Language Selection

English French German Italian Portuguese Spanish


Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

today's leftovers

  • ARM in the Datacenter

    ARM processors have seen unprecedented growth in the last three years and are now being used in everything from smart watches to Apple's new M1 desktop and laptop systems, but there is one sector where they have yet to take hold: the enterprise market. For years, many of the largest cloud providers have designed computers around ARM chips, and in December 2020, Microsoft said it was joining the fray by designing its own ARM-based chips for Azure and Surface PCs. Now we are seeing technology based on ARM chips float down from the cloud providers and rise up from the consumer market and start to take hold in the datacenter. In this article, I will highlight some different ARM devices and discuss ways that they have made their way into the datacenter.

  • Hacked Codecov uploading script leaked creds for two months

    Scores of projects potentially affected by supply chain attack. A malicious alteration to a shell script lay undetected since January this year at software testing coverage report provider Codecov, sparking fears of another significant supply chain attack. Forensic analysis shows that an unknown threat actor exploited an error in Codecov's Docker container image creation process, and gained access to the credential that allowed the modification to the company's Bash Uploader script. Codecov said a Google Cloud Storage key was accessed starting January 31 this year, and not secured until April 1 US time. The script is normally used to upload coverage reports to Codecov, but it was altered to transmit the UNIX shell environment, which can be used to store variables. [...] The company said it has rotated all credentials, including the key that was captured by the attackers, and set up monitoring and auditing to ensure that the Bash Uploader cannot be compromised like this again.

  • Security updates for Tuesday

    Security updates have been issued by Debian (xorg-server), Fedora (CImg, gmic, leptonica, mingw-binutils, mingw-glib2, mingw-leptonica, mingw-python3, nodejs, and seamonkey), openSUSE (irssi, kernel, nextcloud-desktop, python-django-registration, and thunderbird), Red Hat (389-ds:1.4, kernel, kernel-rt, perl, and pki-core:10.6), SUSE (kernel, sudo, and xen), and Ubuntu (clamav and openslp-dfsg).

  • Google plans to tidy up search on Chromebooks

    While the exact categories are still up in the air, we could see the company going for something similar to the Linux distro Ubuntu, which organizes system search results into different categories for applications, files, folders, websites, and more.

  • Linux Desktops in the Cloud with [Ed: A lot of YouTube has become paid-for spam and pseudo 'reviews']
  • These guys made me a CUSTOM gaming laptop, running LINUX!

    I received this laptop, which has been custom-made for me by a company called Eurorra. It's a bit of a weird story, and this won't be a traditional laptop review, because... well, you'll see.

Free Software Leftovers

  • GStreamer WebKit debugging tricks using GDB (2/2)

    This post is a continuation of a series of blog posts about the most interesting debugging tricks I’ve found while working on GStreamer WebKit on embedded devices.

  • 13 Reasonable Alternatives to Adobe's Expensive Apps [Ed: Glimpse is to GIMP what IceWeasel was to Firefox except there are No trademark issues at all! It's claiming to solve an issue which simply does not exist!]

    I’m not a fan of the GIMP name, but I the GNU Image Manipulation Program has been an open-source alternative to Photoshop for as long as I can remember—decades, really. While I never found it to be as feature-filled as PhotoShop, but before Photopea, it was the software I’d turn to whenever I needed to make some edits on a system that didn’t have a graphic-editing app installed. GIMP is fairly easy to use, but even if you have to spend a little time getting a feel for the app, relish in the fact that you’re paying absolutely nothing to use it. Then there’s Glimpse, a fork of GIMP that’s reasonably up-to-date (though it isn’t based off of the latest version of the GIMP app as of this writing). However, if you really detest that name, it’s a perfectly fine alternative.

  • 20 Years FSFE: Interview with Fernanda Weiden

    In our third birthday publication we interview Fernanda Weiden - co-founder of the FSF Latin America and former Vice President of the FSFE - about the early starts of Free Software in Latin America, nowadays use of Free Software in Big Tech and about support of diversity in different communities. Fernanda "nanda" Weiden has a long history of personal engagement for Free Software and the FSFE. Actually a way too long to fit into this introduction but we try at least to shed light on some of her contributions: Raised in Porto Alegre, Brasil, Fernanda organised FISL, the largest Free Software conference in Latin America. Later she became founding and council member of the Free Software Foundation Latin America, before moving to Europe, where she joined the FSFE as a volunteer. Just a little bit later she was elected Vice President of the Free Software Foundation Europe from 2009-2011. [...] When I became a Free Software activist, one had to argue about the platform to be used to build software. Today, Free Software isn't a question anymore. It is the norm in many places. Big companies play an important role because they hire and pay engineers to continue to produce state of art software that is then available through Free Software licenses. Of course not all engineer hours go into that, but it is definitely something that both big tech companies I worked for appreciated and contributed to in different ways. The most important thing, in my view, is to make it a priority to build an inclusive environment. [...] It is a virtuous cycle: once you start making positive moves, more diverse talent will keep coming because they will feel safe.

  • Penguicon 2021

    I'll participate to talks and give a Krita workshop about character design (a penguin wizard; a small creature possible to start on a 1h session). If you don't know what is Penguicon and are curious to attend their virtual event this week-end, you can find all information here...

  • Peruse 2.0 Beta 1 "The Long Awaited Beta"

    A fair while ago, in the before times of late 2016, a release was made of a piece of software known as Peruse. Since then, it spent some time getting work done on it on and off, until sometime last year when we decided that it really was time to stop the thing just floundering in some free software equivalence of development hell, and actually get it ready for its next release. First things first. For those of you who are new, Peruse is KDE's comic book reader project, which consists of the reader application, Peruse Reader, and the comic book creation tool called Peruse Creator. [...] The original release of Peruse was built on top of Kirigami 1, during the early days of the development towards what would eventually become Plasma Mobile. One of the first things to happen after the release of version 1.2 was to port Peruse to Kirigami 2, and the result for the user is partly just more modern and stable code, but also much more easily navigable using a keyboard. Since then, the Peruse team has been working to bring more of the features of Kirigami' which didn't exist in the first version into Peruse, such as the way the search field works, the way scrolling pages are handled, page row layers, action handling, and a whole bunch more. [...] Before we get to the downloads: This is a beta version, and you should expect it to behave like one of those: Things may well be a bit broken or unpolished, and we will be very happy to see reports any bugs you run into over on the Peruse product category on With that out of the way, head over to to grab yourself a shiny new copy of Peruse :)

  • Introducing OpenSearch
  • AWS Introduces OpenSearch [Ed: Isn't it hilarious that Amazon is outsourcing code to proprietary software trap and monopoly of Microsoft? As if Amazon doesn't know how to set up its own Git server...]

    Earlier this year, when Elastic changed the licensing model of Elasticsearch and Kibana from open source Apache v2 license to the Server Side Public License (SSPL), AWS stepped up to ensure the packages remained available and well supported.

  • Continuous 3D Hand Pose Tracking using Machine Learning & Monado OpenXR

    Our hands are our primary operating tools, so their location, orientation, and articulation in space is vital for many human-computer interfaces. Automated hand post estimation can be very useful for diverse applications such as virtual/augmented reality (XR), sign language recognition, gesture recognition and robotics. Collabora is particularly interested in using hand pose estimation in XR as this application meshes nicely with our work on Monado, the world’s first open-source OpenXR runtime. Recent interest in hand pose estimation is driven by the marked advantage it can give to many fields, such as virtual sports coaching and factory worker safety. Pose estimation has the potential to create a new generation of automated tools designed to precisely measure human movement. In addition, pose estimation enhances existing applications in a broad range of areas, including: Augmented Reality, Animation, Gaming and Robotics. This is not by any means an exhaustive list, but it includes some of the primary ways in which pose estimation is shaping our future. Although the two fields of hand post and body pose estimation have significant overlap regarding their objectives and difficulties, hand pose estimation has a unique set of problems such as lack of characteristic local features, pose ambiguity, and substantial self-occlusion, making it a challenging problem to solve.

  • AI at the Edge with K3s and NVIDIA Jetson Nano: Object Detection and Real-Time Video Analytics

    With the advent of new and powerful GPU-capable devices, the possible use cases that we can execute at the edge are expanding. The edge is growing in size and getting more efficient as technology advances. NVIDIA, with its industry-leading GPUs, and Arm, the leading technology provider of processor IP, are making significant innovations and investments in the edge ecosystem landscape. For instance, the NVIDIA Jetson Nano is the most cost-effective device that can run GPU-enabled workloads and can handle AI/ML data processing jobs. Additionally, cloud native technologies like Kubernetes have enabled developers to build lightweight applications using containers for the edge. To enable a seamless cloud native software experience across a compute-diverse edge ecosystem, Arm has launched Project Cassini – an open, collaborative standards-based initiative. It leverages the power of these heterogenous Arm-based platforms to create a secure foundation for edge applications. K3s, developed by Rancher Labs and now a CNCF Sandbox project, has been a key orchestration platform for these compact footprint edge devices. As a Kubernetes distro built for the edge, it is lightweight enough to not put a strain on device RAM and CPU. Taking advantage of the Kubernetes device plugin framework, the workloads running on top of these devices can access the GPU capabilities with efficiency.

Programming Leftovers

  • 4 Excellent Free Books to Learn J

    The J programming language, developed in the early 1990s by Kenneth E. Iverson and Roger Hui, is an array programming language based primarily on APL (also by Iverson). It’s available on a wide variety of computers and operating systems. J is distinguished by its simple and consistent rules, a large set of built-in capabilities, powerful facilities for defining new operations, and a general and systematic treatment of arrays. The J system provides: an engine for executing J; various front ends that provide user interfaces to the J engine; a library, written in J, that provides an IDE (interactive development environment), numerous tools, utilities, demos, tutorials; and online documentation. J is a very terse array programming language, and is most suited to mathematical and statistical programming, especially when performing operations on matrices. It has also been used in extreme programming and network performance analysis.

  • First steps of sending alerts to Discord and others from syslog-ng: http() and Apprise

    A returning question I get is: “I see, that you can send alerts from syslog-ng to Slack and Telegram, but do you happen to support XYZ?” Replace XYZ with Discord and countless others. Up until recently, my regular answer has been: “Take a look at the Slack destination of syslog-ng, and based on that, you can add support for your favorite service”. Then I learned about Apprise, a notification library for Python, supporting dozens of different services. This blog is the first part of a series. It covers how to send log messages to Discord using the http() destination of syslog-ng and an initial try at using Apprise for alerting. The next part will show you a lot more flexible version of the Apprise integration: making fields configurable using templates and using a block to hide implementation details from the user. The Python code in these two blogs is sample code, provided to you for inspiration. They are not for production use, as among others, they lack error handling and reporting. If time and my Python knowledge permits, I might have a more production-ready code later on, that I plan to cover in a third blog.

  • The First-Person Sequel and Roda Insights from the Lead Dev: an Exclusive Interview with Jeremy Evan

    Jeremy Evans is the lead developer of the Sequel database library, the Roda web toolkit, the Rodauth authentication framework, and many other Ruby libraries. He is the maintainer of Ruby ports for the OpenBSD operating system, and has contributed to CRuby and JRuby, as well as many popular Ruby libraries. We are happy to present a brand-new interview with Jeremy to our readers. Hope you enjoy it! [...] I have been contributing patches and bug reports occasionally to Ruby since 2009. However, I started to get more involved with Ruby in early 2019 when hearing about the direction for keyword arguments in Ruby 3. The original proposal for keyword arguments in Ruby 3 was for full separation, so that passing a hash to a method that accepts keywords would raise an error, but also that passing keywords (a hash without braces) to a method that accept an optional hash argument would also raise an error. I thought this proposal went too far, by breaking compatibility with Ruby code that did not use keyword arguments at all. I built a patch on top of the original proposal that was more backwards compatible. I ended up presenting this proposal with Yusuke Endoh at the developer meeting at RubyKaigi 2019. While waiting on a decision from Matz about keyword arguments, I started sending in patches to fix other Ruby bugs, and after quite a few patches, Endoh-san recommended I become a committer, and Matz approved.

  • Using Subresource Integrity (SRI) in Vite with @small-tech/vite-plugin-sri

OOMKiller and httpd

How to set up httpd to survive when OOMKiller kills one of its children. In Copr, we have had a leaking process in our frontend. It is one route, which was leaking few megabytes. The route has a separate child process in httpd, so only one process has been leaking. We still did not identify the culprit, and in the meantime we had to fight with OOMKiller. Few megabytes here and there and the process was too big. And we run out of memory. OOMKiller came and killed the process (as it was the biggest one). Usually, you will not care. Httpd is killing its children periodically, and when one is killed, the master process starts new child immediately. But… Read more Also: In the trenches with Thomas Gleixner, real-time Linux kernel patch set