Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 20 Jan 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Audiocasts: mintCast, Free as in Get Out, The Optional Option

Filed under
Interviews

Graphics: AMD, NVIDIA and Mesa

Filed under
Graphics/Benchmarks
  • AMDVLK Weekly Code Drop Brings A DXVK Fix, VK_EXT_debug_utils Support

    AMD developers maintaining their official Vulkan driver have carried out another weekly code push to the open-source AMDVLK code-base.

    Overall the changes for this week's worth of AMD Radeon Vulkan driver changes is fairly small, but there is a DXVK fix, one new Vulkan extension wired up, and a lot of low-level driver work.

  • NVIDIA 415.27 Linux Driver Released With GeForce RTX 2060 Support

    With NVIDIA today officially shipping the GeForce RTX 2060 as the new $349 USD Turing graphics card, the 415.27 Linux driver was released today to officially support this new graphics card.

    The GeForce RTX 2060 actually works with former 415 driver series releases, but would just be identified as a NVIDIA "Device" as opposed to the GeForce RTX 2060. The product string is now in this driver plus any other small tweaks to officially support this lowest-cost RTX Turing graphics card to date.

  • Mesa 18.3.2 release candidate

    The candidate for the Mesa 18.3.2 is now available. Currently we have:
    - 78 queued
    - 3 nominated (outstanding)
    - and 0 rejected patches

  • Mesa 18.3.2 Is Finally En Route With 78+ Changes

    It's been more than a month since the debut of Mesa 18.3 and the emergency 18.3.1 release while due the holidays and the release manager being sick, the next point release fell off the tracks. Mesa 18.3.2 is now being crafted and should be out in the next few days. Given the time since the previous release, Mesa 18.3.2 is heavy on fixes.

    Emil Velikov announced the release today of Mesa 18.3.2 RC1 and plans for officially releasing this point update in the next day or two. This release candidate has 78 patches queued over the prior update.

Introducing The Elementary OS 5 Linux Community Challenge

Filed under
GNU
Linux

The basic premise of the elementary OS Challenge is simple: ditch Windows, macOS or your current Linux OS of choice and exclusively use elementary OS 5 Juno as your daily driver for two weeks. Explore the curated AppCenter and the bundled software to get all of your working and playing done. For email, for music, for coding, for gaming, for whatever.

We’ll be taking this journey together, which hopefully means a two-way conversation to discuss the successes, discoveries, questions and potential stumbling blocks we encounter along the way.

Read more

Fedora Decides To Not Allow SSPLv1 Licensed Software Into Its Repositories

Filed under
Red Hat
Server
OSS
Legal

Back in October, MongoDB announced the Server Side Public License v1 (SSPLv1) as their new license moving forward for this document-oriented database server over their existing AGPL code. SSPL was met with much controversy upon its unveiling and Fedora's legal team has now ruled it an invalid free software license for packaged software in its repositories.

The intent of MongoDB developing the Server Side Public License was to ensure that public cloud vendors and other companies using their software as a service are giving back to the community / the upstream project. SSPL v1 was based on the GPLv3 but lays clear that a company publicly offering the SSPL-licensed software as a service must in turn open-source their software that it uses to offer said service. That stipulation applies only to organizations making use of MongoDB for public software services.

Read more

Mozilla Experiments in VR/AR and Firefox

Filed under
Web
  • Augmented Reality and the Browser — An App Experiment

    We all want to build the next (or perhaps the first) great Augmented Reality app. But there be dragons! The space is new and not well defined. There aren’t any AR apps that people use every day to serve as starting points or examples. Your new ideas have to compete against an already very high quality bar of traditional 2d apps. And building a new app can be expensive, especially for native app environments. This makes AR apps still somewhat uncharted territory, requiring a higher initial investment of time, talent and treasure.

    But this also creates a sense of opportunity; a chance to participate early before the space is fully saturated.

    From our point of view the questions are: What kinds of tools do artists, developers, designers, entrepreneurs and creatives of all flavors need to be able to easily make augmented reality experiences? What kinds of apps can people build with tools we provide?

    For example: Can I watch Trevor Noah on the Daily Show this evening, and then release an app tomorrow that is a riff on a joke he made the previous night? A measure of success is being able to speak in rich media quickly and easily, to be a timely part of a global conversation.

  • Adios, Amigo

    Firefox Test Pilot is flying off into the sunset on January 22nd, 2019. Currently active experiments will remain installed for all users, and will be available on addons.mozilla.org after this date. Non-extension experiments like Firefox Lockbox and Firefox Send will continue in active development as standalone products. In fact, both products will have significant launches in the near future. Stay tuned for updates in the coming months.

  • Evolving Firefox’s Culture of Experimentation: A Thank You from the Test Pilot Program

    For the last three years Firefox has invested heavily in innovation, and our users have been an essential part of this journey. Through the Test Pilot Program, Firefox users have been able to help us test and evaluate a variety of potential Firefox features. Building on the success of this program, we’re proud to announce today that we’re evolving our approach to experimentation even further.

Programming: Samba, newt-lola, Kano, Python and More

Filed under
Development
  • Samba 4.10 RC1 Released: Adds Offline Domain Backups, Now Defaults To Python 3

    Samba 4.10 release candidate 1 was announced today as the open-source SMB implementation with support for Windows Server and Active Directory domains.

    The Samba 4.10 release is bringing export/restore features for Group Policy Objects (GPO), pre-fork process model improvements, support for offline domain backups with the samba-tool domain backup command now supporting an offline option, support for group membership statistics within a domain, Python 3 is now considered the default Python implementation while Python 2 support is retained, JSON logging improvements, and other work.

  • newt-lola

    Bison and Flex (or any of the yacc/lex family members) are a quick way to generate reliable parsers and lexers for language development. It's easy to write a token recognizer in Flex and a grammar in Bison, and you can readily hook code up to the resulting parsing operation. However, neither Bison nor Flex are really designed for embedded systems where memory is limited and malloc is to be avoided.

    When starting Newt, I didn't hesitate to use them though; it's was nice to use well tested and debugged tools so that I could focus on other parts of the implementation.

    With the rest of Newt working well, I decided to go take another look at the cost of lexing and parsing to see if I could reduce their impact on the system.

  • Kano Scores a Disney Partnership, Announces a Star Wars Kit for Later This Year

    Kano creates killer little sets to teach kids how to code and beyond (like the awesome Harry Potter Coding Kit), and today the company is announcing a Disney partnership. The first product will be a Star Wars kit.

    While other info is scant at the time, Kano says the Star Wars kit will be out “in the second half of 2019.” Alex Klein, Kano’s CEO and co-founder, only teased other details, saying that “Collaborating with Disney is a blessing. We can combine connected, creative technologies with some of the most memorable stories ever told.”

  • GDA and GObject Introspection: Remember 1
  • No really, pathlib is great
  • Top Seven Apps Built With Python
  • Turn video into black and white with python
  • Happy Mu Year 2019!
  • Python 101: Episode #42 – Creating Executables with cx_Freeze

    In this screencast, we will learn how to turn your Python code into a Windows executable file using the cx_Freeze project.

  • PyCoder’s Weekly: Issue #351 (Jan. 15, 2019)

Games: Demonizer, Taste of Power, Road to your City and More

Filed under
Gaming

Security: Software Security is a Civil Right, Security Isn’t a Feature, Metasploit and Software Updates

Filed under
Security
  • Software Security is a Civil Right!
  • Security isn’t a feature

    As CES draws to a close, I’ve seen more than one security person complain that nobody at the show was talking about security. There were an incredible number of consumer devices unveiled, no doubt there is no security in any of them. I think we get caught up in the security world sometimes so we forget that the VAST majority of people don’t care if something has zero security. People want interesting features that amuse them or make their lives easier. Security is rarely either of these, generally it makes their lives worse so it’s an anti-feature to many.

    Now the first thing many security people think goes something like this “if there’s no security they’ll be sorry when their lightbulb steals their wallet and dumps the milk on the floor!!!” The reality is that argument will convince nobody, it’s not even very funny so they’re laughing at us, not with us. Our thoughts by very nature blame all the wrong people and we try to scare them into listening to us. It’s never worked. Ever. That one time you think it worked they were only pretended to care so you would go away.

    So it brings us to the idea that security isn’t a feature. Turning your lights on is a feature. Cooking you dinner is a feature. Driving your car is a feature. Not bursting into flames is not a feature. Well it sort of is, but nobody talks about it. Security is a lot like the bursting into flames thing. Security really is about something not happening, things not happening is the fundamental problem we have when we try to talk about all this. You can’t build a plausible story around an event that may or may not happen. Trying to build a narrative around something that may or may not happen is incredibly confusing. This isn’t how feature work, features do positive things, they don’t not do negative things (I don’t even know if that’s right). Security isn’t a feature.

    So the question you should be asking then is how do we make products being created contain more of this thing we keep calling security. The reality is we can’t make this happen given our current strategies. There are two ways products will be produced that are less insecure (see what I did there). Either the market demands it, which given the current trends isn’t happening anytime soon. People just don’t care about security. The second way is a government creates regulations that demand it. Given the current state of the world’s governments, I’m not confident that will happen either.

  • Metasploit, popular hacking and security tool, gets long-awaited update

    The open-source Metasploit Framework 5.0 has long been used by hackers and security professionals alike to break into systems. Now, this popular system penetration testing platform, which enables you to find, exploit, and validate security holes, has been given a long-delayed refresh.

    Rapid7, Metasploit's parent company, announced this first major release since 2011. It brings many new features and a fresh release cadence to the program. While the Framework has remained the same for years, the program was kept up to date and useful with weekly module updates.

  • Security updates for Tuesday
  • [Slackware] New VLC and Flash

    AV1 is a new video codec by the Alliance for Open Media, composed of most of the important Web companies (Google, Facebook, Netflix, Amazon, Microsoft, Mozilla…). AV1 has the potential to be up to 20% better than the HEVC codec, but the patents license is totally free. VLC supports AV1 since version 3.0.0 but I never added the ‘aom‘ decoder/encoder to my vlc package, since ‘aom’ is the reference implementation of the video format and it does not really perform.
    The VideoLAN and FFmpeg communities are collaborating on ‘dav1d’ to make this a reference optimized decoder for AV1. Now that ‘dav1d’ has an official release I thought it would be cool to have in the VLC package. Mozilla and Google browsers already have the support for AV1 video playback built-in, so… overdue here.

Blue Collar Linux: Something Borrowed, Something New

Filed under
Linux
Reviews

Sometimes it takes more than a few tweaks to turn an old-style desktop design into a fresh new Linux distribution. That is the case with the public release of Blue Collar Linux.

"The guidance and design were shaped by real people -- blue collar people," Blue Collar developer Steven A. Auringer told LinuxInsider. "Think useful and guided by Joe and Jane Whitebread in Suburbia."

Blue Collar Linux has been under development for the last four years. Until its public release this week, it has circulated only through an invitation for private use by the developer's family, friends and associates looking for an alternative to the Windows nightmare.

Read more

Compact i.MX6 UL gateway offers WiFi, 4G, LoRa, and ZigBee

Filed under
Linux

Forlinx’s “FCU1101” is a compact embedded gateway with -35 to 70℃ support that runs Linux on an i.MX6 UL and offers 4x isolated RS485 ports, a LAN port, and WiFi, 4G, LoRa, and ZigBee.

A year ago, the wireless studded, serial connected FCU1101 might have been called an IoT gateway, but the name seems to be going out of fashion. A similar system with a more powerful processor than the FCU1101‘s power-efficient, Cortex-A7 based NXP i.MX6 UltraLite (UL) might today be called an edge server. Forlinx calls its mini-PC sized, 105 x 100 x 33mm device what we used to call them back in the day: an embedded computer.

Read more

NVIDIA GeForce GTX 760/960/1060 / RTX 2060 Linux Gaming & Compute Performance

Filed under
Graphics/Benchmarks
Gaming

The NVIDIA GeForce RTX 2060 is shipping today as the most affordable Turing GPU option to date at $349 USD. Last week we posted our initial GeForce RTX 2060 Linux review and followed-up with more 1080p and 1440p Linux gaming benchmarks after having more time with the card. In this article is a side-by-side performance comparison of the GeForce RTX 2060 up against the GTX 1060 Pascal, GTX 960 Maxwell, and GTX 760 Kepler graphics cards. Not only are we looking at the raw OpenGL, Vulkan, and OpenCL/CUDA compute performance between these four generations, but also the power consumption and performance-per-Watt.

Read more

Linux Tools: The Meaning of Dot

Filed under
Linux

Let's face it: writing one-liners and scripts using shell commands can be confusing. Many of the names of the tools at your disposal are far from obvious in terms of what they do (grep, tee and awk, anyone?) and, when you combine two or more, the resulting "sentence" looks like some kind of alien gobbledygook.

None of the above is helped by the fact that many of the symbols you use to build a chain of instructions can mean different things depending on their context.

Read more

VirtualBox 6.0.2 Released with Support for SUSE Linux Enterprise Server 12.4

Filed under
SUSE

VirtualBox 6.0 brought numerous new features and improvements to the open-source and cross-platform virtualization software used by millions of computer users worldwide to run multiple operating systems on their PCs. These include a major user interface revamp, the ability to export virtual machines to the Oracle Cloud infrastructure, better 4K/HiDPI support for high-end displays, and support for Linux kernel 4.20.

VirtualBox 6.0.2 is the first maintenance update to the VirtualBox 6.0 series, adding support for building the VirtualBox drivers on the SUSE Linux Enterprise Server 12.4 operating system, implementing a new virtual optical disk creation window in the UI, making the VirtualBoxVM command accessible on Linux and macOS hosts, supporting older Linux kernels for building the shared folder driver, and fixing resetting of USB devices on Linux guests.

Read more

36-Year-Old SCP Clients' Implementation Flaws Discovered

Filed under
Security

A set of 36-year-old vulnerabilities has been uncovered in the Secure Copy Protocol (SCP) implementation of many client applications that can be exploited by malicious servers to overwrite arbitrary files in the SCP client target directory unauthorizedly.

Session Control Protocol (SCP), also known as secure copy, is a network protocol that allows users to securely transfer files between a local host and a remote host using RCP (Remote Copy Protocol) and SSH protocol.

In other terms, SCP, which dates back to 1983, is a secure version of RCP that uses authentication and encryption of SSH protocol to transfer files between a server and a client.

Discovered by Harry Sintonen, one of F-Secure's Senior Security Consultants, the vulnerabilities exist due to poor validations performed by the SCP clients, which can be abused by malicious servers or man-in-the-middle (MiTM) attackers to drop or overwrite arbitrary files on the client's system.

Read more

today's leftovers

Filed under
Misc
  • Archman 2019.01 Openbox Run Through

    In this video, we look at Archman 2019.01 Openbox.

  • And the Race is On! 2018-2019 openSUSE Board Elections Enter Campaign Phase

    Marina is a very active Italian openSUSE Advocate, involved in the Project since 2009, deeply involved in LibreOffice.  She relocated to Munich last June, where she is working for CIB mainly on its LibreOffice team as Senior Migrations & Deployments Engineer.  You may read more about Marina on her Wiki User page.

    Marina joins an already impressive line-up of Quality Candidates who announced they were stepping up during the past week, adding to what will be very tough decisions for the Voters in the upcoming Elections.  Official openSUSE Members in Good Standing are qualified to vote in the Elections, and they will have to make difficult choices for who should take the three open Board Seats, choosing between Marina, incumbent Christian Boltz aka cboltz, Dr. Axel Braun aka DocB, incumbent Sarah Julia Kriesch aka AdaLovelace, Sébastien Poher aka sogal, Vinzenz Vietzke aka vinzv, and Nathan Wolf aka futureboy and CubicleNate on IRC.

    Sarah and Sébastien’s run for the Board was announced in last Wednesday’s openSUSE News, while the Candidacies of Christian, Dr. Braun, Vinzenz, and  Nathan were announced in the next day’s news article.

  • Entry-level Bay Trail SBC ready for workhorse duty

    Acrosser’s 3.5-inch “AMB-BT19S1” SBC runs on an Intel Bay Trail SoC and offers up to 8GB RAM, dual display support, plus SATA, mSATA, mini-PCIe, serial, USB 3.0, and GbE ports.

    With newer Atom processor families such as Cherry Trail, Braswell, Apollo Lake, and now Gemini Lake, the popular, five-year old Bay Trail product line appears to be close to “legacy” status. Yet, aside from graphics capabilities and support for the latest memories and peripherals, there’s not that much separating Bay Trail from Gemini Lake in terms of CPU performance and power consumption. Depending on the price, an “entry level” Bay Trail SBC like Acrosser’s 3.5-inch AMB-BT19S1 board could be the smart move for some applications.

Syndicate content

More in Tux Machines

Security: Bo Weaver, New Scares, Clones With Malware

  • Bo Weaver on Cloud security, skills gap, and software development in 2019
    Bo Weaver, a Kali Linux expert shares his thoughts on the security landscape in the cloud. He also talks about the skills gap in the current industry and why hiring is a tedious process. He explains the pitfalls in software development and where the tech is heading currently. Bo, along with another Kali Linux expert Wolf Halton were also interviewed on why Kali Linux is the premier platform for testing and maintaining Windows security. They talked about advantages and disadvantages for using Kali Linux for pentesting. We also asked them about what they think about pentesting in cybersecurity, in general. They have also talked about their stance about the role of pentesting in cybersecurity in their interview titled, “Security experts, Wolf Halton and Bo Weaver, discuss pentesting and cybersecurity” [...] I laugh and cry at this term. I have a sticker on my laptop that says “There is no Cloud…. Only other people’s computers.” Your data is sitting on someone else’s system along with other people’s data. These other people also have access to this system. Sure security controls are in place but the security of “physical access” has been bypassed. You’re “in the box”. One layer of security is now gone. Also, your vendor has “FULL ACCESS” to your data in some cases. How can you be sure what is going on with your data when it is in an unknown box in an unknown data center? The first rule of security is “Trust No One”. Do you really trust Microsoft, Amazon, or Google? I sure don’t!!! Having your data physically out of your company’s control is not a good idea. Yes, it is cheaper but what are your company and its digital property worth? [...] In software development, I see a dumbing down of user interfaces. This may be good for my 6-year-old grandson, but someone like me may want more access to the system. I see developers change things just for the reason of “change”. Take Microsoft’s Ribbon in Office. Even after all these years, I find the ribbon confusing and hard to use. At least, with Libre Office, they give you a choice between a ribbon and an old school menu bar. The changes in Gnome 3 from Gnome 2. This dumbing down and attempting to make a desktop usable for a tablet and a mouse totally destroyed the usability of their desktop. What used to take 1 click now takes 4 clicks to do.
  • Security experts, Wolf Halton and Bo Weaver, discuss pentesting and cybersecurity [Interview]
  • Cloud security products uninstalled by mutating malware [Ed: Affects already-compromised servers]
    Linux is more prevalent than one might think, Microsoft Azure is now predominantly run on Linux servers - it's not just the Chinese cloud environments being hosted via Linux, it's likely that your business is running at least one cloud service on a Linux server too.
  • Google Play still has a clone problem in 2019 with no end in sight
    A fake app tries to clone another app in name, looks, and functionality, often also adding something like malware. Despite Google’s best efforts, both types of apps were fairly common in 2018.

Programming: GNU Binutils, Qt, Python, GStreamer, C++ and GTK+

  • GNU Binutils 2.32 Branched Ahead Of Release With New Features
    A new release of the GNU Binutils programming tools will soon be available. The upcoming Binutils 2.32 release is primarily made up of new CPU ports.  GNU Binutils 2.32 is bringing a MIPS port to the Loongson 2K1000 processor and the Loongson 3A1000/3A2000/3A3000 processors, all of which are based on the MIPS64r2 ISA but with different instruction set extensions. These new GPUs are exposed via -march=gs264e, -march=gs464, and -march=gs464e flags. With Binutils 2.32, the utilities like objdump and c++filt now have a maximum amount of recursion that is allowed while demangling strings with the current default being 2048. There is also a --no-recurse-limit for bypassing that limit. Objdump meanwhile allows --disassemble to specify a starting symbol for disassembly.
  • Building Qt apps with Travis CI and Docker
    I recently configured Travis CI to build Nanonote, my minimalist note-taking application. We use Jenkins a lot at work, and despite the fact that I dislike the tool itself, it has proven invaluable in helping us catch errors early. So I strongly believe in the values of Continuous Integration. When it comes to CI setup, I believe it is important to keep your distances with the tool you are using by keeping as much setup as possible in tool-agnostic scripts, versioned in your repository, and making the CI server use these scripts.
  • PyPI Security and Accessibility Q1 2019 Request for Proposals Update
    Earlier this year we launched a Request for Information (RFI) followed by the launch of a Request for Proposals (RFP) in November to fulfill a contract for the Open Technology Fund (OTF) Core Infrastructure Fund.  The initial deadline for our RFP was December 14th. We had hoped to begin work with the selected proposers in January 2019, but ultimately fell short of the ability to do so.
  • GStreamer 1.15.1 Released With Work On AV1, V4L HEVC Encode/Decode
    GStreamer 1.15.1 was announced on Friday as the first development release in the trek towards GStreamer 1.16 for this powerful open-source multimedia framework.
  • GStreamer 1.15.1 development release
    The GStreamer team is pleased to announce the first development release in the unstable 1.15 release series. The unstable 1.15 release series adds new features on top of the current stable 1.14 series and is part of the API and ABI-stable 1.x release series of the GStreamer multimedia framework. The unstable 1.15 release series is for testing and development purposes in the lead-up to the stable 1.16 series which is scheduled for release in a few weeks time. Any newly-added API can still change until that point, although it is rare for that to happen.
  • Is C++ fast?
    A library that I work on often these days, meshoptimizer, has changed over time to use fewer and fewer C++ library features, up until the current state where the code closely resembles C even though it uses some C++ features. There have been many reasons behind the changes - dropping C++11 requirement allowed me to make sure anybody can compile the library on any platform, removing std::vector substantially improved performance of unoptimized builds, removing algorithm includes sped up compilation. However, I’ve never quite taken the leap all the way to C with this codebase. Today we’ll explore the gamut of possible C++ implementations for one specific algorithm, mesh simplifier, henceforth known as simplifier.cpp, and see if going all the way to C is worthwhile.
  • Python Counters @PyDiff
  • Report: (clxi) stackoverflow python report
  • Regular Expressions in Python
  • Starting on a new map rendering library
    Currently in Maps, we use the libchamplain library to display the bitmap map titles (based on OpenStreetMap data and aerial photography) that we get from our tile provider, currently MapBox. This library is based on Clutter and used via the GTK+ embed support within libchamplain, which in turn makes use of the Clutter GTK embed support. Since this will not be supported when moving along to GTK+ 4.x and the Clutter library is not maintained anymore (besides the copy of it that is included in the GNOME Shell window manager/Wayland compositor, Mutter) eventually Maps will have to find a replacement. There's also some wonky bugs especially with regards to the mixing of event handling on the Clutter side vs. the GTK+ side. So to at least get the ball rolling a bit, I recently decided to see how hard it would be to take the code from libchamplain and keep the grotty deep-down internals dealing with tile downloading and caching and such and refocus the top-level parts onto new GTK+ 4 technologies such as the Snapshot, GSK (scene graph), and render node APIs.

today's howtos

LibreELEC (Leia) v8.95.3 BETA

LibreELEC 9.0 (Leia) Beta 3 has finally arrived after a long gestation period. Based upon Kodi v18 RC5.2, the 9.0 Beta 3 release contains many changes and refinements to user experience and a complete overhaul of the underlying OS core to improve stability and extend hardware support. Kodi v18 also brings new features like Kodi Retroplayer and DRM support that (equipped with an appropriate add-on) allows Kodi to unofficially stream content from services like Netflix and Amazon. Read more