish the Opinion Paper by OFA Fellow and President of the Open Source Initiative, Simon Phipps. In this paper Simon posits that the core issue of Open Source Software and FRAND is not a legal one, but that Open Source developers will not collaborate under a FRAND regime.

Security: Updates, "US Huawei Blackballing Efforts" and Microsoft's Back Doors Keep Crackers Busy

Filed under
Security
  • Security updates for Tuesday
  • US Huawei Blackballing Efforts Stall Due To Lack Of 'Actual Facts'

    During the Trump era, the US government has dramatically ramped up claims that Chinese hardware vendor Huawei is a nefarious spy for the Chinese government, blackballing it from the U.S. telecom market. From pressuring U.S. carriers to drop plans to sell Huawei phones to the FCC's decision to ban companies from using Huawei gear if they want to receive federal subsidies, this effort hasn't been subtle.

    While Huawei should never be confused with a saint (what telecom company would be?) there's several problems with the effort. The biggest being that despite a decade of hand-wringing and one eighteen month investigation by the US government, there's still no public evidence Huawei uses its network gear to spy on Americans. That's not sitting well with countries we've asked to join along in the fun.

  • Sorry, Linux. We know you want to be popular, but cyber-crooks are all about Microsoft for now

    Eight out of the ten most exploited vulnerabilities tracked by threat intelligence biz Recorded Future in 2018 targeted Microsoft products – though number two on its list was, surprise surprise, a Flash flaw.

    The most exploited vuln in the firm's hall of shame was a remote code execution flaw in Windows' VBScript engine that could pwn users who opened a booby-trapped web page with Internet Explorer.

    "Exploit kits associated with this vulnerability were noted to spread the malware Trickbot through phishing attacks," said Recorded Future in a report published today.

    The Flash vuln was none other than one exploited by North Korean state-backed hackers – first detected by South Korea's CERT, which discovered a flood of booby-trapped MS Office documents, web pages, spam messages and more.

Graphics and Games: NVIDIA, Orbital/Vulkan, Cataclysm and System Shock 3

Filed under
Graphics/Benchmarks
Gaming
  • NVIDIA Shows Off Quake II Path-Traced Using Vulkan RTX/Ray-Tracing

    ne of the demos NVIDIA is showing off this week at their GPU Technology Conference is Quake II being path-traced using a Vulkan port of the game and adapted to handle VK_NV_ray_tracing functionality paired with the latest GeForce RTX GPUs.

    Q2VKPT is a path-traced version of Quake II started by a former NVIDIA intern and is rendered using Vulkan and does support Linux.

  • Orbital: A PlayStation 4 Emulator That Is Emulating The PS4's AMD GPU Using Vulkan

    Orbital is an open-source project providing a virtualization-based PlayStation 4 emulator that is still in its early stages but what interests us is its technical details including the use of Vulkan/SPIR-V.

    Orbital leverages QEMU and other open-source components. At this stage it's not running any PS4 games but is able to boot into safe mode on PS4 5.xx kernels.

  • Cataclysm - Dark Days Ahead, a free and open source turn-based survival game had a huge update

    It occurred to me today, that no one here at GOL seems to have ever written about the free and open source turn-based survival game Cataclysm - Dark Days Ahead.

    Okay, so what is it? A classic roguelike with a survival theme, set in a post-apocalyptic procedurally generated world.

  • System Shock 3 may see Linux support, OtherSide still working on Underworld Ascendant for Linux

    OtherSide Entertainment have teased out a new short video of System Shock 3 and it may see Linux support.

    Not to be confused with the crowdfunded System Shock reboot that Nightdive Studios are currently working on. System Shock 3 is being made with some of the original team behind the first two games as well like Warren Spector, so it should remain faithful to the series while being a rather nice upgrade in visuals.

Stable kernels 5.0.3, 4.20.17, 4.19.30, 4.14.107 and 4.9.164

Filed under
Linux
  • Linux 5.0.3

    I'm announcing the release of the 5.0.3 kernel.

    All users of the 5.0 kernel series must upgrade.

    The updated 5.0.y git tree can be found at:
    git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.0.y
    and can be browsed at the normal kernel.org git web browser:
    http://git.kernel.org/?p=linux/kernel/git/stable/linux-st...

  • Linux 4.20.17
  • Linux 4.19.30
  • Linux 4.14.107
  • Linux 4.9.164

Firefox 66 Released

Filed under
Moz/FF

Firefox now prevents websites from automatically playing sound. You can add individual sites to an exceptions list or turn blocking off.

Read more

Also: Firefox 66 Arrives - Blocks Auto-Playing Sounds, Hides Title Bar By Default For Linux

Mozilla/Firefox: Reducing Your Online Annoyances, This Week in Servo Development and Vista 10 Integration

Filed under
Moz/FF
  • Today’s Firefox Aims to Reduce Your Online Annoyances

    Almost a hundred years ago, John Maynard Keyes suggested that the industrial revolution would effectively end work for humans within a couple of generations, and our biggest challenge would be figuring what to do with that time. That definitely hasn’t happened, and we always seem to have lots to do, much of it online. When you’re on the web, you’re trying to get stuff done, and therefore online annoyances are just annoyances. Whether it’s autoplaying videos, page jumps or finding a topic within all your multiple tabs, Firefox can help. Today’s Firefox release minimizes those online inconveniences, and puts you back in control.

  • This Week In Servo 127

    In the past week, we merged 50 PRs in the Servo organization’s repositories.

  • Passwordless Web Authentication Support via Windows Hello

    Firefox 66, being released this week, supports using the Windows Hello feature for Web Authentication on Windows 10, enabling a passwordless experience on the web that is hassle-free and more secure. Firefox has supported Web Authentication for all desktop platforms since version 60, but Windows 10 marks our first platform to support the new FIDO2 “passwordless” capabilities for Web Authentication.

Lessons in Vendor Lock-in: 3D Printers

Filed under
OSS

One interesting thing about the hobbyist 3D printing market is that it was founded on free software and open hardware ideals starting with the RepRap project. The idea behind that project was to design a 3D printer from off-the-shelf parts that could print as many of its own parts as possible (especially more complex, custom parts like gears). Because of this, the first generation of 3D printers were all homemade using Arduinos, stepper motors, 3D-printed gears and hardware you could find in the local hardware store.

As the movement grew, a few individuals started small businesses selling 3D printer kits that collected all the hardware plus the 3D printed parts and electronics for you to assemble at home. Later, these kits turned into fully assembled and supported printers, and after the successful Printrbot kickstarter campaign, the race was on to create cheaper and more user-friendly printers with each iteration. Sites like Thingiverse and YouMagine allowed people to create and share their designs, so even if you didn't have any design skills yourself, you could download and print everyone else's. These sites even provided the hardware diagrams for some of the more popular 3D printers. The Free Software ethos was everywhere you looked.

Read more

Introducing flat-manager

Filed under
Red Hat

A long time ago I wrote a blog post about how to maintain a Flatpak repository.

It is still a nice, mostly up to date, description of how Flatpak repositories work. However, it doesn’t really have a great answer to the issue called syncing updates in the post. In other words, it really is more about how to maintain a repository on one machine.

In practice, at least on a larger scale (like e.g. Flathub) you don’t want to do all the work on a single machine like this. Instead you have an entire build-system where the repository is the last piece.

Read more

Servers: VMware, US Department of Energy, Red Hat/Fedora and SUSE/SAP

Filed under
Server
  • VMware demos hypervisor running on a network card

    VMware has demonstrated Linux running on a network card.

    Speaking at the VMware user group convention in Sydney today, Chris Wolf, chief technology officer, global field and industry demonstrated a VMware’s ESXi hypervisor and a Ubuntu guest VM running on a Mellanox SmartNIC.

  • Aurora Will Be The First Exascale Supercomputer Of America

    The exascale supercomputer has the ability to make use of high-performance computing (HPC) and artificial intelligence (AI) in various areas such as cancer research, climate modeling, and veterans’ health treatments, and more. Aurora will be specially designed to analyze the large amount of data generated by DOE-owned equipment like particle accelerators, telescopes, and other detectors.

  • Intel Xe Graphics Being Part Of The First US Exascale Supercomputer Is Great For Linux

    Announced on Monday was that the US Department of Energy in cooperation with Argonne National Laboratory will see the "Aurora" supercomputer as the first US Exascale SC coming online in 2021 and featuring Intel's highly anticipated Xe Graphics.

    The Intel Xe Graphics are expected to put Aurora over the edge in being the first exascale super computer at least within the United States. Aurora will also feature Optane persistent DIMMs and next-generation Xeon processors. Intel is partnered with Cray on this design for the half a billion USD super computer.

  • Career advice for engineers: Step away from the keyboard

    Over the course of my career, I've had two to three major mindset shifts in how I approach my work. At first, I just focused on engineering—trying to know the most about whatever language or libraries I was using, being very "trivia" focused, and ultimately ignoring the concerns of others in an effort to just write good code. This wasn't to say I didn't try to get along with my coworkers or help them out, but my efforts to improve were all about me; after all, the team and the company do better as I become better. And to be fair, this approach isn't totally unfounded in its merits. As engineers, we must constantly evolve, learn more, and improve because the industry is getting harder with bigger problems that need more technical solutions every day. This approach worked well enough for me for the first half of my career, where I was junior enough to have such selfish (albeit well-meaning) motivations.

    Then I took a job where I worked with more engineers in one office than I had worked with in my entire career to date. This job nearly broke me. I went from being one of the better people in my role to barely scraping by… for nearly two years. I struggled to succeed, I constantly felt outclassed by the people around me, and many days I couldn't figure out why they even hired me (a feeling, it turns out, that some of my co-workers shared). But there was no big epiphany, no single defining moment that turned it around. Just a series of hard, abject failures from which I had two choices—give up or learn and grow. I did my best to do the latter. As I moved back to a smaller startup, I saw firsthand just how important it is to cement a culture, from the ground up, based around these lessons.

    My final mindset shift happened when I transitioned into management after the startup was acquired by a larger company. I didn't choose to be a manager; management chose me, in that I was offered the position. I was also told that, while everyone really believed in me, the ultimate reason they chose me was that they felt it would be less tumultuous to promote someone from within than hiring someone from outside. We had a very aggressive timeframe after the acquisition, and my new company didn't want to risk things by bringing in an outside leader who didn't have the team's trust. I found that this phase reinforced everything I had learned before about being effective in an engineering role—and turned up the dial on how hard I need to apply these lessons every minute of every day.

  • Why you should take the jobs no one else wants

    So often, we describe open organizations as places overflowing with highly engaged people—places where leaders emerge spontaneously to tackle urgent problems, where people opt-in to challenging initiatives they know they can influence and drive, where teams act with initiative and few top-down mandates.

    And it's all true. I see it regularly at Red Hat.

  • OpenShift 4 ISV Operators

    In Red Hat OpenShift 4, the Operator Hub provides access to community and certified operators that facilitate the deployment and configuration of potentially complex applications. In this video, we take a look at creating and scaling a Couchbase cluster using the operator shipped with OpenShift 4.

  • Contribution opportunity! Quick docs!

    Quick docs are meant to be short articles on the official Fedora documentation site that cover commonly used workflows/tools.

    Unlike wiki pages which are generally unreviewed, information on quick-docs follows the PR (peer-review + pull request) process. So the new information that is added there is more trustworthy and should be too, given that quick docs is listed on the official Fedora documentation website.

  • We did it again – Our HA solution is SAP Certified

    One of the main differences is that the new setup is now also supported for clusters with more than two nodes (n>2). We recommend to use an odd number of nodes to guarantee that always a majority of the cluster could proceed after cluster separations.

Qt 5.13.0 Beta1 released

Filed under
Development
KDE

I am happy to announce that Qt 5.13.0 Beta1 is released today. As earlier we release updates as Beta N regularly until we are ready for RC. Current estimation for RC is 7th May 2019, see the schedule from 5.13 wiki.

Beta1 (and later releases) can be installed by using online installer as usual. Commercial users can found online installer from their Qt Account and Opensource users from download.qt.io. We are not planning to blog next Beta releases or RC so please follow mailing lists to get the notification when new ones are available. And of course you can use maintenance tool’s update option to check if there is update already available.

Read more

Also: Qt 5.13 Beta Released

Syndicate content