Language Selection

English French German Italian Portuguese Spanish

Site News

Migrating TuxMachines to a Bigger Server

Filed under
Site News

We are in the process of moving the TuxMachines Web site to a better server with more capacity and better hardware. There may be temporarily odd behaviour on the site (if data is accessed which is out of date).

Monitoring Tux Machines With Apachetop, Nmon and Htop

Filed under
Site News

Monitoring Tux Machines

Summary: A little glimpse at how we monitor this site for DDOS attacks and general performance, especially now that DDOS attacks have already become pervasive and routine (Apachetop helps identity attack patterns and visual, colourful alerts are triggered in Nmon and Htop)

Malicious Bots

Filed under
Site News

Choking on bots, cannot cope

TUX MACHINES may seem to have become rather slow if not unreachable at times. Over the past few months we've had issues with bots that request as many as 10,000 files per minute from the site's server, which is obviously unable to cope with the load/bandwidth and actually deliver what's requested. Sometimes it even resets Apache in order to regain order. At the moment we lack a permanent solution, but we have some mitigations in place.

More than 5 years ago we had to stop new account sign-ups due to spammers setting up loads of dummy accounts (hundreds per day), then directing these to vandalise the site. This inevitably led to tighter control from an editorial perspective and it reduced the number of comments.

Running a site is no picnic; it's a 24/7 responsibility. We do the best we can to maintain a reliable service whilst at the same time also pursuing the latest news stories of interest. This takes a huge amount of time and dedication.

If it is difficult to reach the site or if the site feels very slow, it's almost definitely due to those bots. The server's uptime is now 160 days.

140,000 Reached

Filed under
Site News

Clock

THIS may be hard to believe, but after more than 16 years we've managed to put together 140,000 Drupal nodes (this one is the 140,000th). Most of these are news clippings and clusters of links. The rest are pages, blog posts and forum threads.

The next meaningful milestone will be the 150,000th node and our 20th anniversary (some time in 2024). We're quite certain we'll get there, along with 200,000 nodes, as this past week we've been in the region of all-time record traffic.

Susan is still involved sometimes, albeit behind the scenes. We thank her enormously for all the work she did.

3 Months From Home

Filed under
Site News

TM setup portrait


TUX MACHINES has been run from one single place over the past 3 months because of the COVID-19-induced lock-downs. We no longer travel far from home (it's impractical)... and we both work from home anyway.

The prolonged shut-down of businesses (they only reopened a fortnight ago) resulted in lack of access to some digital necessities, but that almost always meant more free time to rethink and reassess the workflow and the workspace with existing hardware (reshuffling what we already have, both new and old).

Last month I showed how the screens on my desk were split to handle multi-tasking. Last week I shuffled to portrait mode (as shown above). Rianne too uses 2 or 3 screens, but her setup is somewhat simpler. We basically both use a combination of RSS readers. I mostly use QuiteRSS and she uses Thunderbird and QuiteRSS in conjunction (best of both worlds). We're still hoping that an intern based in Africa will start participating soon. The pandemic has made access to the Internet a lot harder for him. He wants to cover programming and Web-related topics for us.

Message From the Editors

Filed under
Site News

Roy and Rianne

Summary: We're still running the site 24/7 every day/week of the year; we're managing to cope with slower news cycles

WE RECENTLY passed the sixteenth anniversary of this site, which is peaking in terms of traffic (record levels and all-time highs for several consecutive weeks). This weekend is very, very slow for news. Very.

We're typically managing to cope with the decline of journalism by digging deeper, finding lesser known sites such as blogs. We're hoping to reach the twentieth anniversary of the site. That's 2024.

Star Trek Thanksgiving: Did I tell you the joke about the flightless bird? Oh, don't get started, Worf... turned out it was a machine

For those who don't follow over RSS feeds (default and recommended as there are no middlemen; access is direct) there are also Twitter (proprietary) and the following accounts in Free software-based networks. Diaspora:

Diaspora logo

Mastodon:

Mastodon logo

Pleroma (Fediverse like Mastodon):

Pleroma logo

Thanks for choosing Tux Machines for news.

Sweet Sixteen

Filed under
Site News

Exuberant dog

TUX MACHINES is turning 16 today. Yes, 16. Not many sites last this long.

The interesting thing is, this past week we had an all-time traffic record and the same is true for the week prior. So for two weeks in a row, despite relatively slow news, we broke a record.

We aren't celebrating the birthday this year (we're still restricted in what can be done here, due to the virus), but maybe next year we'll do something and even share some photos.

Peaking Again

Filed under
Site News

Summary: In terms of number of daily nodes, we're at the pinnacle still (despite slow news at times of lock-downs)

Tux Machines is turning 16 exactly one month from now. We've decided to plot activity over time, as measured by number of posts/nodes. It's not the most important measure (e.g. original articles), but it's something that's not too hard to plot.

Attached to this post is tux-posts.txt, which can be converted into tux-numbers.txt as follows:

sed 's/[\t ][\t ]*/ /g' < tux-posts.txt | cut -d' ' -f3,5 >tux-numbers.txt

We can then plot it:

gnuplot -p -e 'plot "./tux-numbers.txt" with linespoints linetype 1 pointtype 2 linecolor 10'

And voila!

Plot tuxmachines posts

In a month from now we might buy a cake.

Running Tux Machines

Filed under
Site News

Roy's deskop

Roy's deskop and laptop

Roy's deskop and laptop with text

Running Tux Machines with my wife (the lead editor, I mostly sweep up and cluster related stories) is a hobby but it feels like a full-time job, a 24/7 job that involves picking and sorting news as quickly as possible, almost non-stop around the clock. My own workflow -- not speaking about Rianne's -- can be shown in this annotated photo, which I took a couple of hours ago. Readers might find it interesting, knowing roughly how the site is run from my side (not Rianne's). The office is at home of course, as we're both remote workers in the area of computing. We're like sysadmins for a living and maintaining Tux Machines helps keep us abreast of the latest technologies.

Turning 16 This Summer

Filed under
Site News

No crisis for the "tuxmachiners"

tuxmachines at whois

AS keen observers may be aware, bearing in mind last year's anniversary party (when such parties were still permitted), we're soon turning 16. There won't be a party or anything; not even online (it's pointless).

This past year has been our strongest and for whatever reason since the pandemic began (epidemic escalated and declared "pandemic"), then soon thereafter lock-downs were enforced, we saw another uptick in traffic. We don't spy on visitors, but we merely observe the size of Apache logs, which are then wiped for privacy reasons.

When Rianne and I took over the site in 2013 it had already flourished, thanks to the love of care of Susan. We continue curating the news, clustering together related reports. The list of blogs we syndicate continues to grow because the mainstream media perishes, leaving a vacuum for people who are eager to find timely information, such as distro reviews and howtos.

If you run a GNU/Linux-oriented blog in the English language that we do not link to (most likely because we're not aware of its existence), let us know in the comments, in IRC, or other contact means. We soon turn 16 and we're quite confident that we'll make it to 20 as well. At the moment, as of this month, we also do server upgrades and we hope to add SSL soon. We've already moved one of this site's databases to a separate container in Alpine Linux. We make improvements while maintaining the site's spirit and long tradition.

Stay home. Save lives.

Syndicate content

More in Tux Machines

Python: Security and NumPy 1.20 Release

  • Python Package Index nukes 3,653 malicious libraries uploaded soon after security shortcoming highlighted

    The Python Package Index, also known as PyPI, has removed 3,653 malicious packages uploaded days after a security weakness in the use of private and public registries was highlighted. Python developers use PyPI to add software libraries written by other developers in their own projects. Other programming languages implement similar package management systems, all of which demand some level of trust. Developers are often advised to review any code they import from an external library though that advice isn't always followed. Package management systems like npm, PyPI, and RubyGems have all had to remove subverted packages in recent years. Malware authors have found that if they can get their code included in popular libraries or applications, they get free distribution and trust they haven't earned. Last month, security researcher Alex Birsan demonstrated how easy it is to take advantage of these systems through a form of typosquatting that exploited the interplay between public and private package registries.

  • A pair of Python vulnerabilities [LWN.net]

    Two separate vulnerabilities led to the fast-tracked release of Python 3.9.2 and 3.8.8 on February 19, though source-only releases of 3.7.10 and 3.6.13 came a few days earlier. The vulnerabilities may be problematic for some Python users and workloads; one could potentially lead to remote code execution. The other is, arguably, not exactly a flaw in the Python standard library—it simply also follows an older standard—but it can lead to web cache poisoning attacks. [...] [Update: As pointed out in an email from Moritz Muehlenhoff, Python 2.7 actually is affected by this bug. He notes that python2 on Debian 10 ("Buster") is affected and has been updated. Also, Fedora has a fix in progress for its python2.7 package.]

  • NumPy 1.20 has been released

    NumPy is a Python library that adds an array data type to the language, along with providing operators appropriate to working on arrays and matrices. By wrapping fast Fortran and C numerical routines, NumPy allows Python programmers to write performant code in what is normally a relatively slow language. NumPy 1.20.0 was announced on January 30, in what its developers describe as the largest release in the history of the project. That makes for a good opportunity to show a little bit about what NumPy is, how to use it, and to describe what's new in the release. [...] NumPy adds a new data type to Python: the multidimensional ndarray. This a container, like a Python list, but with some crucial differences. A NumPy array is usually homogeneous; while the elements of a list can be of various types, an ndarray will, typically, only contain a single, simple type, such as integers, strings, or floats. However, these arrays can instead contain arbitrary Python objects (i.e. descendants of object). This means that the elements will, for simple data types, all occupy the same amount of space in memory. The elements of an ndarray are laid out contiguously in memory, whereas there is no such guarantee for a list. In this way, they are similar to Fortran arrays. These properties of NumPy arrays are essential for efficiency because the location of each element can be directly calculated. Beyond just adding efficient arrays, NumPy also overloads arithmetic operators to act element-wise on the arrays. This allows the Python programmer to express computations concisely, operating on arrays as units, in many cases avoiding the need to use loops. This does not turn Python into a full-blown array language such as APL, but adds to it a syntax similar to that incorporated into Fortran 90 for array operations.

4 Best Free and Open Source Graphical MPD Clients

MPD is a powerful server-side application for playing music. In a home environment, you can connect an MPD server to a Hi-Fi system, and control the server using a notebook or smartphone. You can, of course, play audio files on remote clients. MPD can be started system-wide or on a per-user basis. MPD runs in the background playing music from its playlist. Client programs communicate with MPD to manipulate playback, the playlist, and the database. The client–server model provides advantages over all-inclusive music players. Clients can communicate with the server remotely over an intranet or over the Internet. The server can be a headless computer located anywhere on a network. There’s graphical clients, console clients and web-based clients. To provide an insight into the quality of software that is available, we have compiled a list of 4 best graphical MPD clients. Hopefully, there will be something of interest here for anyone who wants to listen to their music collection via MPD. Here’s our recommendations. They are all free and open source goodness. Read more

LWN on Kernel: 5.12 Merge, Lockless Algorithms, and opy_file_range()

  • 5.12 Merge window, part 1 [LWN.net]

    The beginning of the 5.12 merge window was delayed as the result of severe weather in the US Pacific Northwest. Once Linus Torvalds got going, though, he wasted little time; as of this writing, just over 8,600 non-merge changesets have been pulled into the mainline repository for the 5.12 release — over a period of about two days. As one might imagine, that work contains a long list of significant changes.

  • An introduction to lockless algorithms [LWN.net]

    Low-level knowledge of the memory model is universally recognized as advanced material that can scare even the most seasoned kernel hackers; our editor wrote (in the July article) that "it takes a special kind of mind to really understand the memory model". It's been said that the Linux kernel memory model (and in particular Documentation/memory-barriers.txt) can be used to frighten small children, and the same is probably true of just the words "acquire" and "release". At the same time, mechanisms like RCU and seqlocks are in such widespread use in the kernel that almost every developer will sooner or later encounter fundamentally lockless programming interfaces. For this reason, it is a good idea to equip yourself with at least a basic understanding of lockless primitives. Throughout this series I will describe what acquire and release semantics are really about, and present five relatively simple patterns that alone can cover most uses of the primitives.

  • How useful should copy_file_range() be? [LWN.net]

    Its job is to copy len bytes of data from the file represented by fd_in to fd_out, observing the requested offsets at both ends. The flags argument must be zero. This call first appeared in the 4.5 release. Over time it turned out to have a number of unpleasant bugs, leading to a long series of fixes and some significant grumbling along the way. In 2019 Amir Goldstein fixed more issues and, in the process, removed a significant limitation: until then, copy_file_range() refused to copy between files that were not located on the same filesystem. After this patch was merged (for 5.3), it could copy between any two files, falling back on splice() for the cross-filesystem case. It appeared that copy_file_range() was finally settling into a solid and useful system call. Indeed, it seemed useful enough that the Go developers decided to use it for the io.Copy() function in their standard library. Then they ran into a problem: copy_file_range() will, when given a kernel-generated file as input, copy zero bytes of data and claim success. These files, which include files in /proc, tracefs, and a large range of other virtual filesystems, generally indicate a length of zero when queried with a system call like stat(). copy_file_range(), seeing that zero length, concludes that there is no data to copy and the job is already done; it then returns success. But there is actually data to be read from this kind of file, it just doesn't show in the advertised length of the file; the real length often cannot be known before the file is actually read. Before 5.3, the prohibition on cross-filesystem copies would have caused most such attempts to return an error code; afterward, they fail but appear to work. The kernel is happy, but some users can be surprisingly stubborn about actually wanting to copy the data they asked to be copied; they were rather less happy.

Banana Pi BPI-M2 Pro is a compact Amlogic S905X3 SBC

Banana Pi has already designed an Amlogic S905X3 SBC with Banana Pi BPI-M5 that closely follows Raspberry Pi 3 Model B form factor, but they’ve now unveiled a more compact model with Banana Pi BPI-M2 Pro that follow the design of the company’ earlier BPI-MP2+ SBC powered by the good old Allwinner H3 processor. BPI-M2 Pro comes with 2GB RAM, 16GB eMMC storage, HDMI video output, Gigabit Ethernet, Wifi & Bluetooth connectivity, as well as two USB 3.0 ports. Read more