Language Selection

English French German Italian Portuguese Spanish

Security

Security: Windows 'Fun' at Melbourne and Alleged Phishing by Venezuela’s Government

Submitted by Roy Schestowitz on Friday 22nd of February 2019 08:15:37 PM Filed under
Security
»

Security: Indian Railways and WinRAR

Submitted by Roy Schestowitz on Friday 22nd of February 2019 04:19:14 AM Filed under
Security
  • How I could have hacked lakhs of IRCTC accounts and get access to all your private info including easily cancelling booked tickets
  • Major Flaw Allows Attackers To Cancel Tickets On IRCTC Website

    The website of the Indian Railways has been a subject of ridicule owing to the various security flaws that have been discovered in its website over the years. When it comes to protecting user data, the website has been lacking in many ways.

    The website was previously hacked in 2016 when the details of over 1 crore users were leaked. Last year, Kanishk Sanjani, an ethical hacker had ordered food from the IRCTC website for Rs 7. This vulnerability remained unpatched for well over 7 months even after informing concerned authorities.

  • Web Application Security [Ed: a bit spammy]

    Common targets for web application attacks are content management systems (e.g., WordPress), database administration tools (e.g., phpMyAdmin) and SaaS applications.

  • This 19-Year-Old WinRAR Flaw Lets Hackers Load Malware To PCs

    he popular windows file archival tool WinRAR has been in use for over two decades now. The software is used to view, create, pack and unpack archives in both ZIP and RAR formats. A recent report by The Register has revealed that the tool has a bug that has remained undetected since 2005.

  • WinRAR Has Serious Flaw That Can Load Malware to PCs

    The popular file archiving tool WinRAR has had a bug for at least 14 years that can be exploited to take over your PC.

    The bug can pave the way for archive files that can trigger WinRAR to actually install whatever malware is secretly inside, according to the security firm Check Point, which discovered the software flaw.

    "The exploit works by just extracting an archive, and puts over 500 million users at risk," the company said in a detailed report published on Wednesday.

»

Security Password Managers, Updates, Intel/Linux, 5 Antivirus for Android Devices and Cisco

Submitted by Roy Schestowitz on Friday 22nd of February 2019 03:29:37 AM Filed under
Security
  • Your Password Manager Has A Severe Flaw — But You Should Still Use One [Ed: Yet worse: 1) people putting password managers on platforms with back doors from Apple and Microsoft. 2) people putting all their password "in the cloud".]

    If you are an avid user of password managers, you might just be in for a surprise. A recent study by researchers at the Independent Security Evaluators found that a number of popular password managers were storing master passwords as plain text within the main memory of devices.

    To an expert hacker, this vulnerability is equivalent to getting the keys to multiple accounts as a text document on your computer. The master key of any password manager can be used to gain access to all usernames and passwords being managed by it.

  • Security updates for Thursday
  • Fun Little Tidbits in a Howling Storm (Re: Intel Security Holes)

    Some kernel developers recently have been trying to work around the massive, horrifying, long-term security holes that have recently been discovered in Intel hardware. In the course of doing so, there were some interesting comments about coding practices.

    Christoph Hellwig and Jesper Dangaard Brouer were working on mitigating some of the giant speed sacrifices needed to avoid Intel's gaping security holes. And, Christoph said that one such patch would increase the networking throughput from 7.5 million packets per second to 9.5 million—a 25% speedup.

    To do this, the patch would check the kernel's "fast path" for any instances of dma_direct_ops and replace them with a simple direct call.

    Linus Torvalds liked the code, but he noticed that Jesper and Christoph's code sometimes would perform certain tests before testing the fast path. But if the kernel actually were taking the fast path, those tests would not be needed. Linus said, "you made the fast case unnecessarily slow."

  • 5 Antivirus for Android Devices That You Should Have in 2019
  • Duo Security Digs Into Chrome Extension Security With CRXcavator
»

Purism's Privacy and Security-Focused Librem 5 Linux Phone to Arrive in Q3 2019

Submitted by Rianne Schestowitz on Thursday 21st of February 2019 07:20:11 PM Filed under
Linux
Security

Initially planned to ship in early 2019, the revolutionary Librem 5 mobile phone was delayed for April 2019, but now it suffered just one more delay due to the CPU choices the development team had to make to deliver a stable and reliable device that won't heat up or discharge too quickly.

Purism had to choose between the i.MX8M Quad or the i.MX8M Mini processors for their Librem 5 Linux-powered smartphone, but after many trials and errors they decided to go with the i.MX8M Quad CPU as manufacturer NXP recently released a new software stack solving all previous power consumption and heating issues.

Read more

»

Kernel and Security: BPF, Mesa, Embedded World, Kernel Address Sanitizer and More

Submitted by Roy Schestowitz on Thursday 21st of February 2019 05:23:16 AM Filed under
Security
  • Concurrency management in BPF

    In the beginning, programs run on the in-kernel BPF virtual machine had no persistent internal state and no data that was shared with any other part of the system. The arrival of eBPF and, in particular, its maps functionality, has changed that situation, though, since a map can be shared between two or more BPF programs as well as with processes running in user space. That sharing naturally leads to concurrency problems, so the BPF developers have found themselves needing to add primitives to manage concurrency (the "exchange and add" or XADD instruction, for example). The next step is the addition of a spinlock mechanism to protect data structures, which has also led to some wider discussions on what the BPF memory model should look like.

    A BPF map can be thought of as a sort of array or hash-table data structure. The actual data stored in a map can be of an arbitrary type, including structures. If a complex structure is read from a map while it is being modified, the result may be internally inconsistent, with surprising (and probably unwelcome) results. In an attempt to prevent such problems, Alexei Starovoitov introduced BPF spinlocks in mid-January; after a number of quick review cycles, version 7 of the patch set was applied on February 1. If all goes well, this feature will be included in the 5.1 kernel.

  • Intel Ready To Add Their Experimental "Iris" Gallium3D Driver To Mesa

    For just over the past year Intel open-source driver developers have been developing a new Gallium3D-based OpenGL driver for Linux systems as the eventual replacement to their long-standing "i965 classic" Mesa driver. The Intel developers are now confident enough in the state of this new driver dubbed Iris that they are looking to merge the driver into mainline Mesa proper. 

    The Iris Gallium3D driver has now matured enough that Kenneth Graunke, the Intel OTC developer who originally started Iris in late 2017, is looking to merge the driver into the mainline code-base of Mesa. The driver isn't yet complete but it's already in good enough shape that he's looking for it to be merged albeit marked experimental.

  • Hallo Nürnberg!

    Collabora is headed to Nuremberg, Germany next week to take part in the 2019 edition of Embedded World, "the leading international fair for embedded systems". Following a successful first attendance in 2018, we are very much looking forward to our second visit! If you are planning on attending, please come say hello in Hall 4, booth 4-280!

    This year, we will be showcasing a state-of-the-art infrastructure for end-to-end, embedded software production. From the birth of a software platform, to reproducible continuous builds, to automated testing on hardware, get a firsthand look at our platform building expertise and see how we use continuous integration to increase productivity and quality control in embedded Linux.

  • KASAN Spots Another Kernel Vulnerability From Early Linux 2.6 Through 4.20

    The Kernel Address Sanitizer (KASAN) that detects dynamic memory errors within the Linux kernel code has just picked up another win with uncovering a use-after-free vulnerability that's been around since the early Linux 2.6 kernels.

    KASAN (along with the other sanitizers) have already proven quite valuable in spotting various coding mistakes hopefully before they are exploited in the real-world. The Kernel Address Sanitizer picked up another feather in its hat with being responsible for the CVE-2019-8912 discovery.

  • io_uring, SCM_RIGHTS, and reference-count cycles

    The io_uring mechanism that was described here in January has been through a number of revisions since then; those changes have generally been fixing implementation issues rather than changing the user-space API. In particular, this patch set seems to have received more than the usual amount of security-related review, which can only be a good thing. Security concerns became a bit of an obstacle for io_uring, though, when virtual filesystem (VFS) maintainer Al Viro threatened to veto the merging of the whole thing. It turns out that there were some reference-counting issues that required his unique experience to straighten out.
    The VFS layer is a complicated beast; it must manage the complexities of the filesystem namespace in a way that provides the highest possible performance while maintaining security and correctness. Achieving that requires making use of almost all of the locking and concurrency-management mechanisms that the kernel offers, plus a couple more implemented internally. It is fair to say that the number of kernel developers who thoroughly understand how it works is extremely small; indeed, sometimes it seems like Viro is the only one with the full picture.

    In keeping with time-honored kernel tradition, little of this complexity is documented, so when Viro gets a moment to write down how some of it works, it's worth paying attention. In a long "brain dump", Viro described how file reference counts are managed, how reference-count cycles can come about, and what the kernel does to break them. For those with the time to beat their brains against it for a while, Viro's explanation (along with a few corrections) is well worth reading. For the rest of us, a lighter version follows.

»

Security Leftovers

Submitted by Roy Schestowitz on Wednesday 20th of February 2019 10:54:23 PM Filed under
Security
  • Wi-Fi ‘Hiding’ Inside USB Cable: A New Security Threat On The Rise?

    Today, the world has become heavily reliant on computers owing to the various advantages they offer. It has thus become imperative that we, as users, remain updated about the various threats that can compromise the security of our data and privacy.

    A recent report published by Hackaday details a new threat that might just compromise the integrity of devices. At first glance, the O.MG cable (Offensive MG Kit) looks like any other USB cable available in the market. It is what lurks within that is a cause for concern.

  • WiFi Hides Inside a USB Cable [Ed: There are far worse things, like USB devices that send a high-voltage payload to burn your whole motherboard. Do not use/insert untrusted devices from dodgy people.]
  • The Insights into Linux Security You May Be Surprised About

    Linux has a strong reputation for being the most secure operating system on the market. It’s been like that for many years, and it doesn’t seem like Windows or macOS are going to overtake it anytime soon. And while the operating system’s reputation is well-deserved, it can also be harmless experienced users.

    The problem is that some seem to put too much trust in the capabilities of Linux by default. As a result, they often don’t pay enough attention to the manual aspect of their security. Linux can help you automate your workflow to a large extent, but it still requires a manual touch to keep things going well. This is even truer when it comes to security.

  • One Identity Bolsters Unix Security with New Release of Authentication Services

    Unix systems (including Linux and Mac OS), by their very nature, have distinct challenges when it comes to security and administration. Because native Unix-based systems are not linked to one another, each server or OS instance requires its own source of authentication and authorization.

  • Book Review – Linux Basics for Hackers

    With countless job openings and growth with no end in sight, InfoSec is the place to be. Many pose the question, “Where do I start?” Over his years of training hackers and eventual security experts across a wide array of industries and occupations, the author ascertains that one of the biggest hurdles that many up-and-coming professional hackers face is the lack of a foundational knowledge or experience with Linux. In an effort to help new practitioners grow, he made the decision to pen a basic ‘How To’ manual, of sorts, to introduce foundational concepts, commands and tricks in order to provide instruction to ease their transition into the world of Linux. Out of this effort, “Linux Basics for Hackers” was born.

  • Security updates for Wednesday
»

Plasma 5.15.1 arrives in Cosmic backports PPA

Submitted by Rianne Schestowitz on Wednesday 20th of February 2019 04:40:38 PM Filed under
KDE
Security

We are pleased to announce that the 1st bugfix release of Plasma 5.15, 5.15.1, is now available in our backports PPA for Cosmic 18.10.

The release announcement detailing the new features and improvements in Plasma 5.15 can be found here, while the full 5.15.1 bugfix changelog can be found here.

Released along with this new version of Plasma is an update to KDE Frameworks 5.54. (5.55 is currently in testing in Disco 19.04 and may follow in the next few weeks.)

Read more

»

Security: More Data Breaches, NATO, 'The Internet of Dongs' and Aadhaar 'Leak'

Submitted by Roy Schestowitz on Wednesday 20th of February 2019 08:35:24 AM Filed under
Security
  • Millions of Swedish Health Hotline Calls Exposed Online in a Massive Case of Data Breach [Ed: When the state puts back doors in everything, as a matter of law]

    Data breach is becoming quite a nightmare for a lot of people with new breaches coming every now and then. In a recent data breach, millions of calls that were made by the Swedish residents have been exposed online. The Swedes were seeking medical advice through a national health telephone service in order to know more about symptoms and medications.

    According to reports, about 2.7 million conversations amounting to more than 170,000 hours are available online. The data in the conversation is extremely private with people talking about their diseases, symptoms, illness, and giving out their social security numbers. This breach has left the Swedish authorities bewildered as they investigate the whole thing.

    Data of the calls dates back to 2013 and is available for anyone to download and listen. Security expert Mikko Hypponen says that the audio calls were saved as Wav files. These files were left open on an unsecured server. This allowed any person to listen or download the 2.7 million conversations of the Swedish people. No encryption or authentication was required to crack the data making it easily available on the internet.

  • How Easy Is It To Spy On Armies Using Social Media? Uh, Very

    Recently, a NATO research group published a study on just how easy it is to target soldiers online and squeeze them for military intelligence. Posing as the enemy, the group was tasked with finding out as much as they could about an upcoming military exercise using nothing more than social media. Posting targeted Facebook ads as bait, they managed to lure dozens of soldiers into fake Facebook groups.

    While impostor accounts squeezed them for info, other researchers simply used Facebook's "Suggest Friends" feature to get information on their entire units. Having their names and details, the group could track them over other social platforms and mine for dirt -- like how one soldier was happily married on Facebook, but single and ready to mingle on several dating apps.

  • The Internet of Dongs remains a security dumpster-fire -- UPDATED

    Update: Internet of Dongs has produced its own supplementary assessments that delve into more nuance on these devices, they make a good case that Mozilla's criteria are too coarse to assess smart sex toys.

  • Don’t Get Your Valentine an Internet-Connected Sex Toy

    “At the end of the day, this can be serious,” Caltrider says. “These [devices] exist in the world, they're likely to be gifts, and so we wanted to get people to sit back and think, What are the privacy implications?”

  • Aadhaar data leak: Gas company Indane leaves data of 6.7mn customers exposed on its website

    The exposed data was brought to notice by a security expert who wants to remain anonymous. French security researcher Robert Baptiste who goes by the Twitter handle Elliot Alderson used a custom-built Python script to scrape this database and was able to customer data for 11,000 dealers. This data included the name and addresses of customers as well as their Aadhaar numbers. According to Baptiste, he was able to get details of 5.7 mn Indane customers before his script was blocked.

»

Red Hat on Middleware, RHEL AUDITD, and More Security Issues

Submitted by Roy Schestowitz on Tuesday 19th of February 2019 05:24:10 PM Filed under
Red Hat
Server
Security
  • Open Outlook: Middleware (part 1)

    Middleware, both as a term and as a concept, has been around for decades. As a term, like other terms in the Darwinian world of IT jargon, it has followed a typical fashion lifecycle and is perhaps somewhat past its apogee of vogue. As a concept, however, middleware is more relevant than ever, and while a memetic new label hasn't quite displaced the traditional term, the capabilities themselves are still very much at the heart of enterprise application development.

    Middleware is about making both developers and operators more productive. Analogous to standardized, widely-used, proven subassemblies in the manufacture of physical goods such as cars, middleware relieves developers from "reinventing the wheel" so that they can compose and innovate at higher levels of abstraction. For the staff responsible for operating applications in production, at scale, with high reliability and performance, the more such applications use standardized middleware components and services, the more efficient and reliable the running of the application can be.

  • RHEL AUDITD
  • Security updates for Tuesday
»

Security: Nest Lockout, Moment of Truth for Cyber Insurance, DNS Hijacking Attacks and Australian Cracking

Submitted by Roy Schestowitz on Tuesday 19th of February 2019 10:21:29 AM Filed under
Security
  • Nest is locking customers out of accounts until they fix their security

    Emails were sent last night to all users that may have been affected by recent [breaches], with a new password being mandatory, as it tries to avoid the "I'll do it later" attitude that means that often vulnerable passwords remain in use for months or years.

  • A Moment of Truth for Cyber Insurance

    Mondelez’s claim represents just a fraction of the billions of dollars in collateral damage caused by NotPetya, a destructive, indiscriminate cyberattack of unprecedented scale, widely suspected to have been launched by Russia with the aim of hurting Ukraine and its business partners. A compromised piece of Ukrainian accounting software allowed NotPetya to spread rapidly around the world, disrupting business operations and causing permanent damage to property of Mondelez and many others. According to reports, Zurich apparently rejected Mondelez’s claim on the grounds that NotPetya was an act of war and, therefore, excluded from coverage under its policy agreement. If the question of whether and how war risk exemptions apply is left to the courts to decide on a case-by-case basis, this creates a profound source of uncertainty for policyholders about the coverage they obtain.

  • A Deep Dive on the Recent Widespread DNS Hijacking Attacks

    The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

    This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers.

  • With elections weeks away, someone “sophisticated” [cracked] Australia’s politicians

    With elections just three months away, Australian Prime Minister Scott Morrison announced on February 18 that the networks of the three major national political parties had been breached by what Australian security officials described as a "sophisticated state actor."

  • Australia's major political parties [cracked] in 'sophisticated' attack ahead of election

    Sources are describing the level of sophistication as "unprecedented" but are unable to say yet which foreign government is behind the attack.

  • Parliament attackers appear to have used Web shells

    Attackers who infiltrated the Australian Parliament network and also the systems of the Liberal, National and Labor Parties appear to have used Web shells – scripts that can be uploaded to a Web server to enable remote administration of a machine.

»
Syndicate content

More in Tux Machines

qoob – excellent foobar-like music player for Linux

Are you debilitated by the countless music players that use web technologies with a massive RAM footprint? Maybe you want a lean yet slick audio player with a good range of features? You might be interested in qoob. It’s a music player written in the versatile and hugely popular Python programming language. The software uses Qt 5, a cross-platform application framework and widget toolkit for creating classic and embedded graphical user interfaces. qoob is similar to foobar2000, a freeware audio player respected for its highly modular design, breadth of features, and extensive user flexibility in configuration. Unlike foobar, qoob is available for Linux and it’s released under an open source license. Read more

Programming: GStreamer, Rust, Python and More

  • GStreamer 1.15.1 unstable development release
    The GStreamer team is pleased to announce the first development release in the unstable 1.15 release series. The unstable 1.15 release series adds new features on top of the current stable 1.16 series and is part of the API and ABI-stable 1.x release series of the GStreamer multimedia framework. The unstable 1.15 release series is for testing and development purposes in the lead-up to the stable 1.16 series which is scheduled for release in a few weeks time. Any newly-added API can still change until that point, although it is rare for that to happen. Full release notes will be provided in the near future, highlighting all the new features, bugfixes, performance optimizations and other important changes.
  • GStreamer: GStreamer Rust bindings 0.13.0 release
    A new version of the GStreamer Rust bindings, 0.13.0, was released. This new release is the first to include direct support for implementing GStreamer elements and other types in Rust. Previously this was provided via a different crate. In addition to this, the new release features many API improvements, cleanups, newly added bindings and bugfixes.
  • Niko Matsakis: Rust lang team working groups
    Now that the Rust 2018 edition has shipped, the language design team has been thinking a lot about what to do in 2019 and over the next few years. I think we’ve got a lot of exciting stuff on the horizon, and I wanted to write about it.
  • RVowpalWabbit 0.0.13: Keeping CRAN happy
    Another small RVowpalWabbit package update brings us version 0.0.13. And just like Rblpapi yesterday, we have a new RVowpalWabbit update to cope with staged installs which will be a new feature of R 3.6.0. No other changes were made No new code or features were added.
  • Test automation framework thoughts and examples with Python, pytest and Jenkins
    In this article I'll share some personal thoughts about Test Automation Frameworks; you can take inspiration from them if you are going to evaluate different test automation platforms or assess your current test automation solution (or solutions). Despite it is a generic article about test automation, you'll find many examples explaining how to address some common needs using the Python based test framework named pytest and the Jenkins automation server: use the information contained here just as a comparison and feel free to comment sharing alternative methods or ideas coming from different worlds. It contains references to some well (or less) known pytest plugins or testing libraries too.
  • Basics of Object-Oriented Programming
    In programming, an object is simply a 'thing'. I know, I know...how can you define something as a 'thing'. Well, let's think about it - What do 'things' have? Attributes, right? Let's take a Song for example. A song has attributes! It has a Title, an Artist, a Genre, etc. How about a Dog - A dog has four legs, a color, a name, an owner, and a breed. Though there are millions Dogs with countless names, owners, etc, the one thing that ties them all together are the very fact that every single one can be described as a Dog. Although this may seem like a not-very informative explanation, these types of examples are what ultimately made me understand Object-oriented programing. The set of activities that an object can perform is an Object's behavior. A dog can bark, wag it's tail, sit, and even shake if it's owner trains them. In the same way, a programmer can create an object and teach it tricks in order to achieve certain goals. In Ruby(my first programming language), EVERYTHING is an object. This means that every piece of code you encounter can perform certain tricks at your command, some are built into Ruby while others can be created at your disposal. Let's look at a common element in programming, a simple string. As you can see, after the string is defined, I'm able to call different 'methods' or functions on the string I created. Ruby has several built in methods on common objects(ie strings, integers, arrays, and hashes.
  • Hello pytest-play!
    pytest-play is a rec&play (rec not yet available) pytest plugin that let you execute a set of actions and assertions using commands serialized in JSON format. It tries to make test automation more affordable for non programmers or non Python programmers for browser, functional, API, integration or system testing thanks to its pluggable architecture and third party plugins that let you interact with the most common databases and systems.
  • Nikola v8.0.2 is out!
    Nikola is a static site and blog generator, written in Python. It can use Mako and Jinja2 templates, and input in many popular markup formats, such as reStructuredText and Markdown — and can even turn Jupyter Notebooks into blog posts! It also supports image galleries, and is multilingual. Nikola is flexible, and page builds are extremely fast, courtesy of doit (which is rebuilding only what has been changed).
  • Mu!
    In the past several days, I innaugurated a private Fediverse instance, "Mu", running Pleroma for now. Although Mastodon is the dominant implementation, Pleroma is far easier to install, and uses less memory on small, private instances. By doing this, I'm bucking the trend of people hating to run their own infrastructure. Well, I do run my own e-mail service, so, what the heck, might as well join the Fediverse. So far, it was pretty fun, but Pleroma has problem spots. For example, Pleroma has a concept of "local accounts" and "remote accounts": local ones are normal, into which users log in at the instance, and remote ones mirror accounts on other instances. This way, if users Alice@Mu and Bob@Mu follow user zaitcev@SLC, Mu creates a "remote" account UnIqUeStRiNg@Mu, which tracks zaitcev@SLC, so Alice and Bob subscribe to it locally. This permits to send zaitcev's updates over the network only once. Makes sense, right? Well... I have a "stuck" remote account now at Mu, let's call it Xprime@Mu and posit that it follows X@SPC. Updates posted by X@SPC are reflected in Xprime@Mu, but if Alice@Mu tries to follow X@SPC, she does not see updates that Xprime@Mu receives (the updates are not reflected in Alice's friends/main timeline) [1]. I asked at #pleroma about it, but all they could suggest was to try and resubscribe. I think I need to unsubscribe and purge Xprime@Mu somehow. Then, when Alice resubscribes, Pleroma will re-create a remote, say Xbis@Mu, and things hopefully ought to work. Well, maybe. I need to examine the source to be sure.
  • Django ORM optimization story on selecting the least possible
    This an optimization story that should not surprise anyone using the Django ORM. But I thought I'd share because I have numbers now! The origin of this came from a real requirement. For a given parent model, I'd like to extract the value of the name column of all its child models, and the turn all these name strings into 1 MD5 checksum string.
  • Reasons Mitogen sucks
    I have a particular dislike for nonspecific negativity, where nothing can be done to address its source because the reasons underlying it are never explicitly described. In the context of Mitogen, there has been a consistent stream of this sort originating from an important camp in public spaces, and despite efforts to bring specifics out into the open, still it continues to persist. For that reason I'd like to try a new strategy: justify the negativity and give it a face by providing all the fuel it needs to burn. Therefore in this post, in the interests of encouraging honesty, I will critique my own work.
  • The North Star of PyCascades, core Python developer Mariatta Wijaya, receives the 2018 Q3 Community Service Award
    At Montreal PyCon 2015, Guido Van Rossum delivered the closing keynote during which Guido issued a public ask, “I want at least two female Python core developers in the next year ... and I will try to train them myself if that's what it takes. So come talk to me." Consequently, Mariatta did just that, she reached out to Guido after PyCon 2016 to learn more about starting in Python core development. Mariatta recalls, “I hadn’t contributed to open source [yet] and I wanted to know how to start”. Guido recommended some ways for Mariatta to start including reviewing the dev guide, looking at open issues and joining and introducing herself on the Python dev mailing list .
  • Episode #118: Better Python executable management with pipx

NVIDIA: GTX 1660 and Linux

  • NVIDIA have released the 418.43 driver, includes support for the just released GeForce GTX 1660
    Two bits of NVIDIA news for you today, not only have they released a new stable driver, they've also put out their latest GPU with the GTX 1660. First up, the new stable driver 418.43 is out which you can find here. It follows on from the 418.30 beta driver, released last month. The big new feature of the driver is initial support for G-SYNC Compatible monitors! So those of you with a FreeSync monitor should be able to use it (if you weren't already using the beta driver). This new driver also adds in support for the just released GeForce GTX 1660 Ti, the GeForce RTX 2070 with Max-Q Design and the GeForce RTX 2080 with Max-Q Design. There's also NVIDIA optical flow support, NVIDIA Video Codec SDK 9.0, support for stereo presentation in Vulkan and more.
  • NVIDIA 418.43 Stable Linux Driver Released, Includes GTX 1660 Ti Support
    As expected given today's GeForce GTX 1660 Ti launch, NVIDIA has released a new Linux graphics driver supporting the 1660 Ti as well as the RTX 2070 with Max-Q Design and RTX 2080 with Max-Q Design, among other changes. This is actually the first stable release in the NVIDIA 418 series for Linux users and succeeds last month's NVIDIA 418.30 Linux driver beta. Most of the changes in today's NVIDIA 418.43 driver release were previously found in the 418.30 version, just now made official with this stable driver debut plus adding in the NVIDIA GeForce GTX 1660 Ti graphics card support.
  • NVIDIA 390.116 Legacy & 410.104 Long-Lived Linux Drivers Released
    In addition to NVIDIA christening the 418 driver series as stable today with the GeForce GTX 1660 Ti release, they also issued updates for their 390 legacy driver series as well as the 410 long-lived driver release series. The NVIDIA 390.116 driver is out for those still using NVIDIA Fermi graphics cards on Linux. This update is the first in a while and has a number of fixes to the Linux driver, on the FreeBSD side there is now 12.0 support, support for the Linux 5.0 kernel, X.Org Server 1.20 fixes, and other random fixes collected in the past few months. For those using this NVIDIA legacy driver can find out more information via this DevTalk thread.
  • GeForce GTX 1660 Ti Launch Today - Supported By The NVIDIA Linux Driver, No Nouveau Yet
    After weeks of leaks, the GeForce GTX 1660 Ti is expected to be formally announced in just a few hours. This is a ~$300 Turing graphics card but without any ray-tracing support as so far has been common to all Turing graphics cards. The GTX 1600 series family is expected to expand as well in the weeks ahead.

Betty – A Friendly Interface For Your Linux Command Line

All Linux experts might already know this statement “Command line mode is more powerful than GUI” but newbies are scared about CLI. Don’t think that working on Linux CLI is difficult as everything is opensource nowadays and you can get it in online whatever you want. If you have any doubt just google it and you will get many suggestion, select the suitable one and move forward. If you are looking for some virtual assistant tool instead of google. Yes, there is a tool is available for this and the tool name is Betty which helps you to get the information right from your terminal. Do you want to try? if so, go through the entire article for details. Read more

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6