Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 17 Mar 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Repliessort icon Last Post
Story Linux Kernel Security is Lacking? srlinuxx 10/04/2005 - 11:42pm
Story Did SCO end up helping Linux? srlinuxx 10/04/2005 - 11:42pm
Story Night that the Lights went Out in TN srlinuxx 11/04/2005 - 12:46am
Story More Summit Notes srlinuxx 10/04/2005 - 11:43pm
Story New Slack is Out srlinuxx 11/04/2005 - 5:01pm
Story New O'Reilly Security Book Released srlinuxx 10/04/2005 - 11:53pm
Story 97 bugs found in MySQL srlinuxx 10/04/2005 - 11:54pm
Story Intel Has Been Busy Busy Busy srlinuxx 10/04/2005 - 11:54pm
Story On the Redmond Front srlinuxx 10/04/2005 - 11:55pm
Story M$ Continues its Attack srlinuxx 10/04/2005 - 11:56pm

Security: 17 Things

Filed under

A list for protecting yourself and others from the most common and easiest-to-pull-off security crimes.

I spend a lot of time giving information security advice, such as why RMF (Risk Management Framework) is too top-heavy for implementing risk management practices in small or R&D-focused organizations, what the right Apache SSL settings really are or how static analysis can help improve C code. What I'm asked for the most though isn't any of those things; it's the everyday stuff that even non-technical people can do to protect themselves from the looming but nebulous threat of an information security accident.

Read more

Linux Foundation unveils open source hypervisor for IoT products

Filed under

The Linux Foundation recently unveiled ACRN (pronounced "acorn"), a new open source embedded reference hypervisor project that aims to make it easier for enterprise leaders to build an Internet of Things (IoT)-specific hypervisor.

The project, further detailed in a press release, could help fast track enterprise IoT projects by giving developers a readily-available option for such an embedded hypervisor. It will also provide a reference framework for building a hypervisor that prioritizes real-time data and workload security in IoT projects, the release said.

Read more

NXP IoT platform links ARM/Linux Layerscape SoCs to cloud

Filed under

NXP’s “EdgeScale” suite of secure edge computing device management tools help deploy and manage Linux devices running on LSx QorIQ Layerscape SoCs, and connects them to cloud services.

NXP has added an EdgeScale suite of secure edge computing tools and services to its Linux-based Layerscape SDK for six of its networking oriented LSx QorIQ Layerscape SoCs. These include the quad-core, 1.6GHz Cortex-A53 QorIQ LS1043A, which last year received Ubuntu Core support, as well as the octa-core, Cortex-A72 LS2088a (see farther below).

Read more

Games Leftovers

Filed under

OSS Leftovers

Filed under
  • Univa Taps Open Source Community to Bolster Enterprise HPC

    Univa is looking to the open source community to help evolve its Navops Launch platform for enterprises migrating high-performance computing (HPC) workloads to the cloud. The open source efforts will run under the Project Tortuga banner, with access available through an Apache 2.0 license model.

    Rob LaLonde, general manager and vice president for Navops at Univa, explained that the open source plan will focus on general purpose cluster and cloud management frameworks. This includes the ability to automate the deployment of clusters in local on-premises, cloud-based, and hybrid-cloud configurations. These will be applicable to applications like HPC, big data frameworks, Kubernetes, machine learning, and deep learning environments.

  • Univa Open Sources Project Tortuga

    Univa, a leading innovator in on-premise and hybrid cloud workload management solutions for enterprise HPC customers, announced the contribution of its Navops Launch (née Unicloud) product to the open source community as Project Tortuga under an Apache 2.0 license to help proliferate the transition of enterprise HPC workloads to the cloud.

  • Univa Open Sources Project Tortuga to Accelerate the Migration of Enterprise HPC Workloads to the Cloud
  • Univa open sources Project Tortuga to boost migration of enterprise HPC workloads to the cloud
  • Google Open-Sources Impressive AI Camera Tools

    People use smartphones for lots of different reasons. Some folks like to browse the web. Some like to listen to music. Some like to spend infinite money on bad mobile games. And some people even still like to make phone calls. But one of the biggest selling points of a modern phone is the quality of its camera. Gone are the dark ages of blurry flip-phone images. Phones these days can take pictures professional enough to be screened in theaters or advertised in subway stops. And manufacturers are always looking to get an edge on the competition.

  • Why Open Source & Hardware Integration Can Work for Service Providers

Best Linux distros for small businesses in 2018

Filed under

Running a small business is no easy task. The last thing you need is extra complexity in your IT infrastructure – so why turn to Linux?

Well, it could (if you're lucky) actually turn out to be a less complex choice for many tasks, depending on the distribution you select. And, critically, Linux is free; at least if you don't figure in support costs. That's an overhead ticked off the list.

Read more

Openwashing 'Cloud'

Filed under

Red Hat and Fedora Leftovers

Filed under
Red Hat

Security: CPU Patches, PostgreSQL, Apple 'Back Door'

Filed under
  • Canonical Releases Spectre/Meltdown Patches for Ubuntu 17.10 for Raspberry Pi 2

    Canonical published two security advisories on Thursday to announce the availability of Spectre mitigations for the ARM64 (AArch64) hardware architecture on its Ubuntu 17.10 and Ubuntu 16.04.4 LTS systems.

    In January, Canonical released several kernel updates for Ubuntu 17.10 (Artful Aardvark) and other supported Ubuntu releases with software mitigations against the Spectre and Meltdown security vulnerabilities. These patches were first released for 64-bit (amd64) architectures, and then for 32-bit (i386), PPC64el, and s390x systems.

    Today, the company announced the availability of new kernel updates that address both the Meltdown and Spectre security vulnerabilities for the ARM64 (AArch64) hardware architecture, patching the Raspberry Pi 2 kernel for Ubuntu 17.10, as well as its derivatives.

  • Oracle Patches Spectre for Red Hat

    The Red Hat community has patiently awaited a retpoline kernel implementation that remediates CVE-2017-5715 (Spectre v2) and closes all Meltdown and Spectre vulnerabilities that have captured headlines this year.

    Red Hat's initial fixes rely upon microcode updates for v2 remediation, a decision that leaves the vast majority of AMD64-capable processors in an exploitable state. Intel's new microcode has proven especially problematic; it performs badly and the January 2018 versions were plagued with stability issues that crashed many systems. It is a poor solution to a pressing problem.

  • ​Meet the Scarlett Johansson PostgreSQL malware attack

    t's not the first time an image has been used to give a victim malware, but it may be the first time it's been used so narrowly. According to the security firm Imperva, their StickyDB database management system (DBMS) honeypot has uncovered an attack that places malware, which cryptomines Monero, on PostgreSQL DBMS servers. Its attack vector? An image of Hollywood star Scarlett Johansson.

    Now, you might ask, "How many PostgreSQL DBMS servers are out there on the internet to be attacked?" The answer: "More than you'd expect." A Shodan search revealed almost 710,000 PostgreSQL servers ready to be hacked. It appears there are so many of them because it's way too easy, especially on Amazon Web Services (AWS), to set up PostgreSQL servers without security.

  • This Black Box Can ‘Unlock Your iPhone’ For Cops; Images Leaked

    The debate whether law enforcement agencies should be given exclusive access to iOS-powered Apple devices started when the FBI was unable to unlock San Bernardino shooter’s iPhone. Eventually, FBI found other ways to get inside Apple’s secured digital fortress, through an Israel-based company called Cellebrite.

    In the latest news, we have come across about a new iPhone unlocking device called GrayKey that can be used by law enforcement guys to harvest passcode of an iPhone and other iOS-powered devices such as iPads and iPods.

Ubuntu Has Made its Minimal Images Even More Minimal — Just 28MB!

Filed under

The Ubuntu minimal image has been reduced in size for the upcoming Ubuntu 18.04 LTS Bionic Beaver release. Ubuntu devs have reduced the images to just 28MB.

Read more

Also: TeX Live 2018 (pretest) hits Debian/experimental

Linux Beats Windows To Become The Most Popular Development Platform: Stack Overflow Survey 2018

Filed under

Every year, Stack Overflow conducts its developer survey and shares its results with the public for analysis. Expanding its reach, this year over 100,000 developers took part in the 30-minute survey and told how they learn new technologies, which tools they use to get their work done, and what they look for while hunting some job.

Over the next few weeks, I’ll be sharing the different findings of the survey with you and telling you how it compares to the past years’ trends. Today, I’ll be telling you about the platforms that were most commonly used by the developers over the past year.

Read more

Zorin OS 12.3 Released – A Stronger, More Versatile System

Filed under

We’re excited to announce the release of Zorin OS 12.3. This version focuses on strenghtening the fundamentals of the operating system that contribute towards Zorin OS’s unique user experience: simplicity, security, and functionality.

Read more

today's leftovers

Filed under
  • Ubuntu Podcast from the UK LoCo: S11E02 – A Tale of Two Cities - Ubuntu Podcast

    This week we interview Will Cooke, Manager of the Ubuntu Desktop team, about the changes we can expect to see in Ubuntu 18.04.

  • The Latest Winevulkan Patches Make It Usable For Doom, Wolfenstein & DXVK

    Roderick Colenbrander and those working with him on "Winevulkan" to provide a clean Vulkan implementation for Wine supporting the Vulkan ICD concept, etc, rather than the old hacked together code in Wine-Staging have done a great job. With Roderick's latest Winevulkan patches, this new implementation is considered usable.

    It was just at the start of March that the initial Winevulkan support merged and since then more patch series have landed for this implementation that allows Windows programs on Wine to tap Vulkan support, permitting the host system has working Vulkan API support.

  • Samsung/Enlightenment Developers Are Busy At Work On EFL 2.0

    Cedric Bail of Samsung's Open-Source Group presented today at the Embedded Linux Conference on EFL 2.0 as part of the Enlightenment project's long-standing goal to provide a new and unified API.

    While the Enlightenment Foundation Libraries 1.x (EFL1) continues to be maintained, the developers at Samsung OSG that are part of the Enlightenment team have been busy construction EFL 2.0 and hope to show off the first of their new wares in 2018.

  • Present your images from the couch with Gwenview, MPRIS & KDE Connect

    KDE Applications 18.04 Feature Freeze is setting in. Or: reminder to do finally that feature you always wanted to implement.

  • Reflections on the GNOME 3.28 Release Video

    I just flipped the switch for the 3.28 Release Video. I’m really excited for all the new awesome features the community has landed, but I am a bit sad that I don’t have time to put more effort into the video this time around. A busy time schedule collided with technical difficulties in recording some of the apps. When I was staring at my weekly schedule Monday there didn’t seem much chance for a release video to be published at all..

  • Slackware: What all happened in March so far

    I realize I have been a wee bit silent on the blog (not counting my replies in the comments section). This was due to private issues that drained the desire for social interactions. Nevertheless there was quite a bit of activity on the Slackware packaging front.

  • Development Versions of Oracle Linux UEK now available on GitHub

    The source for UEK has always been available at, as a git repository with full git history. Starting now, we'll also be posting the UEK source on By doing so, we intend to increase the visibility for our work and to make it even easier for people to access the source for UEK. We will also use this repository for working with developers at partner companies and in the Linux community. The repository contains the source for the Unbreakable Enterprise Kernel including a small number of Oracle additions which have not yet been accepted into the mainline Linux kernel source tree.

    The Unbreakable Enterprise Kernel (UEK) is a Linux kernel built by Oracle and supported via Oracle Linux support. Its focus is performance, stability, and minimal backports by tracking the mainline source code as closely as is practical. UEK is well-tested and used to run Oracle's Engineered Systems, Oracle Cloud Infrastructure, and large enterprise deployments for Oracle customers.

  • Defining the Spectrum of Cloud Deployment Technologies

    “Cloud computing” has been a catch-all phrase over the past decade to describe anything that’s a shift away from hardware servers. However, the term has become nebulous in recent times with the growing diversity in how many different ways you can leverage the cloud.

    We’ve come far from a simplistic separation between on-premises and cloud. Today, it’s about on-premises versus a range of different cloud options. Indeed, the cloud can be a confusing place for newcomers and veterans alike, with new options cropping up every few months, and the landscape always shifting towards the newer and better.

    But how do you choose between good, better and best? Let’s compare the various cloud deployment technologies available today and find the common ground and what separates them from each other.

Software: LPlayer, GNU Automake, GStreamer, Sigal

  • LPlayer is a new, minimal audio player for Linux

    Sometimes I want listen to a couple of podcast episodes or audio tracks back-to-back, without adding them to my media library.

    PLlayer could be the minimalist audio player for Linux U’ve been looking for.

    I’m not going to spend 500 words waffling about how this app is better than Rhythmbox, Clementine or any other Linux music player.

  • GNU Automake 1.16.1 released

    We are pleased to announce the GNU Automake 1.16.1 maintenance release.

    This release follows 1.16 which was made 2 weeks ago.

  • GStreamer 1.14 Nears Release With WebRTC Support, Experimental AV1 & NVIDIA NVDEC

    Just a little more than one week past the GStreamer 1.14 RC1 release, the second and final release candidate of the upcoming GStreamer 1.14 is now available for testing.

  • Easy photo galleries with Sigal

    Sigal is a "simple static gallery generator" with a straightforward design, a nice feature set, and great themes. It was started as a toy project, but has nevertheless grown into a sizable and friendly community. After struggling with maintenance using half a dozen photo gallery projects along the way, I feel I have found a nice little gem that I am happy to share with LWN readers.

Red Hat Leftovers

Filed under
Red Hat

OSS Leftovers

Filed under

Mozilla: Mozilla Firefox 60 Plans, Firefox 59 Release and More

Filed under
  • Mozilla Firefox 60 Promises Enhanced Camera Privacy and USB Token Authentication

    While most Internet users are enjoying their brand-new Firefox 59 web browser with all of its performance improvements and new privacy features, Mozilla works hard on the next major release, Firefox 60.

  • Firefox Quantum for Enterprise Brings Control to Browser Deployments

    Mozilla is aiming to increase its browser market share with a new effort that will better enable managed deployments of the Firefox browser in enterprise environments.

    The new Firefox Quantum for Enterprise technology is part of the Firefox 60 release which reached the beta milestone on March 14 and is set to become generally available on May 9. The Firefox 60 Beta release comes a day after the Firefox 59 browser was released, providing incremental feature updates and security fixes.

  • Firefox 59 Released: Faster Page Loading, Better Graphics For macOS, New Screenshot Features
  • March Add(on)ness: Tree Style Tab (1) Vs Don’t Touch My Tabs (4)
  • Enter the Firefox Quantum Extensions Challenge

    Firefox users love using extensions to personalize their browsing experience. Now, it’s easier than ever for developers with working knowledge of JavaScript, HTML, and CSS to create extensions for Firefox using the WebExtensions API. New and improved WebExtensions APIs land with each new Firefox release, giving developers the freedom to create new features and fine-tune their extensions.

  • Building Mixed Reality spaces for the web

    One of the primary goals of our Social Mixed Reality team is to enable and accelerate access to Mixed Reality-based communication. As mentioned in our announcement blog post, we feel meeting with others around the world in Mixed Reality should be as easy as sharing a link, and creating a virtual space to spend time in should be as easy as building your first website. In this post, we wanted to share an early look at some work we are doing to help achieve the second goal, making it easy for newcomers to create compelling 3D spaces suited for meeting in Mixed Reality.

Syndicate content

More in Tux Machines

OSS Leftovers

  • What Is Fuchsia, Google’s New Operating System?
    Fuchsia first popped up on the tech world’s radar in mid-2016, when an unannounced open source project from Google appeared on the GitHub repository. According to initial inspection by the technology press, it was designed to be a “universal” operating system, capable of running on everything from low-power smartwatches to powerful desktops. That potentially includes phones, tablets, laptops, car electronics, connected appliances, smarthome hardware, and more.
  • Google created an AI-based, open source music synthesizer
    Move over musicians, AI is here. Google's 'NSynth' neural network is designed to take existing sounds and combine them using a complex, machine learning algorithm. The result? Thousands of new musical sounds, and an instrument you can play them on.
  • March Add(on)ness: uBlock (1) vs Kimetrack (4)
  • TenFourFox FPR6 SPR1 coming
    Stand by for FPR6 Security Parity Release 1 due to the usual turmoil following Pwn2Own, in which the mighty typically fall and this year Firefox did. We track these advisories and always plan to have a patched build of TenFourFox ready and parallel with Mozilla's official chemspill release; I have already backported the patch and tested it internally.
  • GCC 8 Compiler Offering More Helpful Debug Messages, Usability Improvements
    Red Hat's David Malcom has outlined some of the usability improvements coming with the imminent release of GCC 8.
  • Friday Free Software Directory IRC meetup time changed: March 16th starting at 12:00 p.m. EDT/16:00 UTC
  • Your guide to LibrePlanet 2018, wherever you are, March 24-25
    The free software community encompasses the globe, and we strive to make the LibrePlanet conference reflect that. That's why we livestream the proceedings of the conference, and encourage you to participate remotely by both watching and participating in the discussion via IRC.
  • Open Source Advocate Dr. Joshua Pearce Publishes Paper on Inexpensive GMAW Metal 3D Printing
    One of the most outspoken advocates of open source philosophy in the 3D printing industry is Dr. Joshua M. Pearce, Associate Professor, Materials Science & Engineering and Electrical & Computer Engineering for Michigan Technological University (Michigan Tech).
  • ONF Launches Stratum Open-Source SDN Project
    The growing adoption of software-defined networking over the past several years has given a boost to makers of networking white boxes. The separation of the network operating system, control plane and network tasks from the underlying proprietary hardware meant that organizations could run that software on white-box switches and servers that are less expensive than those systems from the likes of Cisco Systems, Juniper Networks, Dell EMC and Hewlett Packard Enterprise. Network virtualization technologies such as software-defined networking (SDN) and network-functions virtualization (NFV) have proven to be a particular boon for hyperscale cloud providers like Google and Facebook and telecommunications companies like AT&T and Verizon, which are pushing increasingly massive amounts of traffic through their growing infrastructures. Being able to use less expensive and easily manageable white boxes from original design manufacturers (ODMs) has helped these organizations keep costs down even as demand rises.

KDE: Discover, Qt Creator, LibAlkimia

  • This week in Discover, part 10
    This week saw many positive changes for Discover, and I feel that it’s really coming into its own. Discover rumbles inexorably along toward the finish line of becoming the most-loved Linux app store!
  • Qt Creator 4.6 RC & Qt 5.11 Beta 2 Released
    The Qt Company has some new software development releases available in time for weekend testing. First up is the Qt Creator 4.6 Release Candidate. Qt Creator 4.6 has been working on better C++17 feature support, Clang-Tidy and Clazy warnings are now integrated into the diagnostic messages for the C++ editor, new filters, and improvements to the model editor.
  • LibAlkimia 7.0.1 with support for MPIR released
    LibAlkimia is a base library that contains support for financial applications based on the Qt C++ framework. One of its main features is the encapsulation of The GNU Multiple Precision Arithmetic Library (GMP) and so providing a simple object to be used representing monetary values in the form of rational numbers. All the mathematical details are hidden inside the AlkValue object.
  • Last Weeks Activity in Elisa and Release Schedule
    Elisa is a music player developed by the KDE community that strives to be simple and nice to use. We also recognize that we need a flexible product to account for the different workflows and use-cases of our users. We focus on a very good integration with the Plasma desktop of the KDE community without compromising the support for other platforms (other Linux desktop environments, Windows and Android). We are creating a reliable product that is a joy to use and respects our users privacy. As such, we will prefer to support online services where users are in control of their data.

SwagArch 18.02 - U Got Swag?

SwagArch sounds like an interesting concept. The aesthetic side of things is reasonable, although brown as a color and a dark theme make for a tricky choice. The fonts are pretty good overall. But the visual element is the least of the distro's problems. SwagArch 18.02 didn't deliver the basics, and that's what made Dedoimedo sad. Network support plus the clock issue, horrible package management and broken programs, those are things that must work perfectly. Without them, the system has no value. So you do get multimedia support and a few unique apps, however that cannot balance out all the woes and problems that I encountered. All in all, Swag needs a lot more work. Also, it will have a tough time competing with Manjaro and Antergos, which are already established and fairly robust Arch spins. Lastly, it needs to narrow down its focus. The overall integration of elements is pretty weak. Eclectic, jumbled, not really tested. 2/10 for now. Let's see how it evolves. Read more

How Open Source Approach is Impacting Science

Dive into the exciting world of Innovative Science to explore and find out about how the Linux-based Operating System and Open Source are playing a significant role in the major scientific breakthroughs that are taking place in our daily lives. Read more