Language Selection

English French German Italian Portuguese Spanish

Debian

Testing openSUSE, Manjaro, Debian, Fedora, and Mint Linux distributions on my new laptop

Filed under
Linux
Red Hat
Debian
SUSE

Due to the recent unfortunate demise of a couple of my computers I found myself in need of a new laptop on rather short notice. I found an Acer Aspire 5 on sale at about half price here in Switzerland, so I picked one up. I have been installing a number of Linux distributions on it, with mostly positive results.

Read more

Debian and Ubuntu Leftovers

Filed under
Debian
Ubuntu
  • Freexian’s report about Debian Long Term Support, December 2018

    Like each month, here comes a report about the work of paid contributors to Debian LTS.

  • CasparCG Server for TV broadcast playout in Debian

    The layered video playout server created by Sveriges Television, CasparCG Server, entered Debian today. This completes many months of work to get the source ready to go into Debian. The first upload to the Debian NEW queue happened a month ago, but the work upstream to prepare it for Debian started more than two and a half month ago. So far the casparcg-server package is only available for amd64, but I hope this can be improved. The package is in contrib because it depend on the non-free fdk-aac library. The Debian package lack support for streaming web pages because Debian is missing CEF, Chromium Embedded Framework. CEF is wanted by several packages in Debian. But because the Chromium source is not available as a build dependency, it is not yet possible to upload CEF to Debian. I hope this will change in the future.

  • Participate in Fedora Test Day Today, Netrunner Announces Netrunner 19.01 Blackbird, Security Patch for GNOME Bluetooth Tools in Ubuntu 18.04, New Giant Board SBC from Groboard and Linspire Posts Development Roadmap for 2019-2020

    Canonical yesterday released a security patch for the GNOME Bluetooth tools to address a security vulnerability with Ubuntu 18.04. Softpedia News reports that security researcher Chris Marchesi discovered the vulnerability in the BlueZ Linux Bluetooth stack, "which made it incorrectly handle disabling Bluetooth visibility, allowing a remote attacker to possibly pair to Bluetooth devices." All Ubuntu 18.04 LTS users should update immediately to the gnome-bluetooth 3.28.0-2ubuntu0.1 and libgnome-bluetooth13 3.28.0-2ubuntu0.1 packages from the official repos. See the wiki for detailed instructions.

  • Ubuntu Weekly Newsletter Issue 561

Debian-Based Netrunner 19.01 "Blackbird" Officially Released with New Dark Look

Filed under
Debian

Dubbed Blackbird, Netrunner 19.01 comes ten months after the Netrunner 18.03 "Idolon" release with a fresh, dark new look and feel with a more 3D-looking design, which was created using the Kvantum theme engine and the Alpha-Black Plasma theme. The new theme comes with some bling too as there's now a light glow for the "Minimize all Windows to show Desktop" function.

"Around this time of the year, we thought we could try something more vivid and colorful to lighten up the shortened days. So instead of going with the previously used “material look”, we thought of something different. Blackbird ships with a new Look and Feel Theme called “Netrunner Black” that is based on a dark, yet not too harsh contrasting visual," reads today's announcement.

Read more

Also: Netrunner 19.01 – Blackbird released

Here's the Default Theme and Artwork for Debian GNU/Linux 10 "Buster"

Filed under
Debian

Created by Alex Makas, the "futurePrototype" artwork set was selected the winner of the artwork proposals for Debian GNU/Linux 10 "Buster" and will be used as the default theme for the upcoming operating system. The "futurePrototype" artwork set consists of a wallpaper, login theme with the Debian Buster logo, as well as a theme for the GRUB bootloader.

"After the Debian Desktop Team made the call for proposing themes, a total of eleven choices have been submitted, and any Debian contributor has received the opportunity to vote on them in a survey," said the Debian team in an announcement. "We received 3,646 responses ranking the different choices, and futurePrototype has been the winner among them."

Read more

Upgrading Debian From Stable To Testing

Filed under
Debian

I reckon you've been a long time user of Debian stable and now wants to change some few aspects of your computer....oh wait! I mean huge aspects of your computer operating system. Now you want to upgrade to Debian testing because you'd like new features, get access to cool software, and importantly test that newly updated software too Wink Well, in that case, lucky you! I am happy to guide you on how to accomplish that on your computer. Moreover, if you are a total newbie to Debian operating system, don't worry, I've made sure to explain about basic stuff first so you can get a clear perspective on what the content of this topic is.

Read more

Also: DocKnot 2.00

Debian: Freexian's Debian LTS, FreeRDP and SEPTOR Linux

Filed under
Debian

Debian: New Debian Developers and Maintainers, DebConf19 and More

Filed under
Debian
  • New Debian Developers and Maintainers (November and December 2018)

    The following contributors got their Debian Developer accounts in the last two months:

    Abhijith PA (abhijith)
    Philippe Thierry (philou)
    Kai-Chung Yan (seamlik)
    Simon Qhuigley (tsimonq2)
    Daniele Tricoli (eriol)
    Molly de Blanc (mollydb)
    The following contributors were added as Debian Maintainers in the last two months:

    Nicolas Mora
    Wolfgang Silbermayr
    Marcos Fouces
    kpcyrd
    Scott Martin Leggett

  • DebConf19 is looking for sponsors!

    DebConf19 will be held in Curitiba, Brazil from July 21th to 28th, 2019. It will be preceded by DebCamp, July 14th to 19th, and Open Day on the 20th.

    DebConf, Debian's annual developers conference, is an amazing event where Debian contributors from all around the world gather to present, discuss and work in teams around the Debian operating system. It is a great opportunity to get to know people responsible for the success of the project and to witness a respectful and functional distributed community in action.

    The DebConf team aims to organize the Debian Conference as a self-sustaining event, despite its size and complexity. The financial contributions and support by individuals, companies and organizations are pivotal to our success.

  • Nonce sense paper online

    When you create a cryptographic signatures using ECDSA (the elliptic curve digital signature algorithm), you need to come up with the nonce, a 256 bit random number. It is really important to use a different nonce every time, otherwise it is easy for someone else to take your signatures (which might be stored for everyone to read on the Bitcoin blockchain) and calculate your private key using relatively simple math, and with your private key they can spend all your Bitcoins. In fact, there is evidence that people out there continuously monitor the blockchains for signatures with such repeated nonces and immediately extract the money from compromised keys.

    Less well known, but still nothing new to the crypto (as in cryptopgraphy) community is the that an attacker can calculate the key from signature that use different, but similar nonces: For example if they are close by each other (only the low bits differ), or if they differ by exactly a large power of two (only the high bits differ). This uses a fancy and powerful technique based on lattices. Our main contribution here is to bridge crypto (as in cryptopgraphy) and crypto (as in cryptocurrency) and see if such vulnerabilities actually exist out there.

    And indeed, there are some. Not many (which is good), but they do exist, and clearly due to more than one source. Unfortunately, it is really hard to find out who made these signatures, and with which code, so we can only guess about the causes of these bugs. A large number of affected signatures are related to multisig transactions, so we believe that maybe hardware tokens could be the cause here.

  • Jonathan Dowland: Amiga floppy recovery project, part 3: preliminaries

    The first step for my Amiga project was to recover the hardware from my loft and check it all worked.

    When we originally bought the A500 (in, I think, 1991) we bought a RAM expansion at the same time. The base model had a whole 512KiB of RAM, but it was common for people to buy a RAM expander that doubled the amount of memory to a whopping 1 MiB. The official RAM expander was the Amiga 501, which fit into a slot on the underside of the Amiga, behind a trapdoor.

    The 501 also featured a real-time clock (RTC), which was powered by a backup NiCad battery soldered onto the circuit board. These batteries are notorious for leaking over a long enough time-frame, and our Amiga had been in a loft for at least 20 years. I had heard about this problem when I first dug the machine back out in 2015, and had a vague memory that I checked the board at the time and could find no sign of leakage, but reading around the subject more recently made me nervous, so I double-checked.

  • Debian Bug Squash Party Tokyo 2019-01
  • Mario Lang: Please delete me from Planet

    Wow. Hi Debian. Apparently, you've changed even more in a direction I personally never really liked. As a member of a minority group, I feel the need to explain that I highly dislike the way you are currently handling minority groups. And no, I dont feel you are ignoring them. You are giving a select view far too much attention for a technically focused project.

Understanding Debian GNU/Linux Releases

Filed under
GNU
Linux
Debian

The universe of the Debian GNU/Linux distribution comes with its own odds and ends. In this article we explain what a release of Debian is, how it is named, and what are the basic criteria for a software package to become part of a regular release.

Read more

Debian: UEFI 'Secure' Boot, Netatalk, 64-bit arm64 and ZDBSP

Filed under
Debian
  • Debian 10 "Buster" Working To Have UEFI SecureBoot In Good Shape

    While most major Linux distributions have been supporting UEFI SecureBoot for years already in order to work nicely on modern locked-down (generally Windows pre-loaded) PCs, Debian stable releases have yet to properly support SecureBoot but that should be changing with this year's release of 10.0 Buster.

    Debian 9 "Stretch" ended up not having Secure Boot support in time while now for the Debian 10.0 release that's beginning its initial soft freeze, UEFI SecureBoot has fortunately been worked out.

  • Apple Time Machine backups on Debian 9 (Stretch)

    Netatalk 3.1.12 has been released which fixes an 18 year old RCE bug. The Medium write up on CVE-2018-1160 by Jacob Baines is quite an entertaining read.

    The full release notes for 3.1.12 are unfortunately not even half as interesting.

  • Steve McIntyre: Rebuilding the entire Debian archive twice on arm64 hardware for fun and profit

    This has taken a while in coming, for which I apologise. There's a lot of work involved in rebuilding the whole Debian archive, and many days spent analysing the results. You learn quite a lot, too! Smile

    I promised way back before DebConf 18 last August that I'd publish the results of the rebuilds that I'd just started. Here they are, after a few false starts. I've been rebuilding the archive specifically to check if we would have any problems building our 32-bit Arm ports (armel and armhf) using 64-bit arm64 hardware. I might have found other issues too, but that was my goal.

  • ZDBSP

    A Debian package of ZDBSP is now available in the unstable distribution.

Daniel Pocock: Debian's human rights paradox

Filed under
Debian

It all started with a non-native-English speaker choosing the wrong pronoun in reference to a developer who identifies as non-binary. What, then, is the basis for this concern? Why do we give a damn about it?

Is it because Sage Sharp is a great friend of Debian? Or is it because we would have the same concern for all LGBTQ+ people? In other words, is it about egos or is it about principles?

I suspect and hope most people would agree it is about principles. We would expect the same respect to be shown referring to any person from a minority even if they have no relation to Debian whatsoever.

If it is about principles, then, do we need to identify the principles that guide us, to ensure consistency in decision making? Recent posts on debian-project suggested human rights may not apply in Debian as we are not a Government, the same attitude has been repeated more strongly in a private email of the Debian account managers (DAM)...

Read more

Also: Thorsten Alteholz: My Debian Activities in December 2018

Syndicate content

More in Tux Machines

Android Leftovers

Programming: Flask, Agile, Rust and Python

  • How to build an API for a machine learning model in 5 minutes using Flask
    As a data scientist consultant, I want to make impact with my machine learning models. However, this is easier said than done. When starting a new project, it starts with playing around with the data in a Jupyter notebook. Once you’ve got a full understanding of what data you’re dealing with and have aligned with the client on what steps to take, one of the outcomes can be to create a predictive model. You get excited and go back to your notebook to make the best model possible. The model and the results are presented and everyone is happy. The client wants to run the model in their infrastructure to test if they can really create the expected impact. Also, when people can use the model, you get the input necessary to improve it step by step. But how can we quickly do this, given that the client has some complicated infrastructure that you might not be familiar with?
  • What is Small Scale Scrum?
    Agile is fast becoming a mainstream way industries act, behave, and work as they look to improve efficiency, minimize costs, and empower staff. Most software developers naturally think, act, and work this way, and alignment towards agile software methodologies has gathered pace in recent years. VersionOne’s 2018 State of Agile report shows that scrum and its variants remain the most popular implementation of agile. This is in part due to changes made to the Scrum Guide’s wording in recent years that make it more amenable to non-software industries.
  • This Week in Rust 269
  • Async IO in Python: A Complete Walkthrough
    Async IO is a concurrent programming design that has received dedicated support in Python, evolving rapidly from Python 3.4 through 3.7, and probably beyond. You may be thinking with dread, “Concurrency, parallelism, threading, multiprocessing. That’s a lot to grasp already. Where does async IO fit in?” This tutorial is built to help you answer that question, giving you a firmer grasp of Python’s approach to async IO.

Security: Updates, Reproducible Builds and More

  • Security updates for Wednesday
  • Reproducible Builds: Weekly report #194
    Here’s what happened in the Reproducible Builds effort between Sunday January 6 and Saturday January 12 2019...
  • ES File Explorer Has A Hidden Web Server; Data Of 500 Million Users At Risk
  • The Evil-Twin Framework: A tool for testing WiFi security
    The increasing number of devices that connect over-the-air to the internet over-the-air and the wide availability of WiFi access points provide many opportunities for attackers to exploit users. By tricking users to connect to rogue access points, hackers gain full control over the users' network connection, which allows them to sniff and alter traffic, redirect users to malicious sites, and launch other attacks over the network.. To protect users and teach them to avoid risky online behaviors, security auditors and researchers must evaluate users' security practices and understand the reasons they connect to WiFi access points without being confident they are safe. There are a significant number of tools that can conduct WiFi audits, but no single tool can test the many different attack scenarios and none of the tools integrate well with one another. The Evil-Twin Framework (ETF) aims to fix these problems in the WiFi auditing process by enabling auditors to examine multiple scenarios and integrate multiple tools. This article describes the framework and its functionalities, then provides some examples to show how it can be used.
  • KDE Plasma5 – Jan ’19 release for Slackware
    Here is your monthly refresh for the best Desktop Environment you will find for Linux. I just uploaded “KDE-5_19.01” to the ‘ktown‘ repository. As always, these packages are meant to be installed on a Slackware-current which has had its KDE4 removed first. These packages will not work on Slackware 14.2. It looks like Slackware is not going to be blessed with Plasma5 any time soon, so I will no longer put an artificial limitation on the dependencies I think are required for a solid Plasma5 desktop experience. If Pat ever decides that Plasma5 has a place in the Slackware distro, he will have to make a judgement call on what KDE functionality can stay and what needs to go.

MongoDB "open-source" Server Side Public License rejected

MongoDB is open-source document NoSQL database with a problem. While very popular, cloud companies, such as Amazon Web Services (AWS), IBM Cloud, Scalegrid, and ObjectRocket has profited from it by offering it as a service while MongoDB Inc. hasn't been able to monetize it to the same degree. MongoDB's answer? Relicense the program under its new Server Side Public License (SSPL). Open-source powerhouse Red Hat's reaction? Drop MongoDB from Red Hat Enterprise Linux (RHEL) 8. Red Hat's Technical and Community Outreach Program Manager Tom Callaway explained, in a note stating MongoDB is being removed from Fedora Linux, that "It is the belief of Fedora that the SSPL is intentionally crafted to be aggressively discriminatory towards a specific class of users." Debian Linux had already dropped MongoDB from its distribution. Read more