Language Selection

English French German Italian Portuguese Spanish

FOSS Force

Syndicate content
FOSS Force News Wire
Updated: 42 min 37 sec ago

Calibre Open-Source eBook Management App Gets Major Release After Two Years

Monday 7th of October 2019 08:44:22 PM
Calibre creator Kovid Goyal announced today the release and general availability of the Calibre 4.0 series of his popular open-source ebook management app for Linux, Windows, and Mac.

PostgreSQL 12 Performance With AMD EPYC 7742 vs. Intel Xeon Platinum 8280 Benchmarks

Monday 7th of October 2019 08:26:12 PM

One of the areas of performance I had been meaning to look more at following the recent AMD EPYC 7002 series launch was for database servers. With the original EPYC 7000 series performance, the performance came up short in competing with Intel Xeon CPUs, but for the EPYC Rome processors it ends up being a very different story. Given the launch last week of PostgreSQL 12, I've been trying out this new database server release on both EPYC and Xeon processors.

Also: Antoine Beaupré: This is why native apps matter

read more

Microsoft Embedded Inside Linux

Monday 7th of October 2019 08:17:01 PM
  • Linux Kernel 5.4 to Have Kernel Lockdown and ExFAT Support

    The lockdown feature aims to further strengthen Linux security by “restricting access to kernel features that may allow arbitrary code execution via code supplied by userland processes”.

    In simple words, even the root account cannot modify the kernel code. This will hep in cases where a root account is compromised, the rest of system won’t be easy to compromise specially on kernel level. In even simpler words, it enhances the Linux security.

    There are two lockdown modes: integrity and confidentiality.

    In integrity lockdown mode, kernel features that allow userland to modify the running kernel are disabled.

  • Linus Torvalds isn't worried about Microsoft taking over Linux

    But that doesn't mean the Microsoft leopard can't change its spots. Sure, he hears, "This is the old Microsoft, and they're just biding their time." But, Torvalds said, "I don't think that's true. I mean, there will be tension. But that's true with any company that comes into Linux; they have their own objectives. And they want to do things their way because they have a reason for it." So, with Linux, "Microsoft tends to be mainly about Azure and doing all the stuff to make Linux work well for them," he explained.

    Torvalds emphasized this is normal: "I mean, that's just being part of the community."

    As Eric Raymond pointed out in his seminal open-source work, The Cathedral and the Bazaar: "Every good work of software starts by scratching a developer's personal itch."

read more

Canonical Releases Major Kernel Security Update for Ubuntu 19.04 and 18.04 LTS

Monday 7th of October 2019 08:14:24 PM
Canonical has released today a new major Linux kernel security for Ubuntu 19.04 and Ubuntu 18.04 LTS operating systems to address eighteen security vulnerabilities.

Silicon Valley Braces as Vestager 2.0 Comes With Power Upgrade

Monday 7th of October 2019 08:05:00 PM
One of Europe’s most powerful tech regulators is expected to ace an interview for a job that will equip her with greater weaponry to take on the Silicon Valley giants that already fear her. Margrethe Vestager, the European Union’s antitrust chief, will be quizzed Tuesday by European lawmakers who must approve her to become a vice-president of the European Commission from Nov. 1, tasked with making “a Europe fit for the digital age.”

How to Install CentOS 8 Desktop

Monday 7th of October 2019 07:44:24 PM
CentOS 8 is a free and open-source Linux distribution and community version of RHEL 8. In this tutorial, we will show you step by step instructions on how to install CentOS 8.

How To Create Directories Named With Current Date / Time / Month / Year

Monday 7th of October 2019 07:44:23 PM
This brief tutorial describes how to create directories named with current date, time, month and year from commandline in Linux.

Security updates for Monday

Monday 7th of October 2019 07:24:19 PM
Security updates have been issued by Debian (jackson-databind, libapreq2, libreoffice, novnc, phpbb3, and ruby-mini-magick), Fedora (mbedtls and mosquitto), Mageia (xpdf), openSUSE (bind, firefox, nginx, openssl-1_0_0, php7, python-numpy, and thunderbird), Oracle (kernel), SUSE (ansible1, ardana-ansible, ardana-cluster, ardana-db, ardana-extensions-nsx, ardana-glance, ardana-input-model, ardana-installer-ui, ardana-manila, ardana-monasca, ardana-neutron, ardana-nova, ardana-octavia, ardana-opsconsole-ui, ardana-osconfig, ardana-service, ardana-tls, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui, grafana, novnc, openstack-cinder, openstack-dashboard, openstack-designate, openstack-glance, openstack-heat, openstack-horizon-plugin-heat-ui, openstack-horizon-plugin-monasca-ui, openstack-ironic, openstack-ironic-python-agent, openstack-keystone, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-nova, openstack-octavia, openstack-sahara, openstack-tempest, openstack-watcher, python-ardana-configurationprocessor, python-cinder-tempest-plugin, python-urllib3, rubygem-easy_diff, bind, compat-openssl098, nginx, and openssl-1_0_0), and Ubuntu (linux-kvm, linux-raspi2, linux-snapdragon and openexr).

New online tool helps quantify insider email risk

Monday 7th of October 2019 07:15:27 PM
Email is now the preferred communication method for businesses, but this brings with it greater risk of employees leaking data due to errors or deliberate activity. A survey from data security company Egress shows that of employees who had accidentally shared data almost half (48 percent) say they had been rushing, 30 percent blamed a high-pressure working environment and 29 percent said it happened because they were tired. The survey also reveals that 95 percent of IT leaders are concerned about insider threats, with 79 percent believing employees have accidentally put sensitive company data at risk in the last year.… [Continue Reading]

Oomox - Customize And Create Your Own GTK2, GTK3 Themes

Monday 7th of October 2019 07:14:42 PM
Oomox is a graphical app for customizing and creating your own GTK theme complete with your own color, icon and terminal style.

Graphics: NVIDIA and Intel

Monday 7th of October 2019 07:08:05 PM
  • NVIDIA Still Working On A Generic Allocator - Has Working Open-Source Implementation

    For those wondering, NVIDIA is still pursuing a generic allocator / Unix device memory allocator that has been talked about for years and a potential successor to the likes of the Generic Buffer Manager (GBM). They now have an implementation of their proposed allocator working for the open-source NVIDIA (Nouveau) driver though there still is a lot of work ahead.

    Each year at the X.Org Developers' Conference (XDC) going back several they have presented concepts and work on a new device memory API with being unhappy over the semantics of GBM and that initially being one of the obstacles for NVIDIA's Linux driver in supporting Wayland compositors with many of them being tailored towards GBM while NVIDIA's initial Wayland support design has been around EGLStreams but they ultimately want this new hypothetical allocator API.

  • Intel giving hints at a possible Intel Xe dedicated GPU release in June 2020

    In the Twitter post, which was retweeted by the official Intel Graphics Twitter account was the below image which has the date of June 2020 on the license plate. Not exactly cryptic, it's a pretty clear teaser towards a release date for the Intel Xe or whatever they actually end up calling it once it's out. That's pure speculation of course on my part but it would line up given who sent the tweet and Intel previously saying the Xe series will be out in 2020.

    We've yet to really see any solid information on exactly how powerful they will be. What we do know though, is that they should get first-class Linux support as Intel has been working through their drivers on Linux. They talked openly before about their commitment to open source and their focus on Linux gaming too so it's quite exciting.

read more

5 Best Password Managers For Linux Desktop

Monday 7th of October 2019 07:04:23 PM

A password manager is a useful tool for creating unique passwords and storing them securely so that you don’t have to remember them. Check out the best password managers available for Linux desktop.

Passwords are everywhere. Websites, forums, web apps and what not, you need to create accounts and password for them. The trouble comes with the password. Keeping the same password for various accounts poses a security risk because if one of the websites is compromised, hackers try the same email-password combination on other websites as well.

But keeping unique passwords for all the new accounts means that you have to remember all of them and it’s not possible for normal humans. This is where password managers come to your help.

Also: Standard Notes kept losing my notes

read more

Programming: Java Persistence API, Paul Ivanov (Python) and Meson 0.52 Release

Monday 7th of October 2019 06:59:10 PM
  • Using the Java Persistence API

    The Java Persistence API (JPA) is an important Java functionality for application developers to understand. It translates exactly how Java developers turn method calls on objects into accessing, persisting, and managing data stored in NoSQL and relational databases.

    This article examines the JPA in detail through a tutorial example of building a bicycle loaning service. This example will create a create, read, update, and delete (CRUD) layer for a larger application using the Spring Boot framework, the MongoDB database (which is no longer open source), and the Maven package manager. I also use NetBeans 11 as my IDE of choice.

  • PyDev of the Week: Paul Ivanov

    This week we welcome Paul Ivanov (@ivanov) as our PyDev of the Week! Paul is a core developer of IPython and Jupyter. He is also an instructor at Software Carpentry. You can learn more about Paul on his website. You can also see what he’s been up to in open source by visiting his Github profile. Let’s take some time to get to know Paul!

  • Meson 0.52 Released
  • Meson 0.52 Released With Better Support For Solaris/Illumos

    While popularity in Solaris-based operating systems may be on the decline, for Meson to ultimately replace other build systems it will need good support for said operating systems where Automake, CMake, and others are well supported. As such, with this weekend's Meson 0.52 release comes with better support for Solaris and the OpenSolaris-derived Illumos platforms.

read more

Sparky 5.9

Monday 7th of October 2019 06:51:06 PM

SparkyLinux 5.9 “Nibiru” is out. This is a quarterly update of live/install media of the stable line, which is based on Debian 10 “Buster”.

The base system has been upgraded from Debian stable repos as of October 4, 2019.
It works on the Linux kernel 4.19.67 LTS.
As usually, new iso/img images provide small bug fixes and improvements as well.

Sparky project page and Sparky forums got new skins; no big changes about the colors but they are much mobile devices friendly now.

read more

Fedora drops 32-bit Linux

Monday 7th of October 2019 06:45:20 PM
With the next version of Fedora, support for the obsolete 32-bit version Linux will be dropped.

How to Install GlassFish 5 on CentOS 7

Monday 7th of October 2019 06:45:19 PM
GlassFish is a complete Java EE application server, including an EJB container and all the other features of this stack. GlassFish is free software, dual-licensed under two free software licences: the Common Development and Distribution License (CDDL) and the GNU General Public License (GPL) with the classpath exception. In this tutorial, we’ll guide you through the process of installing GlassFish on a CentOS 7 VPS. The install process won’t take more than 10-15 minutes.

Games: Dwarves of Glistenveld, Stadia, Oxygen Not Included, Planetary Annihilation and Children of Morta

Monday 7th of October 2019 06:35:29 PM
  • Mixing strategy and RPG elements The Dwarves of Glistenveld is entering Early Access soon

    Dig deep for riches, just not too deep or you might find some Goblins lurking around. The Dwarves of Glistenveld is confirmed to be entering Early Access on October 18th. Linux support is confirmed too, as the developer clearly replied to us on Twitter.

  • Alen Ladavac, co-founder of Croteam has left to join the Google Stadia team, plus other Stadia news

    Here's a bit of interesting industry news for you on this fine Monday afternoon. Alen Ladavac, who help to co-found the Serious Sam and Talos Principle developer Croteam has moved onto game streaming.

  • Oxygen Not Included should perform a lot better with the latest update

    While Oxygen Not Included is one of my favourite games to come out in the last year, it did have a few performance issues here and there which the latest update should hopefully solve.

    Klei Entertainment don't just make interesting games, they support them for a long time too. Oxygen Not Included left Early Access back in July and the first big post-release update landed last week to improve the experience for everyone. Klei said they did a "big performance pass and removed a lot of spikes, leading to a smoother experience in every colony we tested". They also worked on some new profiling tools to help them track down performance issues, which is what helped with this update.

  • Planetary Annihilation: TITANS has a big update available with major Linux issues

    Planetary Annihilation Inc continue updating and expanding their massive scale RTS Planetary Annihilation: TITANS with a new major update available.

    [...]

    As a big fan of Planetary Annihilation: TITANS and someone who supported it since Kickstarter and then later upgraded to a much higher tier this makes me incredibly sad to see. Willingly pushing out an update that breaks it completely on modern Linux distributions isn't really acceptable.

  • Story-driven action RPG 'Children of Morta' is still coming to Linux but no ETA

    Children of Morta, a very good looking story-driven action RPG from Dead Mage and 11 bit studios release in early September. It was supposed to have Linux support but they've been pretty quiet on it.

    We wrote about this back in June, noting that the developer confirmed a Linux version was still happening. Sadly the release came and went with no word on the Linux version. However, searching around on September 24th they did reply on Steam to say that "We plan to add Linux support, yes. Again, can't promise any dates at the moment.". Today as well, the publisher 11 bit studios did also email GamingOnLinux to confirm this "It's happening, but right now we don't have an exact date of when it will be available.".

read more

What’s the Future of Free Software?

Monday 7th of October 2019 06:23:50 PM
Is it time for the Free Software Foundation to consider some new directions for the free software movement in the post-Stallman era? [...] Continue reading What’s the Future of Free Software? The post What’s the Future of Free Software? appeared first on FOSS Force.

Deputy Attorney General Rosen: Companies Like Facebook Are Making Everyone Less Safe By Offering Encryption

Monday 7th of October 2019 06:23:00 PM
The federal government's anti-encryption push is starting to turn into a really weird movement. Yanking pages from the FOSTA playbook, Attorney General William Barr threw an anti-encryption party featuring him, FBI Director Chris Wray, Deputy AG Jeffrey Rosen, and some overseas critics of secure communications. It was full of loaded language, beginning with the conference's name: Lawless Spaces: Warrant-Proof Encryption and Its Impact On Child Exploitation Cases This is how the DOJ and FBI are going to play this game: the specter of exploited children vs. secure communications for millions of Facebook users. Facebook is definitely the target. This conference -- which featured zero tech experts or encryption advocates -- was preceded by the announcement of a data-sharing agreement between the US and UK government that namechecked Facebook's Messenger and WhatsApp. It was also preceded by Attorney General William Barr's letter to Facebook, asking it to drop its plans to add end-to-end encryption to Messenger. The letter, signed by the participants in this one-sided conference, said the addition of encryption -- without some form of "lawful access" -- would result in massive amounts of undetectable child exploitation. Now that William Barr has said his piece, the floor has been opened up to DOJ Deputy Attorney General Jeffrey Rosen. Rosen's pitch isn't all that different from the one Barr laid out in his open letter to Facebook. But Rosen does add a bit more color to his in the form of questionable analogies. Outside the digital world, none of us would accept the proposition that grown-ups should be permitted to mingle in closed rooms with children they don’t know in order to groom them for sexual exploitation. Neither would we ever accept the idea that a person should be allowed to keep a hoard of child sexual abuse material from the scrutiny of the justice system when all of society’s traditional procedures for protecting the person’s privacy, like the Fourth Amendment’s warrant requirement, have been satisfied. But in the digital world, that is increasingly the situation in which we find ourselves. First off, no one finds the propositions Rosen offers acceptable -- not the digital variety nor the real-world version. However, both versions still happen, with or without "lawful access." It's not that the DOJ and FBI shouldn't go after child exploiters. It's that pretending that undermining encryption will cause "lawless spaces" to cease to exist isn't an honest approach. To be fair, Rosen isn't saying exactly that. But what he's pitching is encryption backdoors that will result in millions of insecure communications for millions of people. The potential for harm is immeasurable. But we -- and our service providers -- should apparently be willing to take that risk so law enforcement has easier access to these communications. That's the trade-off being demanded, even if Rosen, Barr, etc. aren't intellectually honest enough to use those exact words. The intellectual dishonesty continues with Rosen's refusal to call backdoors "backdoors." I am not for a moment suggesting that we should “weaken” encryption. As we confront the problem of “warrant-proof” encryption, nobody is calling for secret “back doors” to communications systems, even though that is often how the issue is misreported. As FBI Director Wray said this morning, law enforcement seeks a front door — that is, access through a transparent and publicly acknowledged system, and only once we have secured the authorization of a court. And we don’t want the keys to that door. The companies that develop these platforms should keep the keys, maintaining their users’ trust by providing access to content only when a judge has ordered it. If you put an entrance anywhere, the building is compromised. A hole in a wall, floor, roof, wherever, is still a hole. It doesn't matter who holds the keys. The keys exist and can be copied or misplaced. Law enforcement may need a warrant, but criminals and state actors only need access to the key. Dressing it up as an escrow system doesn't magically make this problem go away. Rosen is calling for more than backdoors. Using another emotional argument, Rosen appears to saying the government should be allowed to eavesdrop on encrypted communications. Every day, companies like AT&T, Verizon, and Sprint provide law enforcement with targeted lawful access to the content of phone communications in ways that promote public safety — but only after the government has complied with the rigorous requirements of the law, and a judge has authorized access. Why should internet technology companies operate under different rules? For a young girl who is being trafficked for sex, it makes no difference whether her tormenters are communicating via traditional voice calls over a cell phone, or via an encrypted internet app. But it makes a huge difference to the investigators trying to find her, as they can gather the first category of electronic evidence, but not the second. From a policy point of view, it doesn’t make any sense. The example Rosen uses is wiretaps. The FBI would definitely like to be the unseen party to any number of conversations, especially now that most of them don't take place over the phone. With this, Rosen is asking for more than unencrypted access to data at rest. He's asking for a "non-backdoor" that allows investigators to intercept communications. This increases the complexity of the government's demands and the insecurity of the targeted app's users. Rosen says 70% of 16 million child sexual abuse reports Facebook made last year originated from its Messenger service. Once end-to-end encryption is applied, these messages will no longer be visible to Facebook, in addition to being less accessible to law enforcement. He compares the millions of Facebook reports to the very limited number produced by Apple, which has provided end-to-end encryption for a few years now. Apple has forwarded a little over 200 tips over the last three years. As Rosen conjectures, it can't simply be because no child abusers use iPhones. Rosen isn't wrong. Encryption will result in far fewer reports, if Facebook can't scan messages for child porn. But he's completely wrong in his portrayal of the trade-offs being made. Some companies have completely favored the privacy of their users over the safety of their users. This isn't about privacy, even though there is definitely a net privacy gain. It's about security, something even the government realizes is essential for electronic communications. But the government wants less security for everyone, in exchange for an unknown quantity of law enforcement "wins." Rosen actually says users are "safer" when their communications providers scan communications for illicit content -- an argument few outside the FBI and DOJ would make. Rosen is spinning this from the viewpoint of law enforcement riding to the rescue of victimized children. But it won't just be the FBI making use of backdoors or intercepted communications. It will also be governments who treat criticism and dissent as crimes, which definitely makes things less safe for millions of people around the world. Rosen closes with this last bit of intellectual dishonesty: If we are to move to a world where even judge-approved search warrants become useless to the protection of exploited children, and to public safety more broadly, our country needs an open discussion of the costs some such technology platforms will be imposing on all of us. If our efforts to make the virtual world more secure leave us more vulnerable in the physical world, that decision should be an informed one. But Rosen and the agencies he's speaking for don't want an "informed" decision. They've spent years blowing off experts who say what they want will result in less security and safety for users, as well as pointing out the impossibility of creating a "secure" backdoor. You only need to look at the speaker list for this event to see the DOJ and FBI aren't interested in being informed. When the only people being asked for opinions are those who think undermining encryption is a necessity, you're going to come to the conclusion that undermining encryption is a necessity. Permalink | Comments | Email This Story