Language Selection

English French German Italian Portuguese Spanish

Linux

Proxmox VE 4.3 released

Filed under
GNU
Linux

Proxmox Server Solutions GmbH today announced the general availability of Proxmox Virtual Environment 4.3. The hyper-converged open source server virtualization solution enables users to create and manage LXC containers and KVM virtual machines on the same host, and makes it easy to set up highly available clusters as well as to manage network and storage via an integrated web-based management interface.

The new version of Proxmox VE 4.3 comes with a completely new comprehensive reference documentation. The new docu framework allows a global as well as contextual help function. Proxmox users can access and download the technical documentation via the central help-button (available in various formats like html, pdf and epub). A main asset of the new documentation is that it is always version specific to the current user’s software version. Opposed to the global help, the contextual help-button shows the user the documentation part he currently needs.

Read more

Linux and Open Source Hardware for IoT

Filed under
Linux
OSS

Most of the new 21 open source software projects for IoT that we examined last week listed Linux hacker boards as their prime development platforms. This week, we’ll look at open source and developer-friendly Linux hardware for building Internet of Things devices, from simple microcontroller-based technology to Linux-based boards.

In recent years, it’s become hard to find an embedded board that isn’t marketing with the IoT label. Yet, the overused term is best suited for boards with low prices, small footprints, low power consumption, and support for wireless communications and industrial interfaces. Camera support is useful for some IoT applications, but high-end multimedia is usually counterproductive to attributes like low cost and power consumption.

Read more

Unsafe at any clock speed: Linux kernel security needs a rethink

Filed under
Linux

The Linux kernel today faces an unprecedented safety crisis. Much like when Ralph Nader famously told the American public that their cars were "unsafe at any speed" back in 1965, numerous security developers told the 2016 Linux Security Summit in Toronto that the operating system needs a total rethink to keep it fit for purpose.

No longer the niche concern of years past, Linux today underpins the server farms that run the cloud, more than a billion Android phones, and not to mention the coming tsunami of grossly insecure devices that will be hitched to the Internet of Things. Today's world runs on Linux, and the security of its kernel is a single point of failure that will affect the safety and well-being of almost every human being on the planet in one way or another.

Read more

Linux Foundation and Linux

Filed under
Linux
  • ONOS Hummingbird SDN release touts core control function improvements

    ON.Lab’s ONOS Project noted its eighth SDN platform release expands southbound and northbound protocol, legacy device support

    The telecommunications market’s choice of software-defined networking platforms continues to blossom, with the Open Networking Laboratory’s Open Network Operating System Project releasing its latest SDN platform variant under the “Hummingbird” tag.

  • OPNFV Heads Down Colorado Trail

    OPNFV today issued its third software release, ending the agonizing six-month period in which folks had to pronounce and spell Brahmaputra. (See OPNFV Issues Third Software Release.)

    This latest release continues the river theme but is sensibly named Colorado: It has other advantages as well, namely support for key features such as security, IPv6, service function chaining (SFC) testing, virtual private networks and more.

    In addition, Colorado is laying some key groundwork for what lies ahead as the industry comes to terms with the MANO (management and network orchestration) dilemma, says Heather Kirksey, Open Platform for NFV Project Inc. 's executive director.

  • OPNFV's Third Release Includes Security Enhancements
  • ONOS, OPNFV Introduce Latest Open SDN, NFV Releases
  • OPNFV Issues Third Software Release
  • The Linux State Of AMD's Zen x86 Memory Encryption

    With AMD's forthcoming Zen processors is support for some new memory encryption technologies that are of particular benefit for virtualized environments.

    I wrote about Linux patches for AMD memory encryption earlier this year while since then more information has come to light. At last month's Linux Security Summit, David Kaplan presented on these technologies coming with Zen; only today I had come across the slide deck for this presentation.

    The technologies come down to Secure Memory Encryption (SME) and Secure Encrypted Virtualization (SEV). SME provides memory encryption on a per-page-table basis using AMD's ARM-based security co-processor. AMD SME + SEV are designed against both user-access attacks and physical access attacks with a particular focus on VM / hypervisor security.

  • Improving Fuzzing Tools for More Efficient Kernel Testing

    Fuzz testing (or fuzzing) is a software testing technique that involves passing invalid or random data to a program and observing the results, such as crashes or other failures. Bamvor Jian Zhang of Huawei, who will be speaking at LinuxCon Europe, realized that existing fuzz testing tools -- such as trinity -- can generate random or boundary values for syscall parameters and inject them into the kernel, but they don’t validate whether the results of those syscalls are correct.

  • X.Org's GLAMOR 2D Performance Continues To Be Tuned

    While GLAMOR has already been around for a number of years as a means of providing generic X11 2D acceleration over OpenGL for the X.Org Server, it's a seemingly never-ending process to optimize its code-paths for best performance. More improvements are en route for making GLAMOR 2D faster, which should especially be helpful for Raspberry Pi users making use of the VC4 driver stack on this very slow-speed hardware.

    Benefits to the GLAMOR code in the X.Org Server obviously have the potential to benefit all users of this acceleration mechanism for code going into the xorg-server code-base as opposed to an individual GL driver, but for Raspberry Pi users in particular there is some efforts ongoing by Broadcom's Eric Anholt as well as Keith Packard's never-ending tinkering with the X Server code. GLAMOR continues to be used by default for all AMD GCN GPUs, Nouveau for the latest generations of GPU too, VC4 2D is only supported with GLAMOR, and optionally by other DDX drivers too.

BeagleBone Black Wireless SBC taps Octavo SiP, has open design

Filed under
Linux
Hardware

BeagleBoard.org’s “BeagleBone Black Wireless” SBC uses Octavo’s OSD335x SiP module and replaces the standard BeagleBone Black’s Ethernet with 2.4GHz WiFi and BT 4.1 BLE.

BeagleBone Black Wireless is the first SBC to incorporate the Octavo Systems OSD335x SiP (system-in-package) module, “which integrates BeagleBone functionality into one easy-to-use BGA package,” according to BeagleBoard.org. Announced on Sep. 26, the OSD3358 SiP integrates a TI Sitara AM3358 SoC along with a TI TPS65217C PMIC, TI TL5209 LDO (low-drop-out) regulator, up to 1GB of DDR3 RAM, and over 140 passives devices including resistors, capacitors, and inductors, within a single BGA package. The Linux-driven hacker SBC also adds TI WiLink 8 WL1835MOD wireless module with 2.2 MIMO.

Read more

Also: Epiq Solutions' Sidekiq M.2

NAS-targeted Skylake Mini-ITX loads up on SATA, GbE, PCIe

Lenovo Anti-Linux, Layoffs, and Openwashing

Filed under
Android
GNU
Linux
Microsoft
  • Microsoft, Lenovo Accused Of Blocking Linux On Signature Edition PCs

    Laptops today are increasingly powerful. Right now, if you get a new laptop, the probability is that it comes with the new Windows 10 operating system but there are some people that prefer to have a choice when it comes to OS selection. While some people are fine with Windows 10, there are those who might want to have a dual OS system running. A few people who bought Lenovo laptops like the Yoga 900, 910S, and 710S, found that Lenovo was blocking Linux.

  • Motorola, Lenovo lay off over a thousand more people
  • New Lenovo layoffs at Moto, company has now lost over 95% of employees in four years

    Speaking to Droid-life, both sources inside the company and Motorola itself confirmed today that Lenovo has conducted a brutal round of layoffs at Moto. According to DL, over 50% of Motorola's existing US staff have lost their jobs. A 20-year veteran of the company allegedly posted on Facebook that he had been laid off, so it looks like Lenovo is cutting deep at the device-maker.

    One source told them that over 700 employees would be asked to leave of the over 1200 Motorola currently employs. No doubt Lenovo hopes to cut costs by integrating much of Motorola's software and hardware development into its own smartphone unit. Sensible or not, it's still rather sad to watch the once-proud brand slowly be swallowed by The Great Lenovo Monster. The lack of critical or consumer hype around the company's new Moto Z line hasn't helped matters, and while the refreshed Moto G franchise was generally well-received, it's the expensive phones that make the money, and I have a hard time believing the Z series is a runaway sales success.

  • Lenovo Courts Devs WIth Moto Z Source Code Release

    Lenovo, which owns Motorola, last week released the kernel source code for the Moto Z Droid smartphone on Github. The move follows the company's posting of the Moto Z Droid Moto Mods Development Kit and Moto Mods on Github this summer. This is the first kernel source code made available for the Moto Z family of devices. Releasing the kernel source code seems to be another step in Lenovo's attempt to get devs to build an iPhone-like ecosystem around the Moto Z family. The Z family is modular.

Linux Foundation and Linux

Filed under
Linux
  • security things in Linux v4.3

    When I gave my State of the Kernel Self-Protection Project presentation at the 2016 Linux Security Summit, I included some slides covering some quick bullet points on things I found of interest in recent Linux kernel releases. Since there wasn’t a lot of time to talk about them all, I figured I’d make some short blog posts here about the stuff I was paying attention to, along with links to more information. This certainly isn’t everything security-related or generally of interest, but they’re the things I thought needed to be pointed out. If there’s something security-related you think I should cover from v4.3, please mention it in the comments. I’m sure I haven’t caught everything. Smile

    A note on timing and context: the momentum for starting the Kernel Self Protection Project got rolling well before it was officially announced on November 5th last year. To that end, I included stuff from v4.3 (which was developed in the months leading up to November) under the umbrella of the project, since the goals of KSPP aren’t unique to the project nor must the goals be met by people that are explicitly participating in it. Additionally, not everything I think worth mentioning here technically falls under the “kernel self-protection” ideal anyway — some things are just really interesting userspace-facing features.

  • Open Source NFV releases third platform, offers additional testing capabilities

    The OPNFV Project, an open source project set on driving the evolution of network functions virtualization (NFV) components, has made its OPNFV Colorado release available.

    As the third platform release, OPNFV Colorado includes feature enhancements across security, IPv6, Service Function Chaining (SFC), testing, VPN capabilities, and support for multiple hardware architectures.

    Specifically, OPNFV Colorado address three main areas: core feature upgrades, enhanced testing capabilities, and infrastructure and testing environment advancements.

  • Serro CEO to Participate on Prominent Keynote Industry Panel at the Linux Foundation's Upcoming OpenDaylight Summit in Seattle
  • The Linux Foundation and edX Roll Out a Free OpenStack Cours

    The market for OpenStack training continues to surge, and training is now offered by vendors such as Mirantis and independent organizations such as The Linux Foundation. Overall training for OpenStack surged last year. According to the OpenStack Foundation, since the launch of the OpenStack marketplace in September 2013, training offerings grew from 17 unique courses in eight cities to 119 courses in 99 cities.

Parsix GNU/Linux 8.15 "Nev" Is in the Works, to Ship with the GNOME 3.22 Desktop

Filed under
GNU
Linux
GNOME

We told you the other day that the Parsix GNU/Linux development team informed the community that new security updates are available for the current stable Parsix GNU/Linux 8.10 "Erik" and Parsix GNU/Linux 8.5 "Atticus" releases.

Read more

IPFire 2.19 Linux Firewall OS Patched Against the Latest OpenSSL Vulnerabilities

Filed under
Linux
Security

Only three days after announcing the release of IPFire 2.19 Core Update 104, Michael Tremer informs the community about the availability of a new update, Core Update 105, which brings important OpenSSL patches.

Read more

Top Web Browsers for Linux

Filed under
Linux

No matter which Linux distro you prefer, I believe the web browser remains the most commonly used software application. In this article, I'll share the best browsers available to Linux users.

Chrome – No matter how you feel about the Chrome browser, one only need to realize the following: Local news still streams in Flash and Chrome supports this. Netflix is supported using Chrome. And of course, Chrome is faster than any other browser out there. Did I mention the oodles of Chrome extensions available including various remote desktop solutions? No matter how you slice it, Chrome is king of the jungle.

Read more

Syndicate content

More in Tux Machines

Security News

  • Tuesday's security updates
  • New Open Source Linux Ransomware Divides Infosec Community
    Following our investigation into this matter, and seeing the vitriol-filled reaction from some people in the infosec community, Zaitsev has told Softpedia that he decided to remove the project from GitHub, shortly after this article's publication. The original, unedited article is below.
  • Fax machines' custom Linux allows dial-up hack
    Party like it's 1999, phreakers: a bug in Epson multifunction printer firmware creates a vector to networks that don't have their own Internet connection. The exploit requirements are that an attacker can trick the victim into installing malicious firmware, and that the victim is using the device's fax line. The firmware is custom Linux, giving the printers a familiar networking environment for bad actors looking to exploit the fax line as an attack vector. Once they're in that ancient environment, it's possible to then move onto the network to which the the printer's connected. Yves-Noel Weweler, Ralf Spenneberg and Hendrik Schwartke of Open Source Training in Germany discovered the bug, which occurs because Epson WorkForce multifunction printers don't demand signed firmware images.
  • Google just saved the journalist who was hit by a 'record' cyberattack
    Google just stepped in with its massive server infrastructure to run interference for journalist Brian Krebs. Last week, Krebs' site, Krebs On Security, was hit by a massive distributed denial-of-service (DDoS) attack that took it offline, the likes of which was a "record" that was nearly double the traffic his host Akamai had previously seen in cyberattacks. Now just days later, Krebs is back online behind the protection of Google, which offers a little-known program called Project Shield to help protect independent journalists and activists' websites from censorship. And in the case of Krebs, the DDoS attack was certainly that: The attempt to take his site down was in response to his recent reporting on a website called vDOS, a service allegedly created by two Israeli men that would carry out cyberattacks on behalf of paying customers.
  • Krebs DDoS aftermath: industry in shock at size, depth and complexity of attack
    “This attack didn’t stop, it came in wave after wave, hundreds of millions of packets per second,” says Josh Shaul, Akamai’s vice president of product management, when Techworld spoke to him. “This was different from anything we’ve ever seen before in our history of DDoS attacks. They hit our systems pretty hard.” Clearly still a bit stunned, Shaul describes the Krebs DDoS as unprecedented. Unlike previous large DDoS attacks such as the infamous one carried out on cyber-campaign group Spamhaus in 2013, this one did not use fancy amplification or reflection to muster its traffic. It was straight packet assault from the old school.
  • iOS 10 makes it easier to crack iPhone back-ups, says security firm
    INSECURITY FIRM Elcomsoft has measured the security of iOS 10 and found that the software is easier to hack than ever before. Elcomsoft is not doing Apple any favours here. The fruity firm has just launched the iPhone 7, which has as many problems as it has good things. Of course, there are no circumstances when vulnerable software is a good thing, but when you have just launched that version of the software, it is really bad timing. Don't hate the player, though, as this is what Elcomsoft, and what Apple, are supposed to be doing right. "We discovered a major security flaw in the iOS 10 back-up protection mechanism. This security flaw allowed us to develop a new attack that is able to bypass certain security checks when enumerating passwords protecting local (iTunes) back-ups made by iOS 10 devices," said Elcomsoft's Oleg Afonin in a blog post.
  • After Tesla: why cybersecurity is central to the car industry's future
    The news that a Tesla car was hacked from 12 miles away tells us that the explosive growth in automotive connectivity may be rapidly outpacing automotive security. This story is illustrative of two persistent problems afflicting many connected industries: the continuing proliferation of vulnerabilities in new software, and the misguided view that cybersecurity is separate from concept, design, engineering and production. This leads to a ‘fire brigade approach’ to cybersecurity where security is not baked in at the design stage for either hardware or software but added in after vulnerabilities are discovered by cybersecurity specialists once the product is already on the market.

Ofcom blesses Linux-powered, open source DIY radio ‘revolution’

Small scale DAB radio was (quite literally) conceived in an Ofcom engineer’s garden shed in Brighton, on a Raspberry Pi, running a full open source stack, in his spare time. Four years later, Ofcom has given the thumbs up to small scale DAB after concluding that trials in 10 UK cities were judged to be a hit. We gave you an exclusive glimpse into the trials last year, where you could compare the specialised proprietary encoders with the Raspberry Pi-powered encoders. “We believe that there is a significant level of demand from smaller radio stations for small scale DAB, and that a wider roll-out of additional small scale services into more geographic areas would be both technically possible and commercially sustainable,” notes Ofcom. Read more

nginx

Case in point: I've been using the Apache HTTP server for many years now. Indeed, you could say that I've been using Apache since before it was even called "Apache"—what started as the original NCSA HTTP server, and then the patched server that some enterprising open-source developers distributed, and finally the Apache Foundation-backed open-source colossus that everyone recognizes, and even relies on, today—doing much more than just producing HTTP servers. Apache's genius was its modularity. You could, with minimal effort, configure Apache to use a custom configuration of modules. If you wanted to have a full-featured server with tons of debugging and diagnostics, you could do that. If you wanted to have high-level languages, such as Perl and Tcl, embedded inside your server for high-speed Web applications, you could do that. If you needed the ability to match, analyze and rewrite every part of an HTTP transaction, you could do that, with mod_rewrite. And of course, there were third-party modules as well. Read more

Linux and Open Source Hardware for IoT

Most of the new 21 open source software projects for IoT that we examined last week listed Linux hacker boards as their prime development platforms. This week, we’ll look at open source and developer-friendly Linux hardware for building Internet of Things devices, from simple microcontroller-based technology to Linux-based boards. In recent years, it’s become hard to find an embedded board that isn’t marketing with the IoT label. Yet, the overused term is best suited for boards with low prices, small footprints, low power consumption, and support for wireless communications and industrial interfaces. Camera support is useful for some IoT applications, but high-end multimedia is usually counterproductive to attributes like low cost and power consumption. Read more