Language Selection

English French German Italian Portuguese Spanish

Linuxinsight

Syndicate content
LinuxInsight - aggregated feeds
Updated: 53 min 36 sec ago

TuxMachines: Ubuntu: Introducing the Fan – simpler container networking

Monday 22nd of June 2015 07:15:05 PM

Canonical just announced a new, free, and very cool way to provide thousands of IP addresses to each of your VMs on AWS. Check out the fan networking on Ubuntu wiki page to get started, or read Dustin’s excellent fan walkthrough. Carry on here for a simple description of this happy little dose of awesome.

read more

LXer: Linux Kernel 4.1 LTS released

Monday 22nd of June 2015 07:09:30 PM
In today's open source roundup: Linus has released Linux Kernel 4.1 LTS. Plus: Download Mageia 5. And can Android save the Blackberry?

TuxMachines: Windows vs Linux: what's the best operating system?

Monday 22nd of June 2015 07:08:45 PM

These distros can vary wildly in design, functionality and sophistication, and are often constantly changing. The differences between them aren’t always obvious either, and the choice can seem overwhelming.

On the other hand, one of the benefits of an open source OS is that you’re free to try as many different distros as you like at no cost. The most popular one, and the closest Linux has to a ‘standard’ OS is Ubuntu, which makes things as simple as possible for those new to Linux.

Other popular distros include Linux Mint, Debian, and Fedora, the last of which Torvalds personally uses on all his PCs. There are lean builds designed to make the most out of underpowered hardware, graphics-intensive builds designed to look as attractive as possible, and everything inbetween.

read more

Slashdot: Linux Kernel 4.1 Will Be an LTS Release

Monday 22nd of June 2015 12:00:01 PM

Reddit: Missing all OVMF files

Monday 22nd of June 2015 05:48:22 AM

You may have seen my other post on setting up my KVM GPU Passthrough recently. The help I got was awesome and I got it at least showing a picture, but it was suggested I use the OVMF Bios instead of Seabios because its generally better. After researching, I believe that I should have all OVMF files by default, but when I look I have none. I downloaded one binary for the bios itself, but whenever I try and boot off it in QEMU, I get no video output whereas seabios does. This leads me to believe that there are other parts of OVMF I am missing, or its outputting on the wrong output on my passthroughed GPU. Any help on this would be very much appreciated :)

submitted by Jako81624
[link] [comment]

Reddit: This is illegal, right?

Sunday 21st of June 2015 11:55:11 PM

Reddit: On the LibreM laptop; Purism doesn't believe in user freedom, and doesn't care about your privacy.

Sunday 21st of June 2015 11:33:44 PM
On the LibreM laptop; Purism doesn't believe in user freedom, and doesn't care about your privacy.

That's quite a bold statement to make, considering the equally bold statements made by the company called Purism, which has recently run a successful campaign (https://www.crowdsupply.com/purism/librem-15) for a so-called freedom respecting laptop. Recently, the company has opened yet another campaign for a smaller version of the same design.

For those who don't know what Purism LibreM is: essentially, it's a laptop sold by a company who claims that everything in it is fully free software, respecting the users privacy and “essential freedoms”. For those familiar with the terms “free software” and “open source software”, you could see why this is special (even newsworthy) in a laptop. This article attempts to debunk the outright dishonest and deceitful statements made by Purism over the last few months.

Simply speaking, the LibreM contains a proprietary BIOS. While the company claims that they are using coreboot (http://coreboot.org/) which is technically correct, the generation of Intel hardware that they are using requires proprietary software as add-ons to coreboot. These are:

Intel FSP (“Firmware Support Package”) Intel ME (“Management Engine”) Intel VBIOS (“Video BIOS”) Intel CPU microcode updates Intel FSP (Firmware Support Package)

Non-technical summary: Essentially, coreboot only provides basic “callbacks” and executes this mystery binary-only blob, to actually initialize most of the hardware. None of the code is Free Software (source code is withheld by Intel).

Coreboot does very basic hardware initialization; memory (RAM) initialization (“raminit”), CPU initialization, initializing all of the peripherals, and so on. It sounds simple from this summary, but there is a lot of work involved and implementing coreboot support for new hardware can sometimes take months, or even years. On most modern Intel systems (including the generation used by the LibreM), this is handled by binary-only proprietary software provided by Intel, called FSP or “Firmware Support Package”.

The coreboot project has been integrating the FSP blob on a lot of recent Intel hardware, made in the last few years. Efforts have been made to free (reverse engineer) it, but it's a lot of work and will likely take many years; in other words, it's not going to happen any time soon, especially not within the time-frame of the recently started campaign for the Librem13 (as sold by Purism), and it certainly wasn't achieved for their previous Librem15 campaign, either.

Information about the FSP can be found on the coreboot wiki, coreboot mailing lists and can be found in the coreboot git repository using: git grep “fsp”

Intel Management Engine (“ME”)

Non-technical sumary: the ME is a proprietary backdoor that comes pre-installed on all modern Intel systems, providing adversaries a way to break into your system. Even most recent coreboot-supported Intel systems have it (because those systems won't boot without it).

This one is extremely controversial, especially within the coreboot community. All recent Intel systems (made in the last 8 or 9 years) has this.

The “Management engine” (and its extension, AMT or “Active Management Technology”) provides businesses (translation: system administrators) with a capability that they have long sought after: the ability to remotely administrate a system, even when it's powered off, before it has even booted into an operating system. This is useful when you want to remotely re-install an operating system, for example.

Using the Management engine, a sysadmin can literally do anything, for example:

power control BIOS configuration and upgrade disk wipe system re-installation console access (VNC)

Source: https://www.fsf.org/blogs/community/active-management-technology

In other words, the Management Engine is a back door into the system, potentially providing remote access to anyone else, including those with malicious intentions.

There is a lot more information about this, on websites such as http://me.bios.io/Main_Page, http://io.smashthestack.org/me/, the coreboot wiki and more.

The ME has full access to RAM.

And guess what? It is proprietary software (meaning, no source code). What's more alarming, is that the ME is cryptographically signed by Intel, and only Intel has the private key. If you try to remove the ME, your system will simply not boot at all; if you try to use a modified ME, the signature check will fail and again, your system will not boot.

While on some older Intel chipsets, it is possible to remove the ME firmware (and disable the ME), this is impossible on the latest generation of Intel hardware that purism is using.

Does this sound scary? Considering that it's a backdoor, has full access to RAM (for instance, it could leak your private encryption keys), has full networking (the ME can use the onboard ethernet NIC or wifi), you could hardly describe any system that comes with the ME as being one that respects the users privacy.

Yet, this is exactly what Purism claims. Their campaign emphasizes that the LibreM is the “first system to respect the users privacy and essential freedoms”, which is already a lie, based on the description of the ME and FSP as outlined above, and based on the fact that companies already existed before it that actually do sell freedom- and privacy-respecting laptops: Gluglug http://shop.gluglug.org.uk/ and Google (only partial; some of their ARM chromebooks contain only free software for hardware initialization, making use of coreboot, while their Intel chromebooks all have the Intel Management Engine which is proprietary, while all Google Chromebooks are vastly superior to the LibreM on a freedom- and privacy-oriented basis, and Google has contributed a lot of code to coreboot (actual code)).

Intel Video BIOS

Non-technical summary: it turns on your graphics card/chipset, makes it work and gives you a visual display, so you can see what it is that you are doing on your computer.

All modern video/graphics chipsets require their own initialization code, commonly referred to as a “Video BIOS”. Exactly as implied by the name, the “VBIOS” initializes the video chipset; memory initialization, register initialization, setting up dedicated areas of VRAM (if sharing main system memory), – basically, what coreboot does for the rest of the system. The VBIOS then sets up a text- or framebuffer-mode console, and provides basic callbacks that the OS might use for switching modes, writing text onto the screen, blitting a bitmap, etc.

Again, as with previous descriptions, this one is summarized; there's a lot that a Video BIOS does.

While some systems in coreboot have what is called “Native Graphics Initialization” which, in coreboot terms, means fully free (“open-source”) video initialization code, the video chipsets used in the LibreM laptops do not have this; it is handled by a proprietary (binary-only, sourceless) blob provided by Intel.

Intel CPU microcode updates

Non-technical summary: very essential component on all Intel CPUs. Without it, you would not have a functional computer, since this implements the very basic instructions that software can use to tell the CPU what to do and how to behave.

All (or most) Intel (and also AMD) CPUs have built in to them what is called “microcode”. The raw circuitry itself handles a few instructions on its own (simple instructions like add, subtract, jump, etc), but these CPUs are designed to be as generic as possible (circuit-wise); the “microcode” is software which defines which circuits to use, in order to implement more instructions.

CPUs contain built-in microcode, but the circuitry (or the existing microcode) can be buggy, or have security issues. That's where microcode updates come in; these are loaded during boot, and will disable buggy parts of the CPU or patch bugs in the existing microcode.

Microcode is necessary on modern CPUs, owing to their complexity. While some CPU types out there don't use any microcode (not even built-in), most x86 processors do.

The built-in CPU microcode cannot be replaced (short of replacing the entire CPU), but the updates are provided in the firmware image (the “BIOS”), and updated during normal “BIOS updates”. These updates are, of course, proprietary; they lack source code.

While some CPUs can be used without the proprietary updates, the generation of Intel CPUs used in the LibreM laptops will not work at all without the updates. Not only is it proprietary but, like the Management engine, it is also signed (meaning, you couldn't apply your own updates even if you understood how to implement them).

Summary: LibreM comes with Shimboot, not Coreboot.

A “shim” is, in software terms, a minimal piece of code that executes something. In the context of coreboot, that is when the coreboot ROM image contains mostly blobs; coreboot is just executing blobs and providing callbacks, but is not actually initializing any of the hardware itself (the blobs do that instead).

LibreM is selling you a laptop with shimboot pre-installed.

Coreboot has a reputation for being “free and open-source”, so it's easy for Purism to simply say that their laptops come with coreboot, because they do; but they neglect or play down the fact that most of it is still blobs. Coreboot's reputation is poisoned in recent years; accepting more and more blobs into the official git repository, and hosting an entire “3rdparty” repository dedicated exclusively to blobs. Newer coreboot systems are becoming more and more “shimboot” than anything else, which is not a far cry from fully proprietary boot firmware.

In other words, LibreM is selling a system with a proprietary BIOS. While they may claim that their “PureOS” GNU/Linux distribution is fully free (open-source) software, this means nothing. Companies have existed for decades that sell laptops, desktops and servers with GNU/Linux pre-installed while the “BIOS” (boot firmware) is still proprietary software.

LibreM is no better than them. The issue, is that they try to claim that their laptops are somehow “freedom-respecting”, more so than those who came before them. This is a lie, and one that Todd Weaver (the director of Purism) should be ashamed of.

Those who want a laptop that respects their freedom (as defined by the GNU project and Free Software Foundation) and privacy, should not purchase a LibreM laptop from Purism. Their laptops fall short of this criteria by a long mile.

This text falls under license: CC-0

A copy of this license can be found here: https://creativecommons.org/publicdomain/zero/1.0/

submitted by gulguls
[link] [1 comment]

LXer: Meet Fedora 22 MATE-Compiz – Include Video Overview and Screenshots

Sunday 21st of June 2015 11:01:48 PM
Fedora 22 MATE-Compiz is an official fedora spins of fedora 22 featuring mate desktop environment version 1.10, using Compiz for desktop effect and Emerald as a window manager.

TuxMachines: Run Any Windows Application in the Robolinux 7.9.2 Operating System

Friday 19th of June 2015 11:17:51 AM

Robolinux, a Linux distribution based on Debian featuring various flavors that let users run any Windows application, has been upgraded to version 7.9.2 and is now available for download.

read more

TuxMachines: Is It That Hard to Use Linux as Your Main Computer Operating System?

Friday 19th of June 2015 11:14:43 AM

Every once in a while, I find myself in a situation where I'm being asked by someone who wants to migrate from a Microsoft Windows operating system if Linux is indeed a new home for Windows refugees.

read more

Reddit: A Very usefull GoT Linux command...

Friday 19th of June 2015 09:51:45 AM

TuxMachines: Looking for Alternatives to Systemd

Friday 19th of June 2015 09:34:20 AM

Apart from philosophical and security concerns, I have over time amassed quite a collection of startup and shutdown scripts on my Slackware boxen. I prefer to be able to have full control over what my machines do and hand crafted and edited scripts have never let me down so far. If it's written correctly, it works and does exactly as it says on the tin. That's the beauty of an old-fashioned operating system like Slackware. You may be running a VPN server, offer VNC or ssh login and whatnot. The most reliable way to control them is via your own scripts - and you will know where you put them, thereby learning more about the system you're using. I'm afraid systemd is more of an abstraction layer that will separate users from understanding what us actually being called, what is actually going on under the hood. It may be fine for professional admins who, once they have learned the new commands, will know what they're doing as they know their Linux, but for a lot of private users this will just be a step towards another 'walled garden' operating system that they don't understand. Of course, many don't want to and only want to use an appliance that does the job, and that is fine. It is dumbing down nevertheless and potentially dangerous, in a time when everyone needs to understand the implications of the technology they're using, not the least to safeguard themselves and their families.

read more

TuxMachines: Here's how these startups hope to topple Oracle

Friday 19th of June 2015 09:14:28 AM

The thing that these challengers have in common is that they're released as open source software, meaning that developers all over the world have helped develop them.

read more

Reddit: Linux Foundation Beefs Up Scholarship Program

Friday 19th of June 2015 03:51:18 AM

LXer: ClusterHQ picks EMC as friend with benefits for Flocker release

Friday 19th of June 2015 03:47:12 AM
Keep your containers close and your data closer. ClusterHQ has inked an agreement that will see its Flocker container management code integrate with EMC's flashy fare.

More in Tux Machines

Compact, rugged IoT gateway runs Linux on Quark

Adlink’s “Matrix MXE-100i” gateway runs Wind River’s Linux-based IDP XT IoT gateway stack on an Intel Quark processor, and offers multiple wireless options. The Matrix MXE-100i is a spinoff of the Matrix MXE-200i gateway computer announced by Adlink in February. Like the MXE-200i, the identically sized, 120 x 100 x 55mm MXE-100i comes preloaded with a Linux-based Internet of Things gateway software stack from Intel subsidiary Wind River, called Wind River Intelligent Device Platform XT. Read more

Media player mini-PC runs Android on 64-bit octa-core SoC

We no longer cover every Android media player or HDMI stick that comes around, but the new Tronsmart “Orion R68″ certainly caught our attention. (So did its similar predecessor, the quad-core Rockchip RK3288 based Orion R28). First, it runs Android 5.1, a bug-fixed and more secure version of Android 5.0 Lollipop, on a new Rockchip RK3368 system-on-chip, which combines eight Cortex-A53 cores clocked at up to 1.5GHz. Read more

Red Hat and Fedora

  • Red Hat Gluster, Ceph storage roadmaps laid out at Red Hat Summit
    During the Red Hat Summit last week, the vendor provided roadmaps for its Ceph and Gluster storage software products including unified management technology and expanded protocol support for Ceph. Red Hat demonstrated the new unified capabilities that will allow users to install, manage and monitor Red Hat's Gluster and Ceph storage. Additional capabilities targeted next year for Red Hat Ceph Storage include support for iSCSI and NFS and improved multi-site capabilities, according to Neil Levine, a Red Hat director of product management.
  • Red Hat – Software Partnership Shakes Up Mobile Software Market
  • The open organization on main street
  • Analysts Evaluation on Red Hat, Inc. (NYSE:RHT)
  • Red Hat Inc (NYSE:RHT) a Buy: Oppenheimer
    According to Wall Street, Red Hat, Inc. (NYSE:RHT) is expected to report earnings per share for the current fiscal quarter of $0.29. This is the consensus mean estimate based on the individual covering sell-side analysts’ reported numbers. The company last reported earnings for the period ending on 2015-05-31 of $0.31.
  • Call for applications for Fedora Diversity Advisor (A Volunteer Position)
    Fedora is a big community that includes contributors and users from many different countries, each with their own experiences and historical backgrounds that contribute to a diverse mix of cultural, educational, and behavioral norms. To continuously create and foster an inclusive environment in the Fedora community, it’s important to respond to the needs of existing contributors and users, and welcome new contributors and users from diverse backgrounds.
  • Post Filtering
    In order to prevent users from being overwhelmed by a fire hose of notifications from the hubs they’re subscribed to and from all the other apps connected to Fedora Hubs, we decided to design a filtering system.

Btrfs In Linux 4.2 Brings Quota Updates, Many Fixes

Adding to the already lengthy list of new features for Linux 4.2 is the Btrfs file-system updates that were sent in today by Facebook's Chris Mason. The Btrfs file-system update for Linux 4.2 includes sub-volume quota updates, sysfs improvements, device management improvements, and various other changes. In total around 1,700 lines of Btrfs code were touched for this merge window. Read more Also: XFS Will Get DAX Support In The Linux 4.2 Kernel