Language Selection

English French German Italian Portuguese Spanish

January 2020

OPNsense 20.1 “Keen Kingfisher” and OPNsense 19.7.10 Released

Filed under
OS
Security
BSD

  • OPNsense 20.1 “Keen Kingfisher” released

    For over 5 years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.

    20.1, nicknamed "Keen Kingfisher", is a subtle improvement on sustainable firewall experience. This release adds VXLAN and additional loopback device support, IPsec public key authentication and elliptic curve TLS certificate creation amongst others. Third party software has been updated to their latest versions. The logging frontend was rewritten for MVC with seamless API support. On the far side the documentation increased in quality as well as quantity and now presents itself in a familiar menu layout.

    Download links, an installation guide[1] and the checksums for the images can be found below as well.

  • OPNsense 19.7.10 released

    Hey hey,

    As Thursday nears the last preparations for 20.1 are underway. As a quick
    relief here is the End-Of-Life release of the 19.7 series with a tiny number
    of updates.

    Remember that when 20.1 is available it will take up to a day before we
    release the hotfix with the major upgrade path enabled. Please be patient
    as we simply want to ensure that upgrades will not be bumpy affair.

    Here are the full patch notes:

    o firewall: fix a typo in CARP validation
    o firmware: revoke 19.1 fingerprint
    o ipsec: add configurable dpdaction (contributed by Marcel Menzel)
    o mvc: BaseListField ignoring empty selected field
    o plugins: os-haproxy 2.20[1]
    o plugins: os-mail-backup 1.1[2]
    o plugins: os-nrpe 1.0 (contributed by Michael Muenz)
    o plugins: os-theme-rebellion 1.8.3 (contributed by Team Rebellion)
    o plugins: os-vnstat 1.2[3]
    o plugins: zabbix4-proxy 1.2[4]
    o ports: ca_root_nss 3.49.1
    o ports: curl 7.68.0[5]
    o ports: urllib3 1.27.7[6]
    o ports: isc-dhcp 4.4.2[7]

    Stay safe,
    Your OPNsense team

Libiquity Wi-Fri ND2H Wi-Fi card now FSF-certified to Respect Your Freedom

Filed under
GNU
Hardware

The Free Software Foundation (FSF) today awarded Respects Your Freedom (RYF) certification to the Libiquity dual-band 802.11a/b/g/n Wi-Fi card, from Libiquity LLC. The RYF certification mark means that Libiquity's distribution of this device meets the FSF's standards in regard to users' freedom, control over the product, and privacy.

Libiquity currently sells this device as part of its previously-certified Taurinus X200 laptop. Technoethical also offers the same hardware with their RYF-certified Technoethical N300DB Dual Band Wireless Card. With today's certification, Libiquity is able to sell the Libiquity Wi-Fri ND2H Wi-Fi card as a stand-alone product for the first time, and now has two RYF-certified devices available.

"In the years since first joining the RYF program, we at Libiquity have worked to improve and expand our catalog. For anyone looking to join distant or congested 2.4-GHz or 5-GHz wireless networks, the Wi-Fri ND2H is a great internal Wi-Fi card for laptops, desktops, servers, single-board computers, and more. Most importantly, in an era when more and more hardware disrespects your freedom, we're proud to offer a Wi-Fi card branded with the RYF logo on the product itself, as a trusted symbol of its compatibility with free software such as GNU Linux-libre," said Patrick McDermott, Founder and CEO, Libiquity LLC.

With this certification, the total number of RYF-certified wireless adapters grows to thirteen. The Libiquity Wi-Fri ND2H Wi-Fi card enables users to have wireless connectivity without having to rely on nonfree drivers or firmware.

Read more

Announcing Rust 1.41.0

Filed under
Development
Moz/FF

The Rust team is happy to announce a new version of Rust, 1.41.0. Rust is a programming language that is empowering everyone to build reliable and efficient software.

Read more

Also: Google's OpenSK Offers An Open-Source Rust-Written Security Key Implementation

Remembering Lucy Wayland

Filed under
Debian

The Cambridgeshire coroner recently held a final hearing into the death of Lucy Wayland. Wayland died almost immediately after the Debian 2018 Christmas lynchings.

Before getting into where Debian has gone wrong, it is important to emphasize consideration for Wayland's family at this time. Speculation about the details of Wayland's death is both distressing for people and un-necessary when considering the problems in the Debian environment.

The purpose of this blog is not to focus on Wayland, rather, it is about the issues.

[...]

At the time Wayland passed away, she was at the lowest tier of the Debian hierarcy, a Debian Contributor. When I resigned from my role in the GSoC team citing extraordinary personaly circumstances, Chris Lamb, Enrico Zini and other ruthless individuals had decided to "demote" me to this same lowly tier. It was a deliberate and malicious attempt to humiliate me, but it also served to humiliate other people, like Wayland, at the same tier. None of them knew the pain my family was going through at that time. Their callous behaviour only made it worse.

When any organization goes through restructuring, it impacts everybody.

As noted in the blog about enforcers, all the witnesses to shaming suffer just as much, if not more, than the victims. How would Lucy Wayland feel seeing other experienced volunteers being subjected to cruel demotions at Christmas?

[...]

When I saw what Chris Lamb, Molly de Blanc and their underlings did to Dr Preining in Christmas 2018, I couldn't help feeling outrage. If the supposedly ruthless merchant banks of London didn't dare to violate Christmas, how could Debian, an organization constituted on volunteering, do so?

Yet it only got worse.

The more questions I asked, the more evidence of corruption emerged. For example, developers sending veiled threats to interns, behind the backs of the mentors. It reminded me of the case where a manager walked out on a plum job in Canary Wharf when HR sent communications behind his back.

Read more

Games: AMD, FTL: Faster Than Light, Little Racers STREET and Dota Underlords

Filed under
Gaming
  • AMD Doesn’t Work Great for Gaming on Linux Desktop PCs

    AMD has been getting a lot of attention lately, especially with its great performance-over-price graphics cards and processors. However, that love story sounds limited when it comes to desktop PCs working on Linux, and with gaming.

    We wrote few months ago about how great AMD is performing on laptops on Linux comparing to Windows. You can even get 10-20 FPS higher on Linux than on Windows using your integrated graphics card. We still stand on our experiments that we did on AMD-powered laptops, however, desktops is another issue. AMD on desktop PCs perform extremely lower on Linux than on Windows for gaming, and not just by a little bit, but by an extremely huge margin, that can sometimes reach 100 FPS between the two.

    Our average hardware combination of the famous Ryzen 5 1600 CPU and the AMD RX 580 GPU is performing horribly on Linux comparing to Windows. While this setup is considered an on-budget one, and may not reflect all AMD’s cards, we think most people would consider it for their feature desktop PC, and we believed its important for you to know what you are about to enter if you plan to do Linux gaming on the same combination.

  • FTL: Faster Than Light now has Steam Achievements over seven years after release

    Subset Games today released a small update to FTL: Faster Than Light, finally giving it some Steam Achievements after the original release in 2012.

    FTL did already have its own built-in achievements but now it's all nicely hooked up with the Steam API so you can show off how good you are. Not me though, I think I only ever had one successful run of it. Absolutely brilliant game though, a real devil with your time as you just want one more run.

  • Little Racers STREET gains a brand new Linux (and macOS) port using FNA

    Ethan Lee is back with another game port, this time it's a little different. Little Racers STREET already had a Linux version but it's been remade.

    Why? Well, Little Racers STREET is an older game now first released back in 2014. Milkstone Studios gave it same-day Linux support but it's suffered from various severe issues, with many not able to actually play it anymore without digging into workarounds. So today, Ethan announced the new port that's been completely redone with FNA.

    Going into further details, Ethan mentioned this is their 60th Linux port which is a crazy milestone. Ethan has given Linux some fantastic games like Rogue Legacy, Salt & Sanctuary, Pyre, Dust: An Elysian Tail and so on. They also did the port for free, as it's so old and unlikely to make a profit but you can support Ethan's porting work and FNA/FAudio using GitHub Sponsors on their page and if you're a game developer you can hire Ethan to do porting work.

  • Valve announce Dota Underlords releasing on February 25 - new Underlord up today

    Today, Valve announced that Dota Underlords will be leaving Early Access and officially releasing on February 25.

    On top of that, the Underlord named Enno has officially joined the cast today. Enno is a ranged Underlord, who "leaps around the board poisoning enemies and generally wreaking havoc". Hold on a hot second, poison? Yup, that's in now too as a new status effect causing 15 physical damage per second and reduced healing—poison can stuck up to 5 times.

DXVK 1.5.3 Released

Filed under
Graphics/Benchmarks
Software
Gaming
  • DXVK 1.5.3 Released - Helps Games Like Skyrim + Mafia II, Direct3D 9 Fixes

    Succeeding last week's DXVK 1.5.2 is now a version 1.5.3 release with various fixes.

    Leading to this quick DXVK 1.5.3 release is a fix for a potentially critical Direct3D 9 regression introduced in the previous release. There is also a fix for Vulkan validation errors with D3D9 and on the plus side better GPU-limited D3D9 performance with some Vulkan drivers.

  • Vulkan translation layer DXVK 1.5.3 is out fixing up a 'potentially' critical D3D9 regression

    A small but needed release of the Direct 3D 9/10/11 to Vulkan translation layer has been put out today fixing up some issues.

    DXVK 1.5.3 has a rather important fix in as the headliner here, as 1.5.2 had a potential "critical D3D9 regression". Additionally there's some fixed up Vulkan validation errors, improved GPU-limited D3D9 performance on some drivers, and the HUD will now properly show D3D10 when it's used rather than D3D11.

    For game specific fixes Mafia II, Skyrim and Torchlight were all mentioned so each should have a better experience under Wine with DXVK and so Proton too whenever Valve/CodeWeavers update it.

Lars Kurth RIP

Filed under
Obits
  • Lars Kurth RIP

    Ian Jackson posted a note to the xen-announce mailing list with the sad news that Xen community manager and project advisory board member Lars Kurth has died.

  • Lars Kurth
    I'm very sad to inform you that Lars Kurth passed away earlier this
    week.  Many of us regarded Lars as a personal friend, and his loss is a
    great loss to the Xen Project.
    
    We plan to have a tribute to Lars on the XenProject blog in the near
    future.  Those who are attending FOSDEM may wish to attend the short
    tribute we plan for Sunday morning:
      https://fosdem.org/2020/schedule/event/vai_memory_of_lars_kurth/
    
    For the moment, Lars's mail aliases @xenproject.org, and the
    community.manager@xenproject alias, will be forwarded to myself
    and/or George Dunlap.
    
    Ian Jackson.
    

MeX Linux Is Now Based on Ubuntu 20.04 LTS, Features Cinnamon and Linux 5.5

Filed under
Linux
Ubuntu

Arne Exton has released today a new version of his MeX Linux distribution to give users a Cinnamon flavored Ubuntu 20.04 LTS based operating system running the recently released Linux 5.5 kernel series.

This is Arne Exton’s second GNU/Linux distribution to be based on the upcoming Ubuntu 20.04 LTS (Focal Fossa) operating system, after ExTiX 20.2 announced earlier this week. Just like ExTiX 20.2, MeX Linux now also ships with Linux kernel 5.5, but not the final version released by Linus Torvalds on January 27th, 2020.

Shipping with Linux 5.5 means that even if you don’t plan to use MeX Linux as your daily driver, you can still use the live ISO to check if the new kernel supports your hardware that wasn’t supported by previous kernels.

Read more

More in Tux Machines

You Can Use Raspberry Pi 400 As a PC Keyboard and Mouse Combo

If you’re a fan of Pimoroni, you’re probably familiar with its software lead Phil Howard (aka Gadgetoid) and his developments in the Raspberry Pi community. Today we’re sharing an awesome project he put together using our favorite keyboard PC, the Raspberry Pi 400. Using the right cable and a bit of code, the Raspberry Pi 400 can function as a regular, USB HID keyboard. The best Raspberry Pi projects are easy to recreate and the only accessory you need to pull this project off is a USB Type-C to USB Type-A cable. Read more

today's leftovers

  • DearPyGui 1.0.0 user interface Toolkit Released - itsfoss.net

    Published edition Dear PyGui 1.0.0 (the DPG), a cross-platform toolkit for GUI development in Python. The most important feature of the project is the use of multithreading and outsourcing of operations to the GPU to speed up rendering. The key goal of shaping the 1.0.0 release is to stabilize the API. Compatibility-breaking changes will now be proposed in a separate “experimental” module. To ensure high performance, the bulk of the DearPyGui code is written in C ++ using the Dear ImGui library , designed for creating graphical applications in C ++ and offering a fundamentally different operating model. The Dear PyGui source code is licensed under the MIT license. Declared support for Linux, Windows 10 and macOS platforms.

  • Software testing - a 32-year-old message

    And then, after having tested hundreds of Linux distributions, thousands of applications, every release of Windows since 3.11, and then some, I can definitely say that the slow, steady erosion of professional testing in the software world is noticeable. And by that mean, in those scenarios it actually existed, because in some domains, it's never been there, and it shows. If anything, the longer I keep my hands on this or that application or program, the more I'm convinced that the new, casual approach to quality is simply not working. There will be a moment of reckoning.

  • Issue #373 - Robotic tickles

    We thought we’d lead with the weirdest Raspberry Pi-powered thing, purely because we couldn’t resist the bizarre visual. These robotic hands move according to actions taken on social media. And they’re creepy. We like creepy. Another robot from the blog this week can solve your Sudoku in seconds, and a hackathon-winning student project can photograph any object and automatically turn it into an NFT.

  • ODROID-H2+ SBC discontinued due to supply shortage - CNX Software

    Hardkernel has just discontinued ODROID-H2+ single board computer based on the Intel Celeron J4115 Gemini Lake Refresh processor, which followed ODROID-H2 SBC itself being discontinued shortly after Intel decided to phase out Intel J4105 and other Gemini Lake processors. The reason given is the “uncertain situation of main component supply”, which could mean Celeron J4115 processor is hard to get (or expensive), or the Realtek RTL8125B chipset provides 2.5GbE networking. That means Hardkernel does not offer any x86 SBC at this time. That’s a shame before ODROID-H2+ was a well-supported SBC running Linux or Windows, and great value for money at $119, especially for people interested in the two 2.5 Gbps Ethernet ports found on the board (and upgradeable to six), not to mention support for SO-DIMM memory and M.2 NVMe SSD.

  • Debian blocks VPN and Tor users from reading its Wiki. – BaronHK's Rants

    I understand that they don’t want VPN and Tor users messing up their Wiki anonymously, where it would be difficult to ban any one vandal, but to block people from even _reading it_ unless they unmask themselves is a bit heavy-handed. On Wikipedia, they block Tor and VPN users from editing, but you can read it all you want, and you can view the page’s source code if you are on a VPN. This is the right thing to do. I’m not sure why Debian is requiring us to de-anonymize ourselves just to read their Wiki. I wish that they would stop doing this.

  • Red Hat Announces Updates To Red Hat OpenShift And Red Hat Advanced Cluster Management For Kubernetes
  • How bare metal cloud is powering the telecommunications industry

    Bare metal clouds are gaining a lot of momentum in the telecommunications industry—but why? What is a bare metal cloud, and what are the benefits of using it? In this post, we answer these questions and more.

  • digiKam - digiKam Recipes 21.10.15 released

    It has been a while since the last update of digiKam Recipes. But that doesn’t mean I neglected the book. In the past few months, I’ve been doing a complete language review and adding new material. The new revision of digiKam Recipes features detailed information on how to move digiKam library and databases from one machine to another, how to access digiKam remotely from any machine, and how to import photos from an iOS device. The book now uses the Barlow font for better legibility along with a slightly improved layout.

  • October 2021 Web Server Survey [Ed: Microsoft became so irrelevant in Web servers that it is not even mentioned anymore and most tables don't even list Microsoft (it's miniscule, outside view)]

    In the October 2021 survey we received responses from 1,179,448,021 sites across 265,426,928 unique domains and 11,388,826 web-facing computers. This reflects a loss of 8.59 million sites, but a gain of 1.07 million domains and 20,800 computers. The number of unique domains powered by the nginx web server grew by 789,000 this month, which has increased its total to 79.5 million domains and its leading market share to 29.9%. Conversely, Apache lost 753,000 domains and saw its second-place share fall to 24.7%. Meanwhile, Cloudflare gained 746,000 domains – almost as many as nginx – but it stays in fourth place with an 8.15% share while OpenResty's shrank slightly to 14.5%. Cloudflare also made strong progress amongst the top million websites, where it increased its share by 0.24 percentage points to 18.2%. nginx is in second place with a 22.5% (+0.12pp) share but has closed the gap on Apache which still leads with 24.0% after losing 0.21pp. Apache also continues to lead in terms of active sites, where it has a total of 48.0 million. However, it was the only major vendor to suffer a drop in this metric, with a loss of 277,000 active sites reducing its share down to 23.9% (-0.29pp). In terms of all sites, nginx lost the most (-9.99 million) but remains far in the lead with a total of 412 million.

  • Chrome OS 94 Released - itsfoss.net

    The release of the operating system Chrome OS 94 has been published , based on the Linux kernel, the upstart system manager, the ebuild / portage build toolkit, open components and the Chrome 94 web browser . The user environment of Chrome OS is limited to a web browser, and instead of standard programs, web applications are used, however, Chrome OS includes a full-fledged multi-window interface, desktop and taskbar. Chrome OS 94 is available for most current Chromebooks. Enthusiasts have formed unofficial assemblies for ordinary computers with x86, x86_64 and ARM processors. Source texts are distributed under the free Apache 2.0 license.

Security Leftovers

  • Security updates for Friday

    Security updates have been issued by Debian (squashfs-tools, tomcat9, and wordpress), Fedora (openssh), openSUSE (kernel, mbedtls, and rpm), Oracle (httpd, kernel, and kernel-container), SUSE (firefox, kernel, and rpm), and Ubuntu (linux-azure, linux-azure-5.4).

  • Apache Releases Security Advisory for Tomcat   | CISA

    The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to cause a denial of service condition.

  • Security Risks of Client-Side Scanning

    Even before Apple made their announcement, law enforcement shifted their battle for back doors to client-side scanning. The idea is that they wouldn’t touch the cryptography, but instead eavesdrop on communications and systems before encryption or after decryption. It’s not a cryptographic back door, but it still a back door — and brings with it all the insecurities of a back door. I’m part of a group of cryptographers that has just published a paper discussing the security risks of such a system. (It’s substantially the same group that wrote a similar paper about key escrow in 1997, and other “exceptional access” proposals in 2015. We seem to have to do this every decade or so.) In our paper, we examine both the efficacy of such a system and its potential security failures, and conclude that it’s a really bad idea.

  • The Open Source Security Foundation receives $ 10 million in funding - itsfoss.net

    The Linux Foundation has announced a $ 10 million commitment to the OpenSSF (Open Source Security Foundation), an effort to improve the security of open source software. Funds raised through royalties from parent companies of OpenSSF, including Amazon, Cisco, Dell Technologies, Ericsson, Facebook, Fidelity, GitHub, Google, IBM, Intel, JPMorgan Chase, Microsoft, Morgan Stanley, Oracle, Red Hat, Snyk, and VMware …

Videos/Shows: Ubuntu 21.10, LHS, and Chris Titus

  • Ubuntu 21.10 - Full Review - Invidious

    Ubuntu 21.10 finally features the GNOME 40 desktop, better Wayland support, and more. In this video, I'll give you my thoughts on "Impish Idri" and we'll go over some of the new features. I'll talk about the installation process, Wayland changes,

  • LHS Episode #435: The Weekender LXXX

    It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

  • Time to Rice and Make the Best Looking Desktop - Invidious

    We have our script that sets up the system... now we make our script to automatically make our desktop the best looking one out there!