Site News

Web Site Traffic Growing

Submitted by Roy Schestowitz on Saturday 3rd of September 2016 08:41:27 PM Filed under

Site News

The Linux Foundation recently added the Platform for Network Data Analytics (PNDA)

Panda

Summary: Network/traffic analytics for Tux Machines

ULTIMATELY, here in Tux Machines we strive to include every bit of relevant news (standalone pages for more important news, clusters of links for the rest, grouped by topic). We rarely blog although sometimes we add an opinion (marked "Ed", shorthand for "Editor").

It has been a long time since we last wrote about statistics. As readers may know by now, we only retain logs for up to 4 weeks (security/diagnostics purposes), then these get deleted for good so as to maintain privacy (we cannot be compelled to hand over data). Those logs show only direct hits, they don't include pages served through the cache^* (Varnish) and here is the latest, where the date stands for "week ending":

-rw-r--r--.  1 root root 224439408 Aug  7 03:17 access.log-20160807
-rw-r--r--.  1 root root 310050330 Aug 14 03:22 access.log-20160814
-rw-r--r--.  1 root root 343901488 Aug 21 03:17 access.log-20160821
-rw-r--r--.  1 root root 344256886 Aug 28 03:15 access.log-20160828

The above indicates that, judging by the back end (not cache), traffic continues to increase. Over the past week the site was sometimes unbearably slow if not inaccessible. In the worse case we'll upgrade the server for extra capacity, assuring decent speed. Worth noting is that in the latest log (ending August 28^th) less than 1,000 hits came from Edge, so very few among our visitors use the latest and 'greatest' from Microsoft. █
____
^* The cache server services several domains, notably Tux Machines and Techrights, and it averages at around 1.5 GB of traffic per hour.

Tux Machines Turns 12

Submitted by Roy Schestowitz on Saturday 9th of July 2016 01:21:02 AM Filed under

Site News

THE past few weeks were exceptionally busy for the site as readership grew considerably and the site turned 12. Originally, the site did not share Linux news but had various other sections. Years later Susan Linton made it the success story it is today and in 2013-2014 we only modernised the theme and kept the old tradition, format, etc. We hope this pleases longtime readers of the site. Comments on how the site is run are always taken into account. █

Malicious Spam

Submitted by Roy Schestowitz on Sunday 17th of April 2016 12:24:00 AM Filed under

Site News

FOR those who may be wondering, we didn't get compromised or anything. We never had any such incidents. What happened earlier is that some spammer, who had created an account before we limited account creation (due to spam), made the spam expandable to the whole screen, covering many of the pages with that spam (overlay). We are working on code to help prevent such spamming so that legitimate users can post comments etc. without spammers ruining the experience for everyone else. █

Baidu Stages De Facto DDOS Attacks (Updated)

Submitted by Roy Schestowitz on Friday 27th of November 2015 11:46:01 AM Filed under

Site News

Summary: A 2-hour investigation reveals that Tux Machines is now the victim of an arrogant, out-of-control Baidu

TUX MACHINES has been mostly offline later this morning. It has evidently become the victim of Baidu's lawlessness, having fallen under huge dumps of requests from IP addresses which can be traced back to Baidu and whose requests say Baidu as well (we tried blocking these, but it's not easy to do by IP because they have so many). They don't obey robots.txt rules; not even close! It turns out that others suffer from this as well. These A-holes have been causing a lot of problems to the site as of late (slowdowns was one of those problems), including damage to the underlying framework. Should we report them? To who exactly? Looking around the Web, there are no contact details (in English anyway) by which to reach them.

Baidu can be very evil towards Web sites. Evil. Just remember that. █

Update: 3 major DDOS attacks (so far today) led to a lot of problems and they also revealed that not Baidu was at fault but botmasters who used "Baidu" to masquerade themselves, hiding among some real and legitimate requests from Baidu (with Baidu-owned IP addresses). We have changed our firewall accordingly. We don't know who's behind these attacks and what the motivations may be.

Record Week

Submitted by Roy Schestowitz on Monday 26th of October 2015 10:01:06 PM Filed under

Site News

QUIETLY but surely, last week marked an important milestone, with traffic at the back end (not the cache layer^*) exceeding 1.8 million hits, thus establishing a new record. So far this week it looks as though we are going to break this record again. We hope that the new format, which places emphasis on high importance links (as standalone nodes) and puts less important links in topical groups (grouping like games or howtos), makes reading the site more convenient and makes keeping abreast of the news easier, without getting overloaded in a way that is not somewhat manageable (links inside groups are typically less important, as intended). We're open to any suggestions readers may have to ensure we remain a leading syndicator of GNU/Linux and Free/Open Source software news. Any feedback can improve the site. █

_____
^* It is difficult to measure what happens at the Varnish layer as it's shared among several domains, including Techrights.

Back to Normal Next Week

Submitted by Roy Schestowitz on Wednesday 23rd of September 2015 09:21:49 AM Filed under

Site News

IN CASE it's not already obvious, we have been posting fewer links since the 14th of this month because we are both away and we catch up with some news only when time permits. Today's hot day (38 degrees) will probably allow us to stay indoors more time than usual and therefore post some more links (from Rianne's laptop), but a week for now is when we'll properly catch up with everything that was missed and gradually get back to normal, hopefully for a long time to come.

Please bear with us while we enjoy our last chance to have a summer vacation. It's already cold back home in Manchester. █

Operating Systems in Tux Machines

Submitted by Roy Schestowitz on Saturday 27th of June 2015 01:14:59 AM Filed under

Site News

Summary: Some numbers to show what goes on in sites that do not share information about their visitors (unlike Windows-centric sites which target non-technical audiences)

THE common perception of GNU/Linux is that it is scarcely used, based on statistics gathered from privacy-hostile Web sites that share (or sell) access log data, embed spyware in all of their pages, and so on. Our sites are inherently different because of a reasonable -- if not sometimes fanatic -- appreciation of privacy at both ends (server and client). People who read technical sites know how to block ads, impede spurious scripts etc. These sites also actively avoid anything which is privacy-infringing, such as interactive 'social' media buttons (these let third parties spy on all visitors in all pages).

Techrights and Tux Machines attract the lion's share our traffic (and server capacity). They both have dedicated servers. These are truly popular and some of the leaders in their respective areas. Techrights deals with threats to software freedom, whereas Tux Machines is about real-time news discovery and organisation (pertaining to Free software and GNU/Linux).

The Varnish layer, which protects both of these large sites (nearly 100,000 pages in each, necessitating a very large cache pool), handles somewhere between a gigabyte to 2.5 gigabytes of data per hour (depending on the time of day, usually somewhere in the middle of this range, on average).

The Apache layer, which now boasts 32 GB of RAM and sports many CPU cores, handled 1,324,232 hits for Techrights (ranked 6636^th for traffic in Netcraft) in this past week and 1,065,606 for Tux Machines (ranked 6214^th for traffic in Netcraft).

Based on VISITORS Web Log Analyzer, this is what we've had in Techrights:

Windows: (36.2%)
Linux: (31.8%)
Unknown: (e.g. bots/spiders): (23.0%)
Macintosh: (8.8%)
FreeBSD: (0.1%)

As a graph (charted with LibreOffice):

Techrights stats

Tux Machines reveals a somewhat different pattern. Based on grepping/filtering the of past month's log at the Apache back end (not Varnish, which would have been a more sensible but harder thing to do), presenting the top 3 only:

Tuxmachines stats

One month is as far as retention goes, so it's not possible to show long-term trends (as before, based on Susan's summary of data). Logs older than that are automatically deleted, as promised, for both sites -- forever! We just need a small tail of data (temporarily) for DDOS prevention. █

Mollom Issues

Submitted by Roy Schestowitz on Tuesday 16th of June 2015 08:32:27 AM Filed under

Site News

TUX MACHINES has been having some issues with the spam filter, so people who regularly submit material, including comments, may have struggled to do so over the past fortnight of so. If that's the case, please re-attempt and report any issue you encounter to us (feedback button on the right). █

Spring in Tux Machines

Submitted by Rianne Schestowitz on Thursday 23rd of April 2015 08:45:57 PM Filed under

Site News

Tux Machines traffic

Tux Machines traffic has been increasing during spring. The DDOS attacks are behind us thankfully, the latest problem is just a lot of spam, which we are deleting as soon as we can. █

Blog posts

Submitted by Roy Schestowitz on Sunday 12th of April 2015 05:45:14 PM Filed under

Site News

UE TO a growing SPAM problem (dozens per day making the front page), we have disabled -- temporarily at least -- the ability of random visitors to create new blog posts after registering for an account. We apologise in advance to any legitimate users this restriction may affect. █

More in Tux Machines

Proxmox VE 4.3 released

Proxmox Server Solutions GmbH today announced the general availability of Proxmox Virtual Environment 4.3. The hyper-converged open source server virtualization solution enables users to create and manage LXC containers and KVM virtual machines on the same host, and makes it easy to set up highly available clusters as well as to manage network and storage via an integrated web-based management interface. The new version of Proxmox VE 4.3 comes with a completely new comprehensive reference documentation. The new docu framework allows a global as well as contextual help function. Proxmox users can access and download the technical documentation via the central help-button (available in various formats like html, pdf and epub). A main asset of the new documentation is that it is always version specific to the current user’s software version. Opposed to the global help, the contextual help-button shows the user the documentation part he currently needs.

Games for GNU/Linux

There Are Around 2,000 Steam Linux Games Available
Steam now has above 2,500 Linux & SteamOS games available

I've seen some posts on reddit and across the wider net about Steam hitting around 2,000 games for Linux. The truth is the number is actually quite a lot higher. People seem to be using SteamDB numbers which aren't up to date. The problem here is that SteamDB is unofficial and a manual process for people to let them know a game works. So you need to own the game and manually tell them, which makes their numbers rather different to the reality. Note: SteamDB do truly excellent work, this isn't a bash attempt, but to let people know how they work and how their list is different. The other problem is that the Steam Search when filtering only for Games and only for Linux is still incorrect. It actually lists games that are due soon, or due this month and haven't released yet. It also still lists games that haven't updated their release date that were supposed to release before today, but didn't actually release yet.
'Farabel', a turn based strategy game is officially coming to Linux after a days work

The developers of Farabel [Official Site, Steam, itch] sent word that their game is now officially coming to Linux. They asked for testers and in a single day got the game working properly on Linux and it's now official.
RADV Vulkan Driver Can Now Correctly Render Talos Principle
The Talos Principle now renders correctly in 'radv', the open source AMD Vulkan driver

Good news for Vulkan and AMD GPU fans, as David Airlie has put up a new blog post letting us know that The Talos Principle now renders correctly in this new open source AMD Vulkan driver.

Security News

Tuesday's security updates
New Open Source Linux Ransomware Divides Infosec Community

Following our investigation into this matter, and seeing the vitriol-filled reaction from some people in the infosec community, Zaitsev has told Softpedia that he decided to remove the project from GitHub, shortly after this article's publication. The original, unedited article is below.
Fax machines' custom Linux allows dial-up hack

Party like it's 1999, phreakers: a bug in Epson multifunction printer firmware creates a vector to networks that don't have their own Internet connection. The exploit requirements are that an attacker can trick the victim into installing malicious firmware, and that the victim is using the device's fax line. The firmware is custom Linux, giving the printers a familiar networking environment for bad actors looking to exploit the fax line as an attack vector. Once they're in that ancient environment, it's possible to then move onto the network to which the the printer's connected. Yves-Noel Weweler, Ralf Spenneberg and Hendrik Schwartke of Open Source Training in Germany discovered the bug, which occurs because Epson WorkForce multifunction printers don't demand signed firmware images.
Google just saved the journalist who was hit by a 'record' cyberattack

Google just stepped in with its massive server infrastructure to run interference for journalist Brian Krebs. Last week, Krebs' site, Krebs On Security, was hit by a massive distributed denial-of-service (DDoS) attack that took it offline, the likes of which was a "record" that was nearly double the traffic his host Akamai had previously seen in cyberattacks. Now just days later, Krebs is back online behind the protection of Google, which offers a little-known program called Project Shield to help protect independent journalists and activists' websites from censorship. And in the case of Krebs, the DDoS attack was certainly that: The attempt to take his site down was in response to his recent reporting on a website called vDOS, a service allegedly created by two Israeli men that would carry out cyberattacks on behalf of paying customers.
Krebs DDoS aftermath: industry in shock at size, depth and complexity of attack

“This attack didn’t stop, it came in wave after wave, hundreds of millions of packets per second,” says Josh Shaul, Akamai’s vice president of product management, when Techworld spoke to him. “This was different from anything we’ve ever seen before in our history of DDoS attacks. They hit our systems pretty hard.” Clearly still a bit stunned, Shaul describes the Krebs DDoS as unprecedented. Unlike previous large DDoS attacks such as the infamous one carried out on cyber-campaign group Spamhaus in 2013, this one did not use fancy amplification or reflection to muster its traffic. It was straight packet assault from the old school.
iOS 10 makes it easier to crack iPhone back-ups, says security firm

INSECURITY FIRM Elcomsoft has measured the security of iOS 10 and found that the software is easier to hack than ever before. Elcomsoft is not doing Apple any favours here. The fruity firm has just launched the iPhone 7, which has as many problems as it has good things. Of course, there are no circumstances when vulnerable software is a good thing, but when you have just launched that version of the software, it is really bad timing. Don't hate the player, though, as this is what Elcomsoft, and what Apple, are supposed to be doing right. "We discovered a major security flaw in the iOS 10 back-up protection mechanism. This security flaw allowed us to develop a new attack that is able to bypass certain security checks when enumerating passwords protecting local (iTunes) back-ups made by iOS 10 devices," said Elcomsoft's Oleg Afonin in a blog post.
After Tesla: why cybersecurity is central to the car industry's future

The news that a Tesla car was hacked from 12 miles away tells us that the explosive growth in automotive connectivity may be rapidly outpacing automotive security. This story is illustrative of two persistent problems afflicting many connected industries: the continuing proliferation of vulnerabilities in new software, and the misguided view that cybersecurity is separate from concept, design, engineering and production. This leads to a ‘fire brigade approach’ to cybersecurity where security is not baked in at the design stage for either hardware or software but added in after vulnerabilities are discovered by cybersecurity specialists once the product is already on the market.

Ofcom blesses Linux-powered, open source DIY radio ‘revolution’

Small scale DAB radio was (quite literally) conceived in an Ofcom engineer’s garden shed in Brighton, on a Raspberry Pi, running a full open source stack, in his spare time. Four years later, Ofcom has given the thumbs up to small scale DAB after concluding that trials in 10 UK cities were judged to be a hit. We gave you an exclusive glimpse into the trials last year, where you could compare the specialised proprietary encoders with the Raspberry Pi-powered encoders. “We believe that there is a significant level of demand from smaller radio stations for small scale DAB, and that a wider roll-out of additional small scale services into more geographic areas would be both technically possible and commercially sustainable,” notes Ofcom.

Navigation

Language Selection

Search

Authors Information

DistroWatch

LWN

LXer

OpenSource.com

Active forum topics

Site News

More in Tux Machines

Proxmox VE 4.3 released

Games for GNU/Linux

Security News

Ofcom blesses Linux-powered, open source DIY radio ‘revolution’

Syndication & Social Media

Support Tux Machines

Recent comments

Who's online

Linux Gizmos

Linux Today

LinuxSecurity.com Advisories

Linux.com

Web Upd8

DW Latest Releases

Phoronix