Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 22 Oct 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Repliessort icon Last Post
Story ut2004 Update Out srlinuxx 11/04/2005 - 4:00am
Story Coolest Homepage Yet! srlinuxx 11/04/2005 - 4:00am
Story IBM Sets Its Sights on Linux Software srlinuxx 11/04/2005 - 3:59am
Story Review of PCLOS srlinuxx 11/04/2005 - 6:24am
Story The Myth of Linux Security srlinuxx 11/04/2005 - 3:39am
Story M$ Plans more Secure Browser :roll: srlinuxx 11/04/2005 - 3:38am
Story Whoops: KDE fliccd Buffer Overflow Vulnerabilities srlinuxx 11/04/2005 - 6:30am
Story Study Find Open Source More Secure srlinuxx 11/04/2005 - 3:36am
Story Interview with Bill Gates srlinuxx 11/04/2005 - 3:36am
Story Security Showdown: Back & Forth srlinuxx 11/04/2005 - 3:35am

Red Hat News

Filed under
Red Hat

Linux Foundation:Blockchain and ONF/ONOS

Filed under
  • Blockchain technology can help save the lives of millions of refugees by giving them a verified identity

    What if you had no proof of who you are? What would you do when the bank manager asked for ID when you tried to open an account or when the hospital asked for your documentation?

    You wouldn’t be able to function, at least not easily. Billions face this problem internationally, but now blockchain technology is helping those with no paper proof of existence get the same services as those with “official” identification.

  • Open Networking Foundation and ON.Lab Merge

    As Software Defined Networking (SDN) has matured from just being a theoretical concept to a production reality, consolidation is now happening in SDN advocacy efforts as well. Today the Open Networking Foundation (ONF) and ON.Lab announced that they would be merging, bringing the two groups' SDN efforts under one umbrella organization.


    There is also a connection between ONF and the Linux Foundation, with the ONOS and CORD projects led by ON.Lab. Parulkar said that with the ONF merger, the ONOS and CORD boards and governance will continue unchanged and they will continue to be Linux Foundation Collaborative projects.

  • ONF to Merge With On.Lab

    The Open Networking Foundation (ONF) is merging with On.Lab, creating one entity that will curate standards such as OpenFlow while developing software projects such as ONOS and the Central Office Re-Imagined as a Datacenter (CORD).

NethServer 7 RC1 Replaces Snort with Suricata, Adds Deep Packet Inspection

Filed under
Red Hat

The development of the CentOS-based, server-oriented NethServer 7 operating system continues, and today, October 19, 2016, Alessio Fattorini informed Softpedia about the availability of the first Release Candidate (RC) version.

Read more

Games for GNU/Linux

Filed under

Linux Kernel News

Filed under
  • Linux 4.9 Is Showing Some Performance Improvements On A Core i7 6800K

    Now that Linux 4.9-rc1 is out, it's onward to testing this new Linux kernel on the dozens of test systems at Phoronix. With some early testing on a Core i7 6800K Broadwell-E box, there are some promising improvements.

  • Linux 4.10 To Expose EFI Framebuffer Configuration

    While Linux 4.9-rc1 was only released this past weekend, the EFI subsystem changes are already being staged for the next kernel cycle.

    One of the EFI changes catching my attention for Linux 4.10 is that the EFI frame-buffer configuration will be exposed. This will allow for localized status strings during firmware updates.

  • Features You Won't Find In The Linux 4.9 Mainline Kernel

    While there are many new features in Linux 4.9, there is some functionality we've been looking forward to that sadly isn't yet in the mainline kernel tree.

RaspEX Project Now Lets You Run Ubuntu 16.10 on Raspberry Pi 3 and 2, with LXDE

Filed under

Today, October 19, 2016, GNU/Linux developer Arne Exton informed us about the immediate availability of a new build of his RaspEX project, which brings the latest Ubuntu OS to Raspberry Pi users.

Read more

Nasdaq Selects Drupal 8

Filed under

Dries Buytaert announced today that Nasdaq Corporate Solutions has selected Drupal 8 and will work with Acquia to create its Investor Relations Website Platform. In the words of Angela Byron, a.k.a "Webchick", "This is a big freakin' deal."

Read more

Direct: Nasdaq using Drupal 8 for new Investor Relations websites

Android Leftovers

Filed under

Red Hat and Fedora

Filed under
Red Hat
  • Red Hat brings enterprise mobile apps to its containers platform

    Linux major Red Hat has unveiled its Red Hat Mobile Application Platform, a containerized offering designed to run in any public or private cloud or on-premise infrastructure that supports its Enterprise Linux. When used alongside Red Hat’s existing SaaS (software-as-a-service) mobile app platform, enterprises gain a wider set of deployment options to integrate, manage, and scale their mobile app initiatives to meet their business objectives, said the company.

  • Red Hat flaunts new curriculum offering

    The solution provides higher education institutions with the support to offer exams and courses centred around Red Hat technology.

    “Red Hat Academy goes beyond just implementing the software,” said Mustapha Hill, Channel Ecosystem Leader, MENA, Red Hat. “With this initiative, we actually advise universities on how they can implement software training into their curriculum. We do this because we want graduates to eventually be able to gain employment in the market based on their knowledge of Red Hat technology.

  • Fedora kernel scripting

    When I joined the Fedora kernel team about 1.5 years ago, I was the first brand new person in a long time. My teammates had most of the infrastructure instructions for the kernel in their brains. Part of my new hire tasks were documenting the steps for working with the Fedora kernel. These days, I can do most of the day to day tasks in my sleep. The tasks are still somewhat manual though which leaves room for error. I've decided to correct this by scripting some of the more manual parts.

  • Going to FUDCon: Phnom Penh Edition

    A little over a year ago, FUDCon APAC happened in Pune. I know because I lost a lot of nights sleep over it. The event also marked a turning point in my life because it coincided with my decision to move on from Red Hat and accept an offer with Linaro, a decision that I can say now was among the best I have taken in my life despite the very difficult choice I had to make to leave arguably the best team one could ever work with. FUDCon also brought me in touch with many volunteers from across Asia and it was interesting to see the kinds of challenges they faced when talking about Fedora and Open Source in general. That was also when I got to know Nisa and Somvannda from Cambodia better, especially when I had the chance to go over to Phnom Penh for APAC budget discussions. They had wanted to do a FUDCon in Phnom Penh in 2015 and we simply put out a better bid then.

  • Tommorow FOSSASIA meets PyLadies Pune

    Tomorrow we have a special PyLadies meetup at the local Red Hat office. Hong Phuc Dang from FOSSASIA is coming down for a discussion with the PyLadies team here. She will be taking about various projects FOSSASIA is working on, including codeheat. In the second half I will be taking a workshop on creating command line shell using Python.

  • Deploy containers with Atomic Host, Ansible, and Cockpit
  • How to Install Atom in Fedora

    A text editor is an important tool for developers, since they spend a lot of time using one. This article is about Atom, a cool modern editor.

    Atom is a free and open source text editor developed in 2015 by Github. Its developer calls it “the hackable text-editor for the 21st century.” It offers vast language support, and easy customization. It also works as an integrated development environment, or IDE. It comes with some built-in packages, but you can install other packages too. Most of these are freely licensed and maintained by community. Of course, it’s also free of cost.

  • debugging koji build failures

    From time to time builds fail in koji (The Fedora build system), and it’s good to know how to figure out where to look for the reason. Koji has a central hub that manages jobs and a bunch of builders that actually do the builds. When someone initiates a build you are talking to the hub and either uploading a src.rpm (for a scratch build) or telling it to use a particular git hash/repo for an official Fedora build. For official builds, koji will first generate a job to build the src.rpm from git and the packages lookaside cache with the source. This job will run on some builder thats ready and has capacity for it. Once the src.rpm is generated (or if you are providing it for a scratch build), the hub will generate build tasks for all the arches that are set in the target tag you are building to. Each one of those will go out to a builder of the right arch type that is enabled and has capacity, etc. If any of these fail, the entire build fails.

Security News

Filed under
  • Security advisories for Wednesday
  • Security bug lifetime

    In several of my recent presentations, I’ve discussed the lifetime of security flaws in the Linux kernel. Jon Corbet did an analysis in 2010, and found that security bugs appeared to have roughly a 5 year lifetime. As in, the flaw gets introduced in a Linux release, and then goes unnoticed by upstream developers until another release 5 years later, on average. I updated this research for 2011 through 2016, and used the Ubuntu Security Team’s CVE Tracker to assist in the process. The Ubuntu kernel team already does the hard work of trying to identify when flaws were introduced in the kernel, so I didn’t have to re-do this for the 557 kernel CVEs since 2011.

  • Reproducible Builds: week 77 in Stretch cycle

    After discussions with HW42, Steven Chamberlain, Vagrant Cascadian, Daniel Shahaf, Christopher Berg, Daniel Kahn Gillmor and others, Ximin Luo has started writing up more concrete and detailed design plans for setting SOURCE_ROOT_DIR for reproducible debugging symbols, buildinfo security semantics and buildinfo security infrastructure.

  • Veracode security report finds open source components behind many security vulnerabilities [Ed: not a nice firm]

Linux Kernel News

Filed under
  • Linux kernel bugs: we add them in and then take years to get them out

    Kees Cook is a Google techie and security researcher whose interests include the Linux Kernel Self Protection Project.

    The idea of “self-protection” doesn’t mean giving up on trying to create secure code in the first place, of course.

    It may sound like an irony, but I’m happy to accept that writing secure code requires that you simultaneously write code that is predicated on insecurity.

  • storaged - next evolution step of udisks2

    What do you think about the above goals? Do you think GNU/Linux distributions should and will adopt storaged as a replacement for *udisks2"? Would you like your favorite distribution to do so? Or do you see a really bumpy road ahead? Please tell us what you think in the comments and if you know about somebody who should read this post and participate in the broader discussion, don't forget to let them know and send them the link!

  • Ten Years of KVM

    We recently celebrated 25 years of Linux on the 25th anniversary of the famous email Linus sent to announce the start of the Linux project. Going by the same yardstick, today marks the 10th anniversary of the KVM project — Avi Kivity first announced the project on the 19th Oct, 2006 by this posting on LKML...

Bosch and Red Hat join initiative to develop cloud-based IoT platform components

Filed under
Red Hat

The Eclipse Foundation open source community is collaborating with Bosch Software Innovations, Red Hat and Eurotech to develop interoperable IoT components that can be deployed to a Cloud platform. We are constantly reminded that IoT is all about the ecosystem, but such extensive industry networks are only as valuable as their ability to work together and interoperate without unnecessary complications.

This latest collaboration will be part of the existing Eclipse IoT Working Group, a community of 26 open source IoT projects hosted by the Eclipse Foundation, though still a separate project. An ecosystem within an ecosystem then. This is getting very confusing.

Read more

Red Hat and Ericsson sign open source deal

Filed under
Red Hat

Red Hat is well known as probably the most successful company built entirely on open-source software. Building a business on top of open source is a hard thing, especially so back in the early days of open source when no one had any real idea how the economics of a product that was free would translate into commercial success.

But succeed it did, and Red Hat has created a huge business built entirely on offering services on top of open-source products.

Read more

Ericsson, Red Hat Partner on Open Source

Red Hat and Ericsson Announce Broad Alliance to Enable Pervasive Adoption of Open Source Solutions

Who killed Cyanogen?

Filed under

Analysis Does European Commissioner for Competition Margrethe Vestager's team pay close attention to the tech news? If not, perhaps they should.

Last week there was barely a murmur after Cyanogen Inc scaled back its ambitions. “Throwing in the towel” may be harsh – but the Android software company said it would henceforth be trying to interest phone makers in useful bits and bobs of code, rather than a platform alternative to Google, a customisable firmware.

Read more

Canonical Ltd.'s Ubuntu Core

Filed under

Canonical Ltd.'s "Snappy" Ubuntu Core, a stripped-down version of Ubuntu designed for autonomous machines, devices and other internet-connected digital things, has gained significant traction in the chipset/semiconductor market recently.

Read more

Live kernel patches for Ubuntu

Filed under

Kernel live patching enables runtime correction of critical security
issues in your kernel without rebooting. It’s the best way to ensure
that machines are safe at the kernel level, while guaranteeing uptime,
especially for container hosts where a single machine may be running
thousands of different workloads.

We’re very pleased to announce that this new enterprise, commercial
service from Canonical will also be available free of charge to the
Ubuntu community.

The Canonical Livepatch Service is an authenticated, encrypted, signed
stream of livepatch kernel modules for Ubuntu servers, virtual
machines and desktops.

Read more

Also: Hotfix Your Ubuntu Kernels with the Canonical Livepatch Service!

Apache on Ubuntu Linux For Beginners: Part 2

Filed under

You must set up your Apache web server to use SSL, so that your site URL is https:// and not http://. Sure, there are exceptions, such as test servers and lone LAN servers that only you and your cat use.

But any Internet-accessible web server absolutely needs SSL; there is no downside to encrypting your server traffic, and it's pretty easy to set up. For LAN servers it may not be as essential; think about who uses it, and how easy it is to sniff LAN traffic.

Read more

Linux Foundation Certified Engineer: Karthikeyan Ramaswamy

Filed under

Linux was part of my academics. I was introduced to Linux at the Anna University Bioinformatics Lab by my Professor Gautam Pennathur. After that introduction, I became truly interested in Linux and open source when I was doing my final year project with Professor Nagasuma Chandra in the bioinformatics department, Indian Institute of Science. It was an incredible journey with the different flavors of Linux as well as the scripting and programming languages. After learning about the history of Linux and open source software movement, I become an Individual supporter of The Linux Foundation and an Annual Associate Member of the Free Software Foundation.

Read more

Syndicate content

More in Tux Machines

Linux 4.8.4

I'm announcing the release of the 4.8.4 kernel. And yeah, sorry about the quicker releases, I'll be away tomorrow and as they seem to have passed all of the normal testing, I figured it would be better to get them out earlier instead of later. And I like releasing stuff on this date every year... All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git:// linux-4.8.y and can be browsed at the normal git web browser: Read more Also: Linux 4.7.10 Linux 4.4.27

New Releases: Budgie, Solus, SalentOS, and Slackel

  • Open-Source Budgie Desktop Sees New Release
    The pet parakeet of the Linux world, Budgie has a new release available for download. in this post we lookout what's new and tell you how you can get it.
  • Solus Linux Making Performance Gains With Its BLAS Configuration
    - Those making use of the promising Solus Linux distribution will soon find their BLAS-based workloads are faster. Solus developer Peter O'Connor tweeted this week that he's found some issues with the BLAS linking on the distribution and he's made fixes for Solus. He also mentioned that he uncovered these BLAS issues by using our Phoronix Test Suite benchmarking software.
  • SalentOS “Luppìu” 1.0 released!
    With great pleasure the team announces the release of SalentOS “Luppìu” 1.0.
  • Slackel "Live kde" 4.14.21
    This release is available in both 32-bit and 64-bit architectures, while the 64-bit iso supports booting on UEFI systems. The 64-bit iso images support booting on UEFI systems. The 32-bit iso images support both i686 PAE SMP and i486, non-PAE capable systems. Iso images are isohybrid.

Security News

  • Free tool protects PCs from master boot record attacks [Ed: UEFI has repeatedly been found to be both a detriment to security and enabler of Microsoft lock-in]
    Cisco's Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks. The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub. The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems. Since the MBR code is executed before the OS itself, it can be abused by malware programs to increase their persistence and gain a head start before antivirus programs. Malware programs that infect the MBR to hide from antivirus programs have historically been known as bootkits -- boot-level rootkits. Microsoft attempted to solve the bootkit problem by implementing cryptographic verification of the bootloader in Windows 8 and later. This feature is known as Secure Boot and is based on the Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.
  • DDOS Attack On Internet Infrastructure
    I hope somebody's paying attention. There's been another big DDOS attack, this time against the infrastructure of the Internet. It began at 7:10 a.m. EDT today against Dyn, a major DNS host, and was brought under control at 9:36 a.m. According to Gizmodo, which was the first to report the story, at least 40 sites were made unreachable to users on the US East Coast. Many of the sites affected are among the most trafficed on the web, and included CNN, Twitter, PayPal, Pinterest and Reddit to name a few. The developer community was also touched, as GitHub was also made unreachable. This event comes on the heels of a record breaking 620 Gbps DDOS attack about a month ago that brought down security expert Brian Krebs' website, KrebsonSecurity. In that attack, Krebs determined the attack had been launched by botnets that primarily utilized compromised IoT devices, and was seen by some as ushering in a new era of Internet security woes.
  • This Is Why Half the Internet Shut Down Today [Update: It’s Getting Worse]
    Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.
  • Major DNS provider Dyn hit with DDoS attack
    Attacks against DNS provider Dyn continued into Friday afternoon. Shortly before noon, the company said it began "monitoring and mitigating a DDoS attack" against its Dyn Managed DNS infrastructure. The attack may also have impacted Managed DNS advanced service "with possible delays in monitoring."
  • What We Know About Friday’s Massive East Coast Internet Outage
    Friday morning is prime time for some casual news reading, tweeting, and general Internet browsing, but you may have had some trouble accessing your usual sites and services this morning and throughout the day, from Spotify and Reddit to the New York Times and even good ol’ For that, you can thank a distributed denial of service attack (DDoS) that took down a big chunk of the Internet for most of the Eastern seaboard. This morning’s attack started around 7 am ET and was aimed at Dyn, an Internet infrastructure company headquartered in New Hampshire. That first bout was resolved after about two hours; a second attack began just before noon. Dyn reported a third wave of attacks a little after 4 pm ET. In all cases, traffic to Dyn’s Internet directory servers throughout the US—primarily on the East Coast but later on the opposite end of the country as well—was stopped by a flood of malicious requests from tens of millions of IP addresses disrupting the system. Late in the day, Dyn described the events as a “very sophisticated and complex attack.” Still ongoing, the situation is a definite reminder of the fragility of the web, and the power of the forces that aim to disrupt it.
  • Either IoT will be secure or the internet will be crippled forever
    First things first a disclaimer. I neither like nor trust the National Security Agency (NSA). I believe them to be mainly engaged in economic spying for the corporate American empire. Glenn Greenwald has clearly proven that in his book No Place to Hide. At the NSA, profit and power come first and I have no fucking clue as to how high they prioritize national security. Having said that, the NSA should hack the Internet of (insecure) Things (IoT) to death. I know Homeland Security and the FBI are investigating where the DDoS of doomsday proportions is coming from and the commentariat is already screaming RUSSIA! But it is really no secret what is enabling this clusterfuck. It’s the Mirai botnet. If you buy a “smart camera” from the Chinese company Hangzhou XiongMai Technologies and do not change the default password, it will be part of a botnet five minutes after you connect it to the internet. We were promised a future where we would have flying cars but we’re living in a future where camera’s, light-bulbs, doorbells and fridges can get you in serious trouble because your home appliances are breaking the law.
  • IoT at the Network Edge
    Fog computing, also known as fog networking, is a decentralized computing infrastructure. Computing resources and application services are distributed in logical, efficient places at any points along the connection from the data source (endpoint) to the cloud. The concept is to process data locally and then use the network for communicating with other resources for further processing and analysis. Data could be sent to a data center or a cloud service. A worthwhile reference published by Cisco is the white paper, "Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are."
  • Canonical now offers live kernel patching for Ubuntu 16.04 LTS users
    Canonical has announced its ‘Livepatch Service’ which any user can enable on their current installations to eliminate the need for rebooting their machine after installing an update for the Linux kernel. With the release of Linux 4.0, users have been able to update their kernel packages without rebooting, however, Ubuntu will be the first distribution to offer this feature for free.
  • ​The Dirty Cow Linux bug: A silly name for a serious problem
    Dirty Cow is a silly name, but it's a serious Linux kernel problem. According to the Red Hat bug report, "a race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."
  • Ancient Privilege Escalation Bug Haunts Linux
  • October 21, 2016 Is Dirty COW a serious concern for Linux?
  • There is a Dirty Cow in Linux
  • Red Hat Discovers Dirty COW Archaic Linux Kernel Flaw Exploited In The Wild
  • Linux kernel bug being exploited in the wild
  • Update Linux now: Critical privilege escalation security flaw gives hackers full root access
  • Linux kernel bug: DirtyCOW “easyroot” hole and what you need to know
  • 'Most serious' Linux privilege-escalation bug ever discovered
  • New 'Dirty Cow' vulnerability threatens Linux systems
  • Serious Dirty Cow Linux Vulnerability Under Attack
  • Easy-to-exploit rooting flaw puts Linux PCs at risk
  • Linux just patched a vulnerability it's had for 9 years
  • Dirty COW Linux vulnerability has existed for nine years
  • 'Dirty Cow' Linux Vulnerability Found
  • 'Dirty Cow' Linux Vulnerability Found After Nine Years
  • FakeFile Trojan Opens Backdoors on Linux Computers, Except openSUSE
    Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed in live attacks. Russian antivirus vendor Dr.Web discovered this new trojan in October. The company's malware analysts say the trojan is spread in the form of an archived PDF, Microsoft Office, or OpenOffice file.

today's howtos