Language Selection

English French German Italian Portuguese Spanish

July 2016

Parsix GNU/Linux 8.10 "Erik" Officially Released Based on Debian 8.5 "Jessie"

Filed under
GNU
Linux

Today, July 31, 2016, the development team behind the Parsix GNU/Linux operating system have had the great pleasure of announcing the release of Parsix GNU/Linux 8.10 "Erik."

Read more

IDM For Ubuntu - Install IDM On Ubuntu And Other Linux Distributions

Filed under
Linux
HowTos

IDM is the favourite download manager of most Windows users. But, after moving to Linux their favourite download manager goes away because it's not available for Ubuntu or any other distributions. But don't worry, here is a way to make IDM for Ubuntu through Wine.

Read<br />
more

Snap! — Beyond teaching coding to would-be programmers

Filed under
Development

Block-based programming languages are not the be-all and end-all of Computer Science learning and they are not meant to be. You could use them without ever intending your students pursue a career in programming. For those who do want to become developers, tools like Snap! are a good starting point from which to get a handle on complex programming concepts, such as OOP, modularity, events, and so on. For other students, they provide a fun and consistent way of training your brain for logical reasoning and out-of-the-box problem solving.

Read more

today's leftovers

Filed under
Misc
  • The Upgradeable Allwinner Dev Board That's Laptop-Compatible Raises $50k So Far

    At the beginning of the month I wrote about That Open, Upgradeable ARM Dev Board Is Trying To Make A Comeback, the EOMA68-spec'ed project formerly known as the Improv Dev Board. It's still using the same (rather slow) Allwinner SoC but has since seen some improvements and there's also a laptop compatible route too. The project has now raised more than $50k USD, but their goal is still three times that at $150k they are trying to raise over the next month.

  • My Microsoft Office 365 woes: Constant crashes, malware macros – and settings from Hell

    Microsoft Office remains one of the most important software products available, despite some rather nasty flaws. For me, Microsoft Office and video games anchor me to Windows. While video games seem set to remain largely Windows-only for the foreseeable future, Office is losing its grip.

    For a long time, I used Office because it was faster. Perhaps more importantly, I knew most of it worked, and I could fairly quickly make a fresh installation do what I wanted. Office 365 has changed all of that.

    To be perfectly honest, I'm not entirely certain why I got Office 365. I was perfectly happy using Office 2010 that had been beaten about the ears enough to look and feel identical to Office 2003. It was quick, the context menus gave me access to all the commands I wanted, and I managed to get rid of both the spacing after the paragraphs and all those dumb "smart quotes."

    Perhaps someone sent me a file that wouldn't open in 2010. Perhaps it was yet another attempt to make Lync work. I will probably never remember. Regardless, the shift to Office 365's version of Office 2013 – and eventually 2016 – has been a descent into madness.

  • Deploy Kubernetes with ansible on Atomic
  • Install Zulip on Ubuntu
  • Parabola 2016.07.27 Screenshot Tour
  • Create two, three, many openSUSE Guides
  • Friday Session Wrap for Red Hat, Inc. (NYSE:RHT)
  • On managing Ruby versions

    This is a little thought on packaged Ruby versions (mostly in Linux-based systems) and why I don’t get many people advising newcomers to start by installing RVM when in reality they just want to program Ruby.

  • Are You Satisfied With Your Ubuntu Phone? (Poll)

    Ubuntu OTA 12 will have completed its phased roll out by the time you read this, and feedback to the changes it brings will not doubt have begun to roll in. Now that we’re almost 18 months on from the launch of the very first Ubuntu Phone I’m curious as to you are getting on with your Ubuntu Phone?

  • Snappy Sprint Heidelberg

    I recently attended Snappy Sprint Heidelberg, the first Snappy sprint focused on upstream and cross-distribution collaboration.

    Snappy is a technology with an interesting history: initially started to provide App Store-like semantics (atomicity, declarative security) for the Ubuntu Phone project, it has since expanded to be a platform for desktop application deployment (e.g. VLC), as well as server applications and the IoT space.

  • ReactOS 0.4.2 Nears With Many Features

    The first release candidate to the upcoming ReactOS 0.4.2 release is now available, the project aiming to be an open-source re-implementation of Microsoft Windows.

  • Software Freedom Kosova Conference SFK’16 Call for Speakers

    SKF | Software Freedom Kosova is an annual international conference in Kosovo organized to promote free/libre open source software, free culture and open knowledge, now in its 7th edition. It is organized by FLOSSK, a non governmental, not for profit organization, dedicated to promote software freedom and related philosophies.

Android Leftovers

Filed under
Android

Security Leftovers

Filed under
Security
  • Xen patches critical guest privilege escalation bug

    A freshly uncovered bug in the Xen virtualisation hypervisor could potentially allow guests to escalate their privileges until they have full control of the hosts they're running on.

    The Xen hypervisor is used by cloud giants Amazon Web Services, IBM and Rackspace.

    Inadequate security checks of how virtual machines access memory means a malicous, paravirtualised guest administrator can raise their system privileges to that of the host on unpatched installations, Xen said.

  • Xen Vulnerability Allows Hackers To Escape Qubes OS VM And Own the Host
  • The Security of Our Election Systems [Too much of Microsoft]

    The FBI is investigating. WikiLeaks promises there is more data to come. The political nature of this cyberattack means that Democrats and Republicans are trying to spin this as much as possible. Even so, we have to accept that someone is attacking our nation's computer systems in an apparent attempt to influence a presidential election. This kind of cyberattack targets the very core of our democratic process. And it points to the possibility of an even worse problem in November ­ that our election systems and our voting machines could be vulnerable to a similar attack.

  • Data program accessed in cyber-attack on Democrats, says Clinton campaign [iophk: "Windows still"]

    A data program used by the campaign of the Democratic presidential candidate, Hillary Clinton, was “accessed” as a part of hack on the Democratic National Committee (DNC) that intelligence officials believe was carried out by Russia’s intelligence services, Clinton’s campaign said on Friday.

  • A Famed Hacker Is Grading Thousands of Programs — and May Revolutionize Software in the Process

    “There are applications out there that really do demonstrate good [security] hygiene … and the vast majority are somewhere else on the continuum from moderate to atrocious,” Peiter Zatko says. “But the nice thing is that now you can actually see where the software package lives on that continuum.”

    Joshua Corman, founder of I Am the Cavalry, a group aimed at improving the security of software in critical devices like cars and medical devices, and head of the Cyber Statecraft Initiative for the Atlantic Council, says the public is in sore need of data that can help people assess the security of software products.

    “Markets do well when an informed buyer can make an informed risk decision, and right now there is incredibly scant transparency in the buyer’s realm,” he says.

Linux and Graphics

Filed under
Graphics/Benchmarks
Linux

Games for GNU/Linux

Filed under
Gaming

GNOME Maps Is Back On Track Thanks to Mapbox

Filed under
GNOME

The desktop GNOME Maps app hit a dead-end earlier this month after the free service it used to display maps changed it usage policy.

Read more

GNOME Maps App Is Functional Again, Switches to Mapbox API Through a GNOME Proxy

Filed under
GNOME

The GNOME developers behind the Maps application distributed as part of the GNOME Stack announced today the availability of an important release of the project since it lost access to the MapQuest service.

Read more

More in Tux Machines

Raspberry Pi lookalike offers HDMI 2.0 and optional M.2

Geniatech’s “XPI-S905X” is a new Raspberry Pi pseudo clone with a quad -A53 Amlogic S905X plus 2GB RAM, up to 16GB eMMC, 4K-ready HDMI 2.0, LAN, 4x USB, touch-enabled LVDS, and optional M.2. Geniatech, which is known for Qualcomm based SBCs such as the Snapdragon 410 based, 96Boards-like Development Board IV and Snapdragon 820E based Development Board 8, has posted specs for a Raspberry Pi form factor board with a quad -A53, Amlogic S905X with 1/6GHz to 2GHz performance. No pricing is available for the XPI-S905X, which appears to be aimed at the OEM market. Read more

​Linus Torvalds talks about coming back to work on Linux

"'I'm starting the usual merge window activity now," said Torvalds. But it's not going to be kernel development as usual. "We did talk about the fact that now Greg [Kroah-Hartman] has write rights to my kernel tree, and if will be easier to just share the load if we want to, and maybe we'll add another maintainer after further discussion." So, Kroah-Hartman, who runs the stable kernel, will have a say on Linus' cutting-edge kernel. Will someone else get write permission to Torvalds' kernel code tree to help lighten the load? Stay tuned. Read more Also: Linux Foundation Technical Advisory Board election call for nominations

Mozilla: Firefox 65 Plans and Firefox 63 Analysis

  • Firefox 65 Will Block Tracking Cookies By Default
    Mozilla today released Firefox 63, which includes an experimental option to block third-party tracking cookies, protecting against cross-site tracking. You can test this out today, but Mozilla wants to enable it for everyone by default in Firefox 65.
  • The Path to Enhanced Tracking Protection
    As a leader of Firefox’s product management team, I am often asked how Mozilla decides on which privacy features we will build and launch in Firefox. In this post I’d like to tell you about some key aspects of our process, using our recent Enhanced Tracking Protection functionality as an example.
  • Firefox 63 Lets Users Block Tracking Cookies
    As announced in August, Firefox is changing its approach to addressing tracking on the web. As part of that plan, we signaled our intent to prevent cross-site tracking for all Firefox users and made our initial prototype available for testing. Starting with Firefox 63, all desktop versions of Firefox include an experimental cookie policy that blocks cookies and other site data from third-party tracking resources. This new policy provides protection against cross-site tracking while minimizing site breakage associated with traditional cookie blocking.
  • Firefox 63 – Tricks and Treats!
  • Firefox 63 Released, Red Hat Collaborating with NVIDIA, Virtual Box 6.0 Beta Now Available, ODROID Launching a New Intel-Powered SBC and Richard Stallman Announces the GNU Kind Communication Guidelines
    Firefox 63.0 was released this morning. With this new version, "users can opt to block third-party tracking cookies or block all trackers and create exceptions for trusted sites that don't work correctly with content blocking enabled". In addition, WebExtensions now run in their own process on Linux, and Firefox also now warns if you have multiple windows and tabs open when you quit via the main menu. You can download it from here.
  • Changes to how Mozilla Readability extracts article metadata in Firefox 63
    Mozilla Readability will now extract document metadata from Dublin Core and Open Graph Protocol meta tags instead of trying to guess article titles. Earlier this year, I documented how reader mode in web browsers extract metadata about articles. After learning about the messy state of metadata extraction for reader mode, I sought to improve the extraction logic used in Mozilla Readability. Mozilla Readability was one of the first reader mode parsers and it’s used in Firefox as well as other web browsers.

Security: Cross-Hyperthread Spectre V2 Mitigation Ready For Linux, Targeted vs General-Purpose Security and More

  • Cross-Hyperthread Spectre V2 Mitigation Ready For Linux With STIBP
    On the Spectre front for the recently-started Linux 4.20~5.0 kernel is STIBP support for cross-hyperthread Spectre Variant Two mitigation. Going back to the end of the summer was the patch work for this cross-hyperthread Spectre V2 mitigation with STIBP while now it's being merged to mainline.
  • Targeted vs General purpose security
    There seems to be a lot of questions going around lately about how to best give out simple security advice that is actionable. Goodness knows I’ve talked about this more than I can even remember at this point. The security industry is really bad at giving out actionable advice. It’s common someone will ask what’s good advice. They’ll get a few morsels, them someone will point out whatever corner case makes that advice bad and the conversation will spiral into nonsense where we find ourselves trying to defend someone mostly concerned about cat pictures from being kidnapped by a foreign nation. Eventually whoever asked for help quit listening a long time ago and decided to just keep their passwords written on a sticky note under the keyboard. I’m pretty sure the fundamental flaw in all this thinking is we never differentiate between a targeted attack and general purpose security. They are not the same thing. They’re incredibly different in fact. General purpose advice can be reasonable, simple, and good. If you are a target you’ve already lost, most advice won’t help you. General purpose security is just basic hygiene. These are the really easy concepts. Ideas like using a password manager, multi-factor-auth, install updates on your system. These are the activities anyone and everyone should be doing. One could argue these should be the default settings for any given computer or service (that’s a post for another day though). You don’t need to be a security genius to take these steps. You just have to restrain yourself from acting like a crazy person so whoever asked for help can actually get the advice they need.
  • Oracle Moves to Gen 2 Cloud, Promising More Automation and Security [Ed: Ellison wants people to blindly trust proprietary blobs for security (a bad thing to do, never mind the CIA past of Oracle and severe flaws in its DBs)].
    A primary message from Ellison is that the Gen 2 Oracle cloud is more secure, with autonomous capabilities to help protect against attacks. Ellison also emphasized the segmentation and isolation of workloads on the Gen 2 Oracle cloud, providing improved security.
  • Reproducible Builds: Weekly report #182
    Here’s what happened in the Reproducible Builds effort between Sunday October 14 and Saturday October 20 2018...