Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 04 Dec 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Security News

Filed under
Security
  • What's the most secure operating system?

    Deciding what operating system (OS) to keep your computer running smoothly—and with the highest level of security—is a controversial yet frequent question many business owners, government officials, and ordinary Joes and Janes ask.

    There are many different operating systems—the software at the base of every computer, controlling the machine's array of functions—like Mac OS10, which comes pre-loaded on Apple laptops and desktops, and Microsoft Windows that's on the majority of personal computers. Google's Android and Apple's iOS for mobile devices are designed specifically for devices with smaller touchscreens.

    Whatever OS you use—and many users are very loyal to their operating system of choice and will argue that their's is the best—it's not entirely secure or private. Hackers are still infiltrating systems every day, and they can easily target victims with malware to spy on users and disable their operating system altogether.

    Because of this, choosing a secure system is essential to staying secure online. Below are the top three secure operating systems that will help users take the next step to ensure proper cyber and hardware security.

  • New IoT Botnet, Attackers Target Tor, and More…

    Firefox’s emergency security patch: If you use Firefox at all, and I’m assuming that most of you do, you might want to run an update to get the latest security patch from Mozilla. The patch was rushed to market on November 30 to fix a zero day vulnerability that was being exploited in the wild to attack the Firefox based Tor browser.

    In a blog post on Wednesday, Mozilla’s security head Daniel Veditz wrote, “The exploit in this case works in essentially the same way as the ‘network investigative technique’ used by FBI to deanonymize Tor users…. This similarity has led to speculation that this exploit was created by FBI or another law enforcement agency. As of now, we do not know whether this is the case. If this exploit was in fact developed and deployed by a government agency, the fact that it has been published and can now be used by anyone to attack Firefox users is a clear demonstration of how supposedly limited government hacking can become a threat to the broader Web.”

SUSE Leftovers

Filed under
SUSE
  • openSUSE Heroes meeting, day 2

    After a long, but exciting first day, we even managed to get some sleep before we started again and discussed the whole morning about our policies and other stuff that is now updated in the openSUSE wiki. After that, we went out for a nice lunch…

  • Installing Tumbleweed, November 2016

    The Tumbleweed system that I already have installed had desktops KDE, Gnome, XFCE and LXDE. But for recent intstalls (as with Leap 42.2), I have been going with KDE, Gnome, XFCE, LXQt, FVWM and MATE. So it seemed reasonable for the new Tumbleweed install to follow the same path. I also added Enlightenment for experimenting.

Android Leftovers

Filed under
Android

Linux Graphics

Filed under
Graphics/Benchmarks
  • LibRetro's Vulkan PlayStation PSX Renderer Released

    A few days back I wrote about a Vulkan renderer for a PlayStation emulator being worked on and now the code to that Vulkan renderer is publicly available.

    For those wanting to relive some PlayStation One games this week or just looking for a new test case for Vulkan drivers, the Vulkan renderer for the LibRetro Beetle/Mednafen PSX emulator is now available, months after the LibRetro folks made a Vulkan renderer for the Nintendo 64 emulator.

  • Etnaviv DRM Updates Submitted For Linux 4.10

    The Etnaviv DRM-Next pull request is not nearly as exciting as MSM getting Adreno 500 series support, a lot of Intel changes, or the numerous AMDGPU changes, but it's not bad either for a community-driven, reverse-engineered DRM driver for the Vivante graphics cores.

  • Mesa 12.0.4 Being Prepped For Ubuntu 16.10/16.04

    Ubuntu is preparing Mesa 12.0.4 for Ubuntu Xenial and Yakkety users. It's not as great as Mesa 13, but at least there are some important fixes back-ported.

    Mesa 12.0.4 is exciting for dozens of bug fixes, including the work to offer better RadeonSI performance. But with Mesa 12.0.4 you don't have the RADV Vulkan driver, OpenGL 4.5, or the other exciting Mesa 13 work.

Games for GNU/Linux

Filed under
Gaming

Mageia 5.1 Released, Tumbleweed's Latest, Most Secure

Filed under
-s

The Mageia project today announced the release of stopgap version 5.1, an updated "respin" of 5.0 and all updates. The Daily Dot posted their picks for the most sure operating systems and the Hectic Geek is "quite pleased" with Fedora 25. Matthew Garrett chimed in on Ubuntu unofficial images and Dedoimedo reviewed Fedora-based Chapeau 24.

Read more

SparkyLinux 4.5 is out

Filed under
GNU
Linux

There is an update of SparkyLinux 4.5 “Tyche” available now.

As before, Sparky “Home” editions provide fully featured operating system based on Debian ‘testing’ with desktops of your choice: LXDE, LXQt, KDE, MATE and Xfce.

Read more

today's leftovers

Filed under
Misc
  • How fast is KVM? Host vs virtual machine performance!
  • Kernel maintenance, Brillo style

    Brillo, he said, is a software stack for the Internet of things based on the Android system. These deployments bring a number of challenges, starting with the need to support a different sort of hardware than Android normally runs on; target devices may have no display or input devices, but might well have "fun buses" to drive interesting peripherals. The mix of vendors interested in this area is different; handset vendors are present, but many more traditional embedded vendors can also be found there. Brillo is still in an early state of development.

  • Reviewing Project Management Service `Wrike` And Seems Interesting

    I have been testing some services for our project and found this amazing service, thought why not share it with you guys, it might be useful for you. Project management is a term that in some respects appears common, yet in practice still seems to be limited to large companies. While this may be true, the foundations of project management are actually rather simple and can be adopted by anyone, in any industry. One of the major requirements you need to consider when selecting a good project management software is the ability to run and operate it on the go via your mobile devices. Other factors include the ability to access the software from any platform whether it be Linux, Mac, or Windows. This can be achieved when the project management software is web-based. Wrike is a software that does of all this.

  • World Wine News Issue 403
  • OSVR on Steam, Unity drops legacy OpenGL, and more gaming news
  • GNOME Core Apps Hackfest 2016

    This November from Friday 25 to Sunday 27 was held in Berlin the GNOME Core Apps Hackfest.

    My focus during this hackfest was to start implementing a widget for the series view of the Videos application, following a mockup by Allan Day.

  • Worth Watching: What Will Happen to Red Hat Inc Next? The Stock Just Declined A Lot
  • Vetr Inc. Lowers Red Hat Inc. (RHT) to Buy
  • Redshift functionality on Fedora 25 (GNOME + Wayland). Yes, it's possible!

    For those who can't live without screen colour shifting technology such as Redshift or f.lux, myself being one of them, using Wayland did pose the challenge of having these existing tools not working with the Xorg replacement. Thankfully, all is not lost and it is possible even right now. Thanks to a copr repo, it's particularly easy on Fedora 25.

    One of the changes that comes with Wayland is there is currently no way for third-party apps to modify screen gamma curves. Therefore, no redshift apps, such as Redshift itself (which I recently covered here) will work while running under Wayland.

  • My Free Software Activities in November 2016
  • Google's ambitious smartwatch vision is failing to materialise

    In February this year, Google's smartwatch boss painted me a rosy picture of the future of wearable technology.

    The wrist is, David Singleton said, "the ideal place for the power of Google to help people with their lives."

  • Giving Thanks (along with a Shipping Update)

    Mycroft will soon be available as a pre-built Raspberry Pi 3 image for any hobbyist to use. The new backend we have been quietly building is emerging from beta, making the configuration and management of you devices simple. We are forming partnerships to get Mycroft onto laptops, desktops and other devices in the world. Mycroft will soon be speaking to you throughout your day.

  • App: Ixigo Indian Rail Train PNR Status for Tizen Smart Phones

    Going on a train journey in India? Ixigo will check the PNR status, the train arrival and departure & how many of the particular tickets are left that you can purchase. You can also do a PNR status check to make sure that your seat is booked and confirmed.

Networking and Servers

Filed under
GNU
Linux
Server
  • How We Knew It Was Time to Leave the Cloud

    In my last infrastructure update, I documented our challenges with storage as GitLab scales. We built a CephFS cluster to tackle both the capacity and performance issues of NFS and decided to replace PostgreSQL standard Vacuum with the pg_repack extension. Now, we're feeling the pain of running a high performance distributed filesystem on the cloud.

  • Hype Driven Development
  • SysAdmins Arena in a nutshell

    Sysadmins can use the product to improve their skills or prepare for an interview by practicing some day to day job scenarios. There is an invitation list opened for the first testers of the product.

Desktop GNU/Linux

Filed under
GNU
Linux
  • PINEBOOK Latest News: Affordable Linux Laptop at Only $89 Made by Raspberry Pi Rival, PINE

    PINE, the rival company of Raspberry Pi and maker of the $20 Pine A64, has just announced its two below $100-priced Linux laptops, known as PINEBOOK. The affordable Linux laptop is powered by Quad-Core ARM Cortex A53 64-bit processor and comes with an 11.6" or 14" monitor.

  • Some thoughts about options for light Unix laptops

    I have an odd confession: sometimes I feel (irrationally) embarrassed that despite being a computer person, I don't have a laptop. Everyone else seems to have one, yet here I am, clearly behind the times, clinging to a desktop-only setup. At times like this I naturally wind up considering the issue of what laptop I might get if I was going to get one, and after my recent exposure to a Chromebook I've been thinking about this once again.

    I'll never be someone who uses a laptop by itself as my only computer, so I'm not interested in a giant laptop with a giant display; giant displays are one of the things that the desktop is for. Based on my experiences so far I think that a roughly 13" laptop is at the sweet spot of a display that's big enough without things being too big, and I would like something that's nicely portable.

  • What is HiDPI and Why Does it Matter?

Google and Mozilla

Filed under
Google
Moz/FF
  • Google Rolls Out Continuous Fuzzing Service For Open Source Software

    Google has launched a new project for continuously testing open source software for security vulnerabilities.

    The company's new OSS-Fuzz service is available in beta starting this week, but at least initially it will only be available for open source projects that have a very large user base or are critical to global IT infrastructure.

  • Mozilla is doing well financially (2015)

    Mozilla announced a major change in November 2014 in regards to the company's main revenue stream.

    The organization had a contract with Google in 2014 and before that had Google pay Mozilla money for being the default search engine in the Firefox web browser.

    This deal was Mozilla's main source of revenue, about 329 million US Dollars in 2014. The change saw Mozilla broker deals with search providers instead for certain regions of the world.

Security Leftovers

Filed under
Security
  • Security updates for Friday
  • Understanding SELinux Roles

    I received a container bugzilla today for someone who was attempting to assign a container process to the object_r role. Hopefully this blog will help explain how roles work with SELinux.

    When we describe SELinux we often concentrate on Type Enforcement, which is the most important and most used feature of SELinux. This is what describe in the SELinux Coloring book as Dogs and Cats. We also describe MLS/MCS Separation in the coloring book.

  • The Internet Society is unhappy about security – pretty much all of it

    The Internet Society (ISOC) is the latest organisation saying, in essence, “security is rubbish – fix it”.

    Years of big data breaches are having their impact, it seems: in its report released last week, it quotes a 54-country, 24,000-respondent survey reporting a long-term end user trend to become more fearful in using the Internet (by Ipsos on behalf of the Centre for International Governance Innovation).

    Report author, economist and ISOC fellow Michael Kende, reckons companies aren't doing enough to control breaches.

    “According to the Online Trust Alliance, 93 per cent of breaches are preventable” he said, but “steps to mitigate the cost of breaches that do occur are not taken – attackers cannot steal data that is not stored, and cannot use data that is encrypted.”

  • UK's new Snoopers' Charter just passed an encryption backdoor law by the backdoor

    Among the many unpleasant things in the Investigatory Powers Act that was officially signed into law this week, one that has not gained as much attention is the apparent ability for the UK government to undermine encryption and demand surveillance backdoors.

    As the bill was passing through Parliament, several organizations noted their alarm at section 217 which obliged ISPs, telcos and other communications providers to let the government know in advance of any new products and services being deployed and allow the government to demand "technical" changes to software and systems.

  • EU budget creates bug bounty programme to improve cybersecurity

    Today the European Parliament approved the EU Budget for 2017. The budget sets aside 1.9 million euros in order to improve the EU's IT infrastructure by extending the free software audit programme (FOSSA) that MEPs Max Anderson and Julia Reda initiated two years ago, and by including a bug bounty approach in the programme that was proposed by MEP Marietje Schaake.

  • Qubes OS Begins Commercialization and Community Funding Efforts

    Since the initial launch of Qubes OS back in April 2010, work on Qubes has been funded in several different ways. Originally a pet project, it was first supported by Invisible Things Lab (ITL) out of the money we earned on various R&D and consulting contracts. Later, we decided that we should try to commercialize it. Our idea, back then, was to commercialize Windows AppVM support. Unlike the rest of Qubes OS, which is licensed under GPLv2, we thought we would offer Windows AppVM support under a proprietary license. Even though we made a lot of progress on both the business and technical sides of this endeavor, it ultimately failed.

    Luckily, we got a helping hand from the Open Technology Fund (OTF), which has supported the project for the past two years. While not a large sum of money in itself, it did help us a lot, especially with all the work necessary to improve Qubes’ user interface, documentation, and outreach to new communities. Indeed, the (estimated) Qubes user base has grown significantly over that period. Thank you, OTF!

  • Linux Security Basics: What System Administrators Need to Know

    Every new Linux system administrator needs to learn a few core concepts before delving into the operating system and its applications. This short guide gives a summary of some of the essential security measures that every root user must know. All advice given follows the best security practices that are mandated by the community and the industry.

  • BitUnmap: Attacking Android Ashmem

    The law of leaky abstractions states that “all non-trivial abstractions, to some degree, are leaky”. In this blog post we’ll explore the ashmem shared memory interface provided by Android and see how false assumptions about its internal operation can result in security vulnerabilities affecting core system code.

GNU/FSF

Filed under
GNU
  • The Three Software Freedoms

    The government can help us by making software companies distribute the source code. They can say it's "in the interest of national security". And they can sort out the patent system (there are various problems with how the patent system handles software which are out of the scope of this article). So when you chat to your MP please mention this.

  • Leapfrog Honoring the GPL
  • A discussion on GPL compliance

    Among its many activities, the Software Freedom Conservancy (SFC) is one of the few organizations that does any work on enforcing the GPL when other compliance efforts have failed. A suggestion by SFC executive director Karen Sandler to have a Q&A session about compliance and enforcement at this year's Kernel Summit led to a prolonged discussion, but not to such a session being added to the agenda. However, the co-located Linux Plumbers Conference set up a "birds of a feather" (BoF) session so that interested developers could hear more about the SFC's efforts, get their questions answered, and provide feedback. Sandler and SFC director of strategic initiatives Brett Smith hosted the discussion, which was quite well-attended—roughly 70 people were there at a 6pm BoF on November 3.

  • Join us as a member to give back for the free software you use

    At the FSF, we run our own infrastructure using only free software, which makes us stand out from nearly every other nonprofit organization. Virtually all others rely on outside providers and use a significant amount of nonfree software. With your support, we set an example proving that a nonprofit can follow best practices while running only free software.

  • The Free Software Foundation is in need of members

Ubuntu Leftovers

Filed under
Ubuntu

Arduino-Compatible RISC-V and More

Filed under
Hardware
  • HiFive1 Is an Open-Source, Arduino-Compatible RISC-V Dev Kit

    Bay Area startup SiFive has announced the Freedom Everywhere 310 (FE310) system-on-chip — the industry’s first commercially-available SoC based on the free, open-source RISC-V architecture, along with the corresponding low-cost, Arduino-compatible HiFive1 development kit.

  • Samsung Defection From ARM to RISC-V.

    It was always thought that, when ARM relinquished its independence, its customers would look around for other alternatives.

    The nice thing about RISC-V is that it’s independent, open source and royalty-free.

    And RISC-V is what Samsung is reported to be using for an IoT CPU in preference to ARM.

  • Neutralize ME firmware on SandyBridge and IvyBridge platforms

    First introduced in Intel’s 965 Express Chipset Family, the Intel Management Engine (ME) is a separate computing environment physically located in the (G)MCH chip (for Core 2 family CPUs which is separate from the northbridge), or PCH chip replacing ICH(for Core i3/i5/i7 which is integrated with northbridge).

Moving From Microsoft to GNU/Linux

Filed under
GNU
Linux
Microsoft
  • Is Linux the Right Choice for My Business?

    In these hard-economic times, cutting expense is among the keys to the success of a business. Licensing costs can be a huge drain on the wallet of any service. Of course, Microsoft Windows servers are still the standard in a lot of offices, however, there is an unsung hero out there simply waiting to be discovered by more business-owners. This article is obviously describing Linux. While it does have some appeal in both the general public and economic sectors, it is widely used for servers and still not a really popular operating system for workstations but among geeks. Why? You might ask. Microsoft has the marketplace cornered and remains the norm simply by being the standard. This is not to state that Microsoft does not produce quality software application; this post indicates absolutely nothing of the sort. Microsoft got where they are today by their sweat and devoted developers, in no way is this article lessening the quality of Microsoft or their line of products.

  • Moving with SQL Server to Linux? Move from SQL Server to MySQL as well! [Ed: SQL Server DOES NOT (!) run on Linux]

    Over the recent years, there has been a large number of individuals as well as organizations who are ditching the Windows platform for Linux platform, and this number will continue to grow as more developments in Linux are experienced. Linux has for long been the leader in Web servers as most of the web servers run on Linux, and this could be one of the reasons why the high migration is being experienced.

  • Does Linux community trust Microsoft?

    Does actually Linux community like Microsoft? Does actually Linux community trust Microsoft? I cannot answer the first question for sure, but I have a sure answer for the second question.

Syndicate content

More in Tux Machines

SUSE Leftovers

  • openSUSE Heroes meeting, day 2
    After a long, but exciting first day, we even managed to get some sleep before we started again and discussed the whole morning about our policies and other stuff that is now updated in the openSUSE wiki. After that, we went out for a nice lunch…
  • Installing Tumbleweed, November 2016
    The Tumbleweed system that I already have installed had desktops KDE, Gnome, XFCE and LXDE. But for recent intstalls (as with Leap 42.2), I have been going with KDE, Gnome, XFCE, LXQt, FVWM and MATE. So it seemed reasonable for the new Tumbleweed install to follow the same path. I also added Enlightenment for experimenting.

Android Leftovers

Linux Graphics

  • LibRetro's Vulkan PlayStation PSX Renderer Released
    A few days back I wrote about a Vulkan renderer for a PlayStation emulator being worked on and now the code to that Vulkan renderer is publicly available. For those wanting to relive some PlayStation One games this week or just looking for a new test case for Vulkan drivers, the Vulkan renderer for the LibRetro Beetle/Mednafen PSX emulator is now available, months after the LibRetro folks made a Vulkan renderer for the Nintendo 64 emulator.
  • Etnaviv DRM Updates Submitted For Linux 4.10
    The Etnaviv DRM-Next pull request is not nearly as exciting as MSM getting Adreno 500 series support, a lot of Intel changes, or the numerous AMDGPU changes, but it's not bad either for a community-driven, reverse-engineered DRM driver for the Vivante graphics cores.
  • Mesa 12.0.4 Being Prepped For Ubuntu 16.10/16.04
    Ubuntu is preparing Mesa 12.0.4 for Ubuntu Xenial and Yakkety users. It's not as great as Mesa 13, but at least there are some important fixes back-ported. Mesa 12.0.4 is exciting for dozens of bug fixes, including the work to offer better RadeonSI performance. But with Mesa 12.0.4 you don't have the RADV Vulkan driver, OpenGL 4.5, or the other exciting Mesa 13 work.

Games for GNU/Linux