Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 28 Oct 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story More Games for GNU/Linux Roy Schestowitz 26/10/2016 - 9:56pm
Story Red Hat News Roy Schestowitz 26/10/2016 - 9:54pm
Story Fedora News Roy Schestowitz 26/10/2016 - 9:52pm
Story Tizen News Roy Schestowitz 26/10/2016 - 9:47pm
Story Android Leftovers Roy Schestowitz 26/10/2016 - 9:46pm
Story More of That Cow... Roy Schestowitz 26/10/2016 - 8:25pm
Story Tech Webinar: Knox Tizen Wearable SDK – October 27, 2016 Rianne Schestowitz 26/10/2016 - 6:37pm
Story Open Source Operating Systems for IoT Rianne Schestowitz 26/10/2016 - 6:30pm
Story New Cortex-M chips add ARMv8 and TrustZone Rianne Schestowitz 26/10/2016 - 6:24pm
Story OpenStack in the Headlines Roy Schestowitz 26/10/2016 - 6:12pm

Distributing encryption software may break the law

Filed under

Developers, distributors, and users of Free and Open Source Software (FOSS) often face a host of legal issues which they need to keep in mind. Although areas of law such as copyright, trademark, and patents are frequently discussed, these are not the only legal concerns for FOSS. One area that often escapes notice is export controls. It may come as a surprise that sharing software that performs or uses cryptographic functions on a public website could be a violation of U.S. export control law.

Export controls is a term for the various legal rules which together have the effect of placing restrictions, conditions, or even wholesale prohibitions on certain types of export as a means to promote national security interests and foreign policy objectives. Export control has a long history in the United States that goes back to the Revolutionary War with an embargo of trade with Great Britain by the First Continental Congress. The modern United States export control regime includes the Department of State's regulations covering export of munitions, the Treasury Department's enforcement of United States' foreign embargoes and sanctions regimes, and the Department of Commerce's regulations applying to exports of "dual-use" items, i.e. items which have civil applications as well as terrorism, military, or weapons of mass destruction-related applications.

Read more

Games for GNU/Linux

Filed under

What is the GRUB2 boot loader?

Filed under
Red Hat

There are various things that make up an operating system. In any operating system, one of the most critical parts is powering on the machine. During this process, the computer will execute a small program in read-only memory (ROM) to begin initiating the startup process. This small program is known by many names, but most often called a boot loader. In almost every Linux distribution, including Fedora, GRUB2 (or GRand Unified Bootloader 2) is the default boot loader. Even though it is a critical piece of the operating system, many people aren’t aware of the boot loader, all that goes into it, or how it can be customized.

Read more

openSUSE Tumbleweed Getting Linux Kernel 4.8.3 Soon, GNOME 3.22.1 Landed

Filed under

openSUSE developer Dominique Leuenberger informs the openSUSE Tumbleweed community about the latest GNU/Linux technologies and Open Source software projects that landed in the stable repositories.

Read more

KDE Applications 16.12 Software Suite Lands December 15 for KDE Plasma 5.8 LTS

Filed under

KDE Plasma's KDE Applications 16.08 software suite series will receive just one more point release, namely KDE Applications 16.08.3, which lands November 10, so it's time for the next major branch.

Read more

Android Leftovers

Filed under

Security News

Filed under
  • How your DVR was hijacked to help epic cyberattack

    Technology experts warned for years that the millions of Internet-connected "smart" devices we use every day are weak, easily hijacked and could be turned against us.

    The massive siege on Dyn, a New Hampshire-based company that monitors and routes Internet traffic, shows those ominous predictions are now a reality.

    An unknown attacker intermittently knocked many popular websites offline for hours Friday, from Amazon to Twitter and Netflix to Etsy. How the breach occurred is a cautionary tale of the how the rush to make humdrum devices “smart” while sometimes leaving out crucial security can have major consequences.

  • Find Out If One of Your Devices Helped Break the Internet

    Security experts have been warning for years that the growing number of unsecured Internet of Things devices would bring a wave of unprecedented and catastrophic cyber attacks. Just last month, a hacker publicly released malware code used in a record-breaking attack that hijacked 1.5 million internet-connected security cameras, refrigerators, and other so-called “smart” devices that were using default usernames and passwords.

    On Friday, the shit finally hit the fan.

  • Once more, with passion: Fingerprints suck as passwords

    Fingerprints aren’t authentication.

    Fingerprints are identity. They are usernames.

    Fingerprints are something public, which is why it should really bother nobody with a sense of security that the FBI used them to unlock seized phones. You’re literally leaving your fingerprints on every object you touch. That makes for an abysmally awful authentication token.

  • Strengthen cyber-security with Linux

    Using open source software is a viable and proven method of combatting cyber-crime

    It’s encouraging to read that the government understands the seriousness of the loss of $81 million dollars via the hacking of Bangladesh Bank, and that a cyber-security agency is going to be formed to prevent further disasters. Currently, information security in each government department is up to the internal IT staff of that department.

  • Canonical announces live kernel patching for Ubuntu

    Canonical, the company behind the Ubuntu GNU/Linux distribution, has announced that it will provide a live kernel patching services for version 16.04 which was released in April.

  • Everything you know about security is wrong

    If I asked everyone to tell me what security is, what do you do about it, and why you do it. I wouldn't get two answers that were the same. I probably wouldn't even get two that are similar. Why is this? After recording Episode 9 of the Open Source Security Podcast I co-host, I started thinking about measuring a lot. It came up in the podcast in the context of bug bounties, which get exactly what they measure. But do they measure the right things? I don't know the answer, nor does it really matter. It's just important to keep this in mind as in any system, you will get exactly what you measure.


    If you have 2000 employees, 200 systems, 4 million lines of code, and 2 security people, that's clearly a disaster waiting to happen. If you have 20, there may be hope. I have no idea what the proper ratios should be, if you're willing to share ratios with me I'd love to start collecting data. As I said, I don't have scientific proof behind this, it's just something I suspect is true.

  • Home Automation: Coping with Insecurity in the IoT

    Reading Matthew Garret’s exposés of home automation IoT devices makes most engineers think “hell no!” or “over my dead body!”. However, there’s also the siren lure that the ability to program your home, or update its settings from anywhere in the world is phenomenally useful: for instance, the outside lights in my house used to depend on two timers (located about 50m from each other). They were old, loud (to the point the neighbours used to wonder what the buzzing was when they visited) and almost always wrongly set for turning the lights on at sunset. The final precipitating factor for me was the need to replace our thermostat, whose thermistor got so eccentric it started cooling in winter; so away went all the timers and their loud noises and in came a z-wave based home automation system, and the guilty pleasure of having an IoT based home automation system. Now the lights precisely and quietly turn on at sunset and off at 23:00 (adjusting themselves for daylight savings); the thermostat is accessible from my phone, meaning I can adjust it from wherever I happen to be (including Hong Kong airport when I realised I’d forgotten to set it to energy saving mode before we went on holiday). Finally, there’s waking up at 3am to realise your wife has fallen asleep over her book again and being able to turn off her reading light from your alarm clock without having to get out of bed … Automation bliss!

Microsoft Corruption, Rejections, and Struggles

Filed under
  • Microsoft licensing corruption scandal in Romania has ended on October 3rd

    This scandal covers buying Microsoft licensees for Romanian administration from 2004 to 2012 for total 228 millions USD.

    During the investigation was found that more than 100 people, former ministers, mayor of Bucuresti and businessman are involved in this corruption scandal and more than 20 millions euro are paid as bribes.

  • 49ers Colin Kaepernick, Chip Kelly review Microsoft Surface tablets, which Bill Belichick is ‘done’ using

    Ranting about Microsoft’s unreliable, sideline tablets is not a top priority for 49ers coach Chip Kelly and quarterback Colin Kaepernick, not with a five-game losing streak in tow for Sunday’s game against the Tampa Bay Buccaneers.

    But both Kelly and Kaepernick confirmed this week that they’ve experienced problems with the Microsoft Surface tablets. They’re just not as fed up with them as New England Patriots coach Bill Belichick, who’s lambasted the imperfect technology for years and finally declared this week: “I’m done with the tablets.”

  • Windows: When no growth is an improvement

    Research firms like IDC and Gartner have continued to forecast contraction, not expansion, in the PC business. Only when enterprise migrations to Windows 10 kick into gear do analysts see a reversal of the industry’s historic slump. That isn’t expected to happen until next year.

Parsix GNU/Linux 8.10 "Erik" & 8.15 "Nev" Receive Latest Debian Security Updates

Filed under

After releasing the first Test build of the upcoming Parsix GNU/Linux 8.15 "Nev" operating system a couple of days ago, today, October 23, 2016, the Parsix GNU/Linux development team announced the availability of new security updates for all supported Parsix GNU/Linux releases.

Parsix GNU/Linux 8.10 "Erik" is the current stable release of the Debian-based operating system, and it relies on the Debian Stable (Debian GNU/Linux 8 "Jessie") software repositories. On the other hand Parsix GNU/Linux 8.15 "Nev" is the next major version, which right now is in development, but receives the same updates as the former.

Read more

Chakra GNU/Linux Users Receive KDE Plasma 5.8.2 and KDE Apps 16.08.2, Lots More

Filed under

With great pleasure, Chakra GNU/Linux developers Neofytos Kolokotronis informed the community about the latest open source software projects and technologies that landed in the stable repositories of the distribution originally based on Arch Linux.

Just like Arch Linux, Chakra GNU/Linux is a rolling operating system, which means that users always receive the latest updates without having to download a new ISO image and reinstall. And today, we're happy to inform our Chakra GNU/Linux users that they've received the newest KDE Plasma 5.8.2 LTS desktop environment.

Read more

Linux 4.9-rc2

Filed under
  • Linux 4.9-rc2

    I'm back on my usual Sunday afternoon release schedule, and 4.9-rc2 is out.

    My favorite new feature that I called out in the rc1 announcement (the
    virtually mapped stacks) is possibly implicated in some crashes that
    Dave Jones has been trying to figure out, so if you want to be helpful
    and try to see if you can give more data, please make sure to enable

    .. and on the other hand, if you want to just not have to worry about
    _that_ particular issue, disable the virtually mapped stacks it for
    now, but please do help test.

    Because 4.9 is obviously shaping up to be a big release (I haven't
    done the actual stats yet, but I think it's the biggest in number of
    commits we've ever had), and I think Greg is also planning on making
    it an LTS release. The two may be related, with people pushing to get
    their stuff ready. Regardless, the more people who help test, and the
    earlier in the rc series those people start testing, the better off
    we'll be. Hint hint.

    Ok, enough about that. rc2 itself isn't huge, but that's a fairly
    common pattern: either people just take a breather after the merge
    window, or it simply takes a while for the fallout of new code to be
    found, so rc2 is usually a fairly small rc.

    But we have stuff pretty much all over the map: drivers dominate (gpu
    drivers stand out, but there's ipmi, clocksource, mmc, pinctrl, HID,
    scsi, nvme .. you name it). Add some architecture updates (x86 and
    arm64) and a few filesystems (ext4, nfs, ceph, f2fs), and some VM
    cleanups and one big fix, and you've covered most of it.

    The appended shortlog gives the details, and for even more detail you
    can always go to the git tree itself.


  • Linus Torvalds Announces the Second Release Candidate of Linux Kernel 4.9 LTS

    It's still Sunday in the US, which means that it's time for you to take yet another RC (Release Candidate) milestone of the upcoming Linux 4.9 kernel release for a test drive.

    That's right, Linus Torvalds just announced the second Release Candidate for Linux kernel 4.9, which lands eight days after the first one and appears to be fairly normal development snapshot that includes lots of updated drivers, mostly for GPU, but also HID, SCSI, MMC, PINCTRL, IMPI, and clocksource, various x86 and ARM64 architecture updates, improvemnts to the EXT4, F2FS, Ceph, and NFS filesystems, and some VM cleanups.

  • Linux 4.9-rc2 Kernel Released

    Linux 4.9-rc2 is now available as the latest test release of this forthcoming kernel update.

    Over the past week there's been a fair number of merges of bug/regression fixes for this stage of Linux 4.9 development, one week since the closure of the merge window.

    We've already written a lot about Linux 4.9, including our detailed Linux 4.9 feature overview for those interested in the fun changes of this next kernel release.

GParted Live 0.27.0-1 Disk Partitioning Live CD Out Now, Based on GParted 0.27.0

Filed under

Just one day after announcing the release of the GParted 0.27.0 open-source partition editor software, Curtis Gedak is informing us about the availability of the GParted Live 0.27.0-1 stable release.

Read more

Netrunner Core 16.09 "Avalon" Is Based on Debian GNU/Linux 8, KDE Plasma 5.7.5

Filed under

Today, October 23, 2016, the development team behind the Debian-based Netrunner GNU/Linux distribution proudly announced the release of Netrunner Core 16.09 "Avalon."

Read more

today's leftovers

Filed under
  • Acer updates Chromebook 15 with 12-hour battery life -- $199 exclusively at Walmart

    Chromebooks are not for everyone, but for many home users, it is absolute perfection. If you live in the web browser -- as many people do nowadays -- laptops running Google's Linux-based Chrome OS are a godsend because they are maintenance free. No need for confusing OS upgrades or anti-virus software. It just works, and it works well. Since they can now run Android apps too, they could become a serious threat to Microsoft and Windows 10.

    One of the most attractive aspects of Chromebooks is price -- they are often quite affordable. Today, Acer refreshes its 15.6 inch Chromebook 15 with a mind-boggling 12 hours of battery life. Best of all? It starts at $199. Yes, this model will get Android app support in a future update too.

  • Of Life, Linux and Karma Angels

    Angel filed appeal after appeal only to be denied on every attempt. Texas is an "at will" employment state so being terminated for cause can mean anything. Over the next few weeks, Angel became more and more fearful of losing her house, as she had just purchased it a year before. On top of that, her HP desktop had taken a nose dive into severe brokeness and that made it extra difficult for her to look for work. I put together a decent desktop for her and installed it that day, and was a Linux computer.

    Angel didn't have even the slightest problem with the new machine, and she wasn't particularly good at using one. So, let's put another slash in the falsehood that Linux is too hard for the everyday user. Most of them anyway. YMMV.

    To her glee, the OS picked up and configured her Epson all in one without her lifting a finger to do so. She almost clapped for happiness, stating that in Windows, installing that printer had been a nightmare, even with the included driver CD. And just to pinpoint the time frame for you, it was the summer of 2006.

  • Deus Ex: Mankind Divided to launch on Linux in November, Mac version delayed

    Feral Entertainment has announced that Deus Ex: Mankind Divided will be launching on Linux in November. Feral Interactive is currently working on the Linux port of the game.

    In September the game development studio announced that Deus Ex: Mankind Divided would make its way to two additional platforms: Linux and Mac. The Linux version of the game will most likely make use of OpenGL or Vulkan to power its graphics engine.

  • Mad Max: It Came From The Desert to Linux

    First of all, let me get one thing straight out of the way, so you know where I come from. I did not like the recent Mad Max movie. Like, not at all. Not that I mind the post apocalyptic theme. I used to like the older Mad Max’s just fine (probably the first one the best). The new one…meh. The Max character had virtually no back story (as thin as a sheet of paper) and he was just acting like a crazy person from beginning to end. The story’s premise was boring and just an excuse for endless and not so impressive action scenes. So there was nothing redeeming it. I know this is not the mainstream opinion of the movie (everyone apparently thought it was the best thing ever since sliced bread) so I can only attribute this phenomenon to either mass hysteria or simply a clear decrease in movie expectations. The Force Awakens‘ success, despite being a mediocre movie and certainly underwhelming compared to the original trilogy, certainly echoes the same trend. I guess you cannot beat nostalgia. Just tag a Millennium Falcon on and you get a free ride no matter how incoherent the story or the characters are.

  • Budgie Remix 16.10 Overview
  • I Switched To OpenSuse Tumbleweed Smile
  • 50-day Moving Average Of Red Hat, Inc. (NYSE:RHT) At $76.67
  • Red Hat, Inc. (NYSE: RHT) – Is this large market cap stock undervalued?
  • Fedora 25 new features, Perl removed from Build Root

    Fedora is the fast-paced bleeding-edge distribution of Red Hat. Fedora 25 is the second release of 2016 the other being Fedora 24. Let’s discover what lies in the future of this popular Linux distribution especially among developers.

  • "dnf update" considered harmful

    Updating a Linux distribution has historically been done from the command line (using tools like Debian's apt-get, openSUSE's zypper, or Fedora's yum—or its successor dnf). A series of crashes during system updates on Fedora 24 led Adam Williamson to post a note to fedora-devel and other mailing lists warning people away from running "dnf update" within desktop environments. It turns out that doing so has never truly been supported—though it works the vast majority of the time. The discussion around Williamson's note, however, makes it clear that the command is commonly run that way and that at least some users are quite surprised (and unhappy) that it isn't a supported option.

  • Supporting UEFI secure boot in Debian

    The Debian project can be accused of many things, but jumping too quickly on leading-edge technology is not one of them. That can be seen in, among other things, the fact that there is still not a version of the distribution that supports the UEFI secure boot mechanism. But, as Ben Hutchings explained during his 2016 Kernel Recipes talk, such support is in the works, and it will be implemented in a uniquely Debian-like manner.

  • The Lenovo Yoga Book Is the Future of Laptops, But It's Missing an Operating System

    For this review I spent a week with the Android version of Lenovo’s slick new backflipping laptop. Guts-wise it’s identical to the Windows 10 variant. They both feature Intel Atom x5-Z8550 processors, 4GB of RAM, 64GB of on-device storage, and 1920 x 1200 resolution displays. The Android version starts at $500 and the Windows version starts at $550.

  • Another Broken Nexus 5

    In late 2013 I bought a Nexus 5 for my wife [1]. It’s a good phone and I generally have no complaints about the way it works. In the middle of 2016 I had to make a warranty claim when the original Nexus 5 stopped working [2]. Google’s warranty support was ok, the call-back was good but unfortunately there was some confusion which delayed replacement.

    Once the confusion about the IMEI was resolved the warranty replacement method was to bill my credit card for a replacement phone and reverse the charge if/when they got the original phone back and found it to have a defect covered by warranty. This policy meant that I got a new phone sooner as they didn’t need to get the old phone first. This is a huge benefit for defects that don’t make the phone unusable as you will never be without a phone. Also if the user determines that the breakage was their fault they can just refrain from sending in the old phone.

Kernel Space/Linux

Filed under
  • Linux 4.9's Efficient BPF-based Profiler

    Linux 4.9 skips needing the file entirely, and its associated overheads. I wrote about this as a missing BPF feature in March. It is now done.

  • UBIFS Working On File Encryption Support

    Following EXT4 file-system encryption and F2FS per-file encryption support, the UBIFS file-system is also bringing in encryption support built off this fscrypto framework used by EXT4/F2FS.

    In making use of fscrypto, the UBIFS file-system encryption support is similar to the EXT4/F2FS implementations and supports not only encrypting the file contents but also the file name. In making use of this framework, it only took around one thousand lines of new code to make it happen from the kernel-side while the user-space changes for supporting UBIFS encryption are still baking. UBIFS for those out of the look is the Unsorted Block Image File-System that's built atop UBI and designed for raw flash memory media.

  • An important set of stable kernel updates
  • Linux Kernels 3.16.38, 3.12.66, 3.10.104, and 3.2.83 Patched Against "Dirty COW"

    We reported the other day that an ancient bug, which existed in the Linux kernel since 2005, was patched in several recent updates, namely Linux kernel 4.8.3, Linux kernel 4.7.9, and Linux kernel 4.4.26 LTS.

    One day later, the maintainers of other supported Linux kernel branches patched the bug, which is dubbed by researchers as "Dirty COW" and documented as CVE-2016-5195. As such, today we'd like to inform those of running GNU/Linux distributions powered by kernels from the Linux 3.16, 3.12, 3.10, and 3.2 series that new updates are available for their systems.

  • Linux users warned over serious vulnerability affecting many versions
  • MuQSS - The Multiple Queue Skiplist Scheduler v0.112

    It's getting close now to the point where it can replace BFS in -ck releases. Thanks to the many people testing and reporting back, some other misbehaviours were discovered and their associated fixes have been committed.

  • Linux Raid mdadm md0

    Linux Raid is the de-facto way for decades in the linux-world on how to create and use a software raid. RAID stands for: Redundant Array of Independent Disks. Some people use the I for inexpensive disks, I guess that works too!

  • On Linux kernel maintainer scalability

    LWN's traditional development statistics article for the 4.6 development cycle ended with a statement that the process was running smoothly and that there were no process scalability issues in sight. Wolfram Sang started his 2016 LinuxCon Europe talk by taking issue with that claim. He thinks that there are indeed scalability problems in the kernel's development process. A look at his argument is of interest, especially when contrasted with another recent talk on maintainer scalability.

  • First comparison of Vulkan API vs OpenGL ES API on ARM
  • Prime Indicator Plus Makes It Easy To Switch Between Nvidia And Intel Graphics (Nvidia Optimus)

    The original Prime Indicator hasn't been updated since February, 2015. André Brait forked the indicator (while also using code from the Linux Mint version), improving it with both new functionality and bug fixes, and the new app is called Prime Indicator Plus.

    Using the nvidia-prime package, Ubuntu users can switch between Intel and Nvidia graphics by using Nvidia Settings (under PRIME Profiles), which then requires restarting the session (logout/login) to apply the changes. Prime Indicator makes this easier, by allowing you to switch graphics from the indicator menu, including triggering the logout.

  • Features You Will Not Find In The Mesa 13.0 Release

    While Mesa 13.0 is coming along for release next month with exciting features like OpenGL 4.5 for Intel, unofficial GL 4.4/4.5 for RadeonSI/NVC0, and the addition of the RADV Radeon Vulkan driver, there is some functionality that sadly won't be found in this release.

    Below are some features/functionality not currently found in Mesa 13.0. Some of the mentioned items have patches floating on the mailing list that weren't merged in time while other items are more along the lines of pipe-dreams that would have been fun to see in Mesa for 2016.

  • Crucial MX300: Good Linux Performance, 525GB SSD For Only $120 USD

Leftovers: Software

Filed under
  • i2pd 2.10 released

    i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client.

    I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.

    I2P client is a software used for building and using anonymous I2P networks. Such networks are commonly used for anonymous peer-to-peer applications (filesharing, cryptocurrencies) and anonymous client-server applications (websites, instant messengers, chat-servers).

    I2P allows people from all around the world to communicate and share information without restrictions.

  • Pixeluvo Review | Photo Editor for Linux & Windows

    A review of Pixeluvo, a great photo editor available on Linux and Windows. Pixeluvo is not free or open source.

  • Blit, A Retrospective On My Largest Project Ever

    I’ve always been someone who’s liked art and programming. Especially combining the two. One of my favorite genres is pixel art, or sprites as they are also known. I’ve dabbled in making a few other art programs before, but nothing like this.

    Originally Blit supposed to be only a sprite animation tool that had a modern look and feel, but my ideas for it grew greater (*sigh* feature creep). There are many other sprinting tools out there like GrafX2, Aseprite, (and other 2D animation programs like TVPaint). I’m not saying that it’s wrong that they make their own GUI toolkit, but it feels kind of odd. I really wanted to bring these types of programs out of the days of the Amiga. After doing some initial research, I settled on using Qt.

  • An alert on the upcoming 7.51.0 release

    In two weeks time, on Wednesday November 2nd, we will release curl and libcurl 7.51.0 unless something earth shattering happens.

  • Desktop Gmail Client `WMail` 2.0.0 Stable Released

    WMail is a free, open source desktop client for Gmail and Google Inbox, available for Linux, Windows, and Mac.

  • SpaceView: Ubuntu File System Usage Indicator
  • FunYahoo++: New Yahoo Messenger Plugin For Pidgin / libpurple [PPA]

    Yahoo retired its old Messenger protocol in favor of a new one, breaking compatibility with third-party applications, such as Pidgin, Empathy, and so on.

    Eion Robb, the SkypeWeb and Hangouts developer, has created a replacement Yahoo prpl plugin, called FunYahoo++, that works with the new Yahoo Messenger protocol.

    Note that I tested the plugin with Pidgin, but it should work with other instant messaging applications that support libpurple, like BitlBee or Empathy.

  • GCC Lands Loop Splitting Optimization

    The latest GCC 7 development code has an optimization pass now for loop splitting.

  • GCC 7 To End Feature Development Next Month

    Friday's GCC 7 status report indicates the feature freeze is coming up in just a few weeks.

    Red Hat developer Jakub Jelinek wrote in the latest status report, "Trunk which will eventually become GCC 7 is still in Stage 1 but its end is near and we are planning to transition into Stage 3 starting Nov 13th end of day time zone of your choice. This means it is time to get things you want to have in GCC 7 finalized and reviewed. As usual there may be exceptions to late reviewed features but don't count on that. Likewise target specific features can sneak in during Stage 3 if maintainers ok them."

  • GNU Parallel 20161022 ('Matthew') released [stable]

    GNU Parallel 20161022 ('Matthew') [stable] has been released. It is available for download at:

    No new functionality was introduced so this is a good candidate for a stable release.

  • GNU Health 3.0.4 patchset released

    GNU Health 3.0.4 patchset has been released !

  • guile-ncurses 2.0 released

    I am pleased to announce the release of guile-ncurses 2.0

    guile-ncurses is a library for the creation of text user interfaces in the GNU Guile dialect of the Scheme programming language. It is a wrapper to the ncurses TUI library. It contains some basic text display and keyboard and mouse input functionality, as well as a menu widget and a form widget. It also has lower level terminfo and termios functionality.

  • Unifont 9.0.03 Released

    Unifont 9.0.03 is released. The main changes are the addition of the Pikto and Tonal ConScript Unicode Registry scripts.

  • PATHspider 1.0.0 released!

    In today’s Internet we see an increasing deployment of middleboxes. While middleboxes provide in-network functionality that is necessary to keep networks manageable and economically viable, any packet mangling — whether essential for the needed functionality or accidental as an unwanted side effect — makes it more and more difficult to deploy new protocols or extensions of existing protocols.

    For the evolution of the protocol stack, it is important to know which network impairments exist and potentially need to be worked around. While classical network measurement tools are often focused on absolute performance values, PATHspider performs A/B testing between two different protocols or different protocol extensions to perform controlled experiments of protocol-dependent connectivity problems as well as differential treatment.

  • The Domain Name System

today's howtos

Filed under
Syndicate content

More in Tux Machines


  • Managing OpenStack with Open Source Tools
    Day 2 operations are still dominated by manual and custom individual scripts devised by system administrators. Automation is needed by enterprises. Based on the above analysis, Ansible is a leading open source project with a high number contributions and a diverse community of contributions. Thus Ansible is a well supported and popular open source tool to orchestrate and manage OpenStack.
  • Databricks Weaves Deep Learning into Cloud-Based Spark Platform
    Databricks, a company founded by the creators of the popular open-source Big Data processing engine Apache Spark, is a firm that we've been paying close attention to here at OStatic. We're fans of the company's online courses on Spark, and we recently caught up with Kavitha Mariappan, who is Vice President of Marketing at the company, for a guest post on open source tools and data science. Now, Databricks has announced the addition of deep learning support to its cloud-based Apache Spark platform. The company says this enhancement adds GPU support and integrates popular deep learning libraries to the Databricks' big data platform, extending its capabilities to enable the rapid development of deep learning models. "Data scientists looking to combine deep learning with big data -- whether it's recognizing handwriting, translating speech between languages, or distinguishing between malignant and benign tumors -- can now utilize Databricks for every stage of their workflow, from data wrangling to model tuning," the company reports, adding "Databricks is the first to integrate these diverse workloads in a fast, secure, and easy-to-use Apache Spark platform in the cloud."
  • OpenStack Building the Cloud for the Next 50 Years (and Beyond)
    Two OpenStack Foundation executives talk about what has gone wrong, what has gone right and what's next for the open-source cloud. BARCELONA, Spain—When OpenStack got started in 2010, it was a relatively small effort with only two companies involved. Over the last six years, that situation has changed dramatically with OpenStack now powering telecom, retail and scientific cloud computing platforms for some of the largest organizations in the world.
  • The Myth of the Root Cause: How Complex Web Systems Fail
    Complex systems are intrinsically hazardous systems. While most web systems fortunately don’t put our lives at risk, failures can have serious consequences. Thus, we put countermeasures in place — backup systems, monitoring, DDoS protection, playbooks, GameDay exercises, etc. These measures are intended to provide a series of overlapping protections. Most failure trajectories are successfully blocked by these defenses, or by the system operators themselves.
  • How to assess the benefits of SDN in your network
    Software-defined networking has matured from a science experiment into deployable, enterprise-ready technology in the last several years, with vendors from Big Switch Networks and Pica8 to Hewlett Packard Enterprise and VMware offering services for different use cases. Still, Nemertes Research's 2016 Cloud and Data Center Benchmark survey found a little more than 9% of organizations now deploying SDN in production.

Security News

  • GNU Tar "Pointy Feather" Vulnerability Disclosed (CVE-2016-6321)
    Last week was the disclosure of the Linux kernel's Dirty COW vulnerability while the latest high-profile open-source project going public with a new security CVE is GNU's Tar. Tar CVE-2016-6321 is also called POINTYFEATHER according to the security researchers. The GNU Pointy Feather vulnerability comes down to a pathname bypass on the Tar extraction process. Regardless of the path-name(s) specified on the command-line, the attack allows for file and directory overwrite attacks using specially crafted tar archives.
  • Let’s Encrypt and The Ford Foundation Aim To Create a More Inclusive Web
    Let’s Encrypt was awarded a grant from The Ford Foundation as part of its efforts to financially support its growing operations. This is the first grant that has been awarded to the young nonprofit, a Linux Foundation project which provides free, automated and open SSL certificates to more than 13 million fully-qualified domain names (FQDNs). The grant will help Let’s Encrypt make several improvements, including increased capacity to issue and manage certificates. It also covers costs of work recently done to add support for Internationalized Domain Name certificates. “The people and organizations that Ford Foundation serves often find themselves on the short end of the stick when fighting for change using systems we take for granted, like the Internet,” Michael Brennan, Internet Freedom Program Officer at Ford Foundation, said. “Initiatives like Let’s Encrypt help ensure that all people have the opportunity to leverage the Internet as a force for change.”
  • How security flaws work: SQL injection
    Thirty-one-year-old Laurie Love is currently staring down the possibility of 99 years in prison. After being extradited to the US recently, he stands accused of attacking systems belonging to the US government. The attack was allegedly part of the #OpLastResort hack in 2013, which targeted the US Army, the US Federal Reserve, the FBI, NASA, and the Missile Defense Agency in retaliation over the tragic suicide of Aaron Swartz as the hacktivist infamously awaited trial.
  • How To Build A Strong Security Awareness Program
    At the Security Awareness Summit this August in San Francisco, a video clip was shown that highlights the need to develop holistic security awareness. The segment showed an employee being interviewed as a subject matter expert in his office cubicle. Unfortunately, all his usernames and passwords were on sticky notes behind him, facing the camera and audience for all to see. I bring this story up not to pick on this poor chap but to highlight the fact that security awareness is about human behavior, first and foremost. Understand that point and you are well on your way to building a more secure culture and organization. My work as director of the Security Awareness Training program at the SANS Institute affords me a view across hundreds of organizations and hundreds of thousands of employees trying to build a more secure workforce and society. As we near the end of this year's National Cyber Security Awareness Month, here are two tips to incorporate robust security awareness training into your organization and daily work.

What comes after ‘iptables’? It’s successor, of course: `nftables`

Nftables is a new packet classification framework that aims to replace the existing iptables, ip6tables, arptables and ebtables facilities. It aims to resolve a lot of limitations that exist in the venerable ip/ip6tables tools. The most notable capabilities that nftables offers over the old iptables are: Read more

Linux 4.8.5

I'm announcing the release of the 4.8.5 kernel. All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git:// linux-4.8.y and can be browsed at the normal git web browser: Read more Also: Linux 4.4.28