Language Selection

English French German Italian Portuguese Spanish

Debian

Mobian OS For PinePhone Aims To Bring Debian Linux To Mobile Devices

Filed under
OS
Debian
Gadgets

Debian GNU/Linux is one of the oldest Linux-based operating systems known for its rock-solid stability and large community support. The most popular Linux distros like Ubuntu or Tails are based on Debian Linux.

However, you cannot install pure Debian directly on your smartphones or tablets. You need hardware-specific customizations to run it smoothly on different devices.

Surprisingly, Debian exists for smartphones either as PureOS or Ubuntu Touch mobile operating system. Now here comes another Debian-based mobile operating system, Mobian, which aims to bring the full power of Debian to mobile devices.

Read more

Emmabuntüs Debian Edition 3 Switches to LXQt, Now Based on Debian GNU/Linux 10.4

Filed under
Debian

The Emmabuntüs Collective announced today the release and general availability of Emmabuntüs Debian Edition 3 version 1.02, a release that brings new features and apps, as well as improvements and latest software updates.

Based on the latest Debian GNU/Linux 10.4 “Buster” release, Emmabuntüs Debian Edition 3 1.02 is here exactly three months after the previous Emmabuntüs Debian Edition 3 1.01 release to replace the LXDE desktop environment with the more modern LXQt by default, along with the Xfce desktop environment.

If you choose to use Emmabuntüs DE with the LXQt desktop, there are a few perks compared with the LXDE desktop, such as Falkon as default web browser, updated installation and presentation tutorials, as well as support for all of the in-house built scripts that are preset in the distribution for various tasks.

Read more

Latest Intel CrossTalk Vulnerability Now Patched in Debian GNU/Linux, CentOS and RHEL

Filed under
GNU
Linux
Red Hat
Security
Debian

The recent SRBDS (Special Register Buffer Data Sampling) hardware vulnerability (CVE-2020-0543) also known as CrossTalk, was discovered by researchers from Vrije Universiteit Amsterdam in some Intel processors. The flaw could allow local attackers or virtual machine guests to expose sensitive information like cryptographic keys from other users or VMs.

Already patched in all supported Ubuntu releases, the vulnerability has also been patched last week in the Debian GNU/Linux 10 “Buster,” Debian GNU/Linux 9 “Stretch,” CentOS Linux 7, CentOS Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 6 operating system releases.

Read more

Lampone Pi, a live readonly Raspbian

Filed under
Debian

Lampone Pi is a live Debian GNU/Linux Buster arm64 operating system for the Raspberry Pi microcomputer boards. At the time of writing, it’s the only live operating system for the Pi. Although it is not affiliated or derived from Raspbian, it’s the homologous of Raspbian Lite (they both derive from Debian), but differently it’s a 64bit live OS.

Why this project? If the header image looks familiar to you, you already have the answer : )

So, technically it’s a Debian derivative with a unique partitioning scheme crafted for maximizing the strength against filesystem corruption: the ISO9660 system partition is read-only by design at filesystem-level. The data persistence partition contains only the delta: system updates and your data lay there. The data partition mounted on top of a read-only system partition makes the resulting operating system resistent to filesystem-corruption. Moreover, you can do complete system backups by just tar-ring only the files contained within that partition.

Read more

Debian: Ulrike Uhlig and DebConf Updates

Filed under
Debian
  • Ulrike Uhlig: The right to demand change

    Two women sit in an office, one asks: "What's the difference between being assertive and being aggressive?" The other replies: "Your gender." (Cartoon by Judy Horacek, 1961.)

    When a person of a marginalized group (read: a person with less privilege, a person with lower rank) is being framed and blamed as being aggressive, she is being told that her behavior is unacceptable. Marginalized people have learnt that they need to comply to fit, and are likely to suppress their feelings. By being framed as aggressive, the marginalized person is also being told that what they are saying cannot be listened to because the way they are saying it does not comply with expectations. There is a word for this: tone policing. This great comic by Robot Hugs has all the important details. Tone policing is a silencing tactic in which privileged participants of a discussion one-sidedly define the terms of the conversation. This tactic has the interesting side effect of shifting the responsibility to prove that one is not {aggressive, hostile, explosive, a minefield, etc.} to the person being framed and blamed - proving that one is worthy to be listened to. (Some of those words are actual quotes taken from real life.)

    Years ago, I worked in a company in which my female developer colleague would put herself in a state of overly expressed sorriness, all the while pretending to be stupid and helpless whenever she needed to ask anything from the sysadmins. When I confronted her with that, she replied: "I do it because it works." In the same company, another woman who generally asked assertively for what she needed ended up being insulted by one of the project managers using the word "dominatrix". While the example comes from my own experience, this kind of thing happens across any oppression/privilege boundaries.

  • DebConf20 moves online, DebConf21 will be in Haifa

    The DebConf team has had to take the hard decision that DebConf 20 cannot happen in-person, in Haifa, in August, as originally planned. This decision is based on the status of the venue in Haifa, the local team's view of the local health situation, the existing travel restrictions and the results of a survey of potential participants.

    DebConf 20 will be held online instead!

    The Debian community can still get together to share ideas, discuss plans in Birds of a Feather sessions, and eat cheese, from the safety of the desks at home.

Second Debian Med COVID-19 hackathon (June 15-21, 2020)

Filed under
Debian
Sci/Tech
  • Second Debian Med COVID-19 hackathon (June 15-21, 2020)
    Dear Debian Community,
    
    Debian Med joined the virtual (online) [COVID-19 Biohackathon] from
    April 5-11 2020.  We considered the outcome a great success in terms of
    the approached tasks, the new members we gained and the support of
    Debian infrastructure teams (namely the ftpmaster team).
    
    COVID-19 is not over and the Debian Med team wants to do another week of
    hackathon to continue with this great success.  We want to do this from
    June 15th to June 21th 2020.
    
    A [recently shared pre-publication draft paper] highlights which
    software tools are considered useful "to Accelerate SARS-CoV-2 and
    Coronavirus Research".  Many of these tools would benefit from being
    packaged in Debian and all the advantages that Debian brings for both
    users and upstream alike.
    
    As in the first sprint most tasks do not require any knowledge of
    biology or medicine, and all types of contributions are welcome: bug
    triage, testing, documentation, CI, translations, packaging, and code
    contributions.
    
    1. [Debian related bugs in COVID-19 related packages]
    
    2. [COVID-19 related software that is awaiting packaging]
       please respond to the RFP with your intent so we don't duplicate work
    
    3. You can also contribute directly to the upstream packages, linked
       from the [Debian Med COVID-19 task page].  Note: many biomedical
       software packages are quite resource limited, even compared to a
       typical FOSS project. Please be kind to the upstream author/maintainers
       and realize that they may have limited resources to review your
       contribution. Triaging open issues and opening pull requests to fix
       problems is likely to be more useful than nitpicking their coding
       style.
    
    4. Architectures/porting: Please focus on amd64, as it is the primary
       architecture for biomedical software. A secondary tier would be arm64 /
       ppc64el / s390x (but beware the endian-related issues on s390x). From a
       free/open hardware perspective it would be great to see more riscv64
       support, but that is not a priority right now
    
    5. Python developers: The Debian Med team is also trying to [improve the
       availability ofautomated biomedical pipelines/workflows]  using the
       Common Workflow Language open standard. The reference implementation of
       CWL is written in Python and there are many [open issues ready for work
       that don't require any biomedical background].
    
    6. It is very easy to contribute to Debian Med team. We have a lowNMU
       policy for all our packages. Merge requests on Salsa are usually
       processed quickly (but please ping some of the latest Uploaders of the
       package to make sure it will be noticed). Even better if you ask for
       membership to the team and push directly to the salsa repository.
    
    7. The [debian-med-team-policy] should answer all questions how to contribute.
    
    8. There is a [work-needed wiki] that will help keep track of who is
       working on which projects.
    
    9. There is also a [NEW requests wiki] where we can request expedited
       NEW processing to support this effort.  In the last sprint ftpmaster
       was picking from here with high priority.  Thanks again for this.
    
    During the hackathon we will coordinate ourselves via the the Salsa
    coordination page, Debian Med mailing list and IRC:
    
    *  https://salsa.debian.org/med-team/community/2020-covid19-...
    *  https://lists.debian.org/debian-med/
    *  https://wiki.debian.org/IRC
    *  irc://irc.debian.org/debian-med
    *  https://jitsi.debian.social/DebianMedCovid19 every day at 15:00 UTC
    
    Thanks in advance for considering to join our sprint.
    
    Sincerely
    
        Andreas Tille on behalf of the Debian Med team.
    
  • Second Debian Med COVID-19 hackathon

    The Debian Med team joined a COVID-19 Biohackathon last April and is planing on doing it again on June 15-21.

Great fonts in Debian 10 (or later)

Filed under
Debian

Debian comes with tons of fonts for all kinds of purposes, you can easily list them all (almost) with: apt-cache search ^fonts-

Above you can see a nice composition with examples of several fonts. The composition is published under the MIT (Expat) license and the source SVG (created with Inkscape) can be downloaded here. You will need the fonts to be installed in your system so the SVG is correctly rendered.

Read more

Sparky 2020.06

Filed under
Debian

The June snapshot of Sparky 2020.06 of the (semi-)rolling line is out.
It is based on the Debian testing “Bullseye”.

Changes:
• system upgrade from Debian testing repos as of June 5, 2020
• Linux kernel 5.6.14 (5.7.0 in Sparky unstable repos)
• Firefox 77.0
• Thunderbird 68.8.1
• LibreOffice 6.4.4.2
• debi-tool’ replaced by ‘gdebi’
• added ‘spterm’ (Sparky Terminal) to be used by Sparky tools
• Otter Browser replaced by Epiphany Browser (MinimalGUI)
• added RadioStation – a fork of RadioTray-Lite (and Radiotray)
• added Openbox Noir to the desktop list to be installed as a choice (via MinimalGUI & MinimalCLI and APTus too)
• added disk autopartitioning, encrypting and lvm support to the Advanced Installer DEV (still experimental)
• Calamares updated up to 3.2.24; changed password strength to a minimum number of digits as possible in Calamares, as requested a few times by our users (can be used used 1 digit, but I recommend to use strong password); thanks to lami07
• added lxappearance to MinimalGUI iso (Openbox)

Read more

Debian Leftovers and Developers

Filed under
Debian
  • Antoine Beaupré: Replacing Smokeping with Prometheus

    I've been struggling with replacing parts of my old sysadmin monitoring toolkit (previously built with Nagios, Munin and Smokeping) with more modern tools (specifically Prometheus, its "exporters" and Grafana) for a while now.

    Replacing Munin with Prometheus and Grafana is fairly straightforward: the network architecture ("server pulls metrics from all nodes") is similar and there are lots of exporters. They are a little harder to write than Munin modules, but that makes them more flexible and efficient, which was a huge problem in Munin. I wrote a Migrating from Munin guide that summarizes those differences. Replacing Nagios is much harder, and I still haven't quite figured out if it's worth it.

    [...]

    A naive implementation of Smokeping in Prometheus/Grafana would be to use the blackbox exporter and create a dashboard displaying those metrics. I've done this at home, and then I realized that I was missing something.

  • Reproducible Builds in May 2020

    One of the original promises of open source software is that distributed peer review and transparency of process results in enhanced end-user security. Nonetheless, whilst anyone may inspect the source code of free and open source software for malicious flaws, almost all software today is distributed as pre-compiled binaries. This allows nefarious third-parties to compromise systems by injecting malicious code into seemingly secure software during the various compilation and distribution processes.

  • Steve McIntyre: Interesting times, and a new job!

    It's been over ten years since I started in Arm, and nine since I joined Linaro as an assignee. It was wonderful working with some excellent people in both companies, but around the end of last year I started to think that it might be time to look for something new and different. As is the usual way in Cambridge, I ended up mentioning this to friends and things happened!

    [...]

    Where do I fit in? Pexip is a relatively small company with a very flat setup in engineering, so that's a difficult question to answer! I'll be starting working in the team developing and maintaining PexOS, the small Linux-based platform on which other things depend. (No prizes for guessing which distro it's based on!) But there's lots of scope to get involved in all kinds of other areas as needs and interests arise. I can't wait to get stuck in!

    Although I'm no longer going to be working on Debian arm port issues on work time, I'm still planning to help where I can. Let's see how that works...

Linux Powered Industrial IoT Gateway Offers WiFi 6, Bluetooth 5.1, 4G LTE Connectivity

Filed under
Linux
Debian

Compulab IOT-GATE-IMX8 is a Debian Linux powered fanless Industrial IoT gateway powered by NXP i.MX 8M Mini processor and specially designed for industrial control and monitoring with optional support for WiFI 6 (802.11ax), Bluetooth 5.1, 4G LTE, and GNSS connectivity.

The gateway is equipped with up to 4GB RAM and 128GB eMMC flash, takes variable DC input from 8V to 36V, and operates in a wide temperature range of -40C to 80°C with the company providing a 5-year warranty and 15-year availability.

Read more

Syndicate content

More in Tux Machines

TenFourFox FPR27 available

TenFourFox Feature Parity Release 27 final is now available for testing (downloads, hashes, release notes). Unfortunately, I have thus far been unable to solve issue 621 regarding the crashes on LinkedIn, so to avoid drive-by crashes, scripts are now globally disabled on LinkedIn until I can (no loss since it doesn't work anyway). If you need them on for some reason, create a pref tenfourfox.troublesome-js.allow and set it to true. I will keep working on this for FPR28 to see if I can at least come up with a better wallpaper, though keep in mind that even if I repair the crash it may still not actually work anyway. There are otherwise no new changes since the beta except for outstanding security updates, and it will go live Monday evening Pacific assuming no new issues. Read more

today's howtos

today's leftovers

  • Doom Emacs For Noobs

    Doom Emacs is my preferred text editor, and I have made several videos about it. But some of those videos assumed that the viewer had some knowledge of Vim and/or Emacs. So I decided to make this Doom Emacs introductory video for the complete noob! This video covers how to install Doom Emacs, how to configure it, and some of the basic keybindings and commands.

  • The Endless Stream Of Linux Video Topics To Sift Through
  • Debian Janitor: Expanding Into Improving Multi-Arch

    The Debian Janitor is an automated system that commits fixes for (minor) issues in Debian packages that can be fixed by software. It gradually started proposing merges in early December. The first set of changes sent out ran lintian-brush on sid packages maintained in Git. This post is part of a series about the progress of the Janitor.

  • New Debian Maintainers (July and August 2020)

    The following contributors were added as Debian Maintainers in the last two months: Chirayu Desai Shayan Doust Arnaud Ferraris Fritz Reichwald Kartik Kulkarni François Mazen Patrick Franz Francisco Vilmar Cardoso Ruviaro Octavio Alvarez Nick Black Congratulations!

  • MYIR launches FZ5 EdgeBoard AI Box for AI on the Edge

    Back in July of this year (2020), MYRI technology announced the MYIR’s FZ3 deep learning accelerator card powered by the Xilinx Zynq UltraScale+ ZU3EG Arm FPGA MPSoC and it is capable of delivering up to 1.2TOPS computing power. With only a few months since that launch, MYRI technology is now announcing another two related sets of products – FZ5 EdgeBoard AI Box and the FZ5 Card.

  • SYNCPLIFY.ME AFT! V3.0 SUPPORTS LINUX ON ARM

    But, arguably, the most relevant new feature is AFT!’s native support for ARM processors, when in combination with a Linux operating system. With giants like Apple, moving away from the x86 architecture to fully embrace ARM on their entire product line, it was a strategic choice for Syncplify to be ahead of the curve, and release an ARM-native version of their software.

  • Where’s the Yelp for open-source tools?

    We’d like an easy way to judge open-source programs. It can be done. But easily? That’s another matter. When it comes to open source, you can’t rely on star power. The “wisdom of the crowd” has inspired all sorts of online services wherein people share their opinions and guide others in making choices. The Internet community has created many ways to do this, such as Amazon reviews, Glassdoor (where you can rate employers), and TripAdvisor and Yelp (for hotels, restaurants, and other service providers). You can rate or recommend commercial software, too, such as on mobile app stores or through sites like product hunt. But if you want advice to help you choose open-source applications, the results are disappointing. It isn’t for lack of trying. Plenty of people have created systems to collect, judge, and evaluate open-source projects, including information about a project’s popularity, reliability, and activity. But each of those review sites – and their methodologies – have flaws. Take that most archaic of programming metrics: Lines of code (LoC). Yes, it’s easy to measure. But it’s also profoundly misleading. As programming genius Edsger Dijkstra observed in 1988, LoC gives people “the reassuring illusion that programs are just devices like any others, the only difference admitted being that their manufacture might require a new type of craftsmen, viz. programmers. From there it is only a small step to measuring ‘programmer productivity’ in terms of ‘number of lines of code produced per month.’ This is a very costly measuring unit because it encourages the writing of insipid code.” We’ve gotten better since then, haven’t we? Perhaps not.

  • These Weeks in Firefox: Issue 79
  • Fun with Java Records

    Records, like lambdas and default methods on interfaces are tremendously useful language features because they enable many different patterns and uses beyond the obvious. Java 8 brought lambdas, with lots of compelling uses for streams. What I found exciting at the time was that for the first time lots of things that we’d previously have to have waited for as new language features could become library features. While waiting for lambdas we had a Java 7 release with try-with-resources. If we’d had lambdas we could have implemented something similar in a library without needing a language change.

  • How to code a basic WordPress plugin

    With over 7 million downloads for WordPress 5.3 alone, WordPress has become one of the most influential CMS of all time.

  • Laravel CSRF Protection

    The full form of CSRF is Cross-Site Request Forgery. It is one type of online attack in which the attacker sends requests as an authorized user to a system by gaining access information of a particular user of that system and performs different types of malicious activities by using the identity of that user. The impact of this attack depends on the victim’s privileges on the system. If the victim is a normal user then it will affect the personal data of the victim only. But if the victim is the administrator of the system then the attacker can damage the whole system. The users of any business website, social networking can be affected by this attack. This attack can be prevented easily by using Laravel CSRF protection to make the system more secure. Laravel generates CRSF token for each active user session automatically by which any request and approval are given to the authenticated user for the system. How Laravel CSRF Protection can be applied in the Laravel application is shown in this tutorial.

  • Popular VPN closes critical vulnerability on Linux client

    The VPN service Private Internet Access (PIA) has released a new version of its Linux client which fixes a critical vulnerability that could have allowed remote attackers to bypass the software's kill switch. The vulnerability, tracked as CVE-2020-15590, was discovered by Sick Codes and it affects versions 1.5 through 2.3 of PIA's Linux client. The client's kill switch is configured to block all inbound and outbound network traffic when a VPN connection drops. However, privileged applications still have the ability to send and receive network traffic even when the kill switch is turned on if net.ipv4.ip_forward has been enabled in the system kernel parameters. [...] “For the issue raised, we have no legacy customer support requests relating to this use case. We welcome input from community sources in addressing their usage and with this in mind, we took the decision to support this use case with our next Linux client release.” PIA users running Docker on Linux should upgrade to version 2.4 of the company's client as soon as possible to avoid any potential attacks leveraging this vulnerability.

  • 3 ways to protect yourself from imposter syndrome

    Poet and activist Maya Angelou published many books throughout her storied career, but each time, she feared people would figure out that she'd "run a game on everybody, and they're going to find me out." This seems an odd response from a well-honored writer. What she is describing is her own challenge with imposter syndrome. Think for a moment about your own accomplishments. Being hired into a new role. Having your first open source contribution merged into the project. Receiving an award or recognition. Being invited to participate in a project or event with people you respect and look up to. Did you question whether you belonged there? Did you fear people would "know that you didn't belong?" There is an extremely high likelihood that you have also experienced imposter syndrome. Please check the survey at the end of this article to see that you're not alone.

Graphics: NVIDIA, Intel, AMD and Zink

     
  • NVIDIA GeForce Now quietly starts working on Linux as the Avengers come to play

    If you use or have been following NVIDIA GeForce Now, the cloud gaming platform that delivers PC titles you already own from sources such as Steam and Epic Games to a multitude of devices, the latest development seems to have emerged silently. Spotted by the team at GamingonLinux, users of Linux can now, it seems, access GeForce Now in either Chromium of Google Chrome. Indeed, previously this tactic involved fudging user agents to make GeForce Now believe you were on a Chromebook, following the launch of the web client for Google's laptops. And it works just fine, I logged in and played some games with no issues on Ubuntu in both browsers. And just to double check, Firefox still shows an incompatible device error.

  • Intel Compute Runtime 20.37.17906 Brings Rocket Lake Support

    Intel's software team has released a new version of their Compute Runtime that provides OpenCL and oneAPI Level Zero capabilities for their graphics hardware on Linux.

  • AMDGPU TMZ + HDCP Should Allow Widevine DRM To Behave Nicely With AMD Linux Systems

    Coming together this year for the mainline Linux kernel was the AMDGPU Trusted Memory Zone (TMZ) capability for encrypted video memory support with Radeon GPUs. This topic was talked about at this week's XDC2020 conference. AMDGPU TMZ prevents unauthorized applications from accessing the encrypted/trusted memory of an application. TMZ protects both reads and writes while leveraging an AES cipher. But while discrete Radeon GPUs can also support TMZ, for now the AMD Linux developers have just been focused on the capability for their APU platforms.

  • Zink OpenGL-On-Vulkan Seeing Some 50~100% FPS Gains

    After working on getting the Zink OpenGL-over-Vulkan driver up to OpenGL 4.6 with still pending patches, former Samsung OSG engineer Mike Blumenkrantz has been making remarkable progress on the performance aspect as well. This generic Mesa OpenGL implementation that works atop Vulkan drivers is about to see much better performance. Blumenkrantz recently commented the performance was turning out better than expected but that was for micro-benchmarks. But now with more optimizations he is achieving even better results.