Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

today's howtos

  • Linux networking - A weird little problem with DNS, DHCP

    At this point, or rather, just before this point, I was inclined to blame systemd. But it turns out, there's nothing wrong with it. Now, there were/are bugs in it, which is why it comes up quite high if you search for any connectivity problems in Linux.

  • Top Linux Interview Questions
  • Pandoc Flavoured Markdown: Guide To Your First Document
  • How to play Mount & Blade II: Bannerlord on Linux
  • Light OpenStreetMapping with GPS

    Now that lockdown is lifting a bit in Scotland, I’ve been going a bit further for exercise. One location I’ve been to a few times is Tyrebagger Woods. In theory, I can walk here from my house via Brimmond Hill although I’m not yet fit enough to do that in one go. Instead of following the main path, I took a detour along some route that looked like it wanted to be a path but it hadn’t been maintained for a while. When I decided I’d had enough of this, I looked for a way back to the main path but OpenStreetMap didn’t seem to have the footpaths mapped out here yet. I’ve done some OpenStreetMap surveying before so I thought I’d take a look at improving this, and moving some of the tracks on the map closer to where they are in reality. In the past I’ve used OSMTracker which was great, but now I’m on iOS there doesn’t seem to be anything that matches up.

Programming: Perl, Git/Emacs and Compilers

  • Listen to Larry Wall's State of the Onion 2000 on YouTube

    It’s a typical Larry talk filled with quirky, humorous observations about life and programming, and notably he announces the Perl 6 project. Unfortunately the audio is low quality (hey it was 20 years ago at a low-budget conference); you can read a transcript of the talk here (with mp3 download links at the bottom). We also have collection of attendees’ reports from the conference.

  •        
  • Chicago.pm Virtual Meeting: July 23

    In case you are not familiar with gather.town, after you join the conversation, you will have a small avatar on a 2d map and can walk around. When you are close to somebody or a group of people, you can video chat with them over video. Perlmongers is supposed to be a social gathering, and we are experimenting with this venue to see if it'll make that possible!

  • The Magit Git Client Is The "Killer Feature" In Emacs

    Users of other text editors often ask "why should I switch to Emacs?" or, more specifically, "what is the killer feature that Emacs offers?" Depending on your workflow, the killer feature for Emacs could be a number of things, one them being Magit!

  • Alder Lake-S Compiler Update Points to big.LITTLE Desktop Chips

    This design builds upon the big.LITTLE (Big.BIGGER in Intel parlance) design that debuted in the company's 3D Lakefield chips. These designs incorporate one large Sunny Cove core combined with four Atom Tremont smaller cores in an ARM-like design. With the architecture proven and already working its way through the ecosystem, it's rational to expect Intel to scale it up to tackle desktop PCs, too. The GNU compiler updates include a list of compatible instructions for both Intel's upcoming data center Sapphire Ridge chips and Alder Lake desktop chips, with the latter noticeably missing support for AVX-512, a SIMD instruction that Intel recently introduced to its desktop chips. These instructions are disabled in Intel's hybrid Lakefield chips to keep the instruction set consistent between cores (Atom doesn't support AVX instructions), therefore easing operating system scheduling routines that target different workloads at the cores best suited for the task. Therefore, the lack of AVX-512 support for Alder Lake could serve as further evidence that Intel will bring its hybrid architecture to desktop PCs.

Security: Patches, Web Security Books, SecWeb – Designing Security for the Web

  • Security updates for Friday

    Security updates have been issued by Fedora (curl, LibRaw, python-pillow, and python36), Mageia (coturn, samba, and vino), openSUSE (opera), and Ubuntu (openssl).

  • Comparing 3 Great Web Security Books

    I thought about using a clickbait title like “Is this the best web security book?”, but I just couldn’t do that to you all. Instead, I want to compare and contrast 3 books, all of which I consider great books about web security. I won’t declare any single book “the best” because that’s too subjective. Best depends on where you’re coming from and what you’re trying to achieve.

  • Hardening Firefox against Injection Attacks – The Technical Details

    In a recent academic publication titled Hardening Firefox against Injection Attacks (to appear at SecWeb – Designing Security for the Web) we describe techniques which we have incorporated into Firefox to provide defense in depth against code injection attacks. Within this blogpost we are going to provide insights into the described hardening techniques at a technical level with pointers to the actual code implementing it. Note that links to source code are perma-linked to a recent revision as of this blog post. More recent changes may have changed the location of the code in question. [...] Firefox ships with a variety of built-in pages, commonly referred to as about: pages. Such about: pages allow the user to view internal browser information or change settings. If one were able to inject script into a privileged about: page it would represent a complete browser takeover in many cases. To reduce this injection attack surface, we apply a strong Content Security Policy (CSP) of default-src chrome: to all about: pages. The applied CSP restricts script to only JavaScript files bundled and shipped with the browser and accessible only via the Firefox internal chrome:// protocol. Whenever loading any kind of JavaScript, Firefox internally consults its CSP implementation by calling the function ShouldLoad() for external resources, or GetAllowsInline() for inline scripts. If the script to be executed is not allow-listed by the added CSP then Firefox will block the script execution, rendering the code injection attack obsolete. Further, we verify that any newly added about: page within Firefox exposes a strong CSP by consulting the function AssertAboutPageHasCSP(). This function basically acts as a commit guard to our codebase and ensures that no about: page makes it into the Firefox codebase without a strong CSP. Before we started to protect about: pages with a CSP we faced a bug where text and markup controlled by a web application was reused in a permission prompt, which led to a Universal Cross-Site Scripting (UXSS) attack in the browser interface (CVE-2018-5124). These scripts run with elevated privileges that get access to internal APIs and can result in a full system compromise. What raises the severity of such bugs is the high-level nature of the vulnerability and the highly deterministic nature of the exploit code which allowed comparably trivial exploitation.

Screencasts and Audiocasts: Linux Mint 20 "MATE", Linux Headlines and More

  • Linux Mint 20 "MATE" overview | Stable, robust, traditional

    In this video, I am going to show an overview of Linux Mint 20 "MATE" and some of the applications pre-installed.

  • 2020-07-10 | Linux Headlines

    Possible changes on the horizon for LibreOffice are raising concerns in the community, industry players decry Google's gifting of Istio intellectual property to the Open Usage Commons, and both Ubuntu and Docker push further into the AWS ecosystem.

  • Tech Means Business: Best of Series 1

    Artificial intelligence with Darktrace Big data and Splunk IoT with Ubuntu/Canonical The Linux effect with Positive Internet Career paths, with DocuSign Thanks go to the people I spoke with, and who featured on the episodes that aren’t featured here. It was literally through lack of time that has meant this “best of” show is necessarily limited in scope. Series two already shaping up nicely: MasterCard, Red Hat, ARM, SuperMicro, and plenty more. Watch this space!