Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 28 Oct 20 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Security Leftovers

Filed under
Security
  • Security updates for Friday [LWN.net]

    Security updates have been issued by Gentoo (freetype), openSUSE (mailman), Red Hat (firefox, java-11-openjdk, OpenShift Container Platform 3.11.306 jenkins, and rh-maven35-jackson-databind), SUSE (kernel, mercurial, openldap2, python-pip, and xen), and Ubuntu (firefox, netty-3.9, and python-pip).

  • An Analysis of 5 Million OpenPGP Keys

    In July I finished my Bachelor’s Degree in IT Security at the University of Applied Sciences in St. Poelten. During the studies I did some elective courses, one of which was about Data Analysis using Python, Pandas and Jupyter Notebooks. I found it very interesting to do calculations on different data sets and to visualize them. Towards the end of the Bachelor I had to find a topic for my Bachelor Thesis and as a long time user of OpenPGP I thought it would be interesting to do an analysis of the collection of OpenPGP keys that are available on the keyservers of the SKS keyserver network.

    So in June 2019 I fetched a copy of one of the key dumps of the one of the keyservers (some keyserver publish these copies of their key database so people who want to join the SKS keyserver network can do an initial import). At that time the copy of the key database contained 5,499,675 keys and was around 12GB. Using the hockeypuck keyserver software I imported the keys into an PostgreSQL database. Hockeypuck uses a table called keys to store the keys and in there the column doc stores the OpenPGP keys in JSON format (always with a data field containing the original unparsed data).

    For the thesis I split the analysis in three parts, first looking at the Public Key packets, then analysing the User ID packets and finally studying the Signature Packets. To analyse the respective packets I used SQL to export the data to CSV files and then used the pandas read_csv method to create a dataframe of the values. In a couple of cases I did some parsing before converting to a DataFrame to make the analysis step faster. The parsing was done using the pgpdump python library.

    Together with my advisor I decided to submit the thesis for a journal, so we revised and compressed the whole paper and the outcome was now

  • Exploring 8chan's hosting infrastructure | Netcraft News

    In a recent post, Brian Krebs discussed a technique for disrupting 8chan, a controversial message board. Ron Guilmette, a security researcher, spotted that N.T. Technology, the hosting company owned by 8chan’s current operator, no longer has the right to transact business as it is in the “administrative hold” state. ARIN, the Internet registry N.T. Technology obtained its IP address allocation from, would be within its rights to reclaim the IP address space.

    Ron Guilmette is an expert in this type of analysis - last year he discovered the theft of $50 million worth of IP addresses in AFRINIC’s service region.

    However, taking down 8chan is unlikely to be as simple as requesting that ARIN deallocates its IP adddress space. After deallocation, the IP addresses may continue to be advertised as fullbogons - netblocks that are used on the Internet despite not being assigned to an end user. While some Internet service providers do block fullbogons, this is by no means universal.

  • 23 Extensions to Enhance your Security and Privacy on Google Chrome and Chromium-based Browser

    According to a statistical report published by Statista in July 2020, Google Chrome accounted for 69% of the global desktop web-browser market share by June 2020, with 11% increase from the last year.

    Google Chrome is mostly based on Chromium which is an open-source web-browser released and maintained by Google. Chromium itself is the base for a dozen other browsers that are compatible with Google Chrome Web store.

    In this article we will guide you through the best privacy and security browser extensions for Google Chrome and Chromium-based web browsers that support Google Chrome Web store.

Single Points of Failure and Proprietary Entrapment (Microsoft GitHub)

Filed under
Development
Microsoft
  • Ahmad Haghighi: GitLab blocked Iranians’ access.

    On 3rd Oct. 2020 GitLab blocked Iranians’ access (based on IP) without any prior notice! and five days later (8th Oct.) my friend’s account blocked and still he doesn’t have any access to his projects! even after creating a ticket and asks for a temporary access to only export his projects! GitLab refused to unblock him! (screenshot in appendix). My friend is not the only one who blocked by GitLab, with a simple search on the web you can find a growing list of blocked accounts.
    So I decided to move from GtiLab and EVERY Free Software based/hosted/managed on/in USA.

    When it comes to USA policies, Free Software is a Joke Smile

    GitLab is not the only actor in this discrimination against Persian/Iranian people, we also blocked by GitHub, Docker, NPM, Google Developer, Android, AWS, Go, Kubernetes and etc.

  • ‘youtube-dl’ downloading software removed from GitHub by RIAA takedown notice

    This takedown notice does not necessarily spell the permanent end of youtube-dl. GitHub always immediately takes down any source code project that receives a DMCA notice like this, but the project’s creators will have an opportunity to file a counterclaim in the hopes of restoring youtube-dl’s status on GitHub. We’ll be keeping an eye on the situation as it develops.

  • RIAA DMCAs GitHub into nuking popular YouTube video download tool, says it can be used to slurp music

    YouTube-DL is pretty simple to use: you give the command-line program the URL of any YouTube video, and it will fetch the material and save it to your computer for future playback.

  • Recording Industry Association of America Gets Youtube-dl Kicked Off GitHub

    Microsoft GitHub has removed all traces of the very useful youtube-dl utility for downloading videos from YouTube and other websites, including this one, following a questionable DMCA request from the Recording Industry Association of America.

    youtube-dl is a simple command-line utility that lets you easily download audio adn videos from just about any website with a file file embedded in it. It works on sites like this one. A lot of software, including the popular video player mpv, can use it to download video fragments on the fly so videos embedded in web pages can be opened and played as if they were local files.

    The Recording Industry Association of America submitted a DMCA request to Microsoft GitHub demanding that youtube-dl gets removed from the Internet on October 23rd, 2020. The complaint contains this rather misleading claim: [...]

today's howtos

Filed under
HowTos
  • How to install NotepadQQ on Linux

    NotepadQQ is an exciting application that attempts to bring Linux users what Notepad++ does on Windows: an impressive, Microsoft Notepad-like text editor that supports various programming languages and other useful features. Here’s how to get it installed on your Linux system.

  • How to Install and Configure Squid Proxy on Ubuntu 20.04 | Linuxize

    Squid is a full-featured caching proxy supporting popular network protocols like HTTP, HTTPS, FTP, and more. It can be used to improve the web server’s performance by caching repeated requests, filter web traffic, and access geo-restricted content.

    This tutorial explains how to set up a Squid Proxy on Ubuntu 20.04 and configure Firefox and Google Chrome web browsers to use it.

  • How to set up the Jellyfin media server on Linux

    The Jellyfin developers offer up a myriad of ways to install the media server on the Linux platform. From Docker to downloadable DEBs and custom packages in the Arch Linux AUR.

    In this guide, we’ll focus on downloadable packages. However, if you are an advanced Linux user and know how to use Docker, click here to get your hands on it.

    To start installing Jellyfin on your Linux server, open up a terminal window via SSH or by physically sitting in front of it. After that, follow the command-line installation instructions outlined below.

  • libtraceevent>=5.9-1 update requires manual intervention

    The libtraceevent package prior to version 5.9-1 was missing a soname link. This has been fixed in 5.9-1, so the upgrade will need to overwrite the untracked files created by ldconfig.

  • Parabola GNU/Linux-libre: [From Arch] libtraceevent>=5.9-1 update requires manual intervention
  • How to Install and Configure FreeNAS 11.3 U5 Storage on VMware Workstation - SysAdmin

    This video tutorial shows how to install and configure FreeNAS 11.3 U5 Storage on VMware Workstation step by step.

  • How to check the sshd Logs on Linux? – Linux Hint

    sshd stands for Secure SHell Daemon. It is a hidden process that silently listens to all the authentication and login attempts of the Linux operating system. It is especially helpful if you are trying to figure out any unauthorized login attempts to your system. In this article, how to check the sshd Logs on Linux is explained.

  • How to Check If a Port Is in Use in Linux – Linux Hint

    At any single instance, multiple ports can be open in your system, so it can be useful to determine which ports are open. This article shows you four possible methods to use to check whether a port is in use in Linux.

  • Best Books for Learning Linux – Linux Hint [Ed: Caution for spammy links in the referrer spam sense]

    Books are important learning resources for both beginners and experts, but with all the books available on the market, it may be difficult to choose just one. Here, we review five books on Linux to help you choose.

  • How to change Chrome profile name

    Chrome has support for multiple profiles. What differentiates one profile from the other is the Google account that is (or isn’t) connected to a profile.

    Users can create a new Chrome profile and sync it with their Google account, or they can skip adding an account and keep everything local. What a user cannot do is create a profile that has no name.

Audiocasts/Shows: Noodlings, Python Bytes, Going Linux, Linux in the Ham Shack and Hackaday

Filed under
GNU
Linux
  • Noodlings | Inspiration Is Around You – CubicleNate's Techpad

    This is the 21st hot-pocket-sized podcast that won’t scorch roof of your mouth.

    I have a small collection of vintage or near vintage gaming consoles. I lean mostly in the Nintendo party as I think they have a great grasp on what is fun. I don’t always agree with many of their business practices but the entertainment they have provided is multi-generationally successful. In order to lower the wasted time of hooking these systems up to enjoy and better organize their presentation, I built a Gaming Rack that was inspired by watching a YouTube channel called Retro Recipes. Seeing how nicely laid out and easily enjoyed they were set up, I made the decision that I must adapt this idea to my little world.

  • Episode #204 Take the PSF survey and Will & Carlton drop by - [Python Bytes Podcast]

    Python Bytes podcast delivers headlines directly to your earbuds.

  • Going Linux #398

    In our second of two parts on editing and managing photos on Linux we describe a few additional applications for you to try. We share what they do but the trying is up to you! We also reveal what we are doing for our 400th episode.

  • LHS Episode #374: The Weekender LVIV | Linux in the Ham Shack

    It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

  • Hackaday Podcast 090: DIY Linux SBC, HDMI CEC, Fake Bluepills, And SCARA Arms | Hackaday

    Hackaday editors Elliot Williams and Mike Szczys chat about our favourite hacks from the past week. We start off with a bit of news of the Bennu asteroid and the new Raspberry Pi Compute Module. We drive ourselves crazy trying to understand how bobbin holders on sewing machines work, all while drooling over the mechanical brilliance of a bobbin-winding build. SCARA is the belt and pulley champion of robot arms and this week’s example cleverly uses redundant bearings for better precision. And we wrap up the show looking in on longform articles about the peppering of microcontrollers found on the Bluepill and wondering what breakthroughs are left to be found for internal combustion.

Ubuntu 20.10 Based Flavors Now Available, Download Now

Filed under
Ubuntu

The seven official flavors of Ubuntu 20.10 are now available with the latest builds and .iso images and ready for you - Kubuntu, Lubuntu, Xubuntu, Ubuntu Budgie, Ubuntu Kylin, Ubuntu MATE, and Ubuntu Studio - 20.10.
Read more

Devices/Embedded: Arduino and More

Filed under
Hardware

       

  • Arduino Blog » Driving a mini RC bumper car with a Nintendo Wii Balance Board

    Taking inspiration from Colin Furze’s 600cc bumper car constructed a few years ago, Henry Forsyth decided to build his own RC miniature version. His device features a 3D-printed and nicely-painted body, along with a laser-cut chassis that holds the electrical components.

    The vehicle is driven by a single gearmotor and a pair of 3D-printed wheels, with another caster-style wheel that’s turned left and right by a servo steering. An Arduino Uno and Bluetooth shield are used for overall control with a motor driver.

    The Bluetooth functionality allows for user interface via a PS4 controller, or even (after a bit of programming) a Wii Balance Board. In the end, the PS4 remote seems to be the better control option, but who knows where else this type of balance technique could be employed?

  • Intel Elkhart Lake COM’s offer up to 3x 2.5GbE, SIL2 functional safety
  • E3K all-in-one wireless bio-sensing platform supports EMG, ECG, and EEG sensors (Crowdfunding)

    Over the year, The maker community has designed several platforms to monitor vital signs with boards like Healthy Pi v4 or HeartyPatch both of which are powered by an ESP32 WiFi & Bluetooth wireless SoC. WallySci has designed another all-in-one wireless bio-sensing platform, called E3K, that also happens to be powered by Espressif Systems ESP32 chip, and can be connected to an electromyography (EMG) sensor to capture muscle movements, an electrocardiography (ECG) sensor to measure heart activity, and/or an electroencephalography (EEG) sensor to capture brain activity. The board also has an extra connector to connect a 9-axis IMU to capture motion.

  • Coffee Lake system can expand via M.2, mini-PCIe, PCIe, and Xpansion

    MiTac’s fanless, rugged “MX1-10FEP” embedded computer has an 8th or 9th Gen Coffee Lake Core or Xeon CPU plus 3x SATA bays, 4x USB 3.1 Gen 2, 2x M.2, 2x mini-PCIe, and optional PCIe x16 and x1.

    MiTac recently introduced a Coffee Lake based MX1-10FEP computer that is also being distributed by ICP Germany. This month, ICP announced that the MX1-10FEP-D model with PCIe x16 and PCIe x1 slots has been tested and classified by Nvidia as “NGC Ready” for Nvidia GPU Cloud graphics boards such as the Nvidia T4 and Tesla P4.

    [...]

    The MX1-10FEP has an Intel C246 chipset and defaults to Windows 10 with Linux on request.

Wine 5.20 Released

Filed under
Software

The Wine development release 5.20 is now available.

What's new in this release (see below for details):
  - More work on the DSS cryptographic provider.
  - A number of fixes for windowless RichEdit.
  - Support for FLS callbacks.
  - Window resizing in the new console host.
  - Various bug fixes.

The source is available from the following locations:

  https://dl.winehq.org/wine/source/5.x/wine-5.20.tar.xz
  http://mirrors.ibiblio.org/wine/source/5.x/wine-5.20.tar.xz

Binary packages for various distributions will be available from:

  https://www.winehq.org/download

You will find documentation on https://www.winehq.org/documentation

You can also get the current source directly from the git
repository. Check https://www.winehq.org/git for details.

Wine is available thanks to the work of many people. See the file
AUTHORS in the distribution for the complete list.

Read more

Also: Wine 5.20 Released With Various Improvements For Running Windows Software On Linux

PostmarketOS update brings HDMI support for the PinePhone and PineTab

Filed under
OS
Gadgets

When the PinePhone postmarketOS Community Edition smartphone began shipping to customers in September it came with a version of the operating system with one important feature missing: HDMI output.

So when my phone arrived a few weeks ago I was able to spend some time familiarizing myself with the operating system and I could plug in the included Convergence Dock to use USB accessories including a keyboard, mouse, and storage. But I wasn’t able to connect an external display.

Now I can.

Read more

today's howtos

Filed under
HowTos
  • How To Install Ubuntu 20.10 Groovy Gorilla

    This tutorial explains Ubuntu 20.10 Groovy Gorilla computer installation. You will prepare at least two disk partitions, finishing it all in about twenty minutes, and enjoy! Let's start right now.

  • How to install Ubuntu 20.10 - YouTube

    In this video, I am going to show how to install Ubuntu 20.10.

  • How To Install Webmin on Ubuntu 20.04 LTS - idroot

    In this tutorial we will show you how to install Webmin on Ubuntu 20.04 LTS, as well as some extra required packages by Webmin control panel

  • Running Ironic Standalone on RHEL | Adam Young’s Web Log

    This is only going to work if you have access to the OpenStack code. If you are not an OpenStack customer, you are going to need an evaluation entitlement. That is beyond the scope of this article.

  • Introduction to Ironic

    The sheer number of projects and problem domains covered by OpenStack was overwhelming. I never learned several of the other projects under the big tent. One project that is getting relevant to my day job is Ironic, the bare metal provisioning service. Here are my notes from spelunking the code.

  • Adding Nodes to Ironic

    TheJulia was kind enough to update the docs for Ironic to show me how to include IPMI information when creating nodes.

  • Secure NTP with NTS

    Many computers use the Network Time Protocol (NTP) to synchronize their system clocks over the internet. NTP is one of the few unsecured internet protocols still in common use. An attacker that can observe network traffic between a client and server can feed the client with bogus data and, depending on the client’s implementation and configuration, force it to set its system clock to any time and date. Some programs and services might not work if the client’s system clock is not accurate. For example, a web browser will not work correctly if the web servers’ certificates appear to be expired according to the client’s system clock. Use Network Time Security (NTS) to secure NTP.

    Fedora 331 is the first Fedora release to support NTS. NTS is a new authentication mechanism for NTP. It enables clients to verify that the packets they receive from the server have not been modified while in transit. The only thing an attacker can do when NTS is enabled is drop or delay packets. See RFC8915 for further details about NTS.

    NTP can be secured well with symmetric keys. Unfortunately, the server has to have a different key for each client and the keys have to be securely distributed. That might be practical with a private server on a local network, but it does not scale to a public server with millions of clients.

    NTS includes a Key Establishment (NTS-KE) protocol that automatically creates the encryption keys used between the server and its clients. It uses Transport Layer Security (TLS) on TCP port 4460. It is designed to scale to very large numbers of clients with a minimal impact on accuracy. The server does not need to keep any client-specific state. It provides clients with cookies, which are encrypted and contain the keys needed to authenticate the NTP packets. Privacy is one of the goals of NTS. The client gets a new cookie with each server response, so it doesn’t have to reuse cookies. This prevents passive observers from tracking clients migrating between networks.

  • Comfortable Motion: Absolutely Cursed Vim Scrolling - YouTube

    Have you ever felt like Vim was too useful and thought hey let's change that, well that's what this dev thought and now we have a plugin called comfortable motion that's adds physics based scrolling into vim, what's physics based scrolling you ask. Well it's scrolling that occurs based on how long you hold down the scroll key.

  • Running Cassandra on Fedora 32 | Adam Young’s Web Log

    This is not a tutorial. These are my running notes from getting Cassandra to run on Fedora 32. The debugging steps are interesting in their own right. I’ll provide a summary at the end for any sane enough not to read through the rest.

  • Recovering Audio off an Old Tape Using Audacity | Adam Young’s Web Log

    One of my fiorends wrote a bunch of music back in high school. The only remainig recordings are on a casette tape that he produced. Time has not been kind to the recordings, but they are audible…barely. He has a device that produces MP3s from the tape. My job has been to try and get them so that we can understand them well enough to recover the original songs.

    I have the combined recording on a single MP3. I’ve gone through and noted the times where each song starts and stops. I am going to go through the steps I’ve been using to go from that single long MP3 to an individual recording.

  • Role of Training and Certification at the Linux Foundation

    Open source allows anyone to dip their toes in the code, read up on the documentation, and learn everything on their own. That’s how most of us did it, but that’s just the first step. Those who want to have successful careers in building, maintaining, and managing IT infrastructures of companies need more structured hands-on learning with real-life experience. That’s where Linux Foundation’s Training and Certification unit enters the picture. It helps not only greenhorn developers but also members of the ecosystem who seek highly trained and certified engineers to manage their infrastructure. Swapnil Bhartiya sat down with Clyde Seepersad, SVP and GM of Training and Certification at the Linux Foundation, to learn more about the Foundation’s efforts to create a generation of qualified professionals.

  • Hetzner build machine

    This is part of a series of posts on compiling a custom version of Qt5 in order to develop for both amd64 and a Raspberry Pi.

    Building Qt5 takes a long time. The build server I was using had CPUs and RAM, but was very slow on I/O. I was very frustrated by that, and I started evaluating alternatives. I ended up setting up scripts to automatically provision a throwaway cloud server at Hetzner.

Leftovers: Debian, Graphics and Audiocasts

Filed under
Misc

  • Integer Scaling To Come With Linux 5.11 For Intel Graphics Driver - Phoronix

    Going back more than a year there have been Intel "i915" kernel graphics driver patches implementing integer mode scaling support while finally for Linux 5.11 in early 2021 the support will have landed.

    Intel added integer mode scaling to their Windows graphics driver back in 2019 to provide better clarity when upscaling games (particularly pixel art type content) and other software. The Linux patches materialized in September 2019 for nearest-neighbor integer mode scaling and then seemingly forgotten about. The capability works with Gen11 / Ice Lake and newer.

  • Linux Support for Variable Refresh Rates On Gen12+ Intel GPUs Is On The Way - LinuxReviews

    Intel developer Manasi Navare has submitted a series of patches for the Linux kernel that brings support for variable refresh rates on Intel's latest graphics chips to the Linux kernels i915 driver. The feature is only enabled on Tiger Lake, Sapphire Rapids and newer Intel graphics chips.

    [...]

    You do not need a special "Freesync" monitor to use adaptive vertical synchronization, Freesync is just a marketing term used by AMD. The DisplayPort specification has included variable refresh rate (VRR) as an option feature since DP 1.4 and there are many monitors with support for it that are not marketed as "Freesync" or "gaming" monitors. Monitors that are marketed as "Freesync" support the standard DisplayPort VRR protocol so you don't need to use a AMD graphics card to get the benefits of a Freesync monitor. You will soon be able to use one of the very latest Intel CPU's with integrated graphics or one of Intel's upcoming dedicated graphics cards with Freesync monitors on Linux.

  • Salsa updated to GitLab 13.5

    Today, GitLab released the version 13.5 with several new features. Also Salsa got some changes applied to it.

    [...]

    It's been way over two years since we started to use Google Compute Engine (GCE) for Salsa. Since then, all the jobs running on the shared runners run within a n1-standard-1 instance, providing a fresh set of one vCPU and 3.75GB of RAM for each and every build.

    GCE supports several new instance types, featuring better and faster CPUs, including current AMD EPICs. However, as it turns out, GCE does not support any single vCPU instances for any of those types. So jobs in the future will use n2d-standard-2 for the time being, provinding two vCPUs and 8GB of RAM..

  • Social Media Regulation and Journalism

    Doc Searls, Katherine Druckman, and Petros Koutoupis talk social media regulation and its relationship to journalism and the threat to Section 230.

  • Automation Entropy Factor | Self-Hosted 30

    Chris gets left out in the cold after a Home Assistant glitch, and Alex puts a big batch of USB hard drives to the test

    Plus a great pick for you pack rats, feedback, and more.

  • Tribalism and Toxicity in the Linux Community - YouTube

    Gatekeeping, tribalism and toxicity in the Linux community. We're tired of it and it's time to silence it. But WHY does it happen, and HOW do we DEAL with it?

Oracle/Red Hat/Fedora Leftovers

Filed under
Red Hat

Free Software and OSS, Security Leftovers

Filed under
OSS

  • Justin W. Flory: Hacktoberfest 2020 with TeleIRC

    October is here! If you contribute to Open Source projects, you might know that October is the month of Hacktoberfest. DigitalOcean teams up with different partners each year to send a t-shirt (or plant a tree on your behalf) for anyone who makes four GitHub Pull Requests in October. And guess what? TeleIRC is a participating project for you to get your Hacktoberfest t-shirt or tree!

    This post identifies specific tasks the TeleIRC team identified as “good first issues” for Hacktoberfest hackers. They are in order of least difficult to most difficult. Golang developers especially are encouraged to participate!

  • Open Source Summit Europe & ELCE 2020

    Following a great virtual ELC & Open Source Summit North America last June/July, Collabora will be attending their European counterparts, Open Source Summit Europe & Embedded Linux Conference Europe, which take place next week, from October 26 to October 29.

    "The 4-day event is dedicated to everything open source and will showcase a program of 250+ talks (conference session, tutorials, BoFs and keynotes) across tracks covering Linux Systems, IoT, AI, Cloud & Cloud Native, OS Dependability, OS Databases, Diversity & Inclusion, OS Leadership, Open Source Program Office Management (TODO) and the Embedded Linux Conference."

    Collaborans will once again be actively participating in the week's activities with no less than 8 presentations on topics including fuzzing Linux drivers with syzkaller, efficient syscall emulation on Linux, demystifying Linux kernel initcalls, creating Debian-based embedded systems in the Cloud using debos, simplifying and reusing your driver's code with regmaps, the new Futux2() system call, and the state of Linux gaming. You can find the details for all of these presentations below.

  • [Old] Mozilla WebThings To Become An Independent Open Source Project

    Mozilla has announced that Mozilla WebThings is being “spun out” as an independent open source project. It means that WebThings is no longer going to be a direct project from Mozilla.

    The company says that it’s winding down its direct investment in WebThings. This transition will happen to stabilize the WebThings gateways around the world. Now, WebThings is getting an independent domain and will work on the web of things, independent of Mozilla.

  • Firefox on Fedora with OpenH264 – Martin Stransky's Blog

    Firefox on Fedora which sits in the updates [F32][F31] right now comes with enabled OpenH264 Cisco decoder for video playback and fdk-aac-free used for audio decoding.

    It’s implemented by GMP (Gecko Media Plugin) API so the OpenH264 is not used through ffmpeg library but Firefox sandboxed interface, the same as Firefox uses for Widevine CDM plugin.

    The OpenH264 GMP video playback is a fallback solution when system ffmpeg is missing and internal ffvpx library can’t decode the stream, so ffmpeg from RPM Fusion is always a better alternative if you can install it.

    The video streams are decoded by system wide OpenH264 2.1.1 which is shipped by Fedora as mozilla-openh264 rpm package. Even if Mozilla OpenH264 (1.8.1) plugin is installed in your profile and claimed at about:plugins page, the Fedora system one is used.

  • GNU Parallel - News: GNU Parallel 20201022 ('Samuel Paty') [Savannah]

    GNU Parallel 20201022 ('Samuel Paty') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

    Please help spreading GNU Parallel by making a testimonial video like Juan Sierra Pons: http://www.elsotanillo.net/wp-content/uploads/GnuParallel_JuanSierraPons.mp4 It does not have to be as detailed as Juan's. It is perfectly fine if you just say your name, and what field you are using GNU Parallel for.

  •  

  •  
    Psychotherapy centre's database [cracked], patient info held ransom

                     

                       

    The Helsinki-based company said that the [crackers] who [copied] the data made attempts to extort money in exchange for its return.

  • EU imposes sanctions on GRU officers over ‘Fancy Bear’ cyberattacks

    The Council of the European Union has imposed sanctions on two Russian citizens and a military intelligence center due to cyberattacks targeting Germany’s parliament in 2015 and the Organization for the Prohibition of Chemical Weapons (OPCW) in 2018. This was announced in the latest volume of the Official Journal of the European Union. The United Kingdom announced plans to enforce these sanctions, as well. 

  • Open Education and Artificial Scarcity in Hard Times

    The sudden move to remote education by universities this year has forced the inevitable: the move to an online education. While most universities won’t be fully remote, having course materials online was already becoming the norm before the COVID-19 pandemic, and this year it has become mandatory for millions of educators and students. As academia recovers from this crisis, and hopefully prepares for the next one, the choices we make will send us down one of two paths. We can move towards a future of online education which replicates the artificial scarcity of traditional publishing, or take a path which fosters an abundance of free materials by embracing the principles of open access and open education.

    The well-worn, hefty, out-of-date textbook you may have bought some years ago was likely obsolete the moment you had a reliable computer and an Internet connection. Traditional textbook publishers already know this, and tout that they have embraced the digital era and have ebooks and e-rentals available—sometimes even at a discount. Despite some state laws discouraging the practice, publishers try to bundle their digital textbooks into “online learning systems,” often at the expense of the student. However, the costs and time needed to copy and send thousands of the digital textbooks themselves is trivial compared to their physical equivalent. 

  • Hybrid open access risks limiting researchers’ publishing options

    In the case of the 34 Nature-branded journals, the first step is a “read and publish” deal with Germany’s Max Planck institutes, allowing affiliated researchers to both access the journals and to publish in them open access. The OA fee that Max Planck will pay is based on a cost of €9,500 (£8,600) per article. The publisher, Springer Nature, says that it is in discussions to allow authors worldwide to publish open access in Nature journals from next year.

    The UK alone spends more than £25 million on OA journal publishing annually, but the proportion that goes to large commercial publishers for OA in hybrid journals has increased year-on-year. The average cost for publishing in hybrid journals also continues to increase steadily.

    This trend has been evident since Springer Nature launched its leading OA journals, Nature Communications and Scientific Reports. In 2018 alone, these journals received more than £1.6 million from 30 UK research-intensive institutions. In 2019, Elsevier launched 100 new OA journals and the humanities publisher IEEE launched 13.

  • Cloud Foundry Is A Developer Experience For Kubernetes | Chip Childers
  • OpenStack Foundation Rebrands as Open Infrastructure Foundation

    Also announced at the Open Infrastructure Summit was the OpenStack Victoria open source cloud platform, with improved integration with Kubernetes and enhanced IPv6 support. / In a keynote at the event, Thierry Carrez, vice president of engineering at the Open Infrastructure Foundation, said his personal definition for cloud native is applications designed to run on programmable infrastructure. "Cloud native requires programmable infrastructure, and open infrastructure provides an open source solution for that," Carrez said. "So cloud native and open infrastructure really go together like bread and butter."

  • OpenStack Foundation transforms into the Open Infrastructure Foundation

    The writing was on the wall two years ago. The OpenStack Foundation was going to cover more than just the OpenStack Infrastructure-as-a-Service (IaaS) cloud. Today, that metamorphosis is complete. The Foundation now covers a wide variety of open-source cloud and container technologies as the Open Infrastructure Foundation.

Programming Leftovers

Filed under
Development

  • LLVM Clang 12 Adds Support For Vectorization Using Glibc's Vector Math Library - Phoronix

    Upstream LLVM/Clang now supports making use of the vector math library found within the GNU C Library.

    Clang 12 will allow for vectorization using libmvec via the -fvec-lib=libmvec compiler option.

  • Notes to self on frama-c | Richard WM Jones

    Frama-C is a giant modular system for writing formal proofs of C code. For months I’ve been on-and-off trying to see if we could use it to do useful proofs for any parts of the projects we write, like qemu, libvirt, libguestfs, nbdkit etc. I got side-tracked at first with this frama-c tutorial which is fine, but I got stuck trying to make the GUI work.

  • Why I Dislike Switch Statements

    Of course this is a contrived example, but readers will hopefully agree it's representative of the construct.

  • Setup - Full Stack Tracing Part 2 - KDAB

    If you’ve read the first article in this series, you’ll know what full stack tracing is and why you definitely want it. This time, we’ll show you how to setup full stack tracing on your Linux system. There are two steps – first get everything configured to capture a trace, and then view and interpret the trace.

    Setup full stack tracing with a bit of kernel help

    To capture a trace, we’ll be using LTTng (Linux tracing toolkit next generation) in our examples. LTTng captures tracepoints with minimal overhead. This is something you definitely want, as too much extra CPU introduced by tracing can change the system’s behavior, even causing it to fail unpredictably. Another factor in LTTng’s favor is that it’s well supported by the open source community.

    LTTng was designed to record kernel level events. However, you’ll also want to use its user space tracepoints to capture application level events. That will give you consistent visibility, regardless of where execution moves throughout the software stack. User space tracepoints is critical to the setup of full stack tracing as it lets you integrate application, Qt, and kernel tracepoints together in a single view.

  • Mariuz's Blog: Firebird 3.0.7 sub-release is available

    Firebird Project is happy to announce general availability of Firebird 3.0.7 — the latest point release in the Firebird 3.0 series.This sub-release offers many bug fixes and also adds a few improvements, please refer to the Release Notes for the full list of changes.Binary kits for Windows, Linux, Mac OS and Android platforms are immediately available for download.All users of Firebird v3.0.6 are

  • Use of self or $this in PHP – Linux Hint

    In PHP object-oriented programming, we have the self keyword and $this variable that is used for different purposes. The self keyword represents current and static members of the class. While the $this variable represents current object and non-static members of the class. More about these are discussed in this article.

  • 4 C programming courses for every skill level

    Even with so many other system-level languages to choose from, C remains the popular choice. Many key projects—such as the Linux kernel and the Python runtime—still use C, and they will likely do so indefinitely. For some fields of computing, like embedded programming, C is a must.
    And there has never been a better time to learn C. Resources abound, from books to guided courses. Here we’ll look at four major online course offerings for learning C programming, each aimed at different levels of user and offering different approaches. For instance, one combines learning C with learning Linux, while another teaches C and C++ together.

  • rand() Function in C Language – Linux Hint

    In the C language, the rand() function is used for Pseudo Number Generator(PRNG). The random numbers generated by the rand() function are not truly random. It is a sequence that repeats periodically, but the period is so large that we can ignore it. The rand() function works by remembering a seed value that is used to compute the next random number and the next new seed. In this article, we are going to discuss in detail how random numbers can be generated using the rand() function. So, let’s get started!

  • A bug by any other name – Open Source Security

    This tweet from Jim Manico really has me thinking about why we like to consider security bugs special. There are a lot of tools on the market today to scan your github repos, containers, operating systems, web pages … pick something, for security vulnerabilities. I’ve written a very very long series about these scanners and why they’re generally terrible today but will get better, but only if we demand it. I’m now wondering why we want to consider security special. Why do we have an entire industry focused just on security bugs?

    Let’s change the conversation a little bit. Rather than focus on security bugs, let’s ask the question: Which bugs in a given project should we care about?

    There are of course bugs an attacker could use to compromise your system. There are also bugs that could result in data loss. Or bugs that could bring everything down. What about a bug that uses 10% more CPU? Every piece of software has bugs. All bugs are equal, but some bugs are more equal than others.

    We are at a time in software history where we have decided security bugs are more equal than other bugs. This has created entire industries around scanning just for security problems. Unfortunately the end goal isn’t always to fix problems, the goal is often to find problems, so problems are found (a LOT of problems). I think this is a pretty typical case of perverse incentives. You will always find what you measure. The pendulum will swing back in time, maybe we can help it swing a little faster.

  • Why you should use ppport.h in your XS code modules | Karl Williamson [blogs.perl.org]
    
    
    
    
    The answer comes down to two words: Security and Reliability.
    As a bonus, less work on your part.
    
    
    
    
    It's surprising to find that there are modules on CPAN that aren't using
    ppport.h that could stand to benefit from it.
    
    
    
    
    ppport.h is a file that is part of the Devel::PPPort distribution. As you
    know, Perl has evolved over the years, adding new features, and new API for XS
    writers to use. Some of that is to support the new features, and some to make
    tasks easier to accomplish. ppport.h implements portions of the API that
    people have found desirable to have when a module gets installed in a Perl that
    was released before that API element was created. You can write your module
    using the latest API, and have it automatically work on old Perls, simply by
    #including ppport.h in your XS code. ppport.h generally provides support for
    an API element as is reasonably practicable, with many supported to 5.03007.
    
    
    
    
    Importantly, but often overlooked, ppport.h can override buggy early Perl
    implementations of an API element. By using it, you get fixed, proper
    behavior. That sure beats trying to reproduce a reported problem in your
    module that only happens in some ancient Perl, and then try to come up with a
    workaround in an area you aren't familiar with.
    
    
    
    
    This is especially important if your XS code interacts with Unicode in any way.
    Early versions of the Unicode standard and early Perls allowed things that we
    now know are potential attack vectors. Right now, someone could be using your
    module to hack into systems, so you are actually being negligent if you don't
    use ppport.h.
    
    
    
    
    If your XS code has preprocessor #if statements that check for the existence of
    functions, macros, etc, that are only in later perls, you can generally avoid
    that by simply using ppport.h
    

Bug Hunting Session for LibreOffice 7.1 Alpha

Filed under
LibO

LibreOffice 7.1 is being developed by our worldwide community, and is due to be released in early February 2021 -- see the release notes describing the new features here.

In order to find, report and triage bugs, the LibreOffice QA team is organizing the first Bug Hunting Session for LibreOffice 7.1 on Monday October 26 , 20 20 . Tests will be performed on the first Alpha version. Builds will be available for Linux (DEB and RPM), macOS and Windows, and can be installed and run in parallel along with the production version.

Read more

Also: Camera Rotation Improvement - LibreOffice / Collabora Office

SUSE/OpenSUSE Tumbleweed, OBS and MicroOS

Filed under
SUSE
  • openSUSE Tumbleweed – Review of the week 2020/43 – Dominique a.k.a. DimStar (Dim*)

    During this week, we have only released 3 snapshots (1019, 1021, and 1022). a bunch of snapshots has been tested and discarded due to some bugs we, and surely either you, did not want to see on your machines. But as usual; lesser snapshots do not mean less change, as things just cumulate until we feel confident to send a snapshot out again.

  • Introducing the Open Build Service Connector [Ed: SUSE sucking up to Microsoft's openwashed proprietary software as usual]

    That’s right. The Open Build Service Connector is built around bookmarks of packages and projects. Bookmarks can be used to browse a project, its packages and its files. Additionally, you can view the configured repositories and adjust project paths and architectures.

    Individual packages or whole projects can be checked out directly from within Visual Studio Code to the file system similarly as one would do via osc. OBS’ version control is seamlessly integrated into Visual Studio Code’s Source Control module and can be used in a comparable fashion to the git extension.

  • Richard Brown: MicroOS Desktop, The Road to Daily Driving - LinuxReviews

    openSUSE Chairman and MicroOS Release Engineer Richard Brown presented OpenSUSE's minimal MicroOS Linux distribution as a potential desktop operating system at the openSUSE+LibreOffice Virtual Conference 2020 last week in a half an hour long presentation. MicroOS is a minimal Linux distribution primarily made for cloud services, IoT devices, containers and those types of use-cases. It could potentially also be used as a light desktop system similar to ChromeOS and an alpha version of MicroOS for Desktop is available. There are some problems to be solved on the road to a stable release as Richard Brown explains.

Kernel: Linux 5.10 and Linux 5.11 Changes

Filed under
Linux
  • Laptop Touchpad Improvements, New Joystick Driver For Linux 5.10 - Phoronix

    The Linux 5.10 merge window is closing this weekend but there still is new code landing for this last complete kernel series of 2020.

    The input subsystem updates were sent in on Friday morning and include some new drivers and other work. As previously reported, there is better support for newer Synaptics laptop touchpads with this kernel. There is Synaptics RMI4 F3A support for buttons on newer touchpads helping the likes of the ThinkPad X1 Extreme Gen1 and P1 Gen2. There is also InterTouch now enabled for the ThinkPad P1/X1E Gen2 devices.

  • Sensor Fusion Hub Driver For AMD Laptops With Gyroscopes Is Coming To Linux 5.11 - LinuxReviews

    It's been a long and hard road to acceptance for AMD's Sensor Fusion Hub Linux driver. The first revision was submitted to the Linux kernel Mailing List in January 2020. It took eight revisions and a lot of effort before Jiří Kosina finally accepted it into the hid.git#for-5.11 tree, almost guaranteeing that it will become a part of Linux 5.11.

    [...]

    Sandeep Singh didn't give up. He submitted a fourth revision with fingers crossed on February 12th, 2020. Intel's Linux driver engineer Andy Shevchenko rejected it on the grounds that it had long list of issues and concluded that it would need "a bit of work".

    Sandeep Singh sent a firth revision to the Linux Kernel Mailing List on the May 29th. Intel's Andy Shevchenko several additional objections and Sandeep Singh had to go back to the drawing-board.

  • AMD SFH Driver To Land With Linux 5.11 For Better Ryzen Laptop Handling In 2021 - Phoronix

    It was sadly too late for squeezing into the current Linux 5.10 merge window but it looks like for Linux 5.11 in early 2021 the AMD Sensor Fusion Hub "SFH" driver will make its long awaited debut.

    The AMD SFH driver is similar to the long-standing Intel ISH driver for supporting the sensor hub on modern laptops. The AMD SFH support is needed for laptops bearing gyroscopic sensors and other capabilities.

    Back in January AMD finally published the Sensor Fusion Hub Linux driver for supporting the Ryzen laptops of recent years. With time the driver was revised to address various feedback but wasn't quick to get picked up for mainline and at times several weeks passing between code revisions.

  • Intel Sends Linux Kernel Patches For VRR / Adaptive-Sync Enablement - Phoronix

    For months now Intel's open-source Linux driver stack has been preparing for VRR support with Gen11/Gen12 graphics. We've seen user-space patches by Intel around VRR while now they are finally sending out their key Linux kernel driver patches with the i915 DRM code.

    This kernel code is what's needed for actually enabling DisplayPort 1.4 Adaptive-Sync / Variable Refresh Rate on capable Intel graphics hardware with capable displays. The 11 patches add just under 300 lines of new code to their kernel driver in making the necessary VRR preparations and handling for this display feature.

Python Programming

Filed under
Development
  • Episode 32: Our New "Python Basics" Book & Filling the Gaps in Your Learning Path

    Do you have gaps in your Python learning path? If you're like me, you may have followed a completely random route to learn Python. This week on the show, David Amos is here to talk about the release of the Real Python book, "Python Basics: A Practical Introduction to Python 3". The book is designed not only to get beginners up to speed but also to help fill in the gaps many intermediate learners may still have.

  • Sentiment Analysis in Python With TextBlob

    In this article, we will take a look at how we can use the TextBlob library for sentiment analysis. We will also go through an example of how to analyze tweet sentiments.

  • Levene's & Bartlett's Test of Equality (Homogeneity) of Variance in Python

    Here you will learn how to carry out two tests for equality of variances in Python: Bartlett's test and Levene's Test

  • Python Code to Delete a File – Linux Hint

    We can use Python for performing various operations on file and directories, i.e., check the existence of files, verify the existence of directories, and remove the files and directories. Python provides a built-in operating system (OS) module for this purpose. By using the OS module, we can access the system files, directories, and we can delete them as well. Therefore, to perform any operation on file or directory, first, we need to import the OS module. In this article, we will learn to delete the file by using Python.

  • Check If File Exists in Python – Linux Hint

    Python provides a built-in operating system (OS) module that can be used to access OS files and directories. Any computer user often finds the need to check whether a file exists in a system. For example, suppose you are working on a file system and want to make sure that a file is available before performing any major operations on it. If you attempt to navigate or open a non-existent file, then this would cause an error. This article shows you how to use various Python file-checking mechanisms.

Syndicate content

More in Tux Machines

Ubuntu 21.04 Is The "Hirsute Hippo", Releasing On 22 April

Following last week's Ubuntu 20.10 "Groovy Gorilla" release, Ubuntu 21.04 development is now getting underway as the Hirsute Hippo. Succeeding the "GG" series is Ubuntu 21.04 the Hirsute (Hairy) Hippo in following their usual naming convention. This is now the third time of Ubuntu seeing a "HH" release following the Ubuntu 5.04 Hoary Hedgehog and Ubuntu 8.04 Hardy Heron releases. The release schedule for Ubuntu 21.04 puts the official release on 22 April, the beta on 1 April, and the feature freeze on 25 February as the prominent dates of the cycle. The Ubuntu 21.04 toolchain upload is beginning tomorrow and expect more Debian changes to begin flowing into the Ubuntu Hirsute archive shortly. Hirsute uploads can be monitored via Launchpad. Read more Also: Ubuntu 21.04 gets the codename ‘Hirsute Hippo' The Ubuntu 21.04 Codename Revealed — It’s Hairy ‘n Huge! And We’re Off: Ubuntu 21.04 Development Begins

What the growing OEM support means for the future of Linux

When I first started using Linux in the late 1990s, getting Linux to successfully run on a laptop was the stuff of legends. You might be able to get a distribution installed, but having functional wireless connectivity or sound might well be beyond your skill level. Sometimes it'd mean compiling a custom kernel or installing/patching firmware. No matter what route you took, it required time and effort enough that when you did finally get everything working as it should, you felt like a rock star. Those were the days. These days, Linux just works. It's a rare occasion that I run into a piece of hardware that Linux cannot handle. Sure, you might have to install a driver now and then, but even those bits of software are readily available. Read more

today's howtos

  • Introduction to Blender for Beginners – Linux Hint

    If you are a 3D computer graphics or animation enthusiast and are in search of some 3D modeling software, then you have come to the right place. There are many 3D modeling software programs available, many are good and are doing their jobs quite well, but they all come with a hefty price tag and high subscription fees. There is no need to pay heavy subscription fees when you have a free and powerful 3D creation tool at your fingertips, known as a Blender. Blender is a popular and open-source 3D creation software that can be used in 3D printer designs. It is a robust program that supports the entire pipeline of 3D creation, which includes modeling, shading, rigging, animation, and rendering. There is no need to get any supplementary programs because Blender lets you make games and edit videos. Blender is quite easy to learn and has a great community to support you. This article introduces the basics of the Blender software to beginners. We will discuss the Blender user interface and some essential shortcut keys. If you are a beginner and want to start 3D modeling in Blender, then this article is for you.

  • How To Install Wireguard on Ubuntu 20.04 LTS - idroot

    In this tutorial, we will show you how to install Wireguard on Ubuntu 20.04 LTS. For those of you who didn’t know, Wireguard is an open-source, dependable, advanced, VPN tunneling software you can install and use right now to create a secure, point-to-point connection to a server. It is cross-platform and can run almost anywhere, including Linux, Windows, Android, and macOS. Wireguard is a peer-to-peer VPN. it does not use the client-server model. Depending on its configuration, a peer can act as a traditional server or client. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step installation of Wireguard on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian based distribution like Linux Mint.

  • How To Use Dockerfiles In Docker - Anto Online

    This post will explain how to use Dockerfiles in Docker. Learn how to launch Wordpress and MariaDB using your own Dockerfile.

  • How To Install Wine on Linux Mint 20 - idroot

    In this tutorial we will show you how to install Wine on Linux Mint 20, as well as some extra required package by Wine

  • How to Extract and Open a .gz File in Linux Command Line – Linux Hint

    We know that a file in a computer system can be as small as a few Bytes or as large as a thousand Gigabytes. When you want to transmit a file from one end to another, its size plays a very important role in deciding whether you want to send it as it is or compress it. The .gz file format is a very commonly used compressed file format for the Linux operating system. Today, we will explore the methods of extracting and opening a .gz file in Linux.

  • How to Install and Configure an FTP server (vsftpd) with SSL/TLS on Ubuntu 20.04

    In this tutorial, we will learn how to install and configure an FTP Server using vsftpd on an Ubuntu 20.04 based server. We will also learn how to sec...

  • How to Reset Forgotten Root Password in Ubuntu? – Linux Hint

    In any UNIX or Linux system, the root account is the top in the hierarchy. It holds the utmost power over the system. For any system change, the root has to grant permission. The root user can also override any user’s permission and read or write data. Because the root account holds so much power, it is important to protect it from unwanted access.In the case of Ubuntu, the root account is disabled by default. However, you can still perform system changes. To do so, you need to know the root password. The problem arises when you have forgotten the root password.

Games: Caesar III, Moonshell Island, The Last Relic

  • Julius, the open source re-implementation of Caesar III has a new major release | GamingOnLinux

    Caesar III continues to live on and get improvements on modern systems thanks to open source, with the Julius game engine continuing to mature. On October 27, Julius 1.5.0 was released continuing to upgrade the experience. The current status is that it should be fully playable, with it largely focused on accuracy with the original game but with plenty of UI enhancements.

  •   
  • Upcoming RPG 'Moonshell Island' will have you fight giant tomatoes with a whisk | GamingOnLinux

    You've faced monsters before aplenty but what about nomsters? Moonshell Island looks and sounds like a delightful and rather quirky upcoming RPG. Set on a whimsical island, Moonshell Island will feature a cast of charming characters, a "satisfying" action-battle system, plenty of mini-games and a "heartwarming tale of achieving dreams, supporting friends, and building a community". On a peaceful island these strange nomsters threaten the peace so "you must journey to find the source of the trouble and recruit the islanders to a safe haven, Crabby’s Cabana Club. As the club population grows, more services become available to aid you on your quest to uncover not only the secrets of the island, but also of yourself".

  •   
  • The Last Relic is an upcoming RPG inspired by Earthbound and Chrono Trigger | GamingOnLinux

    Enjoyed classics like Earthbound and Chrono Trigger? Take a look at The Last Relic, an in-development RPG from developer Christopher Hall Guay. "The Last Relic follows the tale of a young girl named Ellie who is transported from her cozy, American life to a foreign realm of magic and monsters. Lost and alone, she wanders this new land aimlessly, wishing only to get back home. She's attacked by monsters only to be rescued by a young man named Dorian. It's here Ellie learns that she is far from Earth, in the land of Relics and Relic Hunters. Why was she brought here? And will she ever make it back home?"