Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Security Leftovers

  • Short Topix: 200 Most Common Passwords Of 2020

    Despite the "annual warnings" (which are most likely much, much more frequent), users are still using easy-to-hack, easy-to-crack passwords. I know that, as this magazine's Chief Editor for over 11 years, we have run password articles so many times in the past that it's now impossible to count them all. I know this definitely isn't my first password article of 2020, either. Well, NordPass has released its list of the 200 most common passwords, along with their frequency of use, how many users were found using them, the length of time it took to crack the passwords, and how many times it was exposed. Without much surprise, the top "password" used was 123456. It rose to the number one spot, after occupying the number two spot in 2019. Now, you've got to promise me that you won't LAUGH at some of these passwords! Below is a reprint of the top 20 worst passwords of 2020. [...] Specifically, the issue goes something like this. If a Go SMS Pro user sends photos, videos or files to a user who does NOT have the app installed, the files are uploaded to a server, and the non-user of the app was sent a message via SMS text with a link to the files. This way, non-users did not have to install Go SMS Pro just to receive or view the files. At least, that's how it was supposed to work. However, researchers discovered that even when files were shared between users who both had the app installed, files were still uploaded to the servers. What's worse, the server was unsecured, and could be accessed by anyone with the link. Researchers also discovered that the web addresses were sequential, which means that anyone who could figure out the predictable web address could potentially gain access to millions of private files.

  • Certificates from Let's Encrypt (R3 active)

    Let's Encrypt has announced that, as of today, the TLS certificates issued by the Let's Encrypt certificate authority are using a new intermediate certificate. "While LE will start using their new _roots_ next year, the change today is using a _variant_ of their "R3" certificate which is cross-signed from IdenTrust, rather than chaining back to their "ISRG Root X1". This will affect you if you're using DANE, TLSA records in DNS, signed by DNSSEC, to advertise properties of the certificate chain which remote systems should expect to see."

  • Josh Bressers: Episode 228 – Door 03: Do all vulnerabilities matter equally?

    Josh and Kurt talk about how many security vulnerabilities matter enough to fix?

IBM/Red Hat Leftovers

  • Open Liberty 20.0.0.12 brings support for gRPC, custom JNDI names, and Java SE 15 - Red Hat Developer

    Open Liberty 20.0.0.12 now supports gRPC 1.0 and gRPC Client 1.0. This universal, open source framework is an efficient way to connect remote services across data centers. We’ve also added custom names support for the Java Naming and Directory Interface (JNDI), making it easier to look up and inject Jakarta Enterprise Beans (EJBs) in your Open Liberty applications. Finally, this new release is compatible with Java SE 15, the latest Java Standard Edition version. We’ll introduce these features and show you how to set up and configure the new gRPC and custom JNDI names support in Open Liberty 20.0.0.12.

  • Pablo Iranzo Gómez: Upstream/Downstream documentation workflow
  • Updates to Container Tools in Red Hat Enterprise Linux 8.3

    The launch of Red Hat Enterprise Linux (RHEL) 8.3, brings with it a host of new container capabilities. This builds on the work done in RHEL 8.2 (New container capabilities in Red Hat Enterprise Linux 8.2) and gives users even more reasons to upgrade from RHEL 7.

  • The rise of the Robot Operating System

    Having your work covered in a documentary like How to Start a Robot Revolution — a five-part documentary in the Open Source Stories series from Red Hat — is bound to make you feel old. You look back and think, "wow, I've been doing this for a long time." Indeed some of us have been working on Robot Operating System (ROS) now for well over a decade, far exceeding the traditional Silicon Valley two-year cycle of jumping to the next thing. Personally, the story in the film is just the latest chapter in an even longer journey. As a computer engineering undergrad at Tulane University in the mid-1990s, I met a new professor in the department named Jim Jennings. Like the other faculty, Jennings had a lab, but unlike them, his lab had robots. There were three RWI B14 robots, and students were welcome to program them. I was immediately hooked by the experience of writing code that made things move in the world.

  • Kafka Monthly Digest – November 2020

    In this 34th edition of the Kafka Monthly Digest, I’ll cover what happened in the Apache Kafka community in November 2020.

  • New IBM Redpaper: SUSE and IBM Power Systems for SAP HANA

What Is the Best Linux Distro for Laptops?

Let's start with those aging, venerable machines: your old laptop. Linux carries a strong reputation for breathing life into old hardware, and Lubuntu is one of the best options. Lubuntu, as you might guess from the name, is an Ubuntu derivative. It uses a different desktop environment from Ubuntu, opting for the more lightweight and less resource-intensive LXDE desktop instead of GNOME. The result is a lightweight Linux distro that will run nicely on an older laptop. Lubuntu requires a minimum of 1GB RAM for "advanced internet services" such as YouTube and Facebook, while just 512MB RAM will suffice for basic operations such as LibreOffice and basic web browsing. In terms of CPU, you'll need at least an Intel Pentium 4 or Pentium M, or an AMD K8. Read more

Don't Panic: Kubernetes and Docker

Docker as an underlying runtime is being deprecated in favor of runtimes that use the Container Runtime Interface(CRI) created for Kubernetes. Docker-produced images will continue to work in your cluster with all runtimes, as they always have. If you’re an end-user of Kubernetes, not a whole lot will be changing for you. This doesn’t mean the death of Docker, and it doesn’t mean you can’t, or shouldn’t, use Docker as a development tool anymore. Docker is still a useful tool for building containers, and the images that result from running docker build can still run in your Kubernetes cluster. If you’re using a managed Kubernetes service like GKE or EKS, you will need to make sure your worker nodes are using a supported container runtime before Docker support is removed in a future version of Kubernetes. If you have node customizations you may need to update them based on your environment and runtime requirements. Please work with your service provider to ensure proper upgrade testing and planning. If you’re rolling your own clusters, you will also need to make changes to avoid your clusters breaking. At v1.20, you will get a deprecation warning for Docker. When Docker runtime support is removed in a future release (currently planned for the 1.23 release in late 2021) of Kubernetes it will no longer be supported and you will need to switch to one of the other compliant container runtimes, like containerd or CRI-O. Just make sure that the runtime you choose supports the docker daemon configurations you currently use (e.g. logging). Read more