Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 13 Oct 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Critical Security Issue identified in iTerm2 as part of Mozilla Open Source Audit

Filed under
Mac
Moz/FF
Security

A security audit funded by the Mozilla Open Source Support Program (MOSS) has discovered a critical security vulnerability in the widely used macOS terminal emulator iTerm2. After finding the vulnerability, Mozilla, Radically Open Security (ROS, the firm that conducted the audit), and iTerm2’s developer George Nachman worked closely together to develop and release a patch to ensure users were no longer subject to this security threat. All users of iTerm2 should update immediately to the latest version (3.3.6) which has been published concurrent with this blog post.

Founded in 2015, MOSS broadens access, increases security, and empowers users by providing catalytic support to open source technologists. Track III of MOSS — created in the wake of the 2014 Heartbleed vulnerability — supports security audits for widely used open source technologies like iTerm2. Mozilla is an open source company, and the funding MOSS provides is one of the key ways that we continue to ensure the open source ecosystem is healthy and secure.

iTerm2 is one of the most popular terminal emulators in the world, and frequently used by developers. MOSS selected iTerm2 for a security audit because it processes untrusted data and it is widely used, including by high-risk targets (like developers and system administrators).

Read more

What are Linux containers?

Filed under
GNU
Linux

Programs used to be made by creating large monolithic scripts, however, a lot has changed in the last two decades. There are now prominent methods in manufacturing applications that use small, self-contained programs in tandem to add extra functionality to hardware.
Linux containers (LXC) are an operating system (OS) level virtualization method that allows for multiple isolated Linux systems to run on the single Linux kernel of a control host. Meaning that these programs are isolated in individual user-spaces and operate at the OS level. These containers are self-contained and lightweight, holding very few components, making them a powerful tool for adding applications to a system without worrying about dependency errors.

Developers can use containers to package an application with the libraries, dependencies and other files it needs to run, without the host needing to install extra assets. In this way, containers can be installed and work on any Linux system that supports container functionality regardless of configuration

Read more

Audiocasts/Shows: LINUX Unplugged, mintCast and Chat With Executive Producer at Linux Academy

Filed under
Interviews
  • Just Enough VPN | LINUX Unplugged 322

    We reveal our secrets for bridging networks with WireGuard and Linux-powered networking.

    Plus the future of OpenPGP in Thunderbird, a disappointing update for the Atari VCS, and a shiny new Spotify client for your terminal.

  • mintCast 319 – New Mumble

    First up, in our Wanderings, I talk Dynamic DNS, Tony is writing articles, Moss test drives EndeavourOS, Josh visited Media City, and Joe relaxes with fiction.

    Then, our news: CentOS 8 and Mumble 1.3 are released, Ubuntu 19.10 is almost here, the GNOME Foundation and Docker navigate rough seas, and more.

  • A Chat with Angela Fisher | Jupiter Extras 21

    Brent sits down with Angela Fisher, Executive Producer at Linux Academy, Jupiter Broadcasting co-founder, co-host of many JB productions including The FauxShow, and Tech Talk Today, among others. We touch on a variety of topics including the early beginnings of Jupiter Broadcasting, the origins of Brunch with Brent, aswell as many that are closer to her heart - from painting to parenting.

The BlueMail Email Client is Now Available for Linux

Filed under
Software

The app boasts support for IMAP, Exchange & POP3 as well as all the leading web-mail providers and private mail server configurations.

“With this expansion to Linux, BlueMail is now able to serve a large professional market. Users can benefit from a single, modern user experience across all of their devices without compromising on premium features, security, or privacy,” Blix Inc, makers of BlueMail say.

Until today I had never heard of this app or service — but I’m probably alone because the BlueMail Android app has over 5,000,000 installs (yes, 5 million), and there are iOS and Windows versions available too.

“We set out to make the best email experience from day one and the response from customers has been extremely positive. Developing a platform for Linux was the next step,” Dan Volach, co-founder at Blix, adds.

Read more

Advanced Encryption Options Land in the YaST Partitioner

Filed under
GNU
Linux
SUSE

As you may know, so far the YaST Partitioner offered an “Encrypt Device” checkbox when creating or editing a block device. If such box is marked, the Partitioner asks for an encryption password and creates a LUKS virtual device on top of the device being encrypted.

LUKS (Linux Unified Key Setup) is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it facilitates compatibility among distributions. LUKS stores all necessary setup information in the partition header, enabling to transport or migrate data seamlessly. So far, there are two format specifications for such header: LUKS1 and LUKS2. YaST uses LUKS1 because is established, solid and well-known, being fully compatible with the (open)SUSE installation process and perfectly supported by all the system tools and by most bootloaders, like Grub2.

You should not fix what is not broken. Thus, in most cases, the screen for encrypting a device has not changed at all and it still works exactly in the same way under the hood.

Read more

Ubuntu 19.10 Makes It So Easy To Have Your Desktop Running Off A ZFS File-System

Filed under
Linux
Ubuntu

As we reported this weekend, the Ubuntu desktop installer "Ubiquity" has landed the much anticipated ZFS install support. That's now propagated through to the Ubuntu 19.10 daily ISOs and does indeed make for a quick and easy setup of Ubuntu Eoan running off a root ZFS file-system.

This work landed just a week ahead of next week's official Ubuntu 19.10 debut. For Ubuntu 19.10 the Ubiquity installer allows an "experimental" option of doing a full-disk install of Ubuntu 19.10 with ZFS as the root file-system rather than the default EXT4. For the Ubuntu 20.04 LTS cycle they are expected to work on exposing more of the advanced partitioning features with ZFS. Also, Canonical developers are still working on their Zsys bits and other ZFS On Linux integration improvements.

Read more

Red Hat: Ask Me Anything (AMA) on Red Hat Satellite, Universal Base Image and Presence at DevConf.CZ

Filed under
Red Hat
  • Red Hat Satellite Ask Me Anything Q&A from June and August 2019

    This blog covers the questions and answers during the June and August 2019 Satellite Ask Me Anything (AMA) calls.

    For anyone not familiar, the Satellite AMAs are an "ask me anything" (AMA) style event where we invite Red Hat customers to bring all of their questions about Red Hat Satellite, drop them in the chat, and members of the Satellite product team answers as many of them live as we can during the AMA and we then follow up with a blog post detailing the questions and answers.

  • What is Red Hat Universal Base Image?

    Back in May, we launched the Red Hat Universal Base Image (UBI), targeted at developers building containerized applications for the cloud. Since then, we have published an extensive FAQ covering topics ranging from how often UBI is updated, to how the end user license agreement (EULA) allows you to redistribute applications built on it. These are all great fundamental topics to cover, but people still seem to have a lot of questions around what UBI is and what it isn’t.

    If you are a developer and you are trying to figure out whether UBI is right for you, it might be easier to start by first explaining what it isn’t.

  • DevConf.CZ and Open TestCon CfPs open

    DevConf.CZ is looking for workshops, discussion sessions, and presentations, with a variety of length options available. This large community conference has tracks for a variety of topics including community, IoT, cloud/containers, microservices, networking, desktop, and documentation. And like in years past, there is a dedicated Fedora track. If you weren’t ready to give a presentation at Flock — or if you want to give it to a broader audience — this is your chance. You can submit proposals through the DevConf.cz CfP portal through 1 November.

GNOME Shell & Mutter 3.34.1 Deliver On Their Prominent Fixes

Filed under
GNOME

There weren't out in time for yesterday's formal GNOME 3.34.1 point release, but GNOME Shell and Mutter have out their prominent point releases today that are exciting on the correction front.

GNOME Shell 3.34.1 is heavy on the fixes. Prominent work there includes allowing the editing of app folder names, making menu animations more consistent, improving performance when enabling/disabling all extensions, fixing screen dimming on idle, crash fixes, and a variety of animation fixes. There is also the code for Wayland fullscreen compositing bypass and other fixes.

Read more

Firefox 71: new kiosk mode for the browser

Filed under
Moz/FF

Mozilla plans to integrate kiosk mode functionality in version 71 of the Firefox web browser that users of the browser may launch from the command line.

First requested more than 17 years ago, work on integrating a kiosk mode in the Firefox web browser started five months ago. Current Firefox Nightly versions support the new mode already.

Kiosk mode refers to a special display mode that launches the browser without interface elements in fullscreen. It is different from the browser's fullscreen mode that users can activate with a tap on the F11-key on the keyboard. F11 switches the browser to fullscreen and removes interface elements by default, but these can be displayed by moving the mouse to the top; additionally, another tap on F11 exits fullscreen mode again and restores the default browsing mode.

Read more

Also: Future OpenPGP Support in Thunderbird

Programming: Rust, IDEs and Qt 5.14.0 Beta

Filed under
Development
  • Why to choose Rust as your next programming language

    Choosing a programming language for a project is often a complicated decision, particularly when it involves switching from one language to another. For many programmers, it is not only a technical exercise but also a deeply emotional one. The lack of known or measurable criteria for picking a language often means the choice digresses into a series of emotional appeals.

    I've been involved in many discussions about choosing a programming language, and they usually conclude in one of two ways: either the decision is made using measurable, yet unimportant criteria while ignoring relevant, yet hard to measure criteria; or it is made using anecdotes and emotional appeals.

  • Start developing in the cloud with Eclipse Che IDE

    In the many, many technical interviews I've gone through in my professional career, I've noticed that I'm rarely asked questions that have definitive answers. Most of the time, I'm asked open-ended questions that do not have an absolutely correct answer but evaluate my prior experiences and how well I can explain things.

    [...]

    When I was a student at the University of Texas at Austin, most of my computer science courses were taught in Java. And as an enterprise developer working for different companies, I have mostly worked with Java to build various enterprise-level applications. So, I know Java, and most of the time I've developed with Eclipse. I have also used the Spring Tools Suite (STS), which is a variation of the Eclipse IDE that is installed with Spring Framework plugins, and IntelliJ, which is not exactly open source, since I prefer its paid edition, but some Java developers favor it due to its faster performance and other fancy features.

    Regardless of which IDE you use, installing your own developer IDE presents one common, big problem: "It works on my computer, and I don't know why it doesn't work on your computer."

  • Qt 5.14.0 Beta1 Released

    I am happy to announce that Qt 5.14.0 Beta1 is released today. We will release updates as Beta N regularly until we are ready for RC. Current estimation for RC is 12th November 2019, see the schedule from 5.14 wiki.

    Beta1 (and later releases) can be installed by using online installer. Commercial users can find the online installer from their Qt Account and Opensource users from qt.io download page. Separate Beta1 source packages are also available in Qt Account and download.qt.io.

  • Qt 5.14 Rolls To Beta Stage With Graphics API Independent Scenegraph Renderer

    Qt 5.14 is an exciting update with the initial API-independent scenegraph renderer for Qt Quick that supports Vulkan, Metal, Direct3D 11, and still OpenGL fallbacks. The Vulkan support for Qt continues maturing. Qt 5.14 also has continued HiDPI improvements, a threading overhaul to Qt 3D, Qt Multimedia now supports GStreamer OpenGL, updated Qt WebEngine, Qt Quick Timeline introduction, and many other changes.

Top Photo Metadata Editors (Updated 2019)

Filed under
GNU
Linux
Software

A metadata editor is computer software which allows users to view and edit metadata tags interactively and save them in the graphics file. So, metadata is information that is part of the image file and contains information about the image itself and the creation of the image. It can set textual information such as title, description, exposure time, ISO value, focal length, and copyright. Some modern digital cameras and camera phones are GPS enabled and they can save the location co-ordinates (latitude and longitude) with the photographs. Metadata editors can also set geolocation information by browsing a map or setting coordinates directly, which is particularly useful for cameras without GPS. There are many reasons why users might wish to modify metadata of photographs.

This “metadata” is embedded into photographs using the standard Exif format that can easily be read by image editing programs as well as online photo sharing websites like Flickr.

To provide an insight into the quality of software that is available, we have compiled a list of the finest metadata editors available for Linux. We have whittled the available range down to the top 6 superior tools for metadata management.

Read more

EasyOS Buster-series version 2.1.6 released

Filed under
GNU
Linux
Debian

There are some bug fixes, but the big news is the incorporation of the 'nm-applet' GUI tray applet, for network management. The source is patched so as to integrate with EasyOS. In particular, it can be popped-up by clicking on the "connect" icon on the desktop -- after booting 2.1.6, try it!
Networkmanager is now better integrated, so that the user can switch between the older network management systems, such as SNS and PupDial. The Connection Wizard is still available by right-clicking on the "connect" icon, or in the Setup menu.

Read more

Android Leftovers

Filed under
Android
  • Android Security Patch for October 2019 Rolls Out to Fix 28 Vulnerabilities

    Google has released the Android Security Patch for October 2019 to address the latest security vulnerabilities and issue affecting its supported Pixel devices.
    Consisting of the 2019-10-01 and 2019-10-05 security patch levels, the Android Security Patch for October 2019 is here to fix a total of 28 security vulnerabilities discovered in various components, such as Android framework, Media framework, Android system, Linux kernel, and Qualcomm components, including closed-source ones.

  • Top 10 Best Lock Screen Apps for Android Device in 2019

    Isn’t it very irritating when someone uses your phone without your permission? I know, it is. None of us ever want such a situation. Today, I am here with an easy solution for this awkward moment. To avoid such a situation, all you need is a secure lock screen app. In PlayStore, you will find thousands of lock screen apps. But the problem is all of them are not safe and so don’t deserve to give a try on. So, I have made a list of Best Lock Screen Apps for Android.

  • Top 10 Best Translator Apps for Android Device in 2019

    When you move on to a new country for traveling, for any business trip, or on holiday language becomes a vital barrier. A good translator app for your Android device can become a useful aid in this regard. It revokes the challenge of mastering a fresh language. These apps will provide assistance to speak, read, and understand an unknown language instantly.

David Edmundson Improving KDE Plasma and GNOME's Tobias Mueller Speaks in ARES 2019

Filed under
KDE
GNOME
  • Improving Plasma’s Rendering (Part 1/2)

    Many parts of Plasma are powered by QtQuick, an easy to use API to render shapes/text/buttons etc.
    QtQuick contains a rendering engine powered by OpenGL making full use of the graphics card keeping our drawing super fast, super lightweight and in general amazing…when things work.

  • Tobias Mueller: Talking at ARES 2019 in Canterbury, UK

    The opening keynote was given by Alistair MacWilson from Bletchley Park. Yeah, the same Bletchley Park which Alan Turing worked at. He talked about the importance of academia in closing the cybersecurity talent gap. He said that the deficit of people knowing anything about cybersecurity skills is 3.3M with 380k alone in Europe, but APAC being desperately short of 2.1M professionals. All that is good news for us youngsters in the business, but not so good, he said, if you rely on the security of your IT infrastructure… It’s not getting any better, he said, considering that the number of connected devices and the complexity of our infrastructure is rising. You might think, he said, that highly technical skills are required to perform cybersecurity tasks. But he mentioned that 88% of the security problems that the global 5000 companies have stem from human factors. Inadequate and unfocussed training paired with insufficient resources contribute to that problem, he said. So if you don’t get continuous training then you will fall behind with your skill-set.

    There were many remarkable talks and the papers can be found online; albeit behind a paywall. But I expect SciHub to have copies and authors to be willing to share their work if you ask. Anyway, one talk I remember was about delivering Value Added Services to electric vehicle charging. They said that it is currently not very attractive for commercial operators to provide charging stations, because the margin is low. Hence, additional monetisation in form of Value Added Services (VAS) could be added. They were thinking of updating the software of the vehicle while it is charging. I am not convinced that updating the car’s firmware makes a good VAS but I’m not an economist and what do I know about the world of electric vehicles. Anyway, their proposal to add VAS to the communication protocol might be justified, but their scenario of delivering software updates over that channel seems like a lost opportunity to me. Software updates are currently the most successful approach to protecting users, so it seems warranted to have an update protocol rather than a VAS protocol for electric vehicles.

Python Programming Leftovers

Filed under
Development
  • PyCon ES 2019 Alicante Highlights

    Last weekend it was Pycon time again, my 6th one so far. This time closer to home: Alicante.

    I had an awesome time, meeting a lot of nice people, watching interesting talks and getting inspired overall to keep learning more Python.

  • Python for NLP: Neural Machine Translation with Seq2Seq in Keras

    This is the 22nd article in my series of articles on Python for NLP. In one of my previous articles on solving sequence problems with Keras, I explained how to solve many to many sequence problems where both inputs and outputs are divided over multiple time-steps. The seq2seq architecture is a type of many-to-many sequence modeling, and is commonly used for a variety of tasks such as Text-Summarization, chatbot development, conversational modeling, and neural machine translation, etc.

    In this article, we will see how to create a language translation model which is also a very famous application of neural machine translation. We will use seq2seq architecture to create our language translation model using Python's Keras library.

    It is assumed that you have good knowledge of recurrent neural networks, particularly LSTM. The code in this article is written in Python with the Keras library. Therefore, it is assumed that you have good knowledge of the Python language, as well as the Keras library. So, without any further ado, let's begin.

  • Find the position of the only odd number within a list with Python

    In this example, we will write a python function that will return the position of the only odd number within the number list. If there is no odd number within that list then the function will return -1 instead.

  • Python 2.7.17rc1

    Python 2.7.17 release candidate 1 is a prelease for a bugfix release in the Python 2.7 series.

  • Python 2.7.17 release candidate 1 available

    A release candidate for the upcoming 2.7.17 bug fix release is now available for download.

  • Wing Python IDE 7.1.2 - October 7, 2019

    Wing 7.1.2 adds a How-To for using Wing with Docker, allows disabling code warnings from the tooltip displayed over the editor, adds support for macOS 10.15 (Catalina), supports code folding in JSON files, adds optional word wrapping for output in the Testing tool, and fixes about 25 minor usability issues.

  • Pytest-cov support for who-tests-what

Games: Indivisible, Top 7 Best PSP Emulators for Android, Cecconoid, Orx, Hexa Trains and GGPO

Filed under
Gaming
  • Indivisible, the action RPG platformer from the creator of Skullgirls is out now

    It's been a long road, after being announced back in 2015 with a successful crowdfunding campaign on IndieGoGo it very much delivers. Honestly, I don't know where to really start with Indivisible. It's blown me away. This might be one of the most colourful and gorgeously designed games I've played in a very long time. It reminds me of the first time I played Bastion, it looks incredible.

  • Top 7 Best PSP Emulators for Android Device in 2019

    Gaming companies have produced special games for Playstation which are not often available for Android. So, it has become a great problem for them who love to play new and updated games but cannot afford a PlayStation. But technology doesn’t stay silent and has introduced us to new technology. It is the PSP emulator. You can easily run your favorite PSP games on your Android device using this PSP Emulators.

    [...]

    Here, you will find 7 innovative PSP emulators for Android. So, whatever devices you are using, you can use it if it is compatible with the PSP game you are going to run. So, just read out the important features to understand the specifications and choose the best PSP emulator for your device.

  • 8-bit inspired, flip-screen, twin-stick-shooter 'Cecconoid' is out with Linux support

    Triple Eh? Ltd yesterday released Cecconoid, an 8-bit inspired twin-stick shooter with a flip-screen mechanic where you go through a series of rooms and blow everything up.

  • Looking to make 2D games? Perhaps the Orx game engine might be suitable for you

    One we've never covered before at all is the free and open source Orx. A lightweight, plugin-based, data-driven and extremely easy to use 2D-oriented game engine.

    There's tons of game engines out there, quite a lot of them open source too. Recently we covered GDevelop, Godot Engine and ct.js so here's another one that might take your interest. Designed to be fully cross-platform across Linux, MacOS, Windows and mobile devices the feature list it offers is rather impressive.

  • Developed on Linux, the train transportation sim 'Hexa Trains' is out now

    After an unsuccessful Kickstarter campaign, solo developer Bram Stolk has released Hexa Trains on Steam. Developed on Linux, this unusually styled transportation sim certainly looks interesting. Note: Key provided to our Steam Curator.

    Stolk is the same developer who previously made The Little Crane That Could, which released back in 2015 on Steam and it ended up rather popular on mobile. Nice to see a familiar name return with something completely different. Hexa Trains is all about railroads, building up a successful and smooth transport service across a planet as you link stations across it to various resource buildings.

  • GGPO, a rollback networking SDK for peer-to-peer games has gone open source

    Oh how I do love to see more projects go open source! GGPO, a rollback networking SDK for peer-to-peer games that's designed to help hide network latency in fast-paced games that requires precise inputs is now on GitHub.

    Created originally by Tony Cannon, one of the founders of the Evolution Championship Series (EVO), GPPO is a well-known middleware in the fighting game scene. It's used in a number of games including Skullgirls, Brawlhalla, Fantasy Strike, Dragon Ball: Zenkai Battle, Killer Instinct and the list goes on. Cannon announced the change in licensing on Twitter earlier today.

Using the Elgato Stream Deck on Linux just got a whole lot easier with streamdeck_ui

Filed under
GNU
Linux
Software

If you're a livestreamer, video creator or anything like that then the Elgato Stream Deck seems like an incredible useful bit of kit. However, it doesn't have official Linux support. Not so much a problem now.

The Stream Deck is a handy little pad with a bunch of LCD buttons, that allows you to configure each button to some sort of action and image. You could use it to one-touch launch an animation, show your contact details on screen, switch to a difference scene in OBS Studio and so on. There's a huge amount you can do with it and not having Linux support was a shame.

Announcing the release of streamdeck_ui on their blog, developer Timothy Crosley hooked into the also open source Python Elgato Stream Deck Library project to create a fully featured interface for working with the Stream Deck hardware on Linux.

Read more

How to Unzip a File in Linux Terminal

Filed under
HowTos

Learn how to unzip a file in Ubuntu and other Linux distributions. Both terminal and GUI methods have been discussed.
Read more

Syndicate content

More in Tux Machines

FOSS in SaaS/Back End/Databases

  • What to expect from Scylla Summit 2019

    Scylla (the company) takes its name directly from Scylla [pronounced: sill-la], a Greek god sea monster whose mission was to haunt and torment the rocks of a narrow strait of water opposite the Charybdis whirlpool. Outside of Greek history, Scylla is an open source essentially distributed NoSQL data store that uses a sharded design on each node, meaning each CPU core handles a different subset of data.

  • Licence to grill: A year on, MongoDB's Eliot Horowitz talks to The Reg about SSPL

    A year after its controversial switch to the Server Side Public License (SSPL), and with new products livening up the summer, MongoDB remains unrepentant. The change was aimed at making vendors selling a service using the company's code share the source of applications used to run the service as well as any tweaks. The move appeared to be aimed squarely at cloud vendors, content to "capture all the value and give nothing back to the community," as Dev Ittycheria, CEO of MongoDB, told us at the time. Elements of the open source community were less than impressed. The Open Source Initiative (OSI) rejected the company's attempts to get the licence approved and eventually MongoDB withdrew the thing from the process, although the company continued to use it for its own products. Indeed, at MongoDB's London .Local event, where we met co-founder and CTO Eliot Horowitz, the company was trumpeting the opening up of its Compass GUI for MongoDB under the SSPL.

  • From Russia with OLAP: Percona uses ClickHouse analytics

    At Percona Live Europe last week, one such example came up around the open source scene that is developing in Russia and how one of the projects that is now starting to open up to international use.

  • The love and the lament: Percona CEO details state of open source data

    Open source has changed, obviously it has. Starting from its origins among the hobbyist programmers and hackers who dared to defy the proprietary Silicon Valley behemoths, the open community-centric model for software development has now been widely adopted by the commercial software sector. In many cases, open source has become the norm for modern platforms, tools and applications. But how has this affected the nature of open development and what impact has this shift left in its wake on the data landscape that we view today?

  • GraphDB 9.0 Open Sources Its Front End and Engine Plugins to Support Knowledge Graph Solutions

    Ontotext has announced GraphDB 9.0, which is aimed at lowering the effort required for development and continuous operation of knowledge graphs by opening multiple integration extension points for its users and developers. GraphDB is a database for managing semantic information with more than 30 large production installations in big enterprises. With the growing complexity of enterprise data integration, many organizations are starting the journey of building knowledge graphs.

  • Ververica Announces Open Source Framework to Enable Lightweight, Stateful Applications at Scale

    Ververica, the original creators of Apache Flink, today announced at Flink Forward Europe the launch of Stateful Functions (statefun.io), an open source framework that reduces the complexity of building and orchestrating stateful applications at scale. Stateful Functions enables users to define loosely coupled, independent functions with a low footprint that can interact consistently and reliably in a shared pool of resources. Ververica will propose the project, licensed under Apache 2.0, to the Apache Flink community as an open source contribution.

  • DataStax offers bidirectional data dexterity for Apache Kafka

    DataStax has opened up ‘early access’ to its DataStax Change Data Capture (CDC) Connector for Apache Kafka, the open source stream-processing (where applications can use multiple computational units, similar to parallel processing) software platform. As a company, DataStax offers a commercially supported ‘enterprise-robust’ database built on open source Apache Cassandra. Stream processing is all about speed and cadence, so, the DataStax CDC Connector for Apache Kafka gives developers ‘bidirectional data movement’ between DataStax, Cassandra and Kafka clusters.

Security: WireGuard, SafeBreach and More

  • WireGuard Snapshot `0.0.20191012` Available
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    Hello,
    
    A new snapshot, `0.0.20191012`, has been tagged in the git repository.
    
    Please note that this snapshot is a snapshot rather than a final
    release that is considered secure and bug-free. WireGuard is generally
    thought to be fairly stable, and most likely will not crash your
    computer (though it may).  However, as this is a snapshot, it comes
    with no guarantees; it is not applicable for CVEs.
    
    With all that said, if you'd like to test this snapshot out, there are a
    few relevant changes.
    
    == Changes ==
    
      * qemu: bump default version
      * netns: add test for failing 5.3 FIB changes
      
      Kernels 5.3.0 - 5.3.3 crash (and are probably exploitable) via this one liner:
      
      unshare -rUn sh -c 'ip link add dummy1 type dummy && ip link set dummy1 up && ip -6 route add default dev dummy1 && ip -6 rule add table main suppress_prefixlength 0 && ping -f 1234::1'
      
      We fixed this upstream here:
      
      https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=ca7a03c4175366a92cee0ccc4fec0038c3266e26
      
      This is relevant to WireGuard because a very similar sequence of commands is
      used by wg-quick(8).
      
      So, we've now added some tests to catch this code path in the future. While
      the bug here was a random old use-after-free, the test checks the general
      policy routing setup used by wg-quick(8), so that we make sure this continues
      to work with future kernels.
      
      * noise: recompare stamps after taking write lock
      
      We now recompare counters while holding a write lock.
      
      * netlink: allow preventing creation of new peers when updating
      
      This is a small enhancement for wg-dynamic, so that we can update peers
      without readding them if they've already been removed.
      
      * wg-quick: android: use Binder for setting DNS on Android 10
      
      wg-quick(8) for Android now supports Android 10 (Q). We'll be releasing a new
      version of the app for this later today.
    
    This snapshot contains commits from: Jason A. Donenfeld and Nicolas Douma.
    
    As always, the source is available at https://git.zx2c4.com/WireGuard/ and
    information about the project is available at https://www.wireguard.com/ .
    
    This snapshot is available in compressed tarball form here:
      https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20191012.tar.xz
      SHA2-256: 93573193c9c1c22fde31eb1729ad428ca39da77a603a3d81561a9816ccecfa8e
      BLAKE2b-256: d7979c453201b9fb6b1ad12092515b27ea6899397637a34f46e74b52b36ddf56
    
    A PGP signature of that file decompressed is available here:
      https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20191012.tar.asc
      Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE
    
    If you're a snapshot package maintainer, please bump your package version. If
    you're a user, the WireGuard team welcomes any and all feedback on this latest
    snapshot.
    
    Finally, WireGuard development thrives on donations. By popular demand, we
    have a webpage for this: https://www.wireguard.com/donations/
    
    Thank you,
    Jason Donenfeld
    
  • WireGuard 0.0.20191012 Released With Latest Fixes

    WireGuard is still working on transitioning to the Linux kernel's existing crypto API as a faster approach to finally make it into the mainline kernel, but for those using the out-of-tree WireGuard secure VPN tunnel support, a new development release is available.

  • SafeBreach catches vulnerability in controversial HP Touchpoint Analytics software

    Now the feature is embroiled in another minor controversy after security researchers at SafeBreach said they uncovered a new vulnerability. HP Touchpoint Analytics comes preinstalled on many HP devices that run Windows. Every version below 4.1.4.2827 is affected by what SafeBreach found. In a blog post, SafeBreach Labs security researcher Peleg Hadar said that because the service is executed as "NT AUTHORITY\SYSTEM," it is afforded extremely powerful permissions that give it wide access. "The CVE-2019-6333 vulnerability gives attackers the ability to load and execute malicious payloads using a signed service. This ability might be abused by an attacker for different purposes such as execution and evasion, for example: Application Whitelisting Bypass Signature Validation Bypassing," Hadar wrote. [...] The company has long had to defend HP Touchpoint Analytics against critics who say it gives HP unnecessary access to users' systems. When it first became widely noticed in 2017, dozens of users complained that they had not consented to adding the system.

  • Security Tool Sprawl Reaches Tipping Point
  • How trusted digital certificates complement open source security

    Application developers incorporating open source software into their designs may only discover later that elements of this software have left them (and their customers) exposed to cyber-attacks.

  • Securing the Container Supply Chain

FOSS in Finance/Currency Leftovers

Programming Leftovers

  • Xilinx unveils open source FPGA platform

    The Vitis unified software platform from FPGA vendor Xilinx is the result of five-year project to create software development tools using familiar languages like C++ and Python to develop a wide range of applications for its reprogrammable chip.

  • Listen: How ActiveState is tackling “dependency hell” by providing enterprise-level support for open source programming languages [Podcast]

    “Open source back in the late nineties – and even throughout the 2000s – was really hard to use,” ActiveState CEO Bart Copeland says. “Our job,” he continues, “was to make it much easier for developers to use open source and much easier for enterprises to use open source.”

  • 10 open source projects proving the power of Google Go

    Now 10 years in the wild, Google’s Go programming language has certainly made a name for itself. Lightweight and quick to compile, Go has stirred significant interest due to its generous libraries and abstractions that ease the development of concurrent and distributed (read: cloud) applications. But the true measure of success of any programming language is the projects that developers create with it. Go has proven itself as a first choice for fast development of network services, software infrastructure projects, and compact and powerful tools of all kinds.

  • The Eclipse Foundation Launches The Eclipse Cloud Development Tools Working Group for Cloud Native Software

    The Eclipse Foundation today announced the launch of the Eclipse Cloud Development Tools Working Group (ECD WG), a vendor-neutral open source collaboration that will focus on development tools for and in the cloud. The ECD WG will drive the evolution and broad adoption of emerging standards for cloud-based developer tools, including language support, extensions, marketplaces, and developer workspace definition. Founding members of the ECD WG include Broadcom, EclipseSource, Ericsson, IBM, Intel, Red Hat, SAP, Software AG, and Typefox among many others.

  • You cannot cURL under pressure

    With cURL having this many features (with the general mass of them being totally unknown to me, let alone how you use them) got me thinking… What if you could do a game show style challenge for them?

  • Follow-up on ‘ASCII Transliteration without ICU or iconv’

    By an anonymous commenter, I got pointed to that Unicode (in Qt) is slightly more complicated than I had considered when writing the code: I missed to handle planes beyond the Basic Multilingual Plane (BMP) and the ‘surrogates’ between code points 0xD800 and 0xDFFF. In a series of recently pushed Git commits I addressed problem of surrogates and fixed some more issues. Some preparatory work has been done to support more planes in the future, but as of now, only the BMP is supported. For details, please have a look at the five commits posted on 2019-10-12.