Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 18 Oct 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Devices/Embedded: Win Enterprises and Raspberry Pi 4

Filed under
Hardware
  • Win Enterprises unveils Atom-based LAN gateway and compact SBC

    Win Enterprises unveiled a fanless “PL-82000” networking gateway with 6x GbE and 2x SFP ports based on an Atom C3000. It also launched a Raspberry Pi sized “MB-5000” SBC that runs Ubuntu or Win 10 on Intel Apollo Lake.

    We tend to forget Win Enterprises because as its name suggests, the company typically sticks to Windows-supported products. Yet, they have increasingly produced barebones products without listed OS support, such as the new PL-82000 networking appliance, as well as Linux supported systems such as the MB-5000 SBC announced back in June. (In 2017, we covered an Intel Bay Trail based MB-80580 SBC and Win IoT-380 Gateway with Linux support.)

  • Raspberry Pi 4 PCI Express: It actually works! USB3, SATA… GPUs?

    Recently, Tomasz Mloduchowski posted a popular article on his blog detailing the steps he undertook to get access to the hidden PCIe interface of Raspberry Pi 4: the first Raspberry Pi to include PCIe in its design. After seeing his post, and realizing I was meaning to go buy a Raspberry Pi 4, it just seemed natural to try and replicate his results in the hope of taking it a bit further. I am known for Raspberry Pi Butchery, after all.

  • Raspberry Pi 4 B+ - PCI Express

    Why did I do it? Because I wanted to see if it can be done. Because Raspberry Pi 4 might be the cheapest device that is PCIe capable after a relatively minor modification (if I didn't lift the capacitors when desoldering the VL805, this is literally 12 soldering points). That, in turn, can be quite handy for developing own PCIe cores for various FPGA based experiments.

    I'm sharing it to allow people to learn from this - and to dispel the myth that PCIe is somehow out of reach of hobbyists due to some concerns over signal integrity or complexities. Stay tuned for more Pi4/PCIe experimentation!

OSS: Odoo, WordPress, MongoDB vs. MySQL

Filed under
OSS
  • What's New in Odoo 13?

    Fast, Simple and Effective Business Management- this is the motto of Odoo, the leading open source ERP of the globe. And this is what makes Odoo the prominent and most favorite choice among business enterprises. With the release of Odoo 13, the open-source ERP has become all more fit and robust to meet the diversified needs of businesses. With Odoo 13 users can go along with better designs and customizations.
    With each version release, Odoo makes it a point to bring in major and minor improvements in the application, alongside a set of new features for improving the user interface and functionality of the user. The users worth 3.4 million is the evidence of Odoo being the finest application for business management.

  • Becoming Better Digital Citizens Through Open Source

    The WordPress Project is on a mission to democratize publishing. As WordPress empowers more people to participate in the digital space, we have the opportunity to make sure that everyone can participate safely and responsibly. Today marks the start of Digital Citizenship Week. We are going to share how open source can be used as a tool for learners (regardless of age) to practice and model the essential parts of being a good digital citizen.

    [...]

    Digital Citizenship is for all age groups. Anyone who uses the internet on a computer, mobile device or a TV is a digital citizen. You don’t have to be tech-savvy already, maybe you are taking your first steps with technology. Digital Citizenship Week is a chance to reflect together on our impact on the digital world. It can help us to make our consumption more considered and our interaction friendlier. It enables us to make a positive difference to those around us.

    All of us can strive (or learn) to become better digital citizens. It can be affected by the access those teaching have had to digital skills and good practice. Adult education classes and community tech hubs play a part in basic tech skill development. Unfortunately, these are not always accessible to those in less populated geographic locations. 

    Open source communities like WordPress already make a difference in encouraging the principles of digital citizenship, from sharing tech skills to improving security knowledge. They give people an opportunity to learn alongside their peers and many of the resources are available regardless of location, resources, or skills.

  • MongoDB vs. MySQL: How to choose

    During the dot-com bubble in the 1990s, one common software stack for web applications was LAMP, which originally stood for Linux (OS), Apache (web server), MySQL (relational database), and PHP (server programming language). MySQL was the preferred database mostly because it was free open source and had good read performance, which fit well with “Web 2.0” apps that dynamically generated sites from the database.

    Later the MEAN stack, which stood for MongoDB (document database), Express (web server), AngularJS (front-end framework), and Node.js (back-end JavaScript runtime), came to prominence. The MEAN stack was attractive, among other reasons, because the only language you needed to know was JavaScript. It also needed less RAM than an equivalent LAMP stack.

Security: XML External Entity (XXE) Example and the Latest Patches

Filed under
Security
  • XML External Entity (XXE) Example

    According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

    If a parser accepts unsanitized XML, we can take advantage of that and send our own crafted external XML payload to exploit our target. This post won’t be long so let’s get into it.

  • Security updates for Monday

    Security updates have been issued by Arch Linux (chromium, sdl, and unbound), Debian (clamav, libdatetime-timezone-perl, openssl, tcpdump, and tzdata), Fedora (cutter-re, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-parent, libapreq2, ming, opendmarc, radare2, and thunderbird), openSUSE (chromium), Oracle (kernel), and SUSE (axis, jakarta-commons-fileupload, kernel, sles12sp3-docker-image, sles12sp4-image, system-user-root, and webkit2gtk3).

Get to know Oracle Linux Virtualization Manager

Filed under
Linux

Linux Virtualization Manager can manage multiple on-premises hosts running Oracle Linux KVM. Oracle enhanced Linux KVM in the Unbreakable Enterprise Kernel (UEK) Release 5, an OS kernel tested and optimized for Oracle Linux 7 Update 5.

Because Linux KVM is the same hypervisor used for Oracle Cloud Infrastructure, admins have an easy migration path from the Linux Virtualization Manager environment to the Oracle Cloud platform. Linux Virtualization Manager also supports importing and exporting software appliances based on the Open Virtualization Format and Open Virtualization Archive standards.

Oracle based Linux Virtualization Manager on the oVirt project, an open source virtualization platform developed by Red Hat. Linux Virtualization Manager relies on the oVirt engine for discovering KVM hosts and configuring storage and network resources. The platform supports KVM administration for multinode environments, offering a large-scale, centralized management platform for server and desktop virtualization.

Read more

Python 3.8 Released

Filed under
Development
  • Python 3.8.0

    Python 3.8.0 is the newest major release of the Python programming language, and it contains many new features and optimizations.

  • Cool New Features in Python 3.8

    The newest version of Python is released today! Python 3.8 has been available in beta versions since the summer, but on October 14th, 2019 the first official version is ready. Now, we can all start playing with the new features and benefit from the latest improvements.

    What does Python 3.8 bring to the table? The documentation gives a good overview of the new features. However, this article will go more in depth on some of the biggest changes, and show you how you can take advantage of Python 3.8.

Linux Fu: Python GUIs For Command Line Programs (Almost) Instantly

Filed under
Development
GNU
Linux
HowTos

Not every programmer likes creating GUI code. Most hacker types don’t mind a command line interface, but very few ordinary users appreciate them. However, if you write command line programs in Python, Gooey can help. By leveraging some Python features and a common Python idiom, you can convert a command line program into a GUI with very little effort.

The idea is pretty simple. Nearly all command line Python programs use argparse to simplify picking options and arguments off the command line as well as providing some help. The Gooey decorator picks up all your options and arguments and creates a GUI for it. You can make it more complicated if you want to change specific things, but if you are happy with the defaults, there’s not much else to it.

At first, this article might seem like a Python Fu and not a Linux Fu, since — at first — we are going to focus on Python. But just stand by and you’ll see how this can do a lot of things on many operating systems, including Linux.

Read more

Also: Applying C - Running Programs With Systemd

Compilers Leftovers

Filed under
Development
  • LLVM "Stack Clash" Compiler Protection Is Under Review

    Two years after the "Stack Clash" vulnerability came to light, the LLVM compiler is working on adding protection against it similar to the GCC compiler mitigation.

    The Stack Clash vulnerability pertains to clashing/smashing another program's stack while circumventing existing stack protections at the time. Stack Clash opens up the door to memory corruption and arbitrary code execution. Linux x86/x86_64 wasn't the only one affected but also the BSDs and Solaris. Those unfamiliar with it or wanting to refresh your memory of it can do so via this Qualys blog post with the firm having discovered this vulnerability.

  • pocl v1.4 released

    Please note that there's an official pocl maintenance policy in place. This text describes the policy and how you can get your favourite project that uses OpenCL to remain regression free in the future pocl releases.

  • POCL 1.4 Released For Advancing OpenCL On CPUs - Now Supports LLVM 9.0

    Version 1.4 has been released of POCL, the "Portable Computing Language" implementation that allows for a portable OpenCL implementation to be executed on CPUs as well as optionally targeting other accelerators via HSA or even CUDA devices.

    POCL 1.4 brings support for LLVM Clang 9.0, with that open-source compiler stack doing a lot of POCL's heavy lifting. Support meanwhile for pre-6.0 LLVM releases were removed. POCL 1.4 also adds support for building relocatable POCL binaries and improves SPIR/SPIR-V support for CPU devices.

starship – elegant cross-shell prompt at your fingertips

Filed under
Software

The Command Line Interface (CLI) is a way of interacting with your computer. And if you ever want to harness all the power of Linux, it’s highly recommended to master it. It’s true the CLI is often perceived as a barrier for users migrating to Linux, particularly if they’re grown up using GUI software exclusively. While Linux rarely forces anyone to use the CLI, some tasks are better suited to this method of interaction, offering inducements like superior scripting opportunities, remote access, and being far more frugal with a computer’s resources.

For anyone spending time at the CLI, they’ll rely on the shell prompt. I always seem to gravitate back to Bash even though I’ve used more than a dozen shells over the years. By default, the configuration for Bash on popular distributions identifies the user name, hostname, and the current working directory. I recently reviewed Liquid Prompt, an intelligent and non-intrusive prompt for Bash and zsh.

starship is an alternative to Liquid Prompt. The software aims to show information you need while you’re working, yet being unobtrusive as possible.

Read more

Tired of Windows and Mac OS? Switch to Elementary OS!

Filed under
OS

Elementary OS is one of the most beautiful and clean-looking operating systems available for use in computers. It is fast, open and privacy-oriented. Elementary has its characteristic design philosophy and made aesthetic use of colours. Over the years, this free-to-use operating system has collected heavy praise by reviewers around the world – making it a strong replacement option for both Windows and Mac users.

The initial development of ElementaryOS started with building themes and applications for Ubuntu, which later inspired the developers to transform it into a full-fledged Linux distribution. The first release of the operating system was on 31 March 2011, and so far, it has been through continuous bugfix and major feature updates.

The Elementary OS took shape with the concept of making Linux easier for non-technical users. Instead of terminal-based codes, elementary provides a graphical user interface and settings menus to allow users to perform almost all day-to-day tasks without writing any code.

Read more

Django 3.0 beta 1 released

Filed under
Development

Django 3.0 beta 1 is now available. It represents the second stage in the 3.0 release cycle and is an opportunity for you to try out the changes coming in Django 3.0.

Django 3.0 has a raft of new features which you can read about in the in-development 3.0 release notes.

Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 3.0 final (also, translations will be updated following the "string freeze" when the release candidate is issued). The current release schedule calls for a release candidate in a month from now with the final release to follow about two weeks after that around December 2. Early and often testing from the community will help minimize the number of bugs in the release. Updates on the release schedule schedule are available on the django-developers mailing list.

Read more

SUSE: Highlights of OpenSUSE Asia Summit, Maintaining Enterprise Linux Kernels and More

Filed under
SUSE
  • Highlights of openSUSE Asia Summit 2019

    The openSUSE.Asia Summit is one of the big events for the openSUSE community (i.e. both contributors and users) in Asia. Those who normally communicate online can meet from all over the world, talk in person and have fun. Members of the community share their current knowledge, experience and learn FLOSS technologies around openSUSE. The openSUSE.Asia Summit 2019 took place from October 5 to October 6, 2019 at the Information Technology Department, Faculty of Engineering, Udayana University, Bali.

  • Maintaining Enterprise Linux Kernels

    Forking the Linux kernel and using it as the basis of an Enterprise product is a challenging task. The pace of development in the upstream Linux kernel makes it hard to keep up with all the fixes that need to be backported. This article describes the process we use at SUSE to find and backport potentially required upstream fixes to our kernels.

    [...]

    Every fix that is reported will be evaluated by a developer and either backported to the kernel branches that need it or blacklisted, so that the fix is no longer considered. But who is the best person (or group) to report a fix to?
    The answer is easy if the fix is for a patch that was backported by someone within SUSE as part of a service pack development cycle. In that case the person who backported the patch is tasked with reviewing the associated fix. The same happens with upstream fixes that are authored or committed by a SUSE employee.
    Assigning fixes for patches that are part of the base-kernel is a bit more complicated. To that end we have introduced a maintainer model with an internal list of experts for most parts of the Linux kernel.
    The approach is similar to the MAINTAINERS file in the upstream Linux kernel, but the file at SUSE is simpler. It only contains a list of people and several path-specs per entry. Each potential fix for the base-kernel is matched against the path-specs in the maintainers list and assigned to the best matching entry. The fix is reported to the developers listed in the matching entry.
    But not all fixes could be assigned that way because the SUSE maintainers list does not cover the whole kernel source tree. For the remaining fixes a heuristic is used. It is based on which source code files in the kernel source tree are touched by the backports of each developer. This is matched against the file(s) a fix touches.

  • Suse: Equipped For The Hybrid Multicloud Age

    Linux as an operating system platform as well as other Open Source technologies as core elements are used in SAP infrastructures. This is applicable for Cloud as well as on-premises deployment. Thus, they are equipped for the Hybrid Multicloud age.
    Open Source arrived in the SAP world a long time ago. The Walldorf-based software company contributed to this development when it made the decision to only use the Linux operating system platform along with SAP Hana and Hana-based application solutions such as S/4.

    And the trend towards Linux with NetWeaver-based infrastructures with AnyDB has already provided the impetus for the deep penetration of Linux. The Hana figures quoted by SAP recently (during this year’s Sapphire conference) speak to this significance. The company now has 50,000 Hana licenses. In addition to Linux, other Open Source solutions are used in SAP environments in conjunction with Data Science and the use of Kubernetes. Kubernetes is used for the orchestration of containers as part of SAP Data Hub environments.

Interview with Fabian Mosakowski

Filed under
KDE
Interviews

My name is Fabian Mosakowski and I’m an aspiring illustrator living in France. I’m currently working on my portfolio creating an illustrated fantasy tale called “If Only Blood Was Red”. It deals with what’s left of humans thriving to survive in a land that doesn’t welcome them.

Currently as a hobby artist. I made a few comissions for close relatives but I’d like to make it professional once my portfolio will be done.

Mainly fantasy as it’s the narrative thread of my project but I also mix it with dark art, another genre I really enjoy, to fit the story atmosphere. I also occasionnally work in vectorial or comic book style for lighter projects.

Read more

4 Free and Open Source Alternatives to Adobe Photoshop

Filed under
OSS

Adobe Photoshop is a premium image editing and design tool available for Windows and macOS. Undoubtedly, almost everyone knows about it. It’s that popular. Well, you can use Photoshop on Linux using Windows in a virtual machine or by using Wine – but that is not an ideal experience.

In general, we don’t have a lot of options available as a replacement for Adobe Photoshop. However, in this article, we shall mention some of the best open-source Photoshop alternatives available for Linux (with cross-platform support as well).

Do note that Photoshop is not just a photo editor. It’s used by photographers, digital artists, professional editors for various usage. The alternative software here may not have all the features of Photoshop but you can use them for various task that you do in Photoshop.

Read more

Security Leftovers

Filed under
Security
  • Use sshuttle to build a poor man’s VPN

    Nowadays, business networks often use a VPN (virtual private network) for secure communications with workers. However, the protocols used can sometimes make performance slow. If you can reach reach a host on the remote network with SSH, you could set up port forwarding. But this can be painful, especially if you need to work with many hosts on that network. Enter sshuttle — which lets you set up a quick and dirty VPN with just SSH access. Read on for more information on how to use it.

    The sshuttle application was designed for exactly the kind of scenario described above. The only requirement on the remote side is that the host must have Python available. This is because sshuttle constructs and runs some Python source code to help transmit data.

    [...]

    Depending on the capabilities of your system and the remote system, you can use sshuttle for an IPv6 based VPN. You can also set up configuration files and integrate it with your system startup if desired. If you want to read even more about sshuttle and how it works, check out the official documentation.

  • Hardening Firefox against Injection Attacks

    Firefox not only renders web pages on the internet but also ships with a variety of built-in pages, commonly referred to as about:pages. Such about: pages provide an interface to reveal internal state of the browser. Most prominently, about:config, which exposes an API to inspect and update preferences and settings which allows Firefox users to tailor their Firefox instance to their specific needs.

    Since such about: pages are also implemented using HTML and JavaScript they are subject to the same security model as regular web pages and therefore not immune against code injection attacks. More figuratively, if an attacker manages to inject code into such an about: page, it potentially allows an attacker to execute the injected script code in the security context of the browser itself, hence allowing the attacker to perform arbitrary actions on the behalf of the user.

    To better protect our users and to add an additional layer of security to Firefox, we rewrote all inline event handlers and moved all inline JavaScript code to packaged files for all 45 about: pages. This allowed us to apply a strong Content Security Policy (CSP) such as ‘default-src chrome:’ which ensures that injected JavaScript code does not execute. Instead JavaScript code only executes when loaded from a packaged resource using the internal chrome: protocol. Not allowing any inline script in any of the about: pages limits the attack surface of arbitrary code execution and hence provides a strong first line of defense against code injection attacks.

  • IPFire on AWS: Update to IPFire 2.23 - Core Update 136

    Today, we have updated IPFire on AWS to IPFire 2.23 - Core Update 136 - the latest official release of IPFire.

    This update includes security fixes for OpenSSL and the Linux kernel, an updated Perl, and of course many other fixes throughout the whole system.

  • Pros and cons of event-driven security

    Great news, everyone! Forrester Research says that 95% of all recorded breaches in 2016 came from only three industries: government, technology, and retail. Everyone else is safe... ish, right?

    Hold on for a moment. Tech? Retail? What kind of industry diversification is this? We are, after all, living in 2019, where every business is a tech business. And all of us are continuously selling something, whether it’s an innovative product or an amazing service.

    So what the report should have said is that 95% of all recorded breaches came from attacks on 95% of all businesses both online and offline. And some of the attackers went for the .gov.

    More on the matter, 43% of attackers target small businesses—and that’s a lot considering that, on average, a hack attempt takes place every 39 seconds.

    To top things off, the average cost of a data breach in 2020 is expected to exceed $150 million. These stats sound a bit more terrifying out of context, but the threat is still very much real. Ouch.

Programming: Elana Hashman, Red Hat Pushing Microsoft (.NET) and More

Filed under
Development
  • PyDev of the Week: Elana Hashman

    This week we welcome Elana Hashman (@ehashdn) as our PyDev of the Week! Elana is a director of the Open Source Initiative and a fellow of the Python Software Foundation. She is also the Clojure Packaging Team lead and a Java Packaging Team member. You can see some of her work over on Github. You can also learn more about Elana on her website. Let’s take a few moments to get to know her better!

  • Eclipse Che 7 and the .NET developer

    Eclipse Che 7, an open source in-the-browser development environment, allows you to define custom workspaces for your software development. Think of a workspace as you would think of a development PC: You have an operating system, programming language support, and all the tools necessary to write code. In this article, I’ll introduce the .NET developer to this new world and highlight ways you can use Eclipse Che to your advantage.

  • How to Convert String to Lowercase in Python

    Some times you may require to convert any string to lower case (all letters). This tutorial will help to convert a string (any case) to lower case as showing in the below image.

  • How to fuck up software releases

    I manage releases for a bunch of free & open-source software. Just about every time I ship a release, I find a novel way to fuck it up. Enough of these fuck-ups have accumulated now that I wanted to share some of my mistakes and how I (try to) prevent them from happening twice.

today's howtos

Filed under
HowTos

Games: Tangle Tower, Lawgivers, Fertile Crescent and More

Filed under
Gaming
  • Odds and ends, the Linux and gaming Sunday Section

    Almost time to begin another week full of news, before we do let's run over a few interesting happenings recently.

    Let's start with two bits of recent news about Godot Engine, the free and open source game engine. The 3.2 release cycle is going strong, with a second alpha release now available. A massive list of new features and improvements coming to Godot 3.2 can be found here. What's even more exciting though is the Vulkan work coming with Godot Engine 4.0, with another short progress report post up for it. The new visual frame profiler coming certainly looks useful to help developers squeeze out some more performance.

    More AMD news for you, as it has been reported by Wccftech that AMD now command around 30%+ market share of the CPU market. That's some very impressive growth, pushed forward by the Zen microarchitecture from 2017. As seen in the graph below from cpubenchmark.net, this is the highest they've seen it since 2007.

  • SFB Games to bring Tangle Tower to Linux post-launch if there's enough demand

    British indie studio SFB Games, developer of the highly rated Detective Grimoire are working on a new game called Tangle Tower and with a little push they could bring it to Linux.

    Tangle Tower is a fully voiced point and click murder mystery adventure, set in a strange and twisted mansion. You will need to interrogate suspects and solve unique puzzles as you progress. Looks and sounds like a great game. Sadly though it's currently scheduled to release later this month only for Windows and macOS on October 22nd, so no Linux support at launch.

  • Turn-based political simulation game 'Lawgivers' adds Linux support with the latest update

    Today I came across Lawgivers, a turn-based political simulation game which recently added Linux support and it looks like it could be a lot of fun.

    Since it's a political sim, you will be tasked with leading your party into elections. If you manage to get voted in, you will be responsible for approving laws and shaping your country’s destiny.

  • The completely silly fighting game Foreskin Fury is out in Early Access

    After a short delay, you can now jump into Foreskin Fury and have a cock fight. Yes this is a very real game.

    Made in Unreal Engine, the aptly named Stupid Industries said it started off as a joke and they ended up actually learning Blender and Unreal Engine to turn the joke into something a little more real. Here we are, Foreskin Fury was accepted onto Steam and it supports Linux.

  • The currently free indie RTS 'The Fertile Crescent' should now work better at different resolutions

    The Fertile Crescent is an upcoming in-development indie RTS that feels like a retro Age of Empires and it's really quite good. A new update is out (and it's still free) fixing up the UI for different resolutions.

    I think more of you need to try this one, it's a wonderful little RTS game that I honestly can't wait to see expand. Hopefully now more of you actually will be able to try it, as they've made it so the interface properly scales with your resolution. Previously, there were problems if you had anything other than 1080p. Not only that, most of the interface was actually redesigned and it gives you more information.

  • Chiaki, the open source and cross-platform PS4 Remote Play client now supports the PS4 7.0 update

    Sony recently upgraded the system software on the PlayStation 4 which broke compatibility with the open source Remote Play client Chiaki. The developer acted quickly and a new release is up.

    This is the software we tested out recently and came away pretty impressed with it. Allowing you to stream games from a PlayStation 4 to a Linux desktop, seriously handy stuff since Sony don't support it on Linux officially.

Syndicate content

More in Tux Machines

Security: Linux, Docker and Guix

  • Unpatched Linux bug may open devices to serious attacks over Wi-Fi

    The flaw is located in the RTLWIFI driver, which is used to support Realtek Wi-Fi chips in Linux devices. The vulnerability triggers a buffer overflow in the Linux kernel when a machine with a Realtek Wi-Fi chip is within radio range of a malicious device. At a minimum, exploits would cause an operating-system crash and could possibly allow a hacker to gain complete control of the computer. The flaw dates back to version 3.10.1 of the Linux kernel released in 2013.

  • Docker Attack Worm Mines for Monero
  • Insecure permissions on profile directory (CVE-2019-18192)

    We have become aware of a security issue for Guix on multi-user systems that we have just fixed (CVE-2019-18192). Anyone running Guix on a multi-user system is encouraged to upgrade guix-daemon—see below for instructions. Context The default user profile, ~/.guix-profile, points to /var/guix/profiles/per-user/$USER. Until now, /var/guix/profiles/per-user was world-writable, allowing the guix command to create the $USER sub-directory. On a multi-user system, this allowed a malicious user to create and populate that $USER sub-directory for another user that had not yet logged in. Since /var/…/$USER is in $PATH, the target user could end up running attacker-provided code. See the bug report for more information. This issue was initially reported by Michael Orlitzky for Nix (CVE-2019-17365).

In 2019, multiple open source companies changed course—is it the right move?

Free and open source software enables the world as we know it in 2019. From Web servers to kiosks to the big data algorithms mining your Facebook feed, nearly every computer system you interact with runs, at least in part, on free software. And in the larger tech industry, free software has given rise to a galaxy of startups and enabled the largest software acquisition in the history of the world. Free software is a gift, a gift that made the world as we know it possible. And from the start, it seemed like an astounding gift to give. So astounding in fact that it initially made businesses unaccustomed to this kind of generosity uncomfortable. These companies weren't unwilling to use free software, it was simply too radical and by extension too political. It had to be renamed: "open source." Once that happened, open source software took over the world. Recently, though, there's been a disturbance in the open source force. Within the last year, companies like Redis Labs, MongoDB, and Confluent all changed their software licenses, moving away from open source licenses to more restrictive terms that limit what can be done with the software, making it no longer open source software. Read more Also: Network Time Foundation Joins Open Source Initiative

Red Hat: OpenShift, RHEL, Dependency Analytics, vDPA and More

  • Red Hat Expands the Kubernetes Developer Experience with Newest Version of Red Hat OpenShift 4

    Red Hat, Inc., the world's leading provider of open source solutions, today announced Red Hat OpenShift 4.2, the latest version of Red Hat’s trusted enterprise Kubernetes platform designed to deliver a more powerful developer experience. Red Hat OpenShift 4.2 extends Red Hat’s commitment to simplifying and automating enterprise-grade services across the hybrid cloud while empowering developers to innovate and enhance business value through cloud-native applications.

  • RHEL and Insights combo illuminates threats and spotlights performance for Red Hat systems

    When Red Hat Inc. officially rolled out its Red Hat Enterprise Linux 8, or RHEL 8, operating system in May, the open-source software company also included Red Hat Insights with every subscription for the new release. Based on data supplied by one of the company’s top executives, that has proven to be a wise decision. Insights is a software as a service product that works from a rules-based engine to offer continuous connected analysis of registered Red Hat-based systems. “We’ve seen an 87% increase since May in the number of systems that are linked in,” said Stefanie Chiras (pictured), vice president and general manager of the RHEL Business Unit at Red Hat. “We’re seeing a 33% increase in coverage of rules-based and a 152% increase in customers who are using it. That creates a community of people using and getting value from it, but also giving value back because the more data we have the better the rules get.”

  • What’s new in Red Hat Dependency Analytics

    We are excited to announce a new release of Red Hat Dependency Analytics, a solution that enables developers to create better applications by evaluating and adding high-quality open source components, directly from their IDE. Red Hat Dependency Analytics helps your development team avoid security and licensing issues when building your applications. It plugs into the developer’s IDE, automatically analyzes your software composition, and provides recommendations to address security holes and licensing problems that your team may be missing. Without further ado, let’s jump into the new capabilities offered in this release. This release includes a new version of the IDE plugin and the server-side analysis service hosted by Red Hat.

  • Breaking cloud native network performance barriers

    Up until now we have covered virtio-networking and its usage in VMs. We started with the original vhost-net/virtio-net architecture, moved on to the vhost-user/virito-pmd architecture and continued to vDPA (vHost Data Path Acceleration) where the virtio ring layout was pushed all the way into the NIC providing wiresspeed/wirelatency to VMs. We now turn our attention to using vDPA for providing wirespeed/wirelatency L2 interfaces to containers leveraging kubernetes to orchestrate the overall solution. We will demonstrate how Containerized Network Functions (CNFs) can be accelerated using a combination of vDPA interfaces and DPDK libraries. The vDPA interfaces are added as a secondary interface to containers using the Multus CNI plugin. This post is a high level solution overview describing the main building blocks and how they fit together. We assume that the reader has an overall understanding of Kubernetes, the Container Network Interface (CNI) and NFV terminology such as VNFs and CNFs.

  • Top 5 stress reliefs for sysadmins

Purism shows off more pictures of Librem 5 Phone and PureOS UI

As the first batch of the Librem 5 phones starts reaching its respectful owners, we can now have a better look at the product from its pictures taken by the customers. Before we check them out, let’s get to know a bit more about these phones. The Librem 5 smartphones are powered by PureOS, which is a Linux-based mobile operating system. The brains behind this product, namely Purism, have made it their top priority to offer such phones that provide security, privacy, and freedom to the customers. Accordingly, this product has been made for people who want to have complete control over their phones. You should check out this article if you want to know more about the Librem 5 smartphones. Now coming back to the news, people who have ordered this phone are in for a treat as the Librem 5 comes with a black anodized aluminum case. Not only it’s stylish, but it also maintains high radio reception quality – thanks to its non-metal backing. It accompanies easier-to-slide, flush hardware kill switches. Read more Also: Nathan Wolf: New Life to Rock Candy Gamepad for PS3 | Another Repair