Language Selection

English French German Italian Portuguese Spanish

January 2017

Android Leftovers

Filed under
Android

Meet the $114,725 Ubuntu server with eight Nvidia Tesla P100 GPUs

Filed under
Graphics/Benchmarks
Ubuntu

The Ibex Pro is one supercharged machine that will probably hurt your electric bill.

System76's fastest Ibex Pro with Ubuntu Server 16.10 packs some crazy horsepower with Intel's latest 22-core Xeon E5 v4 chips and eight Nvidia Tesla P100 graphics processors.

It's got the same number of GPUs as Nvidia's superfast DGX-1, which is being used for deep learning. System76 is targeting the Ibex Pro -- which is a rack server -- at the same market as the DGX-1. The server has fewer, but newer, CPUs, compared to the DGX-1.

Read more

OPNsense 17.1 Released, Based On FreeBSD 11

OPNsense 17.1 is now available as the newest release of this network-focused FreeBSD-based operating system forked from pfSense.

It's now been two years since the first official release of OPNsense and to celebrate they have out a big update. OPNsense 17.1 re-bases to using FreeBSD 11.0, there's now a SSH remote installer, new language support, more hardening features used from HardenedBSD, new plugins, integrated authentication via PAM, and many other improvements. Some of the new plug-ins include FTP Proxy, Tinc VPN, and Let's Encrypt support.

Read more

Open source GIS in Italian public administration

Filed under
OSS

The Italian Association for Free Software Geographic Information Systems (GFOSS.it) is conducting a survey to collect information about the use of this kind of software in Italy’s public sector. The results will be made public at the GFOSS.it meeting, in Genoa from 8 to 11 February.

Read more

Austria set to increase its use of open source

Filed under
OSS

Public administrations in Austria need to increase their use of free and open source software, the government of Austria says in its Digital Strategy. The strategy proposes to ‘push’ (forcierung) open source by public administrations. This is intended to accelerate its uptake, explains Federal Chancellery for Digitalisation.

Read more

Security News

Filed under
Security

  • You're taking the p... Linux encryption app Cryptkeeper has universal password: 'p'

    Linux encryption app Cryptkeeper has a bug that causes it to use a single-letter universal decryption password: "p".

    The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem's command line interface: Cryptkeeper invokes encfs and attempts to enter paranoia mode with a simulated 'p' keypress – instead, it sets passwords for folders to just that letter.

  • Reproducible Builds: week 92 in Stretch cycle

    John Gilmore wrote an interesting mail about how Cygnus.com worked on reproducible builds in the early 1990s. (It's eye opening to see how the dealt with basically the very same problems we're dealing with today, how they solved them and then to realize that most of this has been forgotten and bit-rotted in the last 20 years. How will we prevent history repeating it)self here?)

  • MongoDB ransom attacks continue to plague administrators

    Earlier this month, Salted Hash reported on a surge in attacks against publicly accessible MongoDB installations.

    Since January 3, the day of that first report, the number of victims has climbed from about 200 databases to more than 40,000. In addition to MongoDB, those responsible for the attacks have started targeting Elasticsearch and CouchDB.

    No matter the platform being targeted, the message to the victim is the same; send a small Bitcoin payment to the listed address, or forever lose access to your files.

OSS Leftovers

Filed under
OSS
  • Be the open source supply chain

    I would bet that whoever is best at managing and influencing the open source supply chain will be best positioned to create the most innovative products. In this article, I’ll explain why you should be a supply chain influencer, and how your organization can be an active participant in your supply chain.

  • Leon Anavi’s Open Source News Vlog

    All of us at the FOSS Force office have become big fans of this new open source news blog from Leon Anavi and can’t wait until the next edition comes out in February. Don’t worry Leon, your English is fine. Keep ’em coming.

  • Announcing the Google Code-in 2016 Winners!

    Drum roll please! We are very proud to announce the 2016 Google Code-in (GCI) Grand Prize Winners and Finalists. Each year we see the number of student participants increase, and 2016 was no exception: 1,340 students from 62 countries completed an impressive 6,418 tasks. Winners and Finalists were chosen by the 17 open source organizations and are listed alphabetically below.

  • LinuxCon, CloudOpen, and ContainerCon Come to China for the First Time in 2017

    The Linux Foundation, a non-profit organization promoting the adoption of the latest Linux and Open Source technologies to the enterprise industry, is announcing the upcoming schedule for LinuxCon, CloudOpen, and ContainerCon conferences.

    Taking in place for the first time in China, between June 19-20, 2017, the LinuxCon, ContainerCon and CloudOpen events will be held at the China National Convention Center in Beijing, where it is expected that thousands of attendees will share their knowledge, collaborate on new technologies, and learn about the latest Open Source and GNU/Linux technologies, including cloud, containers, microservices, and networking.

  • 5 new guides for working with OpenStack

    OpenStack experience continues to be among the most in-demand skills in the tech world, with more and more organizations seeking to build and manage their own open source clouds. But OpenStack is a huge domain of knowledge, containing dozen of individual projects that are being actively developed at a rapid pace. Just keeping your skills up to date can be a challenge.

  • C++ Support Added To GCC's libcc1, Benefiting GDB

    Another late feature addition to GCC 7 is C++ support for libcc1.

    Libcc1 is the GCC cc1 plugin for the GDB debugger. With the latest GCC SVN/Git code tonight is now C++ support to complement the C interfaces.

Android Leftovers

Filed under
Android

Red Hat News

Filed under
Red Hat
  • Developing open leaders

    For many people, that requires a profound mindset shift in how to think about leaders. Yet in some ways, it's what we all intuitively know about how organizations really work. As Red Hat CEO Jim Whitehurst has pointed out, in any organization, you have the thermometers—people who reflect the organizational "temperature" and sentiment and direction—and then you have the thermostats—people who set those things for the organization.

  • ​Monash University gets multi-petabyte computing boost from Red Hat, Dell EMC

    Monash University has implemented a multi-petabyte deployment at its eResearch Centre, giving the Melbourne-based advanced computing facility the capacity to store and manage massive workloads of data.

    The university implemented a software-defined solution that uses Red Hat Ceph Storage on Dell EMC PowerEdge R630 and R730xd rack servers that it expects will accelerate application performance, simplify systems management, and address the university's growing data storage requirements.

  • Red Hat, Inc. (RHT) Downgraded by Vetr Inc.

Games for GNU/Linux

Filed under
Gaming

More in Tux Machines

Raspberry Pi lookalike offers HDMI 2.0 and optional M.2

Geniatech’s “XPI-S905X” is a new Raspberry Pi pseudo clone with a quad -A53 Amlogic S905X plus 2GB RAM, up to 16GB eMMC, 4K-ready HDMI 2.0, LAN, 4x USB, touch-enabled LVDS, and optional M.2. Geniatech, which is known for Qualcomm based SBCs such as the Snapdragon 410 based, 96Boards-like Development Board IV and Snapdragon 820E based Development Board 8, has posted specs for a Raspberry Pi form factor board with a quad -A53, Amlogic S905X with 1/6GHz to 2GHz performance. No pricing is available for the XPI-S905X, which appears to be aimed at the OEM market. Read more

​Linus Torvalds talks about coming back to work on Linux

"'I'm starting the usual merge window activity now," said Torvalds. But it's not going to be kernel development as usual. "We did talk about the fact that now Greg [Kroah-Hartman] has write rights to my kernel tree, and if will be easier to just share the load if we want to, and maybe we'll add another maintainer after further discussion." So, Kroah-Hartman, who runs the stable kernel, will have a say on Linus' cutting-edge kernel. Will someone else get write permission to Torvalds' kernel code tree to help lighten the load? Stay tuned. Read more Also: Linux Foundation Technical Advisory Board election call for nominations

Mozilla: Firefox 65 Plans and Firefox 63 Analysis

  • Firefox 65 Will Block Tracking Cookies By Default
    Mozilla today released Firefox 63, which includes an experimental option to block third-party tracking cookies, protecting against cross-site tracking. You can test this out today, but Mozilla wants to enable it for everyone by default in Firefox 65.
  • The Path to Enhanced Tracking Protection
    As a leader of Firefox’s product management team, I am often asked how Mozilla decides on which privacy features we will build and launch in Firefox. In this post I’d like to tell you about some key aspects of our process, using our recent Enhanced Tracking Protection functionality as an example.
  • Firefox 63 Lets Users Block Tracking Cookies
    As announced in August, Firefox is changing its approach to addressing tracking on the web. As part of that plan, we signaled our intent to prevent cross-site tracking for all Firefox users and made our initial prototype available for testing. Starting with Firefox 63, all desktop versions of Firefox include an experimental cookie policy that blocks cookies and other site data from third-party tracking resources. This new policy provides protection against cross-site tracking while minimizing site breakage associated with traditional cookie blocking.
  • Firefox 63 – Tricks and Treats!
  • Firefox 63 Released, Red Hat Collaborating with NVIDIA, Virtual Box 6.0 Beta Now Available, ODROID Launching a New Intel-Powered SBC and Richard Stallman Announces the GNU Kind Communication Guidelines
    Firefox 63.0 was released this morning. With this new version, "users can opt to block third-party tracking cookies or block all trackers and create exceptions for trusted sites that don't work correctly with content blocking enabled". In addition, WebExtensions now run in their own process on Linux, and Firefox also now warns if you have multiple windows and tabs open when you quit via the main menu. You can download it from here.
  • Changes to how Mozilla Readability extracts article metadata in Firefox 63
    Mozilla Readability will now extract document metadata from Dublin Core and Open Graph Protocol meta tags instead of trying to guess article titles. Earlier this year, I documented how reader mode in web browsers extract metadata about articles. After learning about the messy state of metadata extraction for reader mode, I sought to improve the extraction logic used in Mozilla Readability. Mozilla Readability was one of the first reader mode parsers and it’s used in Firefox as well as other web browsers.

Security: Cross-Hyperthread Spectre V2 Mitigation Ready For Linux, Targeted vs General-Purpose Security and More

  • Cross-Hyperthread Spectre V2 Mitigation Ready For Linux With STIBP
    On the Spectre front for the recently-started Linux 4.20~5.0 kernel is STIBP support for cross-hyperthread Spectre Variant Two mitigation. Going back to the end of the summer was the patch work for this cross-hyperthread Spectre V2 mitigation with STIBP while now it's being merged to mainline.
  • Targeted vs General purpose security
    There seems to be a lot of questions going around lately about how to best give out simple security advice that is actionable. Goodness knows I’ve talked about this more than I can even remember at this point. The security industry is really bad at giving out actionable advice. It’s common someone will ask what’s good advice. They’ll get a few morsels, them someone will point out whatever corner case makes that advice bad and the conversation will spiral into nonsense where we find ourselves trying to defend someone mostly concerned about cat pictures from being kidnapped by a foreign nation. Eventually whoever asked for help quit listening a long time ago and decided to just keep their passwords written on a sticky note under the keyboard. I’m pretty sure the fundamental flaw in all this thinking is we never differentiate between a targeted attack and general purpose security. They are not the same thing. They’re incredibly different in fact. General purpose advice can be reasonable, simple, and good. If you are a target you’ve already lost, most advice won’t help you. General purpose security is just basic hygiene. These are the really easy concepts. Ideas like using a password manager, multi-factor-auth, install updates on your system. These are the activities anyone and everyone should be doing. One could argue these should be the default settings for any given computer or service (that’s a post for another day though). You don’t need to be a security genius to take these steps. You just have to restrain yourself from acting like a crazy person so whoever asked for help can actually get the advice they need.
  • Oracle Moves to Gen 2 Cloud, Promising More Automation and Security [Ed: Ellison wants people to blindly trust proprietary blobs for security (a bad thing to do, never mind the CIA past of Oracle and severe flaws in its DBs)].
    A primary message from Ellison is that the Gen 2 Oracle cloud is more secure, with autonomous capabilities to help protect against attacks. Ellison also emphasized the segmentation and isolation of workloads on the Gen 2 Oracle cloud, providing improved security.
  • Reproducible Builds: Weekly report #182
    Here’s what happened in the Reproducible Builds effort between Sunday October 14 and Saturday October 20 2018...