Language Selection

English French German Italian Portuguese Spanish

Site News

Baidu Stages De Facto DDOS Attacks (Updated)

Filed under
Site News

Summary: A 2-hour investigation reveals that Tux Machines is now the victim of an arrogant, out-of-control Baidu

TUX MACHINES has been mostly offline later this morning. It has evidently become the victim of Baidu's lawlessness, having fallen under huge dumps of requests from IP addresses which can be traced back to Baidu and whose requests say Baidu as well (we tried blocking these, but it's not easy to do by IP because they have so many). They don't obey robots.txt rules; not even close! It turns out that others suffer from this as well. These A-holes have been causing a lot of problems to the site as of late (slowdowns was one of those problems), including damage to the underlying framework. Should we report them? To who exactly? Looking around the Web, there are no contact details (in English anyway) by which to reach them.

Baidu can be very evil towards Web sites. Evil. Just remember that.

Update: 3 major DDOS attacks (so far today) led to a lot of problems and they also revealed that not Baidu was at fault but botmasters who used "Baidu" to masquerade themselves, hiding among some real and legitimate requests from Baidu (with Baidu-owned IP addresses). We have changed our firewall accordingly. We don't know who's behind these attacks and what the motivations may be.

Record Week

Filed under
Site News

Encounter with a penguin

QUIETLY but surely, last week marked an important milestone, with traffic at the back end (not the cache layer*) exceeding 1.8 million hits, thus establishing a new record. So far this week it looks as though we are going to break this record again. We hope that the new format, which places emphasis on high importance links (as standalone nodes) and puts less important links in topical groups (grouping like games or howtos), makes reading the site more convenient and makes keeping abreast of the news easier, without getting overloaded in a way that is not somewhat manageable (links inside groups are typically less important, as intended). We're open to any suggestions readers may have to ensure we remain a leading syndicator of GNU/Linux and Free/Open Source software news. Any feedback can improve the site.

_____
* It is difficult to measure what happens at the Varnish layer as it's shared among several domains, including Techrights.

Back to Normal Next Week

Filed under
Site News

IN CASE it's not already obvious, we have been posting fewer links since the 14th of this month because we are both away and we catch up with some news only when time permits. Today's hot day (38 degrees) will probably allow us to stay indoors more time than usual and therefore post some more links (from Rianne's laptop), but a week for now is when we'll properly catch up with everything that was missed and gradually get back to normal, hopefully for a long time to come.

Please bear with us while we enjoy our last chance to have a summer vacation. It's already cold back home in Manchester.

Operating Systems in Tux Machines

Filed under
Site News

Summary: Some numbers to show what goes on in sites that do not share information about their visitors (unlike Windows-centric sites which target non-technical audiences)

THE common perception of GNU/Linux is that it is scarcely used, based on statistics gathered from privacy-hostile Web sites that share (or sell) access log data, embed spyware in all of their pages, and so on. Our sites are inherently different because of a reasonable -- if not sometimes fanatic -- appreciation of privacy at both ends (server and client). People who read technical sites know how to block ads, impede spurious scripts etc. These sites also actively avoid anything which is privacy-infringing, such as interactive 'social' media buttons (these let third parties spy on all visitors in all pages).

Techrights and Tux Machines attract the lion's share our traffic (and server capacity). They both have dedicated servers. These are truly popular and some of the leaders in their respective areas. Techrights deals with threats to software freedom, whereas Tux Machines is about real-time news discovery and organisation (pertaining to Free software and GNU/Linux).

The Varnish layer, which protects both of these large sites (nearly 100,000 pages in each, necessitating a very large cache pool), handles somewhere between a gigabyte to 2.5 gigabytes of data per hour (depending on the time of day, usually somewhere in the middle of this range, on average).

The Apache layer, which now boasts 32 GB of RAM and sports many CPU cores, handled 1,324,232 hits for Techrights (ranked 6636th for traffic in Netcraft) in this past week and 1,065,606 for Tux Machines (ranked 6214th for traffic in Netcraft).

Based on VISITORS Web Log Analyzer, this is what we've had in Techrights:

Windows: (36.2%)
Linux: (31.8%)
Unknown: (e.g. bots/spiders): (23.0%)
Macintosh: (8.8%)
FreeBSD: (0.1%)

As a graph (charted with LibreOffice):

Techrights stats

Tux Machines reveals a somewhat different pattern. Based on grepping/filtering the of past month's log at the Apache back end (not Varnish, which would have been a more sensible but harder thing to do), presenting the top 3 only:

Tuxmachines stats

One month is as far as retention goes, so it's not possible to show long-term trends (as before, based on Susan's summary of data). Logs older than that are automatically deleted, as promised, for both sites -- forever! We just need a small tail of data (temporarily) for DDOS prevention.

Mollom Issues

Filed under
Site News

TUX MACHINES has been having some issues with the spam filter, so people who regularly submit material, including comments, may have struggled to do so over the past fortnight of so. If that's the case, please re-attempt and report any issue you encounter to us (feedback button on the right).

Spring in Tux Machines

Filed under
Site News

Tux Machines traffic

Tux Machines traffic has been increasing during spring. The DDOS attacks are behind us thankfully, the latest problem is just a lot of spam, which we are deleting as soon as we can.

Blog posts

Filed under
Site News

D

UE TO a growing SPAM problem (dozens per day making the front page), we have disabled -- temporarily at least -- the ability of random visitors to create new blog posts after registering for an account. We apologise in advance to any legitimate users this restriction may affect.

Catchup Mode

Filed under
Site News

IN the coming days we will prioritise very recent news and of course important news, but at the same time we shall be catching up with some older but important news that we missed. This means that some older items (one or two weeks old) may occasionally appear. In lieu with requests from readers we will also stop abbreviating long summaries of news, such as today's leftovers and howto roundups.

On Break

Filed under
Site News

KDE laptops

THIS COMING WEEK, starting Tuesday in particular, will be a lot less busy than usual because Rianne and I are flying away and will be absent for a couple of weeks. Depending on availability of Wi-Fi, we ought to be able to still post some links, just not the usual volume of links.

We kindly ask anyone who is interested and willing to submit links highlighting relevant news, as every registered user can do that. It will greatly help us run the site while we are very far away in east Asia.

Holidays Calm

Filed under
Site News

Xmas
Our living room this past weekend

TOMORROW is my birthday, so we are going away to Liverpool for a while. Over the holidays we won't be too active in this site, at the very least because there is no major news, no announcements of substance, and we also wish to spend some time with our extended family.

As always, anyone in Tux Machines can create an account and submit stories to the front page (as of late only spammers have been doing that almost every morning). We encourage readers to submit any links which they find relevant and of interest to the community.

Syndicate content

More in Tux Machines

OSS Leftovers

  • Ardour Digital Audio Workstation Finally Adds Native MP3 Importing Support

    While lossy compression audio formats like MP3 are not recommended for use within professional audio tasks, for those using the open-source Ardour digital audio workstation (DAW) software as of today there is finally native MP3 import support. Obviously it's better working with lossless audio formats as source material for Ardour and other digital audio workstation software suites, but given how common MP3 content is, there certainly is relevance to being able to import MP3s into DAWs. But historically due to licensing/patent issues, MP3 support within Ardour hasn't been possible -- thus leading to common complaints/questions by users over the years.

  • Certbot Leaves Beta with the Release of 1.0

    Earlier this week EFF released Certbot 1.0, the latest version of our free, open source tool that helps websites encrypt their traffic. The release of 1.0 is a significant milestone for the project and is the culmination of the work done over the past few years by EFF and hundreds of open source contributors from around the world.

    Certbot was first released in 2015 to automate the process of configuring and maintaining HTTPS encryption for site administrators by obtaining and deploying certificates from Let's Encrypt. Since its initial launch, many features have been added, including beta support for Windows, automatic nginx configuration, and support for over a dozen DNS providers for domain validation.

  • Open Repos provides code metrics on open source projects

    GitClear is offering Open Repos as a free product, though it is not open source. GitClear’s paid product offers many of the same insights and more. Long-term plans include allowing projects to embed an Open Repos view of a project in their site, and “improving data quality before adding features.”

  • Improvements in LibreOffice’s PowerPoint presentation support

    LibreOffice’s native file format is OpenDocument, a fully open and standardised format that’s great for sharing documents and long-term data storage. Of course, LibreOffice does its best to open files made by other office software as well, even if they’re stored in pseudo-“standards” with cryptic and obfuscated contents. Compatibility with PowerPoint PPT(X) presentations is therefore a challenge, but developers are working hard on improvements… A few months ago, we announced an initiative to improve the support of PPT and PPTX files in LibreOffice. Lots of great work happened since then and the results are collected below!

  • People of WordPress: Jill Binder

    Jill Binder never meant to become an activist. She insists it was an accident. Despite that, Jill has led the Diversity Outreach Speaker Training working group in the WordPress Community team since 2017. This group is dedicated to increasing the number of women and other underrepresented groups who are stepping up to become speakers at WordPress Meetups, WordCamps, and events. [...] The following year her internship advisor, who had become a client, was creating the first ever BuddyCamp for BuddyPress. He asked Jill to be on his organizing team. At that event she also moderated a panel with Matt Mullenweg. Then, Jill was invited to be on the core organizing team for WordCamp Vancouver. Part of this role meant reviewing and selecting speakers. From 40 speaker applications the team had to pick only 14 to speak.

  • Mint: Late-Stage Adversarial Interoperability Demonstrates What We Had (And What We Lost)

    In 2006, Aaron Patzer founded Mint. Patzer had grown up in the city of Evansville, Indiana—a place he described as "small, without much economic opportunity"—but had created a successful business building websites. He kept up the business through college and grad school and invested his profits in stocks and other assets, leading to a minor obsession with personal finance that saw him devoting hours every Saturday morning to manually tracking every penny he'd spent that week, transcribing his receipts into Microsoft Money and Quicken.

    Patzer was frustrated with the amount of manual work it took to track his finances with these tools, which at the time weren't smart enough to automatically categorize "Chevron" under fuel or "Safeway" under groceries. So he conceived on an ingenious hack: he wrote a program that would automatically look up every business name he entered into the online version of the Yellow Pages—constraining the search using the area code in the business's phone number so it would only consider local merchants—and use the Yellow Pages' own categories to populate the "category" field in his financial tracking tools.

today's howtos

Programming: Kotlin, Python and More

  • Android’s commitment to Kotlin

    When we announced Kotlin as a supported language for Android, there was a tremendous amount of excitement among developers. Since then, there has been a steady increase in the number of developers using Kotlin. Today, we’re proud to say nearly 60% of the top 1,000 Android apps contain Kotlin code, with more and more Android developers introducing safer and more concise code using Kotlin. During this year’s I/O, we announced that Android development will be Kotlin-first, and we’ve stood by that commitment. This is one of the reasons why Android is the gold partner for this year’s KotlinConf.

  • Google Reaffirms Commitment To Kotlin Programming Language For Android

    Google is continuing to embrace Kotlin programming for Android, making more Android APIs accessible by Kotlin, Jetpack Compose as a UI toolkit catered to Kotlin, and Kotlin extensions for more Google libraries. Google is also working to offer more Kotlin + Android learning material, working with JetBrains on improving the Kotlin code compiler, speeding up the build time of Kotlin code, and other improvements.

  • Comparing equivalent Python statements

    While teaching one of my Python classes yesterday I noticed a conditional expression which can be written in several ways. All of these are equivalent in their behavior...

  • Serving Files with Python's SimpleHTTPServer Module

    Servers are computer software or hardware that processes requests and deliver data to a client over a network. Various types of servers exist, with the most common ones being web servers, database servers, application servers, and transaction servers. Widely used web servers such as Apache, Monkey, and Jigsaw are quite time-consuming to set up when testing out simple projects and a developer's focus is shifted from producing application logic to setting up a server. Python's SimpleHTTPServer module is a useful and straightforward tool that developers can use for a number of use-cases, with the main one being that it is a quick way to serve files from a directory. It eliminates the laborious process associated with installing and implementing the available cross-platform web servers. Note: While SimpleHTTPServer is a great way to easily serve files from a directory, it shouldn't be used in a production environment. According to the official Python docs, it "only implements basic security checks."

Former Oracle product manager says he was forced out for refusing to deceive customers. Now he's suing the biz

A former Oracle employee filed a lawsuit against the database giant on Tuesday claiming that he was forced out for refusing to lie about the functionality of the company's software. The civil complaint [PDF], filed on behalf of plaintiff Tayo Daramola in US District Court in San Francisco, contends that Oracle violated whistleblower protections under the Sarbanes-Oxley Act and the Dodd-Frank Act, the RICO Act, and the California Labor Code. According to the court filing, Daramola, a resident of Montreal, Canada, worked for Oracle's NetSuite division from November 30, 2016 through October 13, 2017. He served as a project manager for an Oracle cloud service known as the Cloud Campus BookStore initiative and dealt with US customers. Campus bookstores, along with ad agencies, and apparel companies are among the market segments targeted by Oracle and NetSuite. Daramola's clients are said to have included the University of Washington, the University of Oregon, the University of Texas at Austin, Brigham Young University and the University of Southern California. The problem, according to the complaint, is that Oracle was asking Daramola to sell vaporware – a charge the company denies. "Daramola gradually became aware that a large percentage of the major projects to which he was assigned were in 'escalation' status with customers because Oracle had sold his customers software products it could not deliver, and that were not functional," the complaint says. Read more