Language Selection

English French German Italian Portuguese Spanish

Linux

Lakka 2.2.2 with RetroArch 1.7.6

Filed under
GNU
Linux
Movies

Lakka 2.2.2 is now available.

Read more

8 Great Linux Time-Tracker Apps to Keep You on Task

Filed under
Linux

Most of the time-tracking apps in this Linux roundup are abandoned or in need of updating. The growing convenience and accessibility of Web-based time-tracking services make standalone software less necessary and in lower demand. Thus, developers spend little or no time releasing newer versions.

The eight applications for Linux users included in this roundup are solid performers. Other than the outdated packages and lack of support for a wide variety of Linux distros, these apps deliver on productivity and reliability.

Read more

Stable kernels 5.0.2, 4.20.16, 4.19.29, 4.14.106 and 4.9.163

Filed under
Linux
  • Linux 5.0.2

    I'm announcing the release of the 5.0.2 kernel.

    All users of the 5.0 kernel series must upgrade.

    The updated 5.0.y git tree can be found at:
    git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.0.y
    and can be browsed at the normal kernel.org git web browser:
    http://git.kernel.org/?p=linux/kernel/git/stable/linux-st...

  • Linux 4.20.16
  • Linux 4.19.29
  • Linux 4.14.106
  • Linux 4.9.163

Antennas in Linux

Filed under
Linux

For this article, I want to introduce a piece of software I've actually used recently in my own work. My new day job involves studying the ionosphere using an instrument called an ionosonde. This device is basically a giant radio transmitter that bounces radio waves off the ionosphere to see its structure and composition. Obviously, an important part of this is knowing the radiation pattern of the various transmitters and receivers.

Several methods exist for modeling the electromagnetic fields around conductors, but here I'm covering one called NEC2 (Numerical Electromagnetics Code). It originally was developed in FORTRAN at the Lawrence Livermore National Laboratory in the 1970s. Since then, it's been re-implemented several times in various languages. Specifically, let's look at xnec2c. This package implements NEC2 in C, and it also provides a GTK front end for interacting with the core engine.

Read more

8 Best Free Linux Family History Software

Filed under
GNU
Linux
Software

Family history (or genealogy) software is computer software used to record, organise and publish genealogical data. With this software, you can help unlock the past, discover secrets and surprises from your past. Genealogy, the study of one’s ancestry, allows people to personalise the past.

There are useful websites devoted to helping would-be genealogists. Further, radio and TV programmes such as the immortal Who Do You Think You Are?, and other shows such as Secrets of the Clink have encouraged a growing band people to trace their roots, sparking new interest. It’s not just celebrities when tracing their ancestry who come up with secrets and surprises from their past.

Read more

Raspberry Pi and more

Filed under
Linux
  • 7 Raspberry Pi projects to explore

    A few folks from our writer community weighed in to share their favorite Raspberry Pi projects to help us celebrate Raspberry Pi Day this year.

    Steve Reaver's projects are built by him at home. First up, a PlayStation One case for your Raspberry Pi.

  • How old is your oldest Raspberry Pi?

    Today is Pi Day, a day in which we celebrate the date ticking up to the 3.14 approximation of π (at least for those of us who use American-style dates). We also take today to celebrate a tiny device, not much bigger than a credit card, that shares its name with this useful, irrational number. We're talking about, of course, the Raspberry Pi.

  • 14 days of celebrating the Raspberry Pi

    Every year on March 14th, we geeks celebrate Pi Day. In the way we abbreviate dates—MMDD—March 14 is written 03/14, which numerically reminds us of 3.14, or the first three numbers of pi. What many Americans don't realize is that virtually no other country in the world uses this date format, so Pi Day pretty much only works in the US, though it is celebrated globally.

    Wherever you are in the world, let's celebrate the Raspberry Pi and wrap up this series by reviewing the topics we've covered in the past two weeks...

Best Linux distributions which look like Windows

Filed under
GNU
Linux

Once you have understood the pros and cons while shifting from Windows to Linux and decided in favor of the latter, the tougher part would be adjusting with the new environment. Thankfully, there are a few distributions of Linux which have an interface similar to that of Windows. While no Linux distribution can be like Windows 10, many of them do follow teh Windows 7 model.

Read more

LWN on Security and Kernel (Paywall Has Ended)

Filed under
Linux
Security
  • A container-confinement breakout

    The recently announced container-confinement breakout for containers started with runc is interesting from a few different perspectives. For one, it affects more than just runc-based containers as privileged LXC-based containers (and likely others) are also affected, though the LXC-based variety are harder to compromise than the runc ones. But it also, once again, shows that privileged containers are difficult—perhaps impossible—to create in a secure manner. Beyond that, it exploits some Linux kernel interfaces in novel ways and the fixes use a perhaps lesser-known system call that was added to Linux less than five years back.

    The runc tool implements the container runtime specification of the Open Container Initiative (OCI), so it is used by a number of different containerization solutions and orchestration systems, including Docker, Podman, Kubernetes, CRI-O, and containerd. The flaw, which uses the /proc/self/exe pseudo-file to gain control of the host operating system (thus anything else, including other containers, running on the host), has been assigned CVE-2019-5736. It is a massive hole for containers that run with access to the host root user ID (i.e. UID 0), which, sadly, covers most of the containers being run today.

    There are a number of sources of information on the flaw, starting with the announcement from runc maintainer Aleksa Sarai linked above. The discoverers, Adam Iwaniuk and Borys Popławski, put out a blog post about how they found the hole, including some false steps along the way. In addition, one of the LXC maintainers who worked with Sarai on the runc fix, Christian Brauner, described the problems with privileged containers and how CVE-2019-5736 applies to LXC containers. There is a proof of concept (PoC) attached to Sarai's announcement, along with another more detailed PoC he posted the following day after the discoverers' blog post.

  • The Thunderclap vulnerabilities

    It should come as no surprise that plugging untrusted devices into a computer system can lead to a wide variety of bad outcomes—though often enough it works just fine. We have reported on a number of these kinds of vulnerabilities (e.g. BadUSB in 2014) along the way. So it will not shock readers to find out that another vulnerability of this type has been discovered, though it may not sit well that, even after years of vulnerable plug-in buses, there are still no solid protections against these rogue devices. This most-recent entrant into this space targets the Thunderbolt interface; the vulnerabilities found have been dubbed "Thunderclap".

    There are several different versions of Thunderbolt, either using Mini DisplayPort connectors (Thunderbolt 1 and 2) or USB Type-C (Thunderbolt 3). According to the long list of researchers behind Thunderclap, all of those are vulnerable to the problems they found. Beyond that, PCI Express (PCIe) peripherals are also able to exploit the Thunderclap vulnerabilities, though they are a bit less prone to hotplugging. Thunderclap is the subject of a paper [PDF] and web site. It is more than just a bunch of vulnerabilities, however, as there is a hardware and software research platform that they have developed and released. A high-level summary of the Thunderclap paper was posted to the Light Blue Touchpaper blog by Theo Markettos, one of the researchers, at the end of February.

  • Core scheduling

    Kernel developers are used to having to defend their work when posting it to the mailing lists, so when a longtime kernel developer describes their own work as "expensive and nasty", one tends to wonder what is going on. The patch set in question is core scheduling from Peter Zijlstra. It is intended to make simultaneous multithreading (SMT) usable on systems where cache-based side channels are a concern, but even its author is far from convinced that it should actually become part of the kernel.
    SMT increases performance by turning one physical CPU into two virtual CPUs that share the hardware; while one is waiting for data from memory, the other can be executing. Sharing a processor this closely has led to security issues and concerns for years, and many security-conscious users disable SMT entirely. The disclosure of the L1 terminal fault vulnerability in 2018 did not improve the situation; for many, SMT simply isn't worth the risks it brings with it.

    But performance matters too, so there is interest in finding ways to make SMT safe (or safer, at least) to use in environments with users who do not trust each other. The coscheduling patch set posted last September was one attempt to solve this problem, but it did not get far and has not been reposted. One obstacle to this patch set was almost certainly its complexity; it operated at every level of the scheduling domain hierarchy, and thus addressed more than just the SMT problem.

    Zijlstra's patch set is focused on scheduling at the core level only, meaning that it is intended to address SMT concerns but not to control higher-level groups of physical processors as a unit. Conceptually, it is simple enough. On kernels where core scheduling is enabled, a core_cookie field is added to the task structure; it is an unsigned long value. These cookies are used to define the trust boundaries; two processes with the same cookie value trust each other and can be allowed to run simultaneously on the same core.

  • A kernel unit-testing framework

    March 1, 2019 For much of its history, the kernel has had little in the way of formal testing infrastructure. It is not entirely an exaggeration to say that testing is what the kernel community kept users around for. Over the years, though, that situation has improved; internal features like kselftest and services like the 0day testing system have increased our test coverage considerably. The story is unlikely to end there, though; the next addition to the kernel's testing arsenal may be a unit-testing framework called KUnit.

    The KUnit patches, currently in their fourth revision, have been developed by Brendan Higgins at Google. The intent is to enable the easy and rapid testing of kernel components in isolation — unit testing, in other words. That distinguishes KUnit from kernel's kselftest framework in a couple of significant ways. Kselftest is intended to verify that a given feature works in a running kernel; the tests run in user space and exercise the kernel that the system booted. They thus can be thought of as a sort of end-to-end test, ensuring that specific parts of the entire system are behaving as expected. These tests are important to have, but they do not necessarily test specific kernel subsystems in isolation from all of the others, and they require actually booting the kernel to be tested.

    KUnit, instead, is designed to run more focused tests, and they run inside the kernel itself. To make this easy to do in any setting, the framework makes use of user-mode Linux (UML) to actually run the tests. That may come as a surprise to those who think of UML as a dusty relic from before the kernel had proper virtualization support (its home page is hosted on SourceForge and offers a bleeding-edge 2.6.24 kernel for download), but UML has been maintained over the years. It makes a good platform for something like KUnit without rebooting the host system or needing to set up virtualization.

  • Two topics in user-space access

    Kernel code must often access data that is stored in user space. Most of the time, this access is uneventful, but it is not without its dangers and cannot be done without exercising due care. A couple of recent discussions have made it clear that this care is not always being taken, and that not all kernel developers fully understand how user-space access should be performed. The good news is that kernel developers are currently working on a set of changes to make user-space access safer in the future.

Screencast of New ArcoLinux and New Shows (FLOSS Weekly, GeekRant, and The Linux Link Tech Show)

Filed under
GNU
Linux
OSS

Linux Distros Used in IoT Devices

Filed under
GNU
Linux

With IoT devices, we have a tendency to think of them as simple when they’re really anything but. Even the simplest IoT devices run software to keep them going, and the vast majority of these are running some form of Linux.

If you’re not familiar with Linux distributions, they take the same core operating system, Linux, and build tools around it for specific needs. Because IoT devices have limited hardware resources compared to PCs, there are a few distros aimed at this use case. Whether you’re building a DIY project or you’re just curious, we’ve compiled a list of some of the best-known Linux distros used in IoT devices.

Read more

Also: Recommended Linux OS In 2019

Syndicate content

More in Tux Machines

GnuPG 2.2.14 and Kiwi TCMS 6.6

Today in Techrights

Android Leftovers

Raspberry Pi 3 Model B+ First Impressions

I have always been curious about the tiny computer called Raspberry Pi but I didn’t have the time or opportunity to buy one until now. I got the latest version (Raspberry Pi 3 Model B+) along with bundled accessories from AliExpress for $65. I think it was a good deal considering what I got which I will explain to you later on. But before that and for your convenience, here are some quick facts about Raspberry Pi that I got from Wikipedia... Read more