Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 23 Nov 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Repliessort icon Last Post
Story HP's CEO Search srlinuxx 11/04/2005 - 3:24am
Story IBM Surpassed Dell in Sales? srlinuxx 11/04/2005 - 3:23am
Story This Week at the Movies: Million Dollar Baby & Constantine srlinuxx 11/04/2005 - 3:23am
Story Microsoft signs on Alcatel for IPTV srlinuxx 11/04/2005 - 3:22am
Story HP Printer Cartridges Die Before Use srlinuxx 11/04/2005 - 3:23am
Story IBM furthers Linux While Gates Signs Contract srlinuxx 11/04/2005 - 3:22am
Story rm -rf Contest Interest Wanes? srlinuxx 11/04/2005 - 3:22am
Story Lose Phone = Lose Friends srlinuxx 11/04/2005 - 3:21am
Story Big Bullies srlinuxx 11/04/2005 - 3:20am
Story Mini Mozilla marches on Windows mobiles srlinuxx 11/04/2005 - 3:21am

Red Hat Leftovers

Filed under
Red Hat

Goodbye Apple, goodbye Microsoft... hello Linux

Filed under
GNU
Linux
Microsoft
Mac

A year on, my office computer is still humming along happily on Linux Mint. In fact I’m so satisfied that I have taken the final plunge and replaced my home computer with a Linux system as well.

Read more

Raspberry Pi arrives on PC/104… sort of

Filed under
Linux

Crowd Supply is hosting a “Pi/104” carrier for the RPi Compute Module 3 featuring PC/104 OneBank expansion, a 40-pin RPi header, and -25 to 80°C support.

Here’s something we haven’t seen before. Developer Adam Parker has launched a stackable PC/104 form factor carrier board on Crowd Supply designed to work with the Linux-driven Raspberry Pi Compute Module 3. The industrial-targeted carrier provides -25 to 80°C support and an 8-36V input with screw terminal connector.

Read more

today's leftovers

Filed under
Misc
  • Blockchain Moves Beyond its 'Moonshot' Phase
  • Some reading

    I've complained previously about disliking benchmarking. More generally, I'm not really a fan of performance analysis. I always feel like I get stuck at coming up with an approach to "it's going slower, why" beyond the basics. I watched a video of Brendan Gregg's talk from kernel recipes, and ended up going down the black hole1 of reading his well written blog. He does a fantastic job of explaining performance analysis concepts as well as the practical tools to do the analysis. He wrote a book several years ago and I happily ordered it. The book explains how to apply the USE method to performance problems across the system. This was helpful to me because it provides a way to generate a list of things to check and how to check them. It addresses the "stuck" feeling I get when dealing with performance problems. The book also provides a good high level overview of operating systems concepts. I'm always looking for references for people who are interested in kernels but don't know where to start and I think this book could fill a certain niche. Even if this book has been out for several years now, I was very excited to discover it.

  • Introducing container-diff, a tool for quickly comparing container images

    The Google Container Tools team originally built container-diff, a new project to help uncover differences between container images, to aid our own development with containers. We think it can be useful for anyone building containerized software, so we’re excited to release it as open source to the development community.

  • NATTT – A Modern Multi-Platform Time Conscious Tracker App

    It’s not that there aren’t already a lot of time tracker apps but my conscience wouldn’t let me sleep if I didn’t tell you about NATTT. So grab your cup of whatever you’re probably drinking as we delve into this app a little.

    NATTT is an acronym for “Not Another Time Tracking Tool”; a free and multi-platform app with which you can keep track of your work and how much you have spent at it.

  • Running Bitcoin node and ElectrumX server
  • todo.txt done
  • GNOME's Calendar & TODO Applications Are Looking Better For v3.28

    Adding to the growing list of changes for GNOME 3.28 are improvements to the Calendar and To Do applications by Georges Stavracas.

    Stavracas has been reworking the month view of GNOME Calendar and it's looking much better, some applications for Calendar via libdazzle, and more.

  • Compact DAQ systems offer a choice of 12- or 16-bit I/Os

    Advantech’s Linux-ready “MIC-1810” and “MIC-1816” DAQ computers offer 12- and 16-bit analog I/O, respectively, plus 24x DIOs, Intel CPUs, and 4x USB ports.

    Advantech’s MIC-1810 and MIC-1816 are digital acquisition computers that run Linux or Windows 7/8/10 on Intel 3rd Gen “Ivy Bridge” processors. If the aging CPU is a turn-off, keep in mind that many DAQ applications don’t require that much processing power, and perhaps Advantech’s “entry-level” label for the systems extends to the price, as well. The 165 x 130 x 59mm, DIN-rail mountable systems should also prove useful for environments with limited space.

Security: New Release of HardenedBSD, Windows Leaks Details of Windows Back Doors

Filed under
Security
  • Stable release: HardenedBSD-stable 11-STABLE v1100054
  • Kaspersky blames NSA hack on infected Microsoft software

    Embattled computer security firm Kaspersky Lab said Thursday that malware-infected Microsoft Office software and not its own was to blame for the hacking theft of top-secret US intelligence materials.

    Adding tantalizing new details to the cyber-espionage mystery that has rocked the US intelligence community, Kaspersky also said there was a China link to the hack.

  • Investigation Report for the September 2014 Equation malware detection incident in the US

    In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously. To assist any independent investigators and all the people who have been asking us questions whether those allegations were true, we decided to conduct an internal investigation to attempt to answer a few questions we had related to the article and some others that followed it:

  • Kaspersky: Clumsy NSA leak snoop's PC was packed with malware

    Kaspersky Lab, the US government's least favorite computer security outfit, has published its full technical report into claims Russian intelligence used its antivirus tools to steal NSA secrets.

    Last month, anonymous sources alleged that in 2015, an NSA engineer took home a big bunch of the agency's cyber-weapons to work on them on his home Windows PC, which was running the Russian biz's antimalware software – kind of a compliment when you think about it. The classified exploit code and associated documents on the personal system were then slurped by Kremlin spies via his copy of Kaspersky antivirus, it was claimed.

OSS Leftovers

Filed under
OSS
  • Open Source Networking Days: Think Globally, Collaborate Locally

    Something that we’ve learned at The Linux Foundation over the years is that there is just no substitute for periodic, in-person, face-to-face collaboration around the open source technologies that are rapidly changing our world. It’s no different for the open networking projects I work with as end users and their ecosystem partners grapple with the challenges and opportunities of unifying various open source components and finding solutions to accelerate network transformation. This fall, we decided to take The Linux Foundation networking projects (OpenDaylight, ONAP, OPNFV, and others) on the road to Europe and Japan by working with local site hosts and network operators to host Open Source Networking Days in Paris, Milan, Stockholm, London, Tel Aviv, and Yokohama.

  • The Open-Source Driving Simulator That Trains Autonomous Vehicles

    Self-driving cars are set to revolutionize transport systems the world over. If the hype is to be believed, entirely autonomous vehicles are about to hit the open road.

    The truth is more complex. The most advanced self-driving technologies work only in an extremely limited set of environments and weather conditions. And while most new cars will have some form of driver assistance in the coming years, autonomous cars that drive in all conditions without human oversight are still many years away.

    One of the main problems is that it is hard to train vehicles to cope in all situations. And the most challenging situations are often the rarest. There is a huge variety of tricky circumstances that drivers rarely come across: a child running into the road, a vehicle driving on the wrong side of the street, an accident immediately ahead, and so on.

  • Fun with Le Potato

    At Linux Plumbers, I ended up with a Le Potato SBC. I hadn't really had time to actually boot it up until now. They support a couple of distributions which seem to work fine if you flash them on. I mostly like SBCs for having actual hardware to test on so my interest tends to be how easily can I get my own kernel running.

    Most of the support is not upstream right now but it's headed there. The good folks at BayLibre have been working on getting the kernel support upstream and have a tree available for use until then.

  • PyConf Hyderabad 2017

    In the beginning of October, I attended a new PyCon in India, PyConf Hyderabad (no worries, they are working on the name for the next year). I was super excited about this conference, the main reason is being able to meet more Python developers from India. We are a large country, and we certainly need more local conferences Smile

  • First Basilisk version released!

    This is the first public version of the Basilisk web browser, building on the new platform in development: UXP (code-named Möbius).

  • Pale Moon Project Rolls Out The Basilisk Browser Project

    The developers behind the Pale Moon web-browser that's been a long standing fork of Firefox have rolled out their first public beta release of their new "Basilisk" browser technology.

    Basilisk is their new development platform based on their (Gecko-forked) Goanna layout engine and the Unified UXL Platform (UXP) that is a fork of the Mozilla code-base pre-Servo/Rust... Basically for those not liking the direction of Firefox with v57 rolling out the Quantum changes, etc.

  • Best word processor for Mac [iophk: "whole article fails to mention OpenDocument Format"]
  • WordPress 4.9: This one's for you, developers!

    WordPress 4.9 has debuted, and this time the world's most popular content management system has given developers plenty to like.

    Some of the changes are arguably overdue: syntax highlighting and error checking for CSS editing and cutting custom HTML are neither scarce nor innovative. They'll be welcomed arrival will likely be welcomed anyway, as will newly-granular roles and permissions for developers. The new release has also added version 4.2.6 of MediaElement.js, an upgrade that WordPress.org's release notes stated has removed dependency on jQuery, improves accessibility, modernizes the UI, and fixes many bugs.”

  • New projects on Hosted Weblate
  • Cilk Plus Is Being Dropped From GCC

    Intel deprecated Cilk Plus multi-threading support with GCC 7 and now for GCC 8 they are looking to abandon this support entirely.

    Cilk Plus only had full support introduced in GCC 5 while now for the GCC 8 release early next year it's looking like it will be dropped entirely.

  • Software Freedom Law Center vs. Software Freedom Conservancy

    On November 3rd, the Software Freedom Conservancy (SFC) wrote a blog post to let people know that the Software Freedom Law Center (SFLC) had begun legal action against them (the SFC) over the trademark for their name.

  • What Is Teletype For Atom? How To Code With Fellow Developers In Real Time?

    In a short period of three years, GitHub’s open source code editor has become one of the most popular options around. In our list of top text editors for Linux, Atom was featured at #2. From time to time, GitHub keeps adding new features to this tool to make it even better. Just recently, with the help of Facebook, GitHub turned Atom into a full-fledged IDE.

    As GitHub is known to host some of the world’s biggest open source collaborative projects, it makes perfect sense to add the collaborative coding ability to Atom. To make this possible, “Teletype for Atom” has just been announced.

  • Microsoft Is Trying To Make Windows Subsystem For Linux Faster (WSL)
  • Microsoft and GitHub team up to take Git virtual file system to macOS, Linux

Ubuntu: New Users, Unity Remix, 18.04 LTS News

Filed under
Ubuntu
  • How to Get Started With the Ubuntu Linux Distro

    The Linux operating system has evolved from a niche audience to widespread popularity since its creation in the mid 1990s, and with good reason. Once upon a time, that installation process was a challenge, even for those who had plenty of experience with such tasks. The modern day Linux, however, has come a very long way. To that end, the installation of most Linux distributions is about as easy as installing an application. If you can install Microsoft Office or Adobe Photoshop, you can install Linux.

    Here, we’ll walk you through the process of installing Ubuntu Linux 17.04, which is widely considered one of the most user-friendly distributions. (A distribution is a variation of Linux, and there are hundreds and hundreds to choose from.)

  • An ‘Ubuntu Unity Remix’ Might Be on the Way…

    A new Ubuntu flavor that uses the Unity 7 desktop by default is under discussion. The plans have already won backing from a former Unity developer.

  • Ubuntu News: Get Firefox Quantum Update Now; Ubuntu 18.04 New Icon Theme Confirmed

    Earlier this week, Mozilla earned big praises in the tech world for launching its next-generation Firefox Quantum 57.0 web browser. The browser claims to be faster and better than market leader Google Chrome.

    Now, Firefox Quantum is available for all supported Ubuntu versions from the official repositories. The Firefox Quantum Update is also now available.

  • New Icon Theme Confirmed for Ubuntu 18.04 LTS

    ‘Suru’ is (apparently) going to be the default icon theme in Ubuntu 18.04 LTS. That’s Suru, the rebooted community icon theme and not Suru, the Canonical-created icon theme that shipped on the Ubuntu Phone (and was created by Matthieu James, who recently left Canonical).

OnePlus 5T Launched

Filed under
Android
Google
  • OnePlus 5T Keeps the Headphone Jack, Introduces Face Unlock and Parallel Apps

    Five months after it launched its OnePlus 5 flagship Android smartphone, OnePlus unveiled today its successor, the OnePlus 5T, running the latest Android 8.0 (Oreo) mobile OS.

    OnePlus held a live event today in New York City to tell us all about the new features it implemented in the OnePlus 5T, and they don't disappoint as the smartphone features a gorgeous and bright 6.0-inches Optic AMOLED capacitive touchscreen with multitouch, a 1080x2160 pixels resolution, 18:9 ratio, and approximately 402 PPI density. The design has been changed a bit as well for OnePlus 5T, which is made of anodized aluminum.

  • OnePlus 5T Launched: Comes With Bigger Screen, Better Dual Camera, And Face Unlock

    Whenever costly phones like iPhone X or Google Pixel 2 are bashed (here and here) and their alternatives are discussed, OnePlus is always mentioned. In the past few years, the company has amassed a fan base that has found the concept of “Never Settle” impressive.

  •  

Fedora 28 and Fedora 27

Filed under
Red Hat
  • Fedora 28 Hopes To Improve Linux Laptop Battery Life

    Red Hat's Hans de Goede is spearheading an effort to improve the Fedora battery life of laptops -- and should conserve power too for desktops running Fedora Workstation -- for the current Fedora 28 cycle.

  • Fedora 27 Atomic Host is available on multiple architectures

    The Fedora 27 Atomic Host now supports multiple architectures! Along with the x86_64 architecture, Atomic Host is also available on 64-bit ARM (aarch64) and PowerPC Little Endian (ppc64le). Both aarch64 and ppc64le architectures receive Atomic OSTree updates in the same way x86_64 does.

KDE: KDE Applications 17.12, Akademy 2018, KDE Binary Factory

Filed under
KDE
  • KDE Applications 17.12 Sees Some New KF5 Ports, Other Apps Dropped

    The beta of KDE Applications 17.12 is now available ahead of next month's official debut for this quarterly update to the collection of official KDE programs.

    As previously covered, 17.12 is the point where only Qt5 / KDE Frameworks 5 apps will be included and any programs depending upon the older Qt4/KDE4 components will be dropped.

  • Applications 17.12 Pre-Beta available for testing with KDE neon Developer Stable branch edition

    Please join us in testing 17.12 pre-beta of KDE applications!

  • Akademy 2018 - Vienna, Austria - 11-17 August

    Vienna Calling! This is not only a song by the famous austrian singer Falco, but could also the motto for next years Akademy.

    In 2018 Akademy will be held at the University of Technology (TU Wien) in Vienna, Austria, from Saturday 11th to Friday 17th August.

    The conference is expected to draw hundreds of attendees from the global KDE Community to discuss and plan the future of the Community and its technology. Many participants from the broad free and open source software community, local organizations and software companies will also attend.

    Akademy 2018 is being organized together with Fachschaft Informatik (FSINF). Apart from representing and counseling computer science students, they engage in diverse political topics e.g. FOSS, Privacy and social justice.

  • CI for Windows installer and macOS bundle generation: KDE Binary Factory

    For some time now the KDE community has had a separate Continuous Integration system running which repeatedly generates Windows installers and macOS app bundles (DMG) for a specific subset of KDE projects.

  • /

Security: Google, Vulnerabilities Equities Process (VEP), Quad9 and More

Filed under
Security
  • Google investigators find hackers swipe nearly 250,000 passwords a week

    Hackers are constantly trying to break into Google accounts, so Google researchers spent a year tracing how hackers steal passwords and expose them on the internet's black market.

    To gather hard evidence about the tools hackers use to swipe passwords, Google collaborated with University of California Berkeley cybersecurity experts to track activity on some of these markets. On Thursday, they published their results.

  • Time Will Tell if the New Vulnerabilities Equities Process Is a Step Forward for Transparency

    The White House has released a new and apparently improved Vulnerabilities Equities Process (VEP), showing signs that there will be more transparency into the government’s knowledge and use of zero day vulnerabilities. In recent years, the U.S. intelligence community has faced questions about whether it “stockpiles” vulnerabilities rather than disclosing them to affected companies or organizations, and this scrutiny has only ramped up after groups like the Shadow Brokers have leaked powerful government exploits. According to White House Cybersecurity Coordinator Rob Joyce, the form of yesterday’s release and the revised policy itself are intended to highlight the government’s commitment to transparency because it’s “the right thing to do.”

  • Security updates for Friday
  • Quad9 Secure DNS Service Embeds IBM Security Intelligence
  • New “Quad9” DNS service blocks malicious domains for everyone

    The Global Cyber Alliance (GCA)—an organization founded by law enforcement and research organizations to help reduce cyber-crime—has partnered with IBM and Packet Clearing House to launch a free public Domain Name Service system. That system is intended to block domains associated with botnets, phishing attacks, and other malicious Internet hosts—primarily targeted at organizations that don't run their own DNS blacklisting and whitelisting services. Called Quad9 (after the 9.9.9.9 Internet Protocol address the service has obtained), the service works like any other public DNS server (such as Google's), except that it won't return name resolutions for sites that are identified via threat feeds the service aggregates daily.

  • The Internet of Shit is so manifestly insecure that people are staying away from it in droves
  • Security updates for Thursday
  • [Ubuntu] Security Team Weekly Summary: November 16, 2017
  • Hacking Blockchain with Smart Contracts to Control a Botnet

    Blockchain has been hailed by some in the technology industry as a potential method to help improve cyber security. However, security researcher Majid Malaika warns that Blockchain can potentially be abused to enable a new form of botnet that would be very difficult to take down.

    Malaika detailed his Blockchain-powered botnet in a session at the SecTor security conference on Nov. 15. The overall attack method has been dubbed "Botract" by Malaika, as it abuses inherent functionality in the smart contracts that help to enable Blockchain.

  • What Can The Philosophy of Unix Teach Us About Security?

Graphics: AMD and NVIDIA

Filed under
Graphics/Benchmarks
  • R600 Gallium3D Shader Image Support Lands, Other R600g Patches Pending

    As a follow-up to OpenGL 4.2 Support Could Soon Land For AMD Cayman GPUs On R600g, the patches have landed in Mesa 17.4-dev Git! Plus other R600g patches are on the mailing list for review.

    These shader image support patches for R600g expose OpenGL's ARB_shader_image_size and ARB_shader_image_load_store for Radeon HD 5000/6000 series. In the process, this ends up taking Radeon HD 6900 "Cayman" GPUs to having OpenGL 4.2 compliance from 4.1 with the shader image support having been the last blocker. Other GPUs on R600g remain at OpenGL 3.3 due to lacking FP64 support, as outlined more extensively in that previous article.

  • GeForce GTX 900 Series Re-Clocking Patches Updated By Karol Herbst

    Frequent Nouveau open-source NVIDIA driver contributor Karol Herbst has posted his latest patch series in working towards GeForce GTX 900 "Maxwell 2" graphics processor re-clocking.

  • 25 More AMDGPU DC Patches, Mostly Focused On Raven DCN

    DCN in this context is for current the DCN 1.0 Raven Ridge family of display engines. The just-launched Vega+Zen APUs feature a new display engine and that's what this DCN code is for, which is also under a separate Kconfig tunable from the rest of AMDGPU DC.

Development of Linux 4.15

Filed under
Development
Linux
  • Broadcom Hurricane 2 & Allwinner R40 Supported By Linux 4.15

    More ARM platform upstreaming has taken place for the Linux 4.15 kernel development cycle among other ARM hardware improvements.

  • Intel Coffee Lake & Cannonlake Thermal Support In Linux 4.15

    While Intel Coffee Lake hardware is shipping already, a few bits of tardy kernel code for these "8th Gen Core" CPUs is only hitting the Linux 4.15 kernel. The Intel DRM driver is most notably enabling Coffee Lake graphics by default in 4.15, but there's also some thermal code now landing among other changes now happening.

    Zhang Rui sent in the thermal updates for Linux 4.15 on Thursday and they include late additions for Coffee Lake but at the same time the relevant additions for Cannonlake that will be shipping in 2018 as the next-gen Intel CPUs.

  • AMDGPU DC Pull Request Submitted For Linux 4.15 Kernel - 132,395 Lines Of Code

    One day after submitting the main DRM feature pull request for Linux 4.15, David Airlie of Red Hat has submitted the secondary pull request that would feature the long-awaited introduction of AMDGPU DC into the mainline kernel.

Red Hat: OpenShift Container Platform, CTICC, Quote-to-Cash

Filed under
Red Hat

Kubuntu 17.10 review - Hello darkness my old friend

Filed under
KDE
Reviews
Ubuntu

This must be one of the worst Kubuntu releases I've tried in a long time. Part of the fault lies with the parent distro, and the heartless switch to Gnome, which just shows that the passion to making Ubuntu an important desktop player is gone. This is just inertia and apathy. Still, there's so much wrong with Kubuntu on its own that I feel like a total fool for investing my time in this effort. And it also proves that there is only one good release for every three, showing that distro teams are overstretched roughly by 300%. The whole fast-release bullshit is just the modern-era agile-crap nonsense. It helps no one. Shitty products serve no purpose. Being fast for the sake of it is like running head first into an industrial blender to have your outstretched arms finely chopped by spinning blades.

Kubuntu 17.10 Artful Aardvark makes me sad. Makes me angry. Zesty was one of the finest distros ever created. This is one of the worst. That makes no sense. How can it be? Where's the modicum of care and diligence to ensure this kind of stuff does not happen? Application crashes, kernel crashes, media bugs, weird artifacts. Horrible.

My suggestion is not to upgrade for now. And even then, the foundation of your sanity is shaken. Come the upgrade, you do not know what will happen. You're hostage to arbitrary code decisions. There's no peace and stability in the Linux desktop. You will always have to dread the update process, not knowing what will break next. That is the essence of amateurism. And I'm right there, advocating Plasma and Kubuntu like the biggest of fools in this universe. Anyway, for the sake of public sacrifice, I'll also check 17.10 in-vivo upgrades on other machines, but my expectations are low. Aardvark gets 4/10. Don't bother for now, give it six months for the bugs to be fixed before a new release erases the slate and the cycle of depression starts again.

Read more

Also: First Look At Linux Mint 18.3 Sylvia Beta

Games Leftovers

Filed under
Gaming
Syndicate content

More in Tux Machines

Security: Uber, Replacing x86 Firmware, 'IoT' and Chromebook

  • Key Dem calls for FTC to investigate Uber data breach

    A key Democrat is calling on the Federal Trade Commission (FTC) to investigate a massive Uber breach that released data on 57 million people, as well as the company's delay in reporting the cyber incident.

  • Multiple states launch probes into massive Uber breach
  • Replacing x86 firmware with Linux and Go

    The problem, Minnich said, is that Linux has lost its control of the hardware. Back in the 1990s, when many of us started working with Linux, it controlled everything in the x86 platform. But today there are at least two and a half kernels between Linux and the hardware. Those kernels are proprietary and, not surprisingly, exploit friendly. They run at a higher privilege level than Linux and can manipulate both the hardware and the operating system in various ways. Worse yet, exploits can be written into the flash of the system so that they persist and are difficult or impossible to remove—shredding the motherboard is likely the only way out.

  • Connected sex-toy allows for code-injection attacks on a robot you wrap around your genitals

    However, the links included base-64 encoded versions of the entire blowjob file, making it vulnerable to code-injection attacks. As Lewis notes, "I will leave you to ponder the consequences of having an XSS vulnerability on a page with no framebusting and preauthed connection to a robot wrapped around or inside someones genitals..."

  • Chromebook exploit earns researcher second $100k bounty
    For Google’s bug bounty accountants, lightning just struck twice. In September 2016, an anonymous hacker called Gzob Qq earned $100,000 (£75,000) for reporting a critical “persistent compromise” exploit of Google’s Chrome OS, used by Chromebooks. Twelve months on and the same researcher was wired an identical pay out for reporting – yes! – a second critical persistent compromise of Google’s Chrome OS. By this point you might think Google was regretting its 2014 boast that it could confidently double its maximum payout for Chrome OS hacks to $100,000 because “since we introduced the $50,000 reward, we haven’t had a successful submission.” More likely, it wasn’t regretting it at all because isn’t being told about nasty vulnerabilities the whole point of bug bounties?
  • Why microservices are a security issue
    And why is that? Well, for those of us with a systems security bent, the world is an interesting place at the moment. We're seeing a growth in distributed systems, as bandwidth is cheap and latency low. Add to this the ease of deploying to the cloud, and more architects are beginning to realise that they can break up applications, not just into multiple layers, but also into multiple components within the layer. Load balancers, of course, help with this when the various components in a layer are performing the same job, but the ability to expose different services as small components has led to a growth in the design, implementation, and deployment of microservices.

Lumina 1.4 Desktop Environment Debuts with New Theme Engine and ZFS Integrations

Lumina 1.4.0 is a major release that introduces several new core components, such as the Lumina Theme Engine to provide enhanced theming capabilities for the desktop environment and apps written in the Qt 5 application framework. The Lumina Theme Engine comes with a configuration utility and makes the previous desktop theme system obsolete, though it's possible to migrate your current settings to the new engine. "The backend of this engine is a standardized theme plugin for the Qt5 toolkit, so that all Qt5 applications will now present a unified appearance (if the application does not enforce a specific appearance/theme of it’s own)," said the developer in today's announcement. "Users of the Lumina desktop will automatically have this plugin enabled: no special action is required." Read more

today's leftovers

  • qBittorrent 4.0 Is a Massive Update of the Open-Source BitTorrent Client
    qBittorrent, the open-source and cross-platform BitTorrent client written in Qt for GNU/Linux, macOS, and Windows systems, has been updated to version 4.0, a major release adding numerous new features and improvements. qBittorrent 4.0 is the first release of the application to drop OS/2 support, as well as support for the old Qt 4 framework as Qt 5.5.1 or later is now required to run it on all supported platforms. It also brings a new logo and a new SVG-based icon theme can be easily scaled. Lots of other cosmetic changes are present in this release, and the WebGUI received multiple enhancements.
  • FFmpeg Continues Working Its "NVDEC" NVIDIA Video Decoding Into Shape
    Earlier this month the FFmpeg project landed its initial NVDEC NVIDIA video decoding support after already supporting NVENC for video encoding. These new NVIDIA APIs for encode/decode are part of the company's Video Codec SDK with CUDA and is the successor to the long-used VDPAU video decoding on NVIDIA Linux boxes. That NVDEC support has continued getting into shape.
  • Kobo firmware 4.6.10075 mega update (KSM, nickel patch, ssh, fonts)
    A new firmware for the Kobo ebook reader came out and I adjusted the mega update pack to use it. According to the comments in the firmware thread it is working faster than previous releases. The most incredible change though is the update from wpa_supplicant 0.7.1 (around 2010) to 2.7-devel (current). Wow.
  • 3.5-inch Apollo Lake SBC has dual mini-PCIe slots and triple displays
    Avalue’s Linux-friendly, 3.5-inch “ECM-APL2” SBC features Apollo Lake SoCs, 2x GbE, 4x USB 3.0, 2x mini-PCIe, triple displays, and optional -40 to 85°C. Avalue’s 3.5-inch, Apollo Lake based ECM-APL single-board computer was announced a year ago, shortly after Intel unveiled its Apollo Lake generation. Now it has followed up with an ECM-APL2 3.5-incher with a slightly different, and reduced, feature set.
  • 7 Best Android Office Apps To Meet Your Productivity Needs
    Office application is an essential suite that allows you to create powerful spreadsheets, documents, presentations, etc., on a smartphone. Moreover, Android office apps come with cloud integration so that you can directly access the reports from the cloud, edit them, or save them online. To meet the productivity need of Android users, the Play Store offers an extensive collection of Android office apps. But, we have saved you the hassle of going through each one of them and provided you a list of the best office apps for Android. The apps that we have picked are all free, although some do have Pro version or extra features available for in-app purchases. You can also refer to this list if you’re looking for Microsoft Office alternatives for your PC.

Servers and Red Hat