Language Selection

English French German Italian Portuguese Spanish

Just talk

GNOME Release Party Manchester

Filed under
Just talk

GNOME Release Party Manchester

Summary: Today's party celebrating the release of GNOME 3.22

RIANNE AND I both attended today's GNOME release party in Manchester. It was a good opportunity to meet some geeky people, including a few from Codethink, which organised this event.

With the latest Kubuntu 15.10 (Wily)

Filed under
Just talk

I love the KDE desktop—I really do. However… here are some grumbles.

Happy Easter and Remarkable Spring

Filed under
Just talk

Happy Easter

Happy New Year From Roy and Rianne

Filed under
Just talk

Xmas tree

2014 was a great year for Tux Machines. The site moved to a new server with much higher capacity and better caching, Rianne and I moved to a better house, and we finally set up a tree the way we wanted to. Financial contributions from readers were enough to subsidise a laptop for Rianne and she now happily submits a lot of links from there.

In 2015 we expect to improve both volume and quality of links. We are going to think of ways to improve the Web site and we openly welcome suggestions from readers. The goal is to make the site more informative more efficiently. We wish to help readers steer away from cruft and gossip and instead identify news of importance, without repetition unless new information and details arise.

Vacation Photos

Filed under
Just talk

Tux and Rianne

Last week we did not post as much news as usual because we went to the south of England with Roy's sister. We did take some photos.

Fireworks! And Tux Machines Works.

Filed under
Just talk

November effigies

Fireworks continue to appear all over the place, even a day after Guy Fawkes Night. Yesterday the city was full of smoke (as though it is under heavy fog all around), but that is just an annually-recurring tradition. It's very bad for the environment, but hey, lots of people enjoy it.

Over 400 Guy Fawkes tried to destroy the House of Lords, just as some gang or a person has been trying now for nearly two months to keep Tux Machines offline. Thankfully, however, the attacks are not succeeding anymore because we have refined our defenses and the offending zombie PCs are being banned left and right (all day long). Surely the plot has been foiled. All we need now is effigies.

Tux Claus

Filed under
Just talk

Tux Claus

Summer is finally over, but summertime or the climate hasn't officially changed yet. I wonder if I can still do something out of the ordinary, but the weather is disrupting my planned activities outside. Sometimes there is sunlight, but the next minute the dark clouds covers the beautiful sky and it makes the day dull and cold.

Two days ago my husband and I went to stroll inside the mall and ended up buying some personal stuff in a store. While I was in a queue to pay my husband was in a hurry to add this tiny bit of stuff which I didn't recognise at first. I thought of ignoring and not buying that tiny little thing. Then my husband said "look what I found" and then I asked what is it -- it's tux! Tux Claus. Soon I saw a tiny penguin dressed in Santa clothes; the design was simple ,but it was artistically made. I know it is still early, but we're both excited to add Tux under our Christmas tree and be merry.

Life Goes On

Filed under
Just talk

Manchester

TUX MACHINES HAS BEEN under attack for nearly two weeks now. We need not really comment on our technical means of defence and how we mostly overcome these attacks (we are not giving too many clues to the attackers, who are mostly deflected with blacklists and redirects for the time being), but for the most part the Web site continues to run and to serve visitors. That's what is important. We work hard to keep posting the latest news and not let distraction, aggravation or sabotage get in the way. It is hard to imagine who would want to attack a site like this. This site is not even political or controversial.

In more general news, Manchester has had a nice and warm September. It continues into October (so far). Today we started seeing some hybrid (partly electric) double-decker buses and today we also found out that the health club we always go to has been voted best in the north west and third-best in the UK for the second year in a row. We still post some news whilst out of the house (if a wireless connection becomes available) and this morning the weather was so fine that we managed to play some badminton outdoors.

Life goes on and no level of attacks on the site is going to stop it. There are many ways to combat DDOS attacks, so they are merely a nuisance. The attackers should know that they are only wasting their time; there are much better things to do in life. Those commandeering Microsoft Windows botnets would be better off targeting the KKK or something, not a GNU and Linux news site.

Logo Concepts

Filed under
Just talk

More below...

Secret Back Doors in Android

Filed under
Just talk

I am everything but a Google basher and I spent a lot of my life descending deep into research of Google foes, Google smear campaigns, lawsuits by proxy, and antitrust actions by proxy. I also advocate Android, but in recent years I have been increasingly concerned about the direction it is taking. I wish to share my latest concern. It relates to what the media characterises as "anti-theft" but is actually a facility to kill phones in a protest or convert them into hostile listening devices. Technology impacts human rights and those who control technology can be tempted to control humans.

Google habitually updates my tablet. It is a Nexus 7 tablet which Google invites itself to update remotely (shame on me for not installing Replicant, but this device does not support it yet). It is not a 3G tablet and it does not have two operation systems (unlike mobile phones) or even a carrier tracking its location all the time. It's a purely Android device with no network tying. It is network-agnostic. I only bought it because in order to replace my PDA (for over a decade) I wanted a device that is not a tracking device. Phones were out of the question.

Networks don't track the tablet. Google, however, is always out there, fully able to identify the connected user (latched onto a Gmail address because of Play), modifying the software without even the user's consent (the user is sometimes prompted to boot, without being able to opt out of the core update itself).

The update in itself is not a problem. What's problematic is its effect.

Following the latest Google update (which I was given no option to reject) I noticed that Google had added a remote kill switch as an opition. It was enabed by default. "Allow remote lock and erase" is what Google calls it and it is essentially working like a back door. Google and its partners in government are gaining a lot of power not over a smartphone but over a tablet.

The significance of this is that not only phones should be assumed to be remotely accessible for modification, including for example additional back doors. What's more, some devices that were sold without this functionality silently have it added. According to the corporate press, the FBI remotely turns Android devices into listening devices and it is getting simpler to see how.

NSA and PRISM destroy our computing. We definitely need to demand Free software, but we should go further by asking for audits, rejecting user-hostile 'features' like DRM, 'secure' boot, and kill switches. I gradually lose any remaining trust that I had in Google and even Free software such as Android.

Syndicate content

More in Tux Machines

Leftovers: Ubuntu

  • Budgie-Remix Makes Progress With Ubuntu 16.10 Base, Beta 2 Released
    Budgie-Remix, the unofficial Ubuntu spin making use of the Budgie Desktop, has released its 16.10 Beta 2 milestone following this week's Yakkety Yak Beta 2 release. Budgie-Remix is re-based to the latest Ubuntu 16.10 Yakkety package changes. In addition, a number of the Budgie-0Remix packages have been working their way into Debian proper and thus are available to Ubuntu 16.10 users via the official channels. Now available this way is the budgie-desktop package, Moka icon theme, Faba icon theme, and the Arc theme. The Ubuntu repository has also pulled in the Budgie artwork and wallpaper packages too.
  • Yakkety Yak Final Beta Released
  • Canonical Launches Commercial Support for Kubernetes
    Canonical, the lead commercial vendor behind the open-source Ubuntu Linux operating system, is getting into the Kubernetes market. Canonical now offers a freely available implementation of Kubernetes as well as commercial-support options. "I have no doubt that Kubernetes will be one of the major container co-ordination systems," Mark Shuttleworth, founder of Ubuntu, told ServerWatch.
  • [How To] Build an Ubuntu Controlled Sous-Vide Cooker
    I’ll be honest with you from the off: I had zero idea what sous-vide cooking was before I started writing this post. Wikipedia dutifully informs me that’s Sous-Vide is a style of cooking that involves a vacuum, bags, and steam.
  • Mintbox Mini Pro Linux Mini PC Launches For $395
    This week a new version of the popular Mintbox Mini Linux PC has been launched for $395 in the form of the Mintbox Mini Pro which is now equipped with 120 GB of SSD mSATA together with 64-bit AMD A10-Micro6700T system-on-a-chip with Radeon R6 graphics and features 8GB of DDR3L. The latest Mintbox Mini Pro is shipped preloaded with the awesome Linux Mint 18 operating system and includes a microSD card slot a serial port, and a micro SIM card reader. The new Mintbox Mini Pro is the same size as the original and measures 4.3 x 3.3 x 0.9 inches in size and weighs in at around 255g. The Linux mini PC incorporates a fanless design and features an all-metal case made of aluminium and zinc.

Leftovers: OSS and Sharing

  • Minijail: Running Untrusted Programs Safely by Jorge Lucangeli Obes, Google
  • Minijail: Google’s Tool To Safely Run Untrusted Programs
    Google’s Minijail sandboxing tool could be used by developers and sysadmins to run untrusted programs safely for debugging and security checks, according to Google Software Engineer Jorge Lucangeli Obes, who spoke last month at the Linux Security Summit. Obes is the platform security lead for Brillo, Google's Android-based operating system for Internet-connected devices. Minijail was designed for sandboxing on Chrome OS and Android, to handle “anything that the Linux kernels grew.” Obes shared that Google teams use it on the server side, for build farms, for fuzzing, and pretty much everywhere. Since “essentially one bug separates you and any random attacker,” Google wanted to create a reliable means to swiftly identify problems with privileges and exploits in app development and easily enable developers to “do the right thing.” The tool is designed to assist admins who struggle with deciding what permissions their software actually needs, and developers who are vexed with trying to second guess which environment the software is going to run in. In both cases, sandboxing and privilege dropping tends to be a hit or miss affair. Even when developers use the privilege dropping mechanisms provided by the Linux kernel, sometimes things go awry due to numerous pitfalls along that path. One common example Obes cited was trying to ride a switch user function that will drop-root and then forgetting to check the result of the situation relief, or setuid function, afterwards.
  • Intel and Cloudera Give Apache an Open Source Data/Security Tool
    For the past year, we've taken note of the many Big Data projects that the Apache Software Foundation has been elevating to Top-Level Status. The organization incubates more than 350 open source projects and initiatives, and has squarely turned its focus to Big Data and developer-focused tools in recent months. As Apache moves Big Data projects to Top-Level Status, they gain valuable community support. Recently, the foundation announced that Apache Kudu has graduated from the Apache Incubator to become a Top-Level Project (TLP). Kudu is an open source columnar storage engine built for the Apache Hadoop ecosystem designed to enable flexible, high-performance analytic pipelines. And, Apache Twill has graduated as well. Twill is an abstraction over Apache Hadoop YARN that reduces the complexity of developing distributed Hadoop applications, allowing developers to focus more on their application logic. In another Apache-related Big Data move, Cloudera and Intel have announced that they've contributed a new open-source project to the Apache Software Foundation targeted at using Big Data analytics and machine learning for cybersecurity.
  • Twitter Open Sources Stream Processing Engine Heron
    Twitter announced the open sourcing of Heron, a stream-processing engine that is a successor to Apache Storm. Heron is backwards compatible with Apache Storm, which eases its adoption amongst developers. Heron has replaced Apache Storm as the stream data processing engine inside Twitter due to its scalability, debug-ability, ability to work in a shared cluster infrastructure and better performance. A comprehensive list of features is listed in the documentation.
  • Tencent: Transforming Networks with SDN
    “SDN can really transform the way we do networks,” said Tom Bie, VP of Technology & Operation of Data Center, Networking and Server, Tencent, during his Wednesday keynote address at the Open Daylight Summit. The China telecom giant should know about the issues of massive scale networks: they have more than 200 million users for QQ instant messaging, 300 million users of their payment service, and more than 800 million users of their VChat service. Bie noted that Tencent also operates one of the largest gaming networks in the world, along with video services, audio services, online literature services, news portals, and a range other digital content services.
  • The Second Wave of Platforms, an Interview with Cloud Foundry’s Sam Ramji
    In today’s world of platforms, services are increasingly connected. In the past, PaaS offerings were pretty much isolated. It’s that new connected infrastructure that is driving the growth of Cloud Foundry, the open source, service-oriented platform technology. Sam Ramji is CEO of Cloud Foundry, which is holding its European event in Frankfurt this week. At the conference, we spoke with Ramji to discuss, among other topics:
  • How to Find Your First OpenStack Job
  • LibreOffice 5.2.2 Now Available to Download
  • EC approves Slovenia courts data exchange solution
    First CEF AS4-compliant b2b solution developed as open source by a public administration The European Commission has tested and approved Laurentius, an eDelivery court documents and case exchange solution compliant with the AS4 profile of the OASIS ebMS standard. In September, Laurentius passed all tests by the EC’s Connecting Europe Facility (CEF) for its so-called “e-SENS AS4 conformant solutions”.
  • SDL 2.0.5 Is Readying For Release: Relative Mouse Mode For Wayland/Mir, Audio Capture
    SDL 2.0 point releases have ranged from being a few months apart to as much as two years apart. Fortunately, SDL 2.0.5 is now being put together for release just nine months after SDL 2.0.4. With the Mercurial repository, Sam Lantinga bumped the version in preparation for the SDL 2.0.5 release. The SDL 2.0.5 release hasn't officially happened yet, but it should be here soon.
  • Open standards default at Slovenia supreme court
    The use of open ICT standards is an IT requirement at Slovenia’s Supreme Court, responsible for the IT support of the entire court system in the country. The Supreme Court’s IT department has a strong preference for the development of modular, reusable software solutions. This strategy provides agility and flexibility, says Bojan Muršec, director of IT. The focus on open standards frees up the IT department to concentrate on the business, Muršec says. The IT department takes the modular approach serious: the first reusable module ever developed by the court - a court documents dispatch and delivery system - is re-used by all IT systems across the courts. “Making everything reusable prevents creation of silos in the organisation”, the IT director says. A positive side effect of the IT strategy is that the court uses mostly open source software solutions. This in turn helps to keep IT costs down, says the IT director, who estimates that the court saves EUR 400 to 500 thousand per year on licence fees: “The cost of proprietary licences always goes up.”
  • Why there is no CSS4 - explaining CSS Levels
    We had CSS1, and CSS2. We even had CSS2.1 and we then moved onto CSS3 – or did we? This post is a quick explanation of how CSS is versioned today. CSS versions 1 and 2 were monolithic specifications. All of CSS was included in one massive document. Selectors, positioning, colour – it was all in there. The problem with monolithic specifications is that in order to finish the spec, every component part also has to be finished. As CSS has grown in complexity, and new features are added, it doesn’t make sense to draw a line at which all work is stopped on all parts of CSS in order to declare that CSS version finished. Therefore, after CSS2.1 all the things that had been part of the 2.1 specification were broken down into modules. As the new CSS modules included all that had gone before plus any new features, they all came into being at Level 3. Hence CSS3, and people like me who understood CSS as a single specification referred to the group of Level 3 modules as “CSS3”.

Security Leftovers

  • Linux.Mirai Trojan causing mayhem with DDoS attacks
    A Trojan named Linux.Mirai has been found to be carrying out DDoS attacks. The malicious program first appeared in May 2016, detected by Doctor Web after being added to its virus database under the name Linux.DDoS.87. The Trojan can work with with the SPARC, ARM, MIPS, SH-4, M68K architectures and Intel x86 computers.
  • Don't Hide DRM in a Security Update
    Over 10,000 of you have joined EFF in calling on HP to make amends for its self-destructing printers in the past few days. Looks like we got the company’s attention: today, HP posted a response on its blog. Apparently recognizing that its customers are more likely to see an update that limits interoperability as a bug than as a feature, HP says that it will issue an optional firmware update rolling back the changes that it had made. We’re very glad to see HP making this step. But a number of questions remain. First, we’d like to know what HP’s plans are for informing users about the optional firmware update. Right now, the vast majority of people who use the affected printers likely do not know why their printers lost functionality, nor do they know that it’s possible to restore it. All of those customers should be able to use their printers free of artificial restrictions, not just the relatively few who have been closely following this story.
  • 6 Ways Driverless Cars Are Going To Kill Lots Of People
    You've probably read a few articles about driverless cars over the past couple of years. The technology is coming along quickly, with fleets of test cars already on the roads in some states. It seems like soon we'll achieve the American dream of stuffing our faces and texting all we want while still managing to avoid public transportation. But the reality is quite different. We're diving into this technology a little too quickly and ignoring all the warning signs about how we are going to screw up on the way to Driverless Car Utopia.

Red Hat and Fedora

  • Red Hat Inc. (RHT) Downgraded by Zacks Investment Research to “Hold”
  • Earnings Estimate Report: Intel Corporation (NASDAQ:INTC) , Red Hat, Inc. (NYSE:RHT)
  • Switched to HTTPS
    Perhaps you already noticed it, I have switched all the sites for a secured browsing using HTTPS. So, new addresses are: https://blog.remirepo.net/ for this Blog (with an automatic and permanent redirection) https://forum.remirepo.net/ for the Forum (with an automatic and permanent redirection) https://rpms.remirepo.net/ for the Repository, but classical address stay available.
  • Fedora Hubs: Getting started
    Fedora Hubs provides a consistent contributor experience across all Fedora teams and will serve as an “intranet” page for the Fedora Project. There are many different projects in Fedora with different processes and workflows. Hubs will serve as a single place for contributors to learn about and contribute to them in a standardized format. Hubs will also be a social network for Fedora contributors. It is designed as one place to go to keep up with everything and everybody across the project in ways that aren’t currently possible.