Language Selection

English French German Italian Portuguese Spanish

Web

Epiphany Web Browser Updated for GNOME 3.24 with New Hidden Homepage Settings

Filed under
GNOME
Web

As part of today's GNOME 3.23.2 development snapshot towards the GNOME 3.24 desktop environment, several core components and apps from the GNOME Stack received many improvements and new features.

Read more

Networking and Security

Filed under
Server
Security
Web
  • FAQ: What's so special about 802.11ad Wi-Fi?

    Here are the broad strokes about 802.11ad, the wireless technology that’s just starting to hit the market.

  • 2.5 and 5 Gigabit Ethernet Now Official Standards

    In 2014, multiple groups started efforts to create new mid-tier Ethernet speeds with the NBASE-T Alliance starting in October 2014 and MGBASE-T Alliance getting started a few months later in December 2014. While those groups started out on different paths, the final 802.3bz standard represents a unified protocol that is interoperable across multiple vendors.

    The promise of 2.5 and 5 Gbps Ethernet is that they can work over existing Cat5 cabling, which to date has only been able to support 1 Gbps. Now with the 802.3bz standard, organizations do not need to rip and replace cabling to get Ethernet that is up to five times faster.

    "Now, the 1000BASE-T uplink from the wireless to wired network is no longer sufficient, and users are searching for ways to tap into higher data rates without having to overhaul the 70 billion meters of Cat5e / Cat6 wiring already sold," David Chalupsky, board of directors of the Ethernet Alliance and Intel principal engineer, said in a statement. "IEEE 802.3bz is an elegant solution that not only addresses the demand for faster access to rapidly rising data volumes, but also capitalizes on previous infrastructure investments, thereby extending their life and maximizing value."

  • A quick fix for stupid password reset questions

    It didn’t take 500 million hacked Yahoo accounts to make me hate, hate, hate password reset questions (otherwise known as knowledge-based authentication or KBA). It didn't help when I heard that password reset questions and answers -- which are often identical, required, and reused on other websites -- were compromised in that massive hack, too.

    Is there any security person or respected security guidance that likes them? They are so last century. What is your mother’s maiden name? What is your favorite color? What was your first pet’s name?

  • French hosting provider hit by DDoS close to 1TBps

    A hosting provider in France has been hit by a distributed denial of service attack that went close to one terabyte per second.

    Concurrent attacks against OVH clocked in at 990GBps.

    The attack vector is said to be the same Internet-of-Things botnet of 152,464 devices that brought down the website of security expert Brian Krebs.

    OVH chief technology officer Octave Klaba tweeted that the network was capable of attacks up to 1.5TBps.

  • Latest IoT DDoS Attack Dwarfs Krebs Takedown At Nearly 1Tbps Driven By 150K Devices

    If you thought that the massive DDoS attack earlier this month on Brian Krebs’ security blog was record-breaking, take a look at what just happened to France-based hosting provider OVH. OVH was the victim of a wide-scale DDoS attack that was carried via network of over 152,000 IoT devices.

    According to OVH founder and CTO Octave Klaba, the DDoS attack reached nearly 1 Tbps at its peak. Of those IoT devices participating in the DDoS attack, they were primarily comprised of CCTV cameras and DVRs. Many of these types devices' network settings are improperly configured, which leaves them ripe for the picking for hackers that would love to use them to carry our destructive attacks.

pump.io Servers Adoption

Filed under
OSS
Web
  • Adopt a pump.io server

    As most of you know, E14N is no longer my main job, and I've been putting my personal time, energy, and money into keeping the pump network up and running. I haven't always done a good job, and some of the nodes have just fallen off the network. I'd like to ask people in the community to start taking over the maintenance and upkeep of these servers.

  • Prodromou: Adopt a pump.io server

    There are currently around 25 servers in the federated network initially started by Prodromou, which does not count other pump.io instances. He notes that one important exception is the identi.ca site, which is significantly larger than the rest, and which he would like to find a trusted non-profit organization to maintain.

Web browsers for GNU/Linux

Filed under
Moz/FF
Web

FOSS content management systems (CMS)

Filed under
OSS
Drupal
Web
  • How to Resolve Your Open Content Management Quandary

    After years of development and competition, open source content management systems (CMS) have proliferated and are very powerful tools for building, deploying and managing web sites, blogs and more. You're probably familiar with some of the big names in this arena, including Drupal (which Ostatic is based on) and Joomla.

    As we noted in this post, selecting a CMS to build around can be a complicated process, since the publishing tools provided are hardly the only issue. The good news is that free, sophisticated guides for evaluating CMS systems have flourished. There are even good options for trying open CMS systems online before you choose one. Here, in this newly updated post, you'll find some very good resources.

    he first thing to pursue as you evaluate CMS systems to deploy, including the many free, good platforms, is an overview of what is available. CMSMatrix.org is a great site for plotting out side-by-side comparisons of what CMS systems have to offer. In fact, it lets you compare the features in over 1200 content management system products. Definitely take a look. This site also has a good overview of the options.

  • Postleaf is an open-source blogging platform for the design-conscious

    Content management systems are boring until you have to use one. You can install a little Drupal or WordPress, pick up some Squarespace, or just dump to Medium, the graveyard for posts about protein shakes and VC funding. But what if you could roll your own CMS? And what if you made it really cool?

    That’s what Cory LaViska did. LaViska is the founder of SurrealCMS and has been making it easy to edit stuff on the web for nine years. Rather than build and sell an acceptable CMS, however, he took all of his best ideas and made a far better CMS. And he made it open source and called it Postleaf.

Death of Adobe Trash (Flash)

Filed under
Google
Web
  • Chrome to make Flash mostly-dead in early December [Ed: but do we replace one blob with another? (Chrome is proprietary)]

    Google yesterday set an early December deadline for purging most Flash content from its Chrome browser, adding that it will take an interim step next month when it stops rendering Flash-based page analytics.

    In a post to a company blog, Anthony LaForge, a technical program manager on the Chrome team, said the browser would refuse to display virtually all Flash content starting with version 55, which is scheduled for release the week of Dec. 5.

    Previously, Google had used a broader deadline of this year's fourth quarter for quashing all Flash content except for that produced by a select list of 10 sites, including Amazon, Facebook and YouTube.

  • Google Chrome's plan to kill Flash kicks into high gear

    Google is getting serious about ending the reign of Adobe Flash on the web.

    The company recently detailed a timeline for bringing Flash on Chrome to an end—kind of. Even in these late stages of Flash’s life on the web you still can’t kill it off entirely. Instead, Google says it will “de-emphasize” Flash to the point where it’s almost never used except when absolutely necessary.

  • HTML5 Wins: Google Chrome Is Officially Killing Flash Next Month

    With an aim to bring security, better battery life, and faster load times, Google is de-emphasizing Flash next month. After this change in Chrome 53, the behind-the-scenes Flash will be blocked in favor of HTML5. Later, with Chrome 55, HTML5 will be made the default choice while loading a web page.

Web Sites' FOSS

Filed under
OSS
Web
  • Govstrap.io enables rapid deployment of UK government websites

    United Kingdom government websites can now be deployed within minutes by re-using the familiar theme produced by Government Digital Services (GDS) in combination with the Bootstrap framework.

    The open source software specialist OpusVL has made it possible to take the official Gov.UK website theme, which is under the MIT license, and reproduce it quickly and easily using Bootstrap, which originated from Twitter. Bootstrap is an HTML, CSS, and JavaScript framework for creating front end websites and applications. With an increase in the variety of devices used to view websites, Bootstrap is a standard tool kit for building responsive design, and enabling websites to be mobile- and tablet-friendly.

  • Concrete5 Releases Version 8 Beta, More Open Source CMS News

    Portland, Ore.-based concrete5 released its version 8 beta for testing and feedback. It's good for site builders who are comfortable reporting and fixing bugs, and who are prepared to build their test sites from scratch. Just remember: Beta releases are never recommended for production websites.

    Technology evangelist Jessica Dunbar called it "a key milestone and is the work of more than 230 contributors." To find out about the new features, see what’s in store for version 8.

Syndicate content

More in Tux Machines

Security: Uber Sued, Intel ‘Damage Control’, ZDNet FUD, and XFRM Privilege Escalation

  • Uber hit with 2 lawsuits over gigantic 2016 data breach
    In the 48 hours since the explosive revelations that Uber sustained a massive data breach in 2016, two separate proposed class-action lawsuits have been filed in different federal courts across California. The cases allege substantial negligence on Uber’s part: plaintiffs say the company failed to keep safe the data of the affected 50 million customers and 7 million drivers. Uber reportedly paid $100,000 to delete the stolen data and keep news of the breach quiet. On Tuesday, CEO Dara Khosrowshahi wrote: “None of this should have happened, and I will not make excuses for it.”
  • Intel Releases Linux-Compatible Tool For Confirming ME Vulnerabilities [Ed: ‘Damage control’ strategy is to make it look like just a bug.]
    While Intel ME security issues have been talked about for months, confirming fears that have been present about it for years, this week Intel published the SA-00086 security advisory following their own internal review of ME/TXE/SPS components. The impact is someone could crash or cause instability issues, load and execute arbitrary code outside the visibility of the user and operating system, and other possible issues.
  • Open source's big weak spot? Flawed libraries lurking in key apps [Ed: Linux basher Liam Tung entertains FUD firm Snyk and Microsoft because it suits the employer's agenda]
  • SSD Advisory – Linux Kernel XFRM Privilege Escalation

gThumb 3.6 GNOME Image Viewer Released with Better Wayland and HiDPI Support

gThumb, the open-source image viewer for the GNOME desktop environment, has been updated this week to version 3.6, a new stable branch that introduces numerous new features and improvements. gThumb 3.6 comes with better support for the next-generation Wayland display server as the built-in video player, color profiles, and application icon received Wayland support. The video player component received a "Loop" button to allow you to loop videos, and there's now support for HiDPI displays. The app also ships with a color picker, a new option to open files in full-screen, a zoom popover that offers different zoom commands and a zoom slider, support for double-click activation, faster image loading, aspect ratio filtering, and the ability to display the description of the color profile in the property view. Read more Also: Many Broadway HTML5 Backend Improvements Land In GTK4

ExTiX 18.0, 64bit, with Deepin Desktop 15.5 (made in China!) and Refracta Tools – Create your own ExTiX/Ubuntu/Deepin system in minutes!

I’ve made a new extra version of ExTiX with Deepin 15.5 Desktop (made in China!). Deepin is devoted to providing a beautiful, easy to use, safe and reliable system for global users. Only a minimum of packages are installed in ExTiX Deepin. You can of course install all packages you want. Even while running ExTiX Deepin live. I.e. from a DVD or USB stick. Study all installed packages in ExTiX Deepin. Read more Also: ExTiX, the Ultimate Linux System, Now Has a Deepin Edition Based on Ubuntu 17.10 Kali Linux 2017.3 Brings New Hacking Tools — Download ISO And Torrent Files Here

Graphics: Greenfield, Polaris, Ryzen

  • Greenfield: An In-Browser HTML5 Wayland Compositor
    Earlier this year we covered the Westfield project as Wayland for HTML5/JavaScript by providing a Wayland protocol parser and generator for JavaScript. Now that code has morphed into Greenfield to provide a working, in-browser HTML5 Wayland compositor.
  • New Polaris Firmware Blobs Hit Linux-Firmware.Git
    Updated firmware files for the command processor (CP) on AMD Polaris graphics cards have landed in linux-firmware.git. These updated firmware files for Polaris GPUs are light on details besides being for the CP and from their internal 577de7b1 Git state.
  • Report: Ryzen "Raven Ridge" APU Not Using HBM2 Memory
    Instead of the Vega graphics on Raven Ridge using HBM2 memory, it appears at least for some models they are just using onboard DDR4 memory. FUDZilla is reporting today that there is just 256MB of onboard DDR4 memory being used by the new APU, at least for the Ryzen 5 APU found on the HP Envy x360 that was the first Raven APU system to market.