Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

LibreOffice: Leif-Jöran Olsson and openSUSE + LibreOffice Conference

  • [LibreOffice] Community Member Monday: Leif-Jöran Olsson

    Members of The Document Foundation – the non-profit entity behind LibreOffice – help to steer the project, vote for the Board of Directors, and spread the word. Today we’re talking to Leif-Jöran Olsson, who has recently become a member of TDF…

  • openSUSE + LibreOffice Conference Still On, Virtual Conference Considered

    The tech world has been hit hard by the coronavirus impact, and large companies like Microsoft, Google, Facebook and so many others have already canceled their events, moving to virtual conferences that completely eliminate the risk of infection for attendees. The openSUSE + LibreOffice Conference, scheduled to take place in October, is still on, The Document Foundation said in an announcement today, but the organizers are still keeping an eye on the virus outbreak to adjust their plans in a timely manner. TDF says in a blog post that while it doesn’t yet cancel the physical event, it’s already considering alternative solutions, including a virtual conference.

Easy Buster version 2.2.16

EasyOS versions 1.x are the "Pyro" series, the latest is 1.3. Easy Pyro is built with packages compiled from source using 'oe-qky-src', a fork of OpenEmbedded. Consequently, the builds are small and streamlined and integrated. The Pyro series may have future releases, but it is considered to be in maintenance status. The "Buster" series start from version 2.0, and are intended to be where most of the action is, ongoing. Version 2.0 was really a beta-quality build, to allow the testers to report back. The first official release was 2.1. The main feature of Easy Buster is that it is built from Debian 10 Buster DEBs, using WoofQ (a fork of Woof2: Woof-CE is another fork, used to build Puppy Linux). The advantage of Buster over Pyro is access to the large Debian package repositories. That is a big plus. On the other hand, DEB packages have many dependencies, and the end result is a release considerably larger than Pyro with similar app selection. For example, the download file of Pyro 1.2 is 418MB, Buster 2.1 is 504MB -- despite the Buster build having less apps (Pyro has Qt5 and big Qt5-based apps such as Scribus, this is all missing from the Buster build, but can be installed). Read more

Learn about Rust and how to get started

Start by downloading Rust. After downloading the relevant file, follow the instructions on the installation page to continue the installation. I recommend using the tool "rustup." Once you are done, configure the path variable. All this is detailed on the download link above. Read more

Latest Security and FUD

  • Userdir URLs like https://example.org/~username/ are dangerous

    I would like to point out a security problem with a classic variant of web space hosting. While this issue should be obvious to anyone knowing basic web security, I have never seen it being discussed publicly. Some server operators allow every user on the system to have a personal web space where they can place files in a directory (often ~/public_html) and they will appear on the host under a URL with a tilde and their username (e.g. https://example.org/~username/). The Apache web server provides such a function in the mod_userdir module. While this concept is rather old, it is still used by some and is often used by universities and Linux distributions. From a web security perspective there is a very obvious problem with such setups that stems from the same origin policy, which is a core principle of Javascript security. While there are many subtleties about it, the key principle is that a piece of Javascript running on one web host is isolated from other web hosts. To put this into a practical example: If you read your emails on a web interface on example.com then a script running on example.org should not be able to read your mails, change your password or mess in any other way with the application running on a different host. However if an attacker can place a script on example.com, which is called a Cross Site Scripting or XSS vulnerability, the attacker may be able to do all that.

  • FOSSID and BearingPoint Enter Strategic Partnership Around Open Source Software Governance

    FOSSID, a leader in open source software compliance and security, and BearingPoint, a leader in open source management services, today announced their strategic partnership around free and open source software governance. After successfully cooperating in selected projects for more than two years, BearingPoint decided to choose FOSSID as its strategic provider of open source analysis tools. FOSSID’s technology provides high performance and accuracy in the code analysis services performed by BearingPoint. [...] BearingPoint’s modular FOSS services provide companies with streamlined processes and infrastructure to deploy, manage, and govern their software throughout the product lifecycle, helping them to manage open source compliance and security. BearingPoint’s FOSS analysis services provide a timely and confidential analysis of the customers’ code base, including comprehensive compliance and security reports for their business decisions.

  • 5 ways to secure your applications from open-source vulnerabilities [Ed: Interesting, Proprietary software programs/code have no vulnerabilities? This is only an Open Source thing?]
  • How to make open source success less of a crapshoot [Ed: Typical Asay]