Language Selection

English French German Italian Portuguese Spanish

Debian

Deepin OS – First Distro To Bring Cloud Sync Option

Filed under
Debian

The team has developed its own desktop environment based on Qt and also uses KDE plasma’s window manager aka. dde-kwin. Deepin team has also developed 30 native applications for users to make day-to-day tasks easier to complete.

Some of the native deepin applications are — Deepin installer, Deepin file manager, Deepin system monitor, Deepin Store, Deepin screen recorder, Deepin cloud print, and so on… If you ever run out of options, do not forget thousands of open source applications are also available in the store.

The development of Deepin started in 2004 under the name ‘Hiwix’ and it’s been active since then. The distro’s name was changed multiple times but the motto remained the same, provide a stable operating system which is easy to install and use.

The current version Deepin OS 15.11 is based on Debian stable branch. It was released on 19, July 2019 with some great features and many improvements and bug fixes.

Read more

An Overview of Debian 10 "Buster" from the GNOME Edition

Filed under
GNOME
Debian

Debian 10 LTS, known as Buster, released with 7 desktop environments in 2019. This short article reveals the GNOME Edition for you. Unlike usual, I tried to break down the download pages more longer for you to give you clearer vision on what and where to download. I divided this article into 6 parts which talk about: ISOs, LTS, Calamares system installer, login sessions & RAM loads (fortunately, it's only ~800MiB right now!), user interface, and of course applications. I hope this overview helps everybody to reach Debian and try it as soon as possible. Happy reading!

Read more

Debian Outs First Linux Kernel Security Update for Debian GNU/Linux 10 "Buster"

Filed under
Security
Debian

Released earlier this month, the latest Debian GNU/Linux 10 "Buster" operating system just got its first Linux kernel security update, which addresses a security flaw (CVE-2019-13272) discovered by Google Project Zero's Jann Horn in Linux kernel's ptrace subsyste, which could let a local user obtain root privileges.

"Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios," reads the security advisory published by Salvatore Bonaccorso last week.

Read more

Debian: Deepin 15.11 Release, Another New Release From Dirk Eddelbuettel and DebConf20 Debian GNU/Linux Developer Conference

Filed under
Debian
  • Deepin 15.11 Released with Could Sync and Many Other Improvements

    It preinstalls Deepin Desktop Environment (DDE) and nearly 30 deepin native applications, as well as several applications from the open source community to fulfill user expectations.

    There are thousand applications are offered in Deepin Store, which users can install on demand.

    There are lot of fixes applied to Kwin (KDE Window Manager) and optimized for better stability and compatibility.

  • Dirk Eddelbuettel: anytime 0.3.5

    A new release of the anytime package is arriving on CRAN. This is the sixteenth release, and comes a good month after the 0.3.4 release.

    anytime is a very focused package aiming to do just one thing really well: to convert anything in integer, numeric, character, factor, ordered, … format to either POSIXct or Date objects – and to do so without requiring a format string. See the anytime page, or the GitHub README.md for a few examples.

  • DebConf20 Conference Takes Place August 23-29 for Debian GNU/Linux 11 "Bullseye"

    With the DebConf19 event closed, the Debian Project announced the dates for next year's DebConf20 Debian GNU/Linux developer conference, which will be hosted in Haifa, Israel.

    Next year, in 2020, the Debian Project will celebrate 12 years from the launch of the first DebConf Debian developer conference, and they selected Israel's Haifa instead of Portugal's Lisbon for DebConf20 despite Israel's political system. Now, they announced the official dates for DebConf20, which will take place between August 23rd and 29th.

Q4OS Operating System Brings the Trinity Desktop to Debian GNU/Linux 10 "Buster"

Filed under
OS
Debian

Based on the recently released Debian GNU/Linux 10 "Buster" operating system series, Q4OS 3.8 "Centaurus" comes more than seven months after the Q4OS 2.7 "Scorpion" release and it is the first stable version in the 3.x series, which was in heavy development during the last few years.

For a long time, Q4OS was shipping with the Trinity Desktop Environment (TDE) by default, which offers users, especially those who want to switch from Windows to Linux, a very familiar interface. However, it looks like the Q4OS 3.8 "Centaurus" series uses the latest stable KDE Plasma desktop by default.

Read more

Events: FOSDEM, DebConf/DebCamp, Open Infrastructure Summit

Filed under
OSS
Debian
  • DebConf19 closes in Curitiba and DebConf20 dates announced

    Today, Saturday 27 July 2019, the annual Debian Developers and Contributors Conference came to a close. Hosting more than 380 attendees from 50 different countries over a combined 145 event talks, discussion sessions, Birds of a Feather (BoF) gatherings, workshops, and activities, DebConf19 was a large success.

    The conference was preceded by the annual DebCamp held 14 July to 19 July which focused on individual work and team sprints for in-person collaboration toward developing Debian and host to a 3-day packaging workshop where new contributors were able to start on Debian packaging.

  • Mini DebCamp Fosdem 2020?

    On Monday after FOSDEM there will be again the Copyleft-Event from SFC, so maybe 3 days of hacking before FOSDEM would be better, but still, whatever, for planing these details there's now #debconf-fosdem on OFTC

  • China UnionPay, China Railway, Walmart Among Open Infrastructure Users Sharing Open Source Best Practices, New Ideas at Shanghai Summit

    Open Infrastructure Summit agenda features at-scale operators of infrastructure using open source technologies like OpenStack and Kubernetes...

Debian: Ben Hutchings, the Rumour Mill and Debian in the Mastodon/ActivityPub Fediverse

Filed under
Debian
  • Ben Hutchings: Talk: What's new in the Linux kernel (and what's missing in Debian)

    As planned, I presented my annual talk about Linux kernel changes at DebConf on Monday—remotely. (I think this was a DebConf first.)

    A video recording is already available (high quality, low quality). The slides are linked from my talks page and from the DebConf event page.

  • Ben Hutchings: Debian LTS work, July 2019

    I prepared and released Linux 3.16.70 with various fixes from upstream. I then rebased jessie's linux package on this. Later in the month, I picked the fix for CVE-2019-13272, uploaded the package, and issued DLA-1862-1. I also released Linux 3.16.71 with just that fix.

  • Opinion Sort

    In a world where it is more important to have a quick opinion than a thorough understanding, I propose this novel sorting algoritihm.

  • A new home for Debian in the Mastodon / ActivityPub fediverse: follow @debian@framapiaf.org (and possible future moves)

    Recent events in the fediverse in general and related to fosstodon.org instance in particular have made me rethink the place where I’d like to handle the @debian account in the Mastodon/GNU Social/ActivityPub fediverse.
    I couldn’t decide a “final” place yet, but I’m exploring options (including selfhosting).

    For now, I’ve moved the account to @debian@framapiaf.org – Please follow @debian there. Thank you Framasoft for administering and providing the service.

Daniel Pocock: Leadership and gossip in Debian

Filed under
Debian

When people realize that this issue relates to my private life and has nothing to do with my competence as a Debian Developer, they quickly apologize for intruding. On those occasions when I've explained the situation to people in any detail, the colour of their face has visibly changed, demonstrating an acute combination of sadness and anger at the way certain people in the Debian community, including the former leader, have behaved.

People have asked me why I didn't try to speak to Lamb. In fact, I tried. He lives in London, I visit there almost every month. I wrote to him numerous times and he always refused.

Between September and December 2018, I also wrote to a number of other members of the project to try and set up a meeting. They either didn't respond or declined. Yet I kept hearing more and more reports of Lamb's gossipmongering.

In my last blog, I revealed that one of the challenges I've faced was the death of my father. People simply can't understand why Lamb and his sidekicks would be undermining another Debian Developer, involved in the community for more than 20 years, at such a difficult time.

It is not easy to reduce a subject like that to a blog post. No cat picture can come close to explaining it. I don't intend to write more, nor can I, without violating the privacy of other people. Yet one of Lamb's missed opportunities as a leader is that he expected everything to be reduced to email or IRC. So he never actually knew any of this.

Earlier this year, somebody suggested taking a month off from Debian. It really misses the point. I never chose to have my private life and my professional life interconnected in this way. It was imposed on me by somebody who had the title of leader in an organization of 1,000 Developers but had dedicated more time to some people than others.

Read more

Debian: Michael Prokop on Buster, Vote Craziness Rant

Filed under
Debian

My take on OpenPGP best practices

Filed under
Security
Debian

After having seen a few talks at DebConf on GnuPG and related things, I would like to document here how I currently manage my OpenPGP keys, in the hope they can be useful for other people or for discussion. This is not a tutorial, meaning that I do not give you the commands to do what I am saying, otherwise it would become way too long. If there is the need to better document how to implement these best practices, I will try to write another post.

I actually do have two OpenPGP certificates, D9AB457E and E535FA6D. The first one is RSA 4096 and the second one is Curve25519. The reason for having two certificates is algorithm diversity: I don't know which one between RSA and Curve25519 will be the first to be considered less secure or insecure, therefore I would like to be ready for both scenarios. Having two certificates already allows me to do signature hunting on both, in such a way that it is easy to transition from one to the other as soon as there is the need.

The key I currently use is the RSA one, which is also the one available in the Debian keyring.

(If you search on the keyservers you will find many other keys with my name; they are obsolete, meant for my internal usage or otherwise not in use; just ignore them!)

Even if the two primary keys are different, their subkeys are the same (apart from some older cruft now revoked), meaning that they have the same key material. This is useful, because I can use the same hardware token for both keys (most hardware token only have three key slot, one for each subkey capability, so to have two primary keys ready for use you need two tokens, unless the two keys share their subkeys). I have one subkey for each subkey capability (sign, encrypt and authentication), wich are Curve25519 keys and are stored in a Nitrokey Start token. I also have, but tend to not use, one RSA subkey for each capability, which are stored on a OpenPGP card. Thanks to some date tweaking, both certificates are configured in such a way that Curve25519 subkeys are always preferred over RSA subkeys, but I also want to retain the RSA keys for corner cases where Curve25519 is not available.

Read more

Syndicate content

More in Tux Machines

CAN-Bus HAT for Raspberry Pi 4 offers RTC and wide-range power

Copperhill’s third-gen, $65 “PiCAN3” HAT features Raspberry Pi 4 support and a SocketCAN-ready CAN-Bus 2.0B port. The HAT has an RTC and is powered by a 3A, 6-20V Switch Mode Power Supply that can also power the Pi. Copperhill Technologies has launched a CAN-Bus HAT for the Raspberry Pi 4 Model B designed for industrial and automotive applications. Like the PiCAN2. which we briefly covered last year as part of our report on Network Sorcery’s UCAN software for CAN-equipped Raspberry Pi boards, the HAT is equipped with a Microchip MCP2515 CAN controller and MCP2551 CAN transceiver. Read more

Android Leftovers

FreeBSD 12 & DragonFlyBSD 5.6 Running Well On The AMD Ryzen 7 3700X + MSI X570 GODLIKE

For those wondering how well FreeBSD and DragonFlyBSD are handling AMD's new Ryzen 3000 series desktop processors, here are some benchmarks on a Ryzen 7 3700X with MSI MEG X570 GODLIKE where both of these popular BSD operating systems were working out-of-the-box. For some fun mid-week benchmarking, here are those results of FreeBSD 12.0 and DragonFlyBSD 5.6.2 up against openSUSE Tumbleweed and Ubuntu 19.04. Back in July I looked at FreeBSD 12 on the Ryzen 9 3900X but at that time at least DragonFlyBSD had troubles booting on that system. When trying out the Ryzen 7 3700X + MSI GODLIKE X570 motherboard on the latest BIOS, everything "just worked" without any compatibility issues for either of these BSDs. Read more

How to break out of a hypervisor: Abuse Qemu-KVM on-Linux pre-5.3 – or VMware with an AMD driver

A pair of newly disclosed security flaws could allow malicious virtual machine guests to break out of their hypervisor's walled gardens and execute malicious code on the host box. Both CVE-2019-14835 and CVE-2019-5049 are not particularly easy to exploit as they require specific types of hardware or events to occur. However, if successful, either could allow a miscreant to run malware on the host from a VM instance. CVE-2019-14835 was discovered and reported by Peter Pi, a member of the Tencent Blade Team. It is found in the Linux kernel versions 2.6.34 up to version 5.3, where it is patched. Read more