Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 23 Jan 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

More on 'Complete and Utter Garbage' From Intel

Filed under
Linux
Security
  • Linux Creator Calls Intel Meltdown, Spectre Patches 'Complete and Utter Garbage'
  • Linux creator slams Intel for crappy Meltdown/Spectre patches

    Intel’s had a (mostly) crappy start to the year, thanks to the revelation of Meltdown and Spectre, two major security flaws affecting a wide range of its processors that are present in hundreds of thousands of devices around the world. It’s working to release fixes for them, but Linux creator Linus Torvalds is not impressed by the company’s efforts.

  • ‘WTF is going on?!’ Linux creator attacks Intel as it retracts ‘garbage’ fix for critical bug

    Patches released by Intel Corp. to fix highly malicious Spectre and Meltdown vulnerabilities affecting its CPUs turned out to be faulty, the company admitted, urging customers to stop installing them until further notice.

    Earlier this month, security researchers at Google Project Zero disclosed that data processed by the majority of modern CPUs, be they desktop computers or smartphones, could be vulnerable to critical exploits they called ‘Spectre’ and ‘Meltdown.’ Tech companies reportedly had months to prepare, and since the public announcement of the vulnerabilities, Intel released at least three patches – before discovering that their fix led some PCs to reboot unexpectedly.

  • Spectre Patches, Snap, Happy Birthday LWN and More

    Are you using protection? Longtime kernel developer, Greg Kroah-Hartman, just posted a simple recipe for users to verify whether they are running a Spectre/Meltdown patched version of the Linux kernel.

  • Intel’s Spectre fixes are ‘complete and utter garbage,’ says Linux inventor

    Linux inventor Linus Torvalds has never been one for diplomacy. He previously said “fuck you” to Nvidia for not supporting Linux, and now Intel has angered him enough to generate some more expletives. In a message to the Linux kernel mailing list on the weekend, Torvalds has expressed his dismay at Intel’s security updates to protect against the major Spectre variant 2 CPU vulnerability. The industry has been scrambling to fix the Meltdown and Spectre vulnerabilities, and the variant 2 of Spectre has been particularly challenging.

Games: Castle Game Engine, Battle Chasers: Nightwar, OBS Studio, Vaporum, DECEIVER, We Happy Few, Feral Interactive

Filed under
Gaming

Canonical Releases Spectre Patches for Ubuntu Linux, Meltdown Fix for PowerPC

Filed under
Security
Ubuntu

Canonical published today a new set of kernel updates for all of its supported Ubuntu Linux releases that include patches for the Spectre and Meltdown security vulnerabilities.

After pulling Intel's microcode firmware update from the software repositories of Ubuntu 17.10, 16.04 LTS, and 14.04 LTS, Canonical now released the Spectre patches for all supported Ubuntu Linux releases, including all official flavors and those using HWE (Hardware Enablement) kernels, and Meltdown kernel patches for PowerPC (PPC64el) architectures.

Read more

Also: Canonical announces Ubuntu product month for February

Top 4 open source alternatives to Google Analytics

Filed under
Google
OSS

If you have a website or run an online business, collecting data on where your visitors or customers come from, where they land on your site, and where they leave is vital. Why? That information can help you better target your products and services, and beef up the pages that are turning people away.

To gather that kind of information, you need a web analytics tool.

Many businesses of all sizes use Google Analytics. But if you want to keep control of your data, you need a tool that you can control. You won’t get that from Google Analytics. Luckily, Google Analytics isn’t the only game on the web.

Here are four open source alternatives to Google Analytics.

Read more

Welcome To The (Ubuntu) Bionic Age: Nautilus, a LTS and desktop icons

Filed under
Ubuntu

If you are following closely the news of various tech websites, one of the latest hot topic in the community was about Nautilus removing desktop icons. Let’s try to clarify some points to ensure the various discussions around it have enough background information and not reacting on emotions only as it could be seen lately. You will have both downstream (mine) and upstream (Carlos) perspectives here.

Read more

Programming: Perl, JavaScript, Ick, PowerFake, pylint-django, nbdkit filters

Filed under
Development
  • An Open Letter to the Perl Community

    Some consider Perl 6 to be a sister language to Perl 5. Personally, I consider Perl 6 more of a genetically engineered daughter language with the best genes from many parents. A daughter with a difficult childhood, in which she alienated many, who is now getting out of puberty into early adulthood. But I digress.

  • Long Live Perl 5!

    While not mentioned in the original Letter, a frequent theme in the comments was that Perl 6 should be renamed, as the name is inaccurate or is damaging.

    This is the topic on which I wrote more than once and those who have been following closely know that, yes, many (but by no means all) in the Perl 6 community acknowledge the name is detrimental to both Perl 6 and Perl 5 projects.

    This is why with a nod of approval from Larry we're moving to create an alias to Perl 6 name during 6.d language release, to be available for marketing in areas where "Perl 6" is not a desirable name.

  • JavaScript Trends for 2018

    Trying to bet on how many new JavaScript frameworks will be released each month, is, the best software engineer’s game in the past 5 years.

  • Ick: a continuous integration system

    TL;DR: Ick is a continuous integration or CI system. See http://ick.liw.fi/ for more information.

  • Introducing PowerFake for C++

    PowerFake is a new mini-framework/tool to make it possible to fake/mock free functions and static & non-virtual member functions in C++. It requires no change to the code under test, but it might need some structural changes, like moving some parts of the code to a different .cpp file; or making inline functions non-inline when built for testing.

    It is useful for writing unit tests and faking/mocking functions which should not/cannot be run during a test case. Some say that such a feature is useful for existing code, but should not be needed for a code which is written testable from the beginning. But, personally I don’t agree that it is always appropriate to inject such dependencies using virtual interfaces or templates.

    Currently, it is not supposed to become a mocking framework on its own. I hope that I can integrate PowerFake into at least one existing C++ mocking framework. Therefore, currently it doesn’t provide anything beyond faking existing functions.

  • Introducing pylint-django 0.8.0

    Since my previous post was about writing pylint plugins I figured I'd let you know that I've released pylint-django version 0.8.0 over the weekend. This release merges all pull requests which were pending till now so make sure to read the change log.

  • nbdkit filters

    nbdkit is our toolkit for creating Network Block Device (NBD) servers from “unusual” data sources. nbdkit was already configurable by writing simple plugins in several programming languages. Last week Eric Blake and I added a nice new feature: You can now modify existing plugins by placing “filters” in front of them.

Moving to Linux from dated Windows machines

Filed under
Linux

Every day, while working in the marketing department at ONLYOFFICE, I see Linux users discussing our office productivity software on the internet. Our products are popular among Linux users, which made me curious about using Linux as an everyday work tool. My old Windows XP-powered computer was an obstacle to performance, so I started reading about Linux systems (particularly Ubuntu) and decided to try it out as an experiment. Two of my colleagues joined me.

Read more

Security: TPM, Yubikey, Holes, Bricking and Uber

Filed under
Security
  • Trusted Computing

    The Trusted Platform Module on your computer's motherboard could lead to better security for your Linux system.

    The security of any operating system (OS) layer depends on the security of every layer below it. If the CPU can't be trusted to execute code correctly, there's no way to run secure software on that CPU. If the bootloader has been tampered with, you cannot trust the kernel that the bootloader boots. Secure Boot allows the firmware to validate a bootloader before executing it, but if the firmware itself has been backdoored, you have no way to verify that Secure Boot functioned correctly.

  • Locking the screen when removing a Yubikey

    I have my Yubikey on my key ring, so whenever I leave my computer, I have to remove the Yubikey. So why not lock the screen automatically?

  • Corporate cultural issues hold back secure software development

    The study of over 1,200 IT leaders, conducted by analysts Freeform Dynamics for software company CA Technologies, finds 58 percent of respondents cite existing culture and lack of skills as hurdles to being able to embed security within processes.

  • Stop installing our buggy Spectre CPU firmware fixes, Intel says
  • Uber shrugs off flaw that lets hackers bypass two-factor authentication

    Security researcher Karan Saini found the bug in Uber's two-factor authentication process, which has yet to be rolled out widely to Uber users. The flaw relates to the way an account is authenticated when users log in, meaning hackers [sic] with someone's username and password can drift pass the 2FA with ease.

Should your open source project report its social benefits?

Filed under
OSS

Despite the many words written and spoken on the difference between "open source" and "free" software, few people have pointed out that discussion of these differences frequently resembles the debate surrounding the social role of business, which in recent decades has been dominated by the concept of corporate social responsibility (CSR).

The fact of the matter, however, is that organizations committed to open principles could (and should) be reporting their activities—because those activities have effects that are both economic and social. And an analysis of how this is the case might actually help us reconcile two principled positions that have more in common than they might realize.

Read more

A Beginner's Guide to the GNOME Desktop

Filed under
GNOME

Of all the desktops available for the Linux operating system, GNOME has managed to become on of the most efficient, stable, and reliable—while still remaining incredibly user-friendly. In fact, most users—regardless of experience—can get up to speed with GNOME with next to no effort.

With that said, users who are new to both Linux and GNOME would do best to know the ins and outs of the desktop that makes Linux not only easy, but fun.

Here, we’ll be discussing the latest release of GNOME—3.26. This will be a vanilla release (unlike the version of GNOME found in Ubuntu 17.10—which bears a similar look and feel to the now-defunct Ubuntu Unity desktop). To get this vanilla GNOME, we’ve opted to demonstrate with the Fedora 27 workstation. Although Fedora isn’t a distribution commonly thought of for new users, it is one sure-fire way to have the newest version of the desktop.

And so, without further ado, let’s talk GNOME.

Read more

Linus Torvalds is Furious at Intel as Linux Kernel 4.15 Release Gets Delayed

Filed under
News

Linux Kernel 4.15 release has been delayed because Intel has not yet provided a proper fix for the nasty CPU bugs. And that has made Linus Torvalds go into swearing mode, again.
Read more

WINE Linux and Upcoming LibreOffice 6.0

Filed under
GNU
LibO
Linux
  • Is WINE Linux Enterprise Friendly?

    Migrating to a new operating system is not a simple task, especially for enterprise users. This has led many people to exploring whether WINE on Linux is an enterprise friendly solution. This article will look at working examples at how it can be, but may not be the best idea for a long term approach.

  • LibreOffice 6.0 Launches January 31 with New Libraries to Export EPUB3 Files

    The Document Liberation Project announced today the availability of five new or improved libraries designed to aid the export of EPUB3 files and import of several widely-used document formats.

    LibreOffice 6.0, the next major release of the acclaimed open-source and cross-platform office suite, is slated for release at the end of the month, on January 31, and it will incorporate a bunch of new libraries that'll make it easier for users to export or import various document formats.

    These libraries will give LibreOffice 6.0 compatibility with the EPUB3 (export only), AbiWord, Microsoft Publisher, PageMaker, and QuarkXPress documents (import only). However, they can also be used as standalone libraries for any other open source software project that needs them.

Canonical Says Ubuntu 18.04 LTS (Bionic Beaver) Will Come with Boot Speed Boost

Filed under
Ubuntu

Canonical's Will Cooke published a new Ubuntu Desktop newsletter today to inform the community on the development progress of the upcoming Ubuntu 18.04 LTS (Bionic Beaver) operating system.

Besides various improvements for the GNOME desktop environment, the Ubuntu Desktop team over at Canonical recently started to investigate the boot speed of the Ubuntu Linux operating system, planning to give it another boost by using systemd’s latest features to do some profiling, which will help them identify any issues that might cause slow boot up time.

Read more

Also: Canonical Pulls Intel's Spectre Update from Ubuntu Repos Due to Hardware Issues

today's leftovers

Filed under
Misc
  • 20 Years of LWN

    Back in mid-1997, your editor (Jonathan Corbet) and Liz Coolbaugh were engaged in a long-running discussion on how to trade our nice, stable, reliably paying jobs for a life of uncertainty, poverty, and around-the-clock work. Not that we thought of it in those terms, naturally. We eventually settled on joining Red Hat's nascent "support partner" program; while we were waiting for it to get started, we decided to start a weekly newsletter as a side project — not big and professional like the real press — to establish ourselves in the community. Thus began an amazing journey that has just completed its 20th year.

    After some time thinking about what we wanted to do and arguing about formats, we published our first edition on January 22, 1998. It covered a number of topics, including the devfs controversy, the pesky 2GB file-size limit on the ext2 filesystem, the use of Linux on Alpha to render scenes in the film "Titanic", the fact that Red Hat had finally hired a full-time quality-assurance person and launched the Red Hat Advanced Development Labs, and more. We got almost no feedback on this issue, though, perhaps because we didn't tell anybody that we had created it.

  •  

  • EzeeLinux Show 18.4 | Ubuntu 17.10 Revisited

    Canonical revised Ubuntu 17.10 with the new 17.10.1. Time to take another look…

  • PodCTL #22 – Highway to Helm

    One of the reasons that Kubernetes has gained so much traction in the marketplace is because it is flexible enough to allow innovation to happen all around the core APIs. One area where that has happened is in application package management, specifically with the Helm project.

  • LibreELEC Linux OS Will Get Meltdown and Spectre Patches with Next Major Release

    The development team behind the Kodi-based LibreELEC (Libre Embedded Linux Entertainment Center) open-source HTPC operating system for embedded systems and PCs released LibreELEC 8.2.3.

    LibreELEC 8.2.3 is the third maintenance update to the LibreELEC 8.2 "Krypton" series of the Just enough Operating System (JeOS), which is based on the Kodi 17 "Krypton" open-source and cross-platform media center. It's here a month after the LibreELEC 8.2.2 point release to address a few issues.

  • openSUSE 42.2 to Reach End-of-Life This Week

    The minor release of openSUSE Leap 42.2 will reach its End-of-Life (EOL) this week on Jan. 26.

    The EOL phase ends the updates to the operating system, and those who continue to use EOL versions will be exposed to vulnerabilities because these discontinued versions no longer receive security and maintenance updates; this is why users need to upgrade to the newer minor; openSUSE Leap 42.3.

    “We are very pleased with the reliability, performance and longevity of Leap,” said openSUSE member Marcus Meissner. “Both the openSUSE community and SUSE engineers have done a fantastic job with security and maintenance of the Leap 42 distribution; users can be confident that their openSUSE operating system is, and will continue to be, receiving bug fixes and maintenance updates until its End-of-Life.”

  • French Gender-Neutral Translation for Roundcube

    Here's a quick blog post to tell the world I'm now doing a French gender-neutral translation for Roundcube.

  •  

  • This Oil Major Has a Supercomputer the Size of a Soccer Field

    Big Oil is now Big Tech. So big, in fact, that Eni SpA’s new supercomputer is the size of a soccer field.

    In the multimillion-dollar pursuit of the world’s most powerful computers, the Italian explorer says it’s taken the lead. Its new machine, located outside Milan, will scan for oil and gas reservoirs deep below the Earth over thousands of miles.

    “This is where the company’s heart is, where we hold our most delicate data and proprietary technology,” Eni Chief Executive Officer Claudio Descalzi said in an interview on Thursday.

Compilers and CLI: LLVM, GCC and Bash

Filed under
Development
GNU
BSD

KDE/GNOME: Usability and Productivity, Krita Interview, GNOME Builder

Filed under
KDE
GNOME
  • This week in Usability and Productivity, part 2

    This is your weekly status update for the KDE community’s progress in the Usability and Productivity initiative. KDE contributors have been busy, and here’s a sampling of features, improvements, and bugfixes relevant to the initiative that KDE developers landed over the past week-and-a-half...

  • Interview with Baukje Jagersma

    How and when did you get to try digital painting for the first time?

    Probably when I first discovered Deviantart. I was already familiar with GIMP, which I used to create photo-manipulations with. But seeing all the amazingly talented artists on there made me want to try out digital painting for myself.

  • Builder happenings for January

    I’ve been very busy with Builder since returning from the holidays. As mentioned previously, we’ve moved to gitlab. I’m very happy about it. I can see how this is going to improve the engagement and communication between our existing community and help us keep new contributors.

    I made two releases of Builder so far this month. That included both a new stable build (which flatpak users are already using) and a new snapshot for those on developer operating systems like Fedora Rawhide.

Linux: PowerPC, GFS2, Userspace RCU

Filed under
Linux

Graphics: AMD, Libinput, Vulkan

Filed under
Graphics/Benchmarks
  • AMDVLK Official Open-Source Radeon Vulkan Driver Updated

    It's been one month now since AMD open-sourced their official Vulkan driver code and the associated XGL code-base. There has been about weekly code drops of new AMDVLK/XGL code over the past month while the separate, community-driven Mesa-based RADV Vulkan driver continues being developed as well.

    Marking one month since the open-sourcing of this Radeon Vulkan driver that is shared with the Windows code-base is a new code drop. Today's code drop adds VK_AMD_buffer_marker and VK_EXT_debug_report support. There are also a number of internal Vulkan driver behavior changes and fixes to some conformance test suite bugs.

  • Deep Color Support For Radeon X.Org Driver Being Tackled

    Open-source contributor Mario Kleiner has continued his work on deep color support for the Radeon Linux driver.

  • [ANNOUNCE] libinput 1.9.901

    The first RC for libinput 1.10 is now available.

  • Libinput 1.10 Is On The Way To Remove Touchpad Hysteresis

    eter Hutterer of Red Hat has announced the first release candidate of libinput 1.10 today, which isn't a big feature release but rather incorporates a few new features with many bug fixes for this input handling library used by X.Org and Wayland systems.

    Peter notes the most notable change for libinput 1.10 is the removal of the touchpad hysteresis code. This code was previously used to prevent pointer wobbles while now the code has been worked to analyze the event sequence for pointer wobbles and if none exist the hysteresis won't be applied. This should lead to a more reactive pointer.

    Libinput 1.10 is also working on new button debouncing fixes, improvements for newer Wacom tablets, and a variety of fixes.

  • DXVK Is Making Significant Progress In Implementing Direct3D 11 Over Vulkan

    The DXVK project that started towards the end of 2017 for implementing Direct3D 11 over Vulkan with a focus on improving the D3D11 Wine support is already beginning to run some titles.

Syndicate content

More in Tux Machines

Top 4 open source alternatives to Google Analytics

If you have a website or run an online business, collecting data on where your visitors or customers come from, where they land on your site, and where they leave is vital. Why? That information can help you better target your products and services, and beef up the pages that are turning people away. To gather that kind of information, you need a web analytics tool. Many businesses of all sizes use Google Analytics. But if you want to keep control of your data, you need a tool that you can control. You won’t get that from Google Analytics. Luckily, Google Analytics isn’t the only game on the web. Here are four open source alternatives to Google Analytics. Read more

Welcome To The (Ubuntu) Bionic Age: Nautilus, a LTS and desktop icons

If you are following closely the news of various tech websites, one of the latest hot topic in the community was about Nautilus removing desktop icons. Let’s try to clarify some points to ensure the various discussions around it have enough background information and not reacting on emotions only as it could be seen lately. You will have both downstream (mine) and upstream (Carlos) perspectives here. Read more

Programming: Perl, JavaScript, Ick, PowerFake, pylint-django, nbdkit filters

  • An Open Letter to the Perl Community

    Some consider Perl 6 to be a sister language to Perl 5. Personally, I consider Perl 6 more of a genetically engineered daughter language with the best genes from many parents. A daughter with a difficult childhood, in which she alienated many, who is now getting out of puberty into early adulthood. But I digress.

  • Long Live Perl 5!

    While not mentioned in the original Letter, a frequent theme in the comments was that Perl 6 should be renamed, as the name is inaccurate or is damaging.

    This is the topic on which I wrote more than once and those who have been following closely know that, yes, many (but by no means all) in the Perl 6 community acknowledge the name is detrimental to both Perl 6 and Perl 5 projects.

    This is why with a nod of approval from Larry we're moving to create an alias to Perl 6 name during 6.d language release, to be available for marketing in areas where "Perl 6" is not a desirable name.

  • JavaScript Trends for 2018
    Trying to bet on how many new JavaScript frameworks will be released each month, is, the best software engineer’s game in the past 5 years.
  • Ick: a continuous integration system
    TL;DR: Ick is a continuous integration or CI system. See http://ick.liw.fi/ for more information.
  • Introducing PowerFake for C++
    PowerFake is a new mini-framework/tool to make it possible to fake/mock free functions and static & non-virtual member functions in C++. It requires no change to the code under test, but it might need some structural changes, like moving some parts of the code to a different .cpp file; or making inline functions non-inline when built for testing. It is useful for writing unit tests and faking/mocking functions which should not/cannot be run during a test case. Some say that such a feature is useful for existing code, but should not be needed for a code which is written testable from the beginning. But, personally I don’t agree that it is always appropriate to inject such dependencies using virtual interfaces or templates. Currently, it is not supposed to become a mocking framework on its own. I hope that I can integrate PowerFake into at least one existing C++ mocking framework. Therefore, currently it doesn’t provide anything beyond faking existing functions.
  • Introducing pylint-django 0.8.0
    Since my previous post was about writing pylint plugins I figured I'd let you know that I've released pylint-django version 0.8.0 over the weekend. This release merges all pull requests which were pending till now so make sure to read the change log.
  • nbdkit filters
    nbdkit is our toolkit for creating Network Block Device (NBD) servers from “unusual” data sources. nbdkit was already configurable by writing simple plugins in several programming languages. Last week Eric Blake and I added a nice new feature: You can now modify existing plugins by placing “filters” in front of them.

Moving to Linux from dated Windows machines

Every day, while working in the marketing department at ONLYOFFICE, I see Linux users discussing our office productivity software on the internet. Our products are popular among Linux users, which made me curious about using Linux as an everyday work tool. My old Windows XP-powered computer was an obstacle to performance, so I started reading about Linux systems (particularly Ubuntu) and decided to try it out as an experiment. Two of my colleagues joined me. Read more