Language Selection

English French German Italian Portuguese Spanish

Linuxinsight

Syndicate content
LinuxInsight - aggregated feeds
Updated: 7 min 2 sec ago

TuxMachines: Linux Accessibility For The Visually Impaired – For The Record

Monday 17th of September 2018 09:12:09 AM

Linux Accessibility For The Visually Impaired. I received a comment from Milton asking me about text to speech options in Linux. He also wanted to know what I recommended for audio dictation under Linux. The first option is indeed, using FoSS awesomeness. However the later relies on Google’s Web Speech API. Also, here is that article on controlling your mouse cursor with your webcam and no hands.

read more

TuxMachines: 4 scanning tools for the Linux desktop

Monday 17th of September 2018 08:25:06 AM

While the paperless world isn't here quite yet, more and more people are getting rid of paper by scanning documents and photos. Having a scanner isn't enough to do the deed, though. You need software to drive that scanner.

But the catch is many scanner makers don't have Linux versions of the software they bundle with their devices. For the most part, that doesn't matter. Why? Because there are good scanning applications available for the Linux desktop. They work with a variety of scanners and do a good job.

read more

Reddit: Linus Torvalds Reflects On How He's Been Hostile To Linux Community Members Over the Years, Issues Apology, and Announces He Will Be Taking Some Time Off

Monday 17th of September 2018 08:21:12 AM

On Sunday, Linus Torvalds spoke about the confusion he had regarding Maintainer's Summit, but more importantly, how this incident gave him a chance to realize "that I really had been ignoring some fairly deep-seated feelings in the community." In an email to the Linux Kernel Mailing List, Torvalds apologized for hurting people with his behavior over the years, and possibly driving some people "away from kernel development entirely."

On that end, said Torvalds, "I am going to take time off and get some assistance on how to understand people's emotions and respond appropriately." He wrote:[...] It's one thing when you can ignore these issues. Usually it's just something I didn't want to deal with. This is my reality. I am not an emotionally empathetic kind of person and that probably doesn't come as a big surprise to anybody. Least of all me. The fact that I then misread people and don't realize (for years) how badly I've judged a situation and contributed to an unprofessional environment is not good. This week people in our community confronted me about my lifetime of not understanding emotions. My flippant attacks in emails have been both unprofessional and uncalled for. Especially at times when I made it personal. In my quest for a better patch, this made sense to me. I know now this was not OK and I am truly sorry.

The above is basically a long-winded way to get to the somewhat painful personal admission that hey, I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely.I am going to take time off and get some assistance on how to understand people's emotions and respond appropriately.

Put another way: When asked at conferences, I occasionally talk about how the pain-points in kernel development have generally not been about the _technical_ issues, but about the inflection points where development flow and behavior changed. These pain points have been about managing the flow of patches, and often been associated with big tooling changes - moving from making releases with "patches and tar-balls" (and the _very_ painful discussions about how "Linus doesn't scale" back 15+ years ago) to using BitKeeper, and then to having to write git in order to get past the point of that no longer working for us. We haven't had that kind of pain-point in about a decade. But this week felt like that kind of pain point to me. To tie this all back to the actual 4.19-rc4 release (no, really, this_is_ related!) I actually think that 4.19 is looking fairly good, things have gotten to the "calm" period of the release cycle, and I've talked to Greg to ask him if he'd mind finishing up 4.19 for me, so that I can take a break, and try to at least fix my own behavior.

This is not some kind of "I'm burnt out, I need to just go away" break. I'm not feeling like I don't want to continue maintaining Linux. Quite the reverse. I very much \do* want to continue to do this project that I've been working on for almost three decades. This is more like the time I got out of kernel development for a while because I needed to write a little tool called "git". I need to take a break to get help on how to behave differently and fix some issues in my tooling and workflow.*

And yes, some of it might be "just" tooling. Maybe I can get an email filter in place so at when I send email with curse-words, they just won't go out. Because hey, I'm a big believer in tools, and at least _some_ problems going forward might be improved with simple automation. [...]

submitted by /u/ajanty
[link] [comments]

TuxMachines: Torvalds Apologizes for His ‘Bad Behavior’, Takes a Break from Linux

Monday 17th of September 2018 06:28:34 AM

No more F-words and angry outbursts from Torvalds anymore? Linux creator Linus Torvalds is taking a break from Linux kernel development in order to take professional help for improving his behavior.

read more

Reddit: Best distros for legacy hardware

Monday 17th of September 2018 06:18:24 AM

Long story short, coworker's brother knows exactly nothing about computers, somehow picked up a Satellite p205d with an Athlon X2 and a cool 1gb of ram, wants it to be his daily driver. I gave the best advice I could, but it's come down to getting an OS installed on it, and I've got my doubts about it running Win10. Which distro would you folks recommend for an older machine being used by someone who tried to reset the Vista user account password by setting a BIOS password [was not kidding, "user" is a bold choice of words to describe his proficiency]?

submitted by /u/charliefuckstick
[link] [comments]

Reddit: Linux's new CoC is a piece of shit.

Monday 17th of September 2018 05:56:34 AM

First off, I'd like to say that I love Linux, use it for everything, etc. I'm not leaving Linux over this or anything. I just need to state my opinion.

As many of you know, as part of the 4.19-rc4 release Linus changed the code of conduct and took a temporary (hopefully) break. He's stated that he'd tone down his language (no more calls to "retroactively abort" people and such. This is all good, and I support it. One of my greatest fears is having my patch/contrition to a FOSS project be publicly dissected and ridiculed. However, it is important to note that Linus is almost always right when it comes to the kernel, so although I don't support the cursing and personal attacks I definitely am OK with Linus being a bit of a bully because it appears to work and keeps crap code out of the kernel, which IMO is more important than one dev's feelings for the day. People bounce back quickly, recovering from security vulnerabilities or majorly broken userspace is no so easy. All in all I support Linus' decision to tone down a bit as long as he doesn't get too soft.

The biggest problem, however, is the new "Code of Conduct." Until now, Linux had a "Code of Conflict" that set down few rules and was generally pretty nonrestrictive. It has been replaced with a new CoC derived from the Contributor's Covenant (used by X.Org and Freedesktop.org, as well as a few other OSS projects). Although this seems like a good idea at face value, this is extremely detrimental to the Linux kernel as a whole. Lets look at some reasons:

1st, the Contributor Covenant was written by Coraline Ada Ehmke. This is the same person who demanded that maintainer be kicked out of the Opal project due to unrelated political views. She is a self-proclaimed "notorious SJW." She at one time created an organization ("Culture Offset") that centred around boycotting GitHub. I'm not insulting her as person, just saying that she does not necessarily agree with the Linux kernel values, mainly the fact that she drags unrelated political issues into software, which is completely against the Linux code-only meritocracy.

2nd, the "benevolent dictator" model of kernel development depends on Linus having an iron fist on the kernel. Although he still does with the new CoC, he loses his ability to be honest with the kernel community. He can no longer call out shitty patches for being shitty without carefully choosing his words to avoid offending anyone, and of course the person submitting the patch is probably going to be offended anyway (or at least disappointed), and now they have a CoC to fall back to and use to defend themselves. The *last thing we need* is for Linus to get in trouble for accidentally misgendering someone or "other conduct which could reasonably be considered inappropriate for a professional setting" (yes, this ambiguous, undefinable line is in the new CoC verbatim!) when calling out shitty code that breaks userspace.

3rd, the new CoC is fundamentally flawed in that it addresses issues from a political point of view and not a Linux kernel dev point of view. It opens with a long paragraph listing all of the types of discrimination that aren't allowed. The thing is, 99% of devs (except Caroline, apparently), don't give a shit. 99% never have and never will see each other. Furthermore, discrimination never has and is not a problem in the kernel. Linus is mean to everyone when they give him shitty code. He doesn't discriminate.

4th, Linux is essentially a controlled chaos of programmers with a loose meritocratic structure. People are always free to contribute, and by contributing good code you climb up the ladder and eventually become a maintainer. The new CoC seems to be written for a more rigid structure in which everyone is equally competent. This is not the case with Linux, and its looseness is its greatest strength. This is why you see Linux everywhere, because some college kid in his basement thought "hey, wouldn't it be cool if I ported Linux to X?" He can do that, and even get his code into the mainline kernel, without having to join an organization or sign up. At this point all that is known about this kid is his patch, only his patch, and nothing else. The Linux community should be free to judge this new dev based on the quality of his code. With the new CoC, this becomes extremely difficult as it is now classified as "discriminatory and unwelcoming behaviour." This is because the CoC expects everyone to be at an equal level in the community, which is blatantly false with Linux. (My total contributions to the kernel involve lurking on the LKML and fixing spelling errors in error messages and documentation. I feel that it is entirely unfair to expect top devs to treat me as they would Linus. I have no problem with people scrutinizing my changes more than Linus', because, in the Linux meritocracy, I'm in a lower class. I'm fine with that.)

In the end, this new CoC represents a new low for the Linux community. As of now the best course of action would be to revert the commit and forget it ever happened. Yes, Linus should calm down in his rants. However, Linus should be allowed to get fired up when its needed to keep the kernel in one piece, which is what the new CoC prevents.

I am tempted to believe the rumours that SJWs found some dirt on Linus and bullied him into this. This seems VERY un-Linusy and I am completely shocked that he approve this. It just doesn't seem possible that Linus would willingly surrender his rights to rip into people over crap code. He almost seems to enjoy it!

I've started to become Linus here and start ranting, so I'm going to end this rant with a TL;DR:

The new CoC represents a new low for the Linux kernel and destroys the structure that has allowed Linux to become what it is today, focusing on political correctness and "diversity and inclusion" instead of Linux kernel development.

submitted by /u/enp2s0
[link] [comments]

TuxMachines: Security: Windows/NSA Back Doors, Election Cracking, and Open Source Security Podcast

Monday 17th of September 2018 04:59:57 AM
  • Cryptocurrency mining attacks using leaked NSA hacking tools are still highly active a year later

    Yet, more than a year since Microsoft released patches that slammed the backdoor shut, almost a million computers and networks are still unpatched and vulnerable to attack.

  • Leaked NSA exploits are still used to infect at least 919K servers with cryptojacking malware [Ed: Microsoft gave the NSA back doors. It was inevitable that crackers who do not work for the US government would get in too.]

    Although Microsoft indicated that they have closed the backdoor used by this ransomware, more computers globally are not fully secured to prevent the infection by the malware. Interestingly, the hackers have shifted their game from asking for ransom and are now infecting new computers with cryptojacking malware.

  • Cybersecurity Is Only 1 Part of Election Security

    The DEF CON 2018 Voting Machine Hacking Village aimed to raise awareness in voting security through a full day of speakers and panel discussions along with a challenge for attendees to hack more than 30 pieces of voting equipment. A partnership with rOOtz Asylum offered youths between 8 and 16 years old an opportunity to hack replicas of the websites of secretaries of state to demonstrate that even hackers with limited years of experience can easily compromise critical systems. The goal was to break as many voting machine pieces as possible in order to draw attention to the vulnerabilities that will be present in the upcoming 2018 elections.

    The focus on election equipment, however, ignores the greater danger caused by hacking into the diverse collection of sensitive information that flows through political campaigns and the electoral process, and using that to influence and sow distrust among voters. While changing a vote or voting results can be traced back to a particular stakeholder, changing people's understanding of facts is far more insidious.

  • Open Source Security Podcast: Episode 114 - Review of "Click Here to Kill Everybody"

    Josh and Kurt review Bruce Schneier's new book Click Here to Kill Everybody. It's a book everyone could benefit from reading. It does a nice job explaining many existing security problems in a simple manner.

read more

LXer: Linus Torvalds takes a break from Linux

Monday 17th of September 2018 04:39:49 AM
Video: In a surprising move, Linus Torvalds, Linux's creator, is taking a break on his Linux kernel work to work on his behavior to other developers. In a note to the Linux Kernel Mailing List (LKML), Torvalds wrote, "I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely."

TuxMachines: ​Linus Torvalds takes a break from Linux

Monday 17th of September 2018 04:25:23 AM

In a surprising move, Linus Torvalds, Linux's creator, is taking a break on his Linux kernel work to work on his behavior to other developers. In a note to the Linux Kernel Mailing List (LKML), Torvalds wrote, "I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely."

If you follow the trials and tribulations of Linux's developments, this is mind-blowing. For the almost 30-years Torvalds has been working on the kernel, he's been famous--or infamous--for his outbursts towards programmers and others who didn't meet his high expectations.

Over the decades, Torvalds has torn into security developers, open-source lawyers, and other kernel developers, such as Sage, formerly Sarah, Sharp. Every few months, there would be another four-letter Torvalds eruption. This became publicly accepted, but privately it left bad blood.

read more

TuxMachines: Review: Linux Mint 3 Debian Edition (LMDE 3)

Monday 17th of September 2018 04:20:55 AM

On the whole, I liked running LMDE 3 a lot. The distribution was easy to set up, I liked the quick access to common tools in the welcome window. The change from ranked upgrades to having the system safeguarded by Timeshift snapshots may make things a little harder for newcomers (it's harder to recover a system than to not have it break in the first place), but the new approach probably offers better security in the long run.

One thing I appreciated about LMDE 3 is that it looks beautiful. I usually don't focus much on a theme, or icon style, but Mint looks incredible to me. Everything is high contrast and attractive. The fonts are a little thin for my taste, but this can be easily changed with a few clicks in the settings panel.

I was a little disappointed the system installer defaults to using ext4 instead of Btrfs. Since Mint recommends and relies on Timeshift for system recovery, and Btrfs snapshots are much more efficient than rsync snapshots, it makes sense to me to use Btrfs by default. On a related note, when Timeshift is set up to use rsync snapshots, the rsync command will drag down system performance for about 20 minutes at a time. Having the snapshots run as a lower priority in the background would have avoided slowing down the desktop once a day.

I would have preferred if LMDE had shipped with MATE instead of Cinnamon. I realize Cinnamon is an in-house desktop project and it makes sense for the Mint developers to focus on using and promoting Cinnamon. However, since I suspect many of the people who want to use the Debian branch over the Ubuntu branch will be doing so for performance reasons, I think MATE would make the sensible default. MATE is lighter than Cinnamon, does not require special video driver/hardware support and will run better in virtual environments. Cinnamon is a solid desktop and I think it looks and performs wonderfully on physical hardware, it just doesn't feel like the optimal choice for people who want to run the lighter, more conservative Debian branch of Mint.

Finally, I want to give credit to the Mint team for integrating Flatpak support into the software manager. It is easy to find Flatpaks without having them blend in with other packages, potentially confusing users. I think Flatpak support was handled well by the Mint team.

On the whole, the above points are minor style preferences for a distribution that I was impressed by. Mint's Debian edition performed smoothly, offered a lot of great software out of the box and was easy to use. I think the Debian branch might be slightly less appealing to beginners than the main, Ubuntu-based edition, but there are few practical differences and most people will probably find either branch works for them. I think LMDE will be a good fit for most people, whether beginners or more experienced users.

read more

Reddit: "mozilla is not trustworthy" video by bryan lunduke shows up as removed.

Monday 17th of September 2018 04:07:10 AM

i was going to show a friend the said video but i can't see it anymore, it was basically the a browser extension being added forcibly, mozilla funding antifa and doing stuff to prevent fake news etc. but now the link shows up as removed, does anyone know the reason for that?

this is the tweet about the video tweeted by lunduke: https://twitter.com/bryanlunduke/status/942621617045127168

this is the video itself: https://www.youtube.com/watch?v=KPgyTzqDJhM

EDIT: it still exists in archive org archives, https://archive.org/details/youtube-qMALm1VthGY

submitted by /u/mightysilentsaint
[link] [comments]

Reddit: Linux Kernel Code of Conduct

Monday 17th of September 2018 03:30:28 AM

More in Tux Machines

Linux firewalls: What you need to know about iptables and firewalld

A firewall is a set of rules. When a data packet moves into or out of a protected network space, its contents (in particular, information about its origin, target, and the protocol it plans to use) are tested against the firewall rules to see if it should be allowed through. Here’s a simple example... Read more

Mozilla: Firefox GCC/LLVM Clang Dilemma, September 2018 CA Communication and CfP

  • Fedora Firefox – GCC/CLANG dilemma
    After reading Mike’s blog post about official Mozilla Firefox switch to LLVM Clang, I was wondering if we should also use that setup for official Fedora Firefox binaries. The numbers look strong but as Honza Hubicka mentioned, Mozilla uses pretty ancient GCC6 to create binaries and it’s not very fair to compare it with up-to date LLVM Clang 6. Also if I’m reading the mozilla bug correctly the PGO/LTO is not yet enabled for Linux, only plain optimized builds are used for now…which means the transition at Mozilla is not so far than I expected.
  • September 2018 CA Communication
    Mozilla has sent a CA Communication to inform Certification Authorities (CAs) who have root certificates included in Mozilla’s program about current events relevant to their membership in our program and to remind them of upcoming deadlines. This CA Communication has been emailed to the Primary Point of Contact (POC) and an email alias for each CA in Mozilla’s program, and they have been asked to respond to the following 7 action items:
  • Emily Dunham: CFP tricks 1
    Some strategies I’ve recommended in the past for dealing with this include looking at the conference’s marketing materials to imagine who they would interest, and examining the abstracts of past years’ talks.

today's howtos

Security: Quantum Computing and Cryptography, Time to Rebuild Alpine Linux Docker Container

  • Quantum Computing and Cryptography
    Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would break the RSA cryptosystem for any key length. This is why cryptographers are hard at work designing and analyzing "quantum-resistant" public-key algorithms. Currently, quantum computing is too nascent for cryptographers to be sure of what is secure and what isn't. But even assuming aliens have developed the technology to its full potential, quantum computing doesn't spell the end of the world for cryptography. Symmetric cryptography is easy to make quantum-resistant, and we're working on quantum-resistant public-key algorithms. If public-key cryptography ends up being a temporary anomaly based on our mathematical knowledge and computational ability, we'll still survive. And if some inconceivable alien technology can break all of cryptography, we still can have secrecy based on information theory -- albeit with significant loss of capability. At its core, cryptography relies on the mathematical quirk that some things are easier to do than to undo. Just as it's easier to smash a plate than to glue all the pieces back together, it's much easier to multiply two prime numbers together to obtain one large number than it is to factor that large number back into two prime numbers. Asymmetries of this kind -- one-way functions and trap-door one-way functions -- underlie all of cryptography.
  • This New CSS Attack Restarts iPhones & Freezes Macs
  • Time to Rebuild Alpine Linux Docker Containers After Package Manager Patch
  • GrrCon 2018 Augusta15 Automation and Open Source Turning the Tide on Attackers John Grigg