Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 20 Nov 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Ubuntu 18.04 Will Get 10-Year Support (Instead of the Usual 5 Years)

Filed under
News

The long-term support (LTS) releases of Ubuntu used to get support for five years. This is changing now. Ubuntu 18.04 will now be supported for ten years. Other LTS releases might also get an extended support.
Read more

Manjaro Linux 18.0 – Review and Features

Filed under
Reviews

Manjaro has finally released a stable version of Manjaro 18.0 also codenamed “Illyria“. Manjaro always provided a lot of lot of emphasis on a user-friendly experience and Illyria is lived upto that to a great extent. The open source operating system is designed in such a way that it work completely out of the box straight away as it comes with a lot of pre-installed software. So once complete the installation of Manjaro 18.0, you don’t need to go installing other software that is needed for your day to day tasks. And Manjaro 18.0 has come out with fixes for a lot of issues and some improvements as well. Manjaro Linux 18.0 is certainly one of the easy-to-use and simple Arch Linux desktop version.

Read more

today's leftovers

Filed under
Misc
  • QOwnNotes 18.11.3

    QOwnNotes is a open source (GPL) plain-text file notepad with markdown support and todo list manager for GNU/Linux, Mac OS X and Windows, that (optionally) works together with the notes application of ownCloud (or Nextcloud). So you are able to write down your thoughts with QOwnNotes and edit or search for them later from your mobile device (like with CloudNotes) or the ownCloud web-service. The notes are stored as plain text files and you can sync them with your ownCloud sync client. Of course other software, like Dropbox, Syncthing, Seafile or BitTorrent Sync can be used too.

  •  

  • Getting Started with Scilab
  • Huawei’s New Stance On Bootloader Lockdown Is An Unpopular One, Here’s How You Can Bypass It

    Let’s start with the basics. What do you mean by a bootloader? In simple words, Bootloader is a piece of code that runs before any operating system is running. Bootloader is used to boot other operating systems and usually each operating system has a set of bootloaders specific to it. Alternatively, the bootloader can start up recovery mode. When a phone is in recovery, it can execute large pieces of code that totally rewrite the Android operating system. The bootloader is important because it loads up both of these pieces of software. Without a working bootloader, your phone is a useless brick. A locked or unlocked bootloader is what gives you access to “root.” “Root” is another big word in the Android community. If you “root” a device, it means you have “superuser” access or “administrator” access to the operating system that runs on your phone. With an unlocked bootloader, you can install boot images that aren’t signed by the device maker. That includes custom images needed to boot an AOSP-based ROM, boot images patched to support Magisk root, and more.

    Now as handy and efficient as this might seem, it’s not a popular option publicised or encouraged by smartphone manufacturers. While companies like OnePlus and Google make it seamless by just having to enable “OEM unlocking” in Developer Options, and then entering a few fastboot (fastboot is a protocol for sending commands from a PC to the bootloader of your device) commands while your phone is in the bootloader menu; companies like Huawei or Honor (Huawei sub-brand) have stopped providing forms for allowing users to unlock their bootloader. That means there’s no longer an official way to get the bootloader unlock code for your Huawei or Honor smartphone or tablet. Nobody has yet figured out how these bootloader unlock codes are generated, so it’s impossible to generate one yourself.

  • Google’s Wear OS Version H Announced; Brings Battery Saver Mode

    Google quietly announced its Wear OS Version H (it’s basically version 2.2 of Wear OS) for smart wearables this morning. The new update will be rolled out as a system update and majorly, brings battery llife-related improvements to Wear OS watches.

  •  

  • The Huge Security Problem With C/C++ And Why You Shouldn’t Use It

    Alex Gaynor gives an example of a program that has a list of 10 numbers. Theoretically, in an event where someone asks for the 11th element, the program is expected to show an error of some sort, or at least that’s what a “memory safe” programming language (like Python or Java) would do.

    However, in case of a memory unsafe language like C/C++, the program looks for the 11th element wherever it is supposed to be (if it existed) and accesses its content. This is called a “buffer-overflow” vulnerability that is exploited by bugs like HeartBleed to access up to 60 KB data past the end of a list — that often includes passwords and other sensitive data.

  • The Power of Web Components

    As a group, the standards are known as Web Components. In the year 2018 it’s easy to think of Web Components as old news. Indeed, early versions of the standards have been around in one form or another in Chrome since 2014, and polyfills have been clumsily filling the gaps in other browsers.

    After some quality time in the standards committees, the Web Components standards were refined from their early form, now called version 0, to a more mature version 1 that is seeing implementation across all the major browsers. Firefox 63 added support for two of the tent pole standards, Custom Elements and Shadow DOM, so I figured it’s time to take a closer look at how you can play HTML inventor!

    Given that Web Components have been around for a while, there are lots of other resources available. This article is meant as a primer, introducing a range of new capabilities and resources. If you’d like to go deeper (and you definitely should), you’d do well to read more about Web Components on MDN Web Docs and the Google Developers site.

    Defining your own working HTML elements requires new powers the browser didn’t previously give developers. I’ll be calling out these previously-impossible bits in each section, as well as what other newer web technologies they draw upon.

OSS Leftovers

Filed under
OSS
  • OpenStack regroups

    Only a few years ago, OpenStack was the hottest open-source project around, with a bustling startup ecosystem to boot. The project, which gives enterprises the tools to run the equivalent of AWS in their own private data centers, ran into trouble as it tried to tackle too many individual projects at the same time and enterprises took longer than expected to adopt it. That meant many a startup floundered or was acquired before it was able to gain traction while the nonprofit foundation that manages the project started to scale back its big tent approach and refocused on its core services.

  • SD Times news digest: Docker and MuleSoft’s partnership, ActiveState’s open-source language automation category, and Instana’s automatic Python instrumentation

    Docker and MuleSoft have announced a new partnership to modernize applications and accelerate digital transformation. As part of the partnership, the companies will work together to deliver new capabilities for legacy apps with APIs, legacy apps without APIs and new apps created in Docker. In addition, MuleSoft’s Anypoint platform will be combined with Docker Enterprise.

  • ActiveState Creates Open Source Language Automation Category
  • New open source cloud discovery tool arrives from Twistlock

    Cloud Discovery connects to cloud providers' native platform APIs to discover services such as container registries, managed Kubernetes platforms, and serverless services, and requires only read permissions. Other key features include:

  • Google Open-Sources "Amber" Multi-API Shader Test Framework

    The newest open-source graphics project out of Google is called Amber and it's a multi-API shader testing framework focused on capturing and communicating of shader bugs.

    Google's Amber tries to make it easier to capture/communicate shader bugs with a scripting-based workflow. The captured shaders can be in binary form, SPIR-V assembly, or a higher-level shading language. Amber is currently focused on supporting the Vulkan and Dawn graphics APIs.

  • Microsoft allies with Facebook on AI software [Ed: Evil likes/attracts evil. Now they can do their crimes together while blaming "AI". Longtime Microsoft propagandist Jordan Novet has decided to add the Microsoft lie (PR campaign) "Microsoft loves Linux" (in photo form) to an article that has nothing to do with Linux.]
  • Microsoft alliance with Facebook signals shift in AI approach

Security Leftovers

Filed under
Security

Devices: Adding Linux to A PDP-11, Adding GNU/Linux Software to Chrome OS, and Adding Ubuntu to Android

Filed under
Android
Linux
Google
  • Adding Linux To A PDP-11

    The UNIBUS architecture for DEC’s PDPs and Vaxxen was a stroke of genius. If you wanted more memory in your minicomputer, just add another card. Need a drive? Plug it into the backplane. Of course, with all those weird cards, these old UNIBUS PDPs are hard to keep running. The UniBone is the solution to this problem. It puts Linux on a UNIBUS bridge, allowing this card to serve as a memory emulator, a test console, a disk emulator, or any other hardware you can think of.

    The key to this build is the BeagleBone, everyone’s second-favorite single board computer that has one feature the other one doesn’t: PRUs, or a programmable real-time unit, that allows you to blink a lot of pins very, very fast. We’ve seen the BeagleBone be used as Linux in a terminal, as the rest of the computer for an old PDP-10 front panel and as the front end for a PDP-11/03.

  • Chrome OS Linux apps will soon be able to access your entire Downloads folder and Google Drive

    Google is working hard to turn Chrome OS into more than just a browser, but a real, functional operating system for consumers of all kinds. Most recently, they’ve invited developers to the platform with Linux app support that enables all of their tools, including Android Studio, to work as expected. Soon, your Chrome OS and Google Drive files will be even more accessible to your Linux apps.

    [...]

    According to a new commit on the Chromium Gerrit, that’s all about to change. The commit primarily pertains to a new dialog that will be shown when sharing ‘root’ folders like My Drive or Downloads with your Chrome OS Linux apps (internally known as Crostini) container. The dialog is intended to forewarn you that sharing a root folder is a bit more serious than just sharing a sub-folder, and to be sure you know what you’re doing.

  • Samsung Note 9 and Tab S4 owners can run a full Ubuntu Desktop – Linux on Dex

    We have come a long way as an industry and if this is not one of the biggest milestones in personal computing, I don’t know what else qualifies. Over the past decade of smartphones being around, we have seen an exponential increase in the power that our smartphones pack. I mean, flagships from the past few years spot more RAM and processing power than most laptops out there, but the small form factor has always been a hindrance to the utilization of this power. I mean you can only do so much on a 5.5-inch display.

    Samsung has launched its “Linux on Dex” app in beta and is inviting geeks and tinkerers to register and help test and develop it. The app lets owners of specific Samsung devices “run” a full Ubuntu desktop on their device alongside Android.

What blockchain can learn from open source

Filed under
OSS

Over the 10+ years I've been involved with open source, I've been part of small projects with innovative ideas that grew into large projects with solid communities. I've also witnessed the way dysfunctional communities can suck the energy from projects.

I've also recently become active in blockchain by writing and contributing to projects. I've noticed that blockchain projects are like startups with open development and open business models. Therefore, to be successful, blockchain startups must learn how to build communities the open source way.

Read more

Congatec shows off Qseven and SMARC modules with new i.MX8X

Filed under
Linux

Congatec announced two industrial, Linux-ready modules equipped with NXP’s dual- or quad-A35 i.MX8X SoC: the Conga-QMX8X (Qseven) with optional PoE and the Conga-SMX8X (SMARC 2.0) with optional WiFi.

When either Variscite or Congatec announces a computer-on-module based on a new processor, the other company typically follows suit shortly thereafter. After Variscite announced its NXP i.MX8X-based VAR-SOM-MX8X module on Nov. 13, Congatec followed up with a pair of i.MX8X Qseven and SMARC 2.0 modules: the Conga-QMX8X and Conga-SMX8X. None of these COMs have announced ship dates (or prices), so it’s unclear which will arrive first, or whether they’ll be beaten to market by the phyCORE-i.MX 8X module, announced back in March.

Read more

Akash Angle: How do you Fedora?

Filed under
Red Hat
Interviews

Akash is a fan of the GNOME 3 desktop environment. He loves most of the goodies and bells and whistles the OS can throw in for getting basic tasks done.

For practical reasons he prefers a fresh installation as a way of upgrading to the latest Fedora version. He thinks Fedora 29 is arguably the the best workstation out there. Akash says this has been backed up by reviews of various tech evangelists and open source news sites.

Read more

A reliance on open source in enterprise: Necessary for digital transformation

Filed under
Server
Interviews
OSS
Ubuntu

Enterprises have embraced the cloud; and now they’re focusing on open source.

Open source lends itself to innovation, something competing enterprises need to seriously tap into, by allowing different developers from across the world to create and modify software to solve current challenges and open new avenues.

To find out more about how open source is venturing into the enterprise community and spurring digital innovation, Information Age spoke to Stephan Fabel, director of product at Canonical, the company behind Ubuntu.

Read more

Debian and Ubuntu: Raphaël Hertzog's Report, Mark Shuttleworth's Keynote, and Ubuntu Podcast from the UK LoCo

Filed under
Debian
Ubuntu
  • Raphaël Hertzog: Freexian’s report about Debian Long Term Support, October 2018

    Like each month, here comes a report about the work of paid contributors to Debian LTS.

  • OpenStack Summit Berlin 2018, Mark Shuttleworth keynote

    The OpenStack community has, and attracts, amazing people and amazing technology, however, that won’t be meaningful if it doesn’t deliver for everyday businesses. “I say that representing the company which doesn’t just publish Ubuntu and the reference OpenStack distribution on Ubuntu, we actually manage more OpenStack clouds for more different industries, more different architectures than any other company,” said Shuttleworth.

    There are things that have to be right – we have to support every single OpenStack release with upgrades. That means when Stein and Train are released, we will deploy, as part of the test process, Icehouse on 14.04, then deploy workloads on Kubernetes on Icehouse. With that running in the cloud, and without losing a workload, the version is then upgraded up to Mitaka. We then take the running cloud and upgrade to 16.04 under the hood, then upgrade to Queens, then upgrade to 18.04 and on to Rocky, Stein and beyond, as standard.

  • Ubuntu Podcast from the UK LoCo: S11E36 – Thirty-Six HoursUbuntu Podcast from the UK LoCo: S11E36 – Thirty-Six Hours

    This week we’ve been resizing partitions. We interview Andrew Katz and discuss open souce and the law, bring you a command line love and go over all your feedback.

    It’s Season 11 Episode 36 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

Server: OpenStack Summit in Berlin and Kubernetes, Sysadmins

Filed under
Server
  • How AT&T Is Using OpenStack to Deploy 5G Networks

    The next generation of wireless networks known as 5G is being enabled at AT&T through a series of open source efforts, including the OpenStack cloud platform.

    At the OpenStack Summit in Berlin, Germany, executives from AT&T discussed how they are building out 5G networks and also demonstrated a live 5G phone call running on top of an OpenStack deployment.

    "5G is a revolution. The capabilities that 5G will enable are things that will be a step function increase in latency, in reliability and resiliency with ultra-low latency and at very high speeds." Amy Wheelus, vice president, Network Cloud at AT&T, said. "5G Is really more than just another generation; it's more than just another G, because 5G is going to enable new services, new products, and even new industries that you and I haven't even thought about that today."

    She noted that among the 5G application use cases are smart factories and autonomous vehicles. AT&T also expects that 5G will be used for augmented reality, not just for entertainment, but also for critical functions, such as search and rescue or troubleshooting at the top of a tower.

  • OpenStack Expands Focus to Enable Open Infrastructure

    The OpenStack Foundation is no longer exclusively focused on its namesake cloud platform as the open-source effort is now expanding to enable the broader realm of open infrastructure.

    In a video interview at the OpenStack Summit here, Mark Collier, chief operating officer, and Jonathan Bryce, executive director of the OpenStack Foundation, detailed the group's new approach. It's an approach that now includes four pilot projects outside of the core OpenStack cloud platform—the Airship code deployment, Kata containers, StarlingX edge compute and Zuul continuous integration projects.

  • [Podcast] PodCTL #55 – Kubernetes as the new Application Server
  • Video: The Beginning, Present, and Future of Sysadmins

Linux Foundation: Uber Joins the Linux Foundation as a Gold Member, CNCF Survey and Cloudera

Filed under
Linux
OSS
  • Uber Joins the Linux Foundation as a Gold Member

    Uber has been an active and committed member of the open source community, leveraging, contributing, and developing open source solutions across our tech stack since launching our platform nearly 10 years ago. Announced today during Uber Open Summit 2018, we extend our commitment by joining the Linux Foundation as a Gold Member, continuing to support the open source community through the Linux Foundation.

    [...]

    “Open source technology is the backbone of many of Uber’s core services and as we continue to mature, these solutions will become ever more important,” said Thuan Pham, Uber CTO. “The Linux Foundation not only provides homes to many significant open source projects, but also creates an open environment for companies like Uber to work together on developing these technologies. We are honored to join the Linux Foundation to foster greater collaboration with the open source community.”

  • CNCF Survey: Cloud Usage in Asia Has Grown 135% Since March 2018 [Ed: They just call every server "cloud" because they call themselves "cloud"]

    The bi-annual CNCF survey takes a pulse of the community to better understand the adoption of cloud native technologies. This is the second time CNCF has conducted its cloud native survey in Mandarin to better gauge how Asian companies are adopting open source and cloud native technologies. The previous Mandarin survey was conducted in March 2018. This post also makes comparisons to the most recent North American / European version of this survey from August 2018.

  • AI in the Real World

    We are living in the future – it is just unevenly distributed with “an outstanding amount of hype and this anthropomorphization of what [AI] technology can actually provide for us,” observed Hilary Mason, general manager for machine learning at Cloudera, who led a keynote on “AI in the Real World: Today and Tomorrow,” at the recent Open FinTech Forum.

    [...]

    As progress is made in the development of AI, machine learning and deep learning, there are still things we need to keep in mind, Mason said. “One of the biggest topics in our field right now is how we incorporate ethics, how we comply with expectations of privacy in the practice of data science.”
    She gave a plug to a short, free ebook called “Data Driven: Creating a Data Culture,” that she co-authored with DJ Patil, who worked as chief data scientist for President Barack Obama. Their goal, she said, is “to try and get folks who are practicing out in the world of machine learning and data science to think about their tools [and] for them to practice ethics in the context of their work.”
    Mason ended her presentation on an optimistic note, observing that “AI will find its way into many fundamental processes of the businesses that we all run. So when I say, ‘Let’s make it boring,’ I actually think that’s what makes it more exciting.’”

Programming Leftovers

Filed under
Development
  • Introducing rpm-macros-virtualenv 0.0.1

    This is a small set of RPM macros, which can be used by the spec files to build and package any Python application along with a virtualenv. Thus, removing the need of installing all dependencies via dnf/rpm repository. One of the biggest usecase will be to help to install latest application code and all the latest dependencies into a virtualenv and also package the whole virtualenv into the RPM package.

    This will be useful for any third part vendor/ISV, who would want to package their Python application for Fedora/RHEL/CentOS along with the dependencies. But, remember not to use this for any package inside of Fedora land as this does not follow the Fedora packaging guidelines.

  • Program Synthesis is Possible in Rust

    Program synthesis is the act of automatically constructing a program that fulfills a given specification. Perhaps you are interested in sketching a program, leaving parts of it incomplete, and then having a tool fill in those missing bits for you? Or perhaps you are a compiler, and you have some instruction sequence, but you want to find an equivalent-but-better instruction sequence? Program synthesizers promise to help you out in these situations!

    I recently stumbled across Adrian Sampson’s Program Synthesis is Possible blog post. Adrian describes and implements minisynth, a toy program synthesizer that generates constants for holes in a template program when given a specification. What fun! As a way to learn more about program synthesis myself, I ported minisynth to Rust.

  • The devil makes work for idle processes

    TLDR: in Endless OS, we switched the IO scheduler from CFQ to BFQ, and set the IO priority of the threads doing Flatpak downloads, installs and upgrades to “idle”; this makes the interactive performance of the system while doing Flatpak operations indistinguishable from when the system is idle.

    At Endless, we’ve been vaguely aware for a while that trying to use your computer while installing or updating apps is a bit painful, particularly on spinning-disk systems, because of the sheer volume of IO performed by the installation/update process. This was never particularly high priority, since app installations are user-initiated, and until recently, so were app updates.

  • Rcpp now used by 1500 CRAN packages

    Right now Rcpp stands at 1500 reverse-dependencies on CRAN. The graph is on the left depicts the growth of Rcpp usage (as measured by Depends, Imports and LinkingTo, but excluding Suggests) over time. What an amazing few days this has been as we also just marked the tenth anniversary and the big one dot oh release.

  • Python in RHEL 8

    Ten years ago, the developers of the Python programming language decided to clean things up and release a backwards-incompatible version, Python 3. They initially underestimated the impact of the changes, and the popularity of the language. Still, in the last decade, the vast majority of community projects has migrated to the new version, and major projects are now dropping support for Python 2.

    In Red Hat Enterprise Linux 8, Python 3.6 is the default. But Python 2 remains available in RHEL 8.

  • How to stand out, and get hired, at Grace Hopper Celebration

    During the 2018 Grace Hopper Celebration of Women in Computing (GHC), attendees flooded the George Brown Convention Center in Houston Texas to network, learn and share information in celebration of women technologists. For students at GHC, the expo hall also doubled as a career fair. Here’s how to stand out when you’re trying to leave GHC with opportunities to chart your own path in technology.

    Recruiters, engineers, scientists and technologists were stationed at company booths to talk about their workplaces. They screened resumes, interviewed candidates and shared their experiences.

    This year I was able to attend GHC for the first time, not as a student seeking a position but as an employee of Red Hat. At Red Hat we do many things differently, interviewing at GHC is one of those things. Red Hat is seeking associates who possess both a strong technical aptitude as well as a passion for our products and services.

  • Vim in the Future

     

    I have learned Vim as a programming-centric tool, but I use it for other tasks, too. This post assumes a reader isn’t necessarily a programmer but is curious about how tech things get done.

Red Hat: OpenStack, Carahsoft, Partners and Technical Account Managers

Filed under
Red Hat
  • Red Hat talks upgrades and bare metal with its new OpenStack Platform

    Red Hat used this week's OpenStack Summit to announce the impending arrival of its OpenStack Platform 14. We had a chat with Red Hat's Nick Barcet about cadence, Kubernetes, and most definitely not IBM.

    It's been a while coming, but Red Hat has taken the latest OpenStack release, Rocky, and folded it into its OpenStack Platform, with version 14 due to hit a waiting world in the next few weeks.

    The goal of Red Hat's take is, as ever, to make life easier for admins tasked with setting up the occasionally challenging OpenStack platform. Simplifying cloud-native application adoption and getting containers on bare metal is the name of the game here.

    OpenShift, of course, gets a look-in as well as Red Hat continues to tightly integrate the container platform with OpenStack to bring more Kubernetes-based goodness to the party. Red Hat has pointed to Gartner research which claimed that 75 per cent of organisations will have either a multi-cloud or hybrid environment by 2020, meaning that OpenStack's private cloud infrastructure is likely to play a part. And Red Hat would be very happy to help set that up for you, for a fee.

  • Carahsoft Receives the Red Hat Public Sector Distribution Partner of the Year Award
  • Red Hat launches mobile app to enable partners to save time and build connections
  • Supporting support: How TAMs bring stronger value to customers by collaborating with support delivery

    Red Hat Technical Account Managers (TAMs) have many responsibilities, all of which center around meeting customers’ needs and ultimately working to help customers succeed. One major responsibility for a TAM is providing support for the products that customers have purchased through subscriptions.

    Each of Red Hat’s products has a skilled and specialized support engineering team, dedicated to provide assistance for Red Hat’s customers. TAM customers receive the added benefit of having someone they know personally standing by, ready to assist them to get issues resolved as quickly as possible. Through close relationships, Technical Account Managers play a key role in providing that necessary support.

Graphics: RADV Vulkan Driver, NVIDIA 410.78 Linux Driver, Mesa 18.2.5, Firefox Nightly on Wayland and AMD Radeon RX 590 Launches

Filed under
Graphics/Benchmarks
  • RADV Vulkan Driver To Enable Vega Primitive Binning By Default - Helps Performance

    The RadeonSI OpenGL driver offered Vega primitive binning support the past year followed by the RADV Vulkan driver, but it hadn't been enabled by default. Those working on the RADV driver are now planning on unconditionally enabling this Vega performance optimization for up to a few percent performance boost.

    It seems the primitive binning driver support for RADV is mature enough that it can be flipped on by default and at least doesn't appear to be hurting any prominent Vulkan-powered Linux games. Samuel Pitoiset of Valve's Linux driver team sent out the patch today for flipping it on by default. On that patch message he describes this Vega feature as helping out some games by a few percent, "After doing a bunch of benchmarks, primitive binning helps some games like The Talos Principle (+5%) or Serious Sam 2017 (+3%). For other titles, either it doesn't change anything or it hurts very few (less than 1%)."

  • NVIDIA 410.78 Linux Driver Fixes Vulkan Corruption, Adds Quadro RTX 4000 Support

    For those using the NVIDIA long-lived 410 Linux driver series over the in-beta 415.xx driver series, the 410.78 driver release is out today as the newest stable binary driver build.

    The NVIDIA 410.78 rolls out with official support for the Quadro RTX 4000 graphics card and a handful of bug fixes. The bug fixes include addressing a possible X Server hang when using legacy VGA mode, mode-setting failure with SDI output, and Vulkan rendering corruption.

  • [Mesa-dev] [ANNOUNCE] mesa 18.2.5

    A patch for nine state tracker that fixes several crashes using nine's thread_submit feature. There are other patches to other state trackers.

    A couple of patches for Meson build system, as well as for autotools.

    In the drivers side, there are a couple of fixes for RADV, one regarding subgroups and another regarding conditional rendering. There are also fixes for virgl, r600, and i965.

  • Mesa 18.2.5 Brings Fixes For Direct3D 9 State Tracker, RADV Vulkan Driver

    For those sticking to the Mesa stable release train, Mesa 18.2.5 is now available ahead of the Mesa 18.3 quarterly feature release due out in the weeks ahead.

    As is the case for Mesa point releases, Mesa 18.2.5 is geared to deliver the latest bug/regression fixes. this 18.2.5 release has around three dozen changes, including fixes for the Gallium "Nine" D3D9 state tracker when using its thread-submit functionality, Meson build system updates, RADV Vulkan driver fixes, and also some basic fixes/tweaks to the common NIR, Mesa, and Intel code. There is no particular standout prominent fixes unless you were personally affected by one of the bugs.

  • Firefox Nightly now with experimental Wayland support

    As of last nightly (20181115100051), Firefox now supports Wayland on Linux, thanks to the work from Martin Stransky and Jan Horak, mostly.

    Before that, it was possible to build your own Firefox with Wayland support (and Fedora does it), but now the downloads from mozilla.org come with Wayland support out of the box for the first time.

    However, being experimental and all, the Wayland support is not enabled by default, meaning by default, you’ll still be using XWayland. To enable wayland support, first set the GDK_BACKEND environment variable to wayland.

  • AMD Radeon RX 590 Launches, Linux Support Presumably Okay

    While it comes as no surprise given all the leaks in recent weeks, today AMD officially announced the Radeon RX 590 graphics card as another update to Polaris.

    The new Polaris PCI ID addition we spotted back in September indeed turned out to be for a new high-end Polaris refresh. The Radeon RX 590 is this new high-end Polaris graphics card that is manufactured on a 12nm FinFET process.

Qt/KDE: Qt for Python, Inkscape Dark Theme on KDE Plasma, Atelier at Maker Faire and QtCon 2018!

Filed under
KDE
  • Python and Qt: 3,000 hours of developer insight

    With Qt for Python released, it’s time to look at the powerful capabilities of these two technologies. This article details one solopreneur’s experiences.

    [...]

    The big problem with Electron is performance. In particular, the startup time was too high for a file manager: On an admittedly old machine from 2010, simply launching Electron took five seconds.

    I admit that my personal distaste for JavaScript also made it easier to discount Electron. Before I go off on a rant, let me give you just one detail that I find symptomatic: Do you know how JavaScript sorts numbers? Alphabetically. ’nuff said.

    After considering a few technologies, I settled on Qt. It’s cross-platform, has great performance and supports custom styles. What’s more, you can use it from Python. This makes at least me orders of magnitude more productive than the default C++.

  • Inkscape Dark Theme on KDE Plasma

    On KDE Plasma, it's very easy to setup Inkscape Dark Theme. To do so, go to System Settings > Application Style > GNOME/GTK+ Style > under GTK+ Style: switch all themes to Dark ones and give check mark to Prefer Dark Theme > Apply. Now your Inkscape should turned into dark mode. To revert back, just revert the theme selections. This trick works on Kubuntu or any other GNU/Linux system as long as it uses Plasma as its desktop environment.

  • Atelier at Maker Faire and QtCon 2018!

    On the weekend of November 3 and 4, it happened on Rio de Janeiro the first Maker Faire of Latin America. And I was able to do a talk about Atelier and the current status of our project. The event hold more than 1.500 people on the first day, that saw a lot of talks and the exposition of makers of all over the country that came to Rio to participate in this edition of the Maker Faire.

Security: Updates, Systematic Evaluation of Transient Execution Attacks and Defenses, New IoT Security Regulations and GPU Side-Channel Attacks

Filed under
Security
  • Security updates for Thursday
  • A Systematic Evaluation of Transient Execution Attacks and Defenses

    [...] we present a sound and extensible systematization of transient execution attacks. Our systematization uncovers 7 (new) transient execution attacks that have been overlooked and not been investigated so far. This includes 2 new Meltdown variants: Meltdown-PK on Intel, and Meltdown-BR on Intel and AMD. It also includes 5 new Spectre mistraining strategies. We evaluate all 7 attacks in proof-of-concept implementations on 3 major processor vendors (Intel, AMD, ARM). Our systematization does not only yield a complete picture of the attack surface, but also allows a systematic evaluation of defenses. Through this systematic evaluation, we discover that we can still mount transient execution attacks that are supposed to be mitigated by rolled out patches.

  • New IoT Security Regulations

    Due to ever-evolving technological advances, manufacturers are connecting consumer goods­ -- from toys to light bulbs to major appliances­ -- to the Internet at breakneck speeds. This is the Internet of Things, and it's a security nightmare.

    The Internet of Things fuses products with communications technology to make daily life more effortless. Think Amazon's Alexa, which not only answers questions and plays music but allows you to control your home's lights and thermostat. Or the current generation of implanted pacemakers, which can both receive commands and send information to doctors over the Internet.

    But like nearly all innovation, there are risks involved. And for products born out of the Internet of Things, this means the risk of having personal information stolen or devices being overtaken and controlled remotely. For devices that affect the world in a direct physical manner -- ­cars, pacemakers, thermostats­ -- the risks include loss of life and property.

  • University Researchers Publish Paper On GPU Side-Channel Attacks

    University researchers out of University of California Riverside have published a paper this week detailing vulnerabilities in current GPU architectures making them vulnerable to side-channel attacks akin to Spectre and Meltdown.

    With their focus on NVIDIA GPUs, UCLA Riverside researchers demonstrated attacks both for graphics and compute by exploiting the GPU's performance counters. Demonstrated attacks included a browser-based attack, extracting passwords / keystroke logging, and even the possibility of exposing a CUDA neural network algorithm.

Syndicate content

More in Tux Machines

today's leftovers

  • How Software Is Helping Big Companies Dominate
    Antitrust deserves the attention it’s getting, and the tech platforms raise important questions. But the rise of big companies — and the resulting concentration of industries, profits, and wages — goes well beyond tech firms and is about far more than antitrust policy. In fact, research suggests that big firms are dominating through their use of software. In 2011, venture capitalist Marc Andreessen declared that “software is eating the world.” Its appetizer seems to have been smaller companies. [...] This model, where proprietary software pairs with other strengths to form competitive advantage, is only becoming more common. Years ago, one of us (James) started a company that sold publishing software. The business model was to write the software and then sell licenses to publishers. That model still exists, including in online publishing where companies like Automattic, maker of the open source content management system WordPress, sell hosting and related services to publishers. One-off licenses have given way to monthly software-as-a-service subscriptions, but this model still fits with Carr’s original thesis: software companies make technology that other companies pay for, but from which they seldom derive unique advantage. That’s not how Vox Media does it. Vox is a digital publishing company known, in part, for its proprietary content management system. Vox does license its software to some other companies (so far, mostly non-competitors), but it is itself a publisher. Its primary business model is to create content and sell ads. It pairs proprietary publishing software with quality editorial to create competitive advantage. Venture capitalist Chris Dixon has called this approach the “full-stack startup.” “The old approach startups took was to sell or license their new technology to incumbents,” says Dixon. “The new, ‘full stack’ approach is to build a complete, end-to-end product or service that bypasses incumbents and other competitors.” Vox is one example of the full-stack model. The switch from the software vendor model to the full-stack model is seen in government statistics. Since 1998, the share of firm spending on software that goes to pre-packaged software (the vendor model) has been declining. Over 70% of the firms’ software budgets goes to code developed in-house or under custom contracts. And the amount they spend on proprietary software is huge — $250 billion in 2016, nearly as much as they invested in physical capital net of depreciation.
  • Metsä Wood - Open Source Wood Winner: ClipHut Structural Building System
  • Shutting the open sauce bottle
    While open source software has revolutionised the enterprise software world, a few people are starting to wonder if its very nature will survive the age of the cloud. The concept that software can be used by pretty much anyone for pretty much anything is causing its developers big problems in the era of distributed cloud computing services. Two open-source software companies have decided to alter the licences under which some of their software is distributed, with the expressed intent of making it harder -- or impossible -- for cloud computing providers to offer a service based around that software.
  • How do we handle and use such enormous amounts of data?
    How many gigabytes of data did we (the people of Earth) create yesterday? ...brain. is. thinking... More than 2.5 billion! And it's growing. Yes, it's hard for us to wrap our human brains around it. So, the question the Command Line Heros podcast deals with this week is: How do we handle and use such enormous amounts of data?
  • Security updates for Tuesday

Linux Leftovers

  • Sorry, Linux. Kubernetes is now the OS that matters [Ed: Mac Asay does't know what an operating system is. This is what happens when people with a law degree write about technology. And he trolls Linux for clicks.]
  • Clear Linux Making Progress With Encrypted Installations
    One of the features I've personally been looking forward to is the official support for encrypted installations with Clear Linux. While many don't view it as a particular desktop distribution, it does have all of the packages I personally need for my main production system. So I've been wanting to see how well it could work out as my main desktop OS and to chronicle that experience. Having official support for encrypted installations has been one of the last blockers for my requirements. You can currently setup Clear on an encrypted installation manually, but for simplicity and wanting to keep to the "official" installation routes, I've been waiting for them to officially support encrypted installs... Especially in this day and age, anyone installing a desktop Linux distribution particularly on a mobile/laptop/ultrabook should really be doing a full-disk encryption.
  • The Linux Throwie: A Non-Spacefaring Satellite
    Throwies occupy a special place in hardware culture — a coin cell battery, LED, and a magnet that can be thrown into an inaccessible place and stick there as a little beacon of colored light. Many of us will fondly remember this as a first project. Alas, time marches inevitably on, and launching cheerful lights no longer teaches me new skills. With a nod to those simpler times, I’ve been working on the unusual idea of building a fully functional server that can be left in remote places and remain functional, like a throwie (please don’t actually throw it). It’s a little kooky, yet should still deliver a few years of occasional remote access if you leave it somewhere with sunlight.
  • OnePlus To Launch 5G Phone In 2019; $100 Costlier Than OnePlus 6T
  • OnePlus Releases OxygenOS Open Beta 7, OnePlus Roaming Launched
    Chinese company OnePlus has released the new OxygenOS Open Beta 7 for its OnePlus 6 smartphone, which has introduced several updates and features.

OSS: Development and Conferences

  • Give your students edit access to their course syllabus
    I wanted to give students more agency in their learning. So I let them make pull requests against the syllabus. [...] This exercise was a learning experience for both my students and me, as we clearly had different visions of what constituted a "disruption." While we all agreed that students should pay attention to the instructor and engage in all classroom activities, students thought they should be able to take "important" calls during class time and that texting during class was acceptable. I thought that cell phones should be turned off entirely during class. Students also thought that leaving the classroom to get a drink without asking permission was acceptable, while I thought that they should handle thirst needs before or after class. This resulted in a discussion about professionalism and the expectations associated with college-level work. We discussed what constituted a distraction and agreed that making sounds, whispering, and talking in class all counted as distractions. This in turn led to a discussion of the impacts distractions can have on a learning environment and the importance of paying attention in class. We also explored the impact various learning technologies can have on a classroom—for example, the tools students with disabilities require to fully participate in class, such as a screen reader—and agreed that noise generated by these was acceptable under the policy we intended to construct.
  • Open source tools to consider for your RESTful APIs
    At the start of a RESTful API development project, a software team might be tempted to buy an expensive commercial API management tool when an open source tool can just as easily do the trick. In fact, there are plenty of open source tools that can help with each stage of the API lifecycle and help get an API development program off the ground at low cost.
  • London Perl Workshop

    As london.pm celebrates its 20th anniversary, join Katherine Spice in conversation with a panel of the group's former leaders.

  • GNOME at Capitole du Libre 2018
    Last Saturday and Sunday I went to the Capitole du Libre 2018 to animate the GNOME booth and help on the Purism one.
  • Find Out the Visa Requirements to Attend oSC19
    For people planning on attending the openSUSE Conference 2019 in Nuremberg, Germany, from May 24 – 26, there are certain requirements necessary to receive a visa for those who are not a citizen of a Schengen country.

Red Hat/IBM: OpenShift and Ansible, RHEL Updates