Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 25 Oct 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story CA confirms plans for open source patent pledge srlinuxx 03/03/2005 - 4:06pm
Story Intel PR Department Hard at Work srlinuxx 03/03/2005 - 4:08pm
Story ChoicePoint was victim of ID theft in '02 srlinuxx 03/03/2005 - 4:25pm
Story amoroK LiveCD srlinuxx 03/03/2005 - 6:01pm
Story Gentoo Linux 2005.0 Security Rebuild srlinuxx 03/03/2005 - 11:25pm
Story Hacker taps into business school files" srlinuxx 04/03/2005 - 2:11pm
Story Judge hits with fine srlinuxx 04/03/2005 - 2:46pm
Story One in four 'touched' by ID fraud srlinuxx 2 04/03/2005 - 5:03pm
Story Big Brother is Watching your Toyota Sienna srlinuxx 1 05/03/2005 - 4:17am
Story Limp Bizkit lead claims hackers stole his sex video srlinuxx 2 05/03/2005 - 4:43am

More Security Leftovers

Filed under

What Drew Me to Solus?

Filed under

I’ve been using Windows since Windows 95 until the current version, Windows 10 but nn personal usage, I am not using any Windows operating system since Windows Vista. I have enough with Windows and fully switch to Ubuntu since 2010. I started with Ubuntu for a couple of releases till I fed up with it’s release cycle that i need to update distro by re-installing the it in every 6 months. Most of Linux enthusiast will advise me to stick with Long Term Support releases if I do not want to keep updating the OS. Somehow I am the person who constantly chasing for the latest software which the open source world is able to provide to the end user.

Read more

Also: Solus 1.2.1 Shannon Released

Elementary OS 0.4 LOKI is one of the best distro based on Ubuntu & better too

Filed under

Elementary OS 0.4 LOKI was released on last month 09 Sep, 2016 almost one and half year of development, after succeeds Freya which was released in April of 2015. Elementary OS 0.4 LOKI based on Ubuntu 16.04 LTS (Long Term Support).

Elementary is one of the beautiful Linux distribution based on Ubuntu LTS release with power of Pantheon flagship desktop environment. Loki is clean, elegant, polish, perfect and best designed Linux distributions for beginners, Mac & windows users, it looks similar to Mac OS.

The previous release of elementary OS Freya was downloaded more than 1.2 million times, which is the biggest achievement on FOSS as per elementary founder, Daniel Foré reports.

Read more

Security News

Filed under
  • Friday's security updates
  • World’s first hack-proof Wi-Fi router with open source firmware is here

    Turris Omnia WiFi Router, the world’s first hack-proof router with open source firmware launched yesterday at the CES Unveiled Show in Prague, Czech Republic.

  • Open-source hack-proof router aims to close cyber security gap

    Routers are the gateway of every home internet network. Yet, while many computers run antivirus software, little has been done thus far to protect routers against cyber threats. A new device, described as the world’s first hack-proof router, was launched on Thursday at the CES Unveiled Show in Prague.

    The main strength of the Turris Omnia router, a spin-out of a cyber security research project by Czech Republic’s domain administrator, is the fact that it automatically updates and patches vulnerabilities as they become known.

  • Adding a phone number to your Google account can make it LESS secure.

    Recently, account takeovers, email hacking, and targeted phishing attacks have been all over the news. Hacks of various politicians, allegedly carried out by Russian hackers, have yielded troves of data. Despite the supposed involvement of state-sponsored agents, some hacks were not reliant on complex zero-day attacks, but involved social engineering unsuspecting victims. These kinds of attacks are increasingly likely to be used against regular people. This recently happened to a friend of mine:

    Two weeks ago, an ex-colleague (actually, my officemate at Google way back in 2002) — let’s call him Bob — had his Google account compromised while on vacation in Hawaii. With his primary email account compromised, the attacker could have:

  • “Dirty COW”, the most dangerous Linux Bug for the last 9 years

    Red Hat, the leading open source software developer firm, has revealed that Linux Kernel has been infected with a serious bug for the past 9 years. The bug has been dubbed as Dirty Cow. It is deemed dangerous because through this bug, an attacker can get write access to read-only memory.

  • Serious Dirty COW bug leaves millions of Linux users vulnerable to attack
  • Rigging the Election

    When Dorothy discovers fraud in the land of Oz, she is told by the Wizard, "Don't look behind the curtain." But she does. In America, we demand truth and accountability in so many aspects of our daily lives, and yet somehow there's little public outcry for transparency within voting, the sacred cornerstone of our democracy. For the most part, we sleep soundly under the blanket of assurances from government officials. FBI Director James Comey even attempted a spin of irony recently, noting that our "clunky" voting process actually makes wholesale rigging more difficult. However, Comey misses the bigger picture.


    Hardly anyone uses the same computer from 12 years ago, yet large sections of the country currently vote on aging electronic systems which utilize proprietary software that cannot be publicly examined. Unverifiable technology remains deployed in 29 states – including Pennsylvania, Ohio, Florida – and other key battleground states, which may determine our next president. Races in these areas are not evidence based, and consequently, we cannot be certain ballots reflect voter intent. Bereft of such knowledge, how can we put faith in the legitimacy of our government?

  • Cyber attack: hackers 'weaponised' everyday devices with malware to mount assault

    The huge attack on global internet access, which blocked some of the world’s most popular websites, is believed to have been unleashed by hackers using common devices like webcams and digital recorders.

    Among the sites targeted on Friday were Twitter, Paypal and Spotify. All were customers of Dyn, an infrastructure company in New Hampshire in the US that acts as a switchboard for internet traffic.

    Outages were intermittent and varied by geography, but reportedly began in the eastern US before spreading to other parts of the country and Europe.

    Users complained they could not reach dozens of internet destinations, including Mashable, CNN, the New York Times, the Wall Street Journal, Yelp and some businesses hosted by Amazon.

  • Homeland Security Is ‘Investigating All Potential Causes’ of Internet Disruptions

    Cyber attacks targeting a little known internet infrastructure company, Dyn, disrupted access to dozens of websites on Friday, preventing some users from accessing PayPal, Twitter and Spotify.

    It was not immediately clear who was responsible for the outages that began in the Eastern United States, and then spread to other parts of the country and Western Europe.

    The outages were intermittent, making it difficult to identify all the victims. But technology news site Gizmodo named some five dozen sites that were affected by the attack. They included CNN, HBO Now, Mashable, the New York Times,, the Wall Street Journal and Yelp.

  • Blame the Internet of Things for Destroying the Internet Today

    A massive botnet of hacked Internet of Things devices has been implicated in the cyberattack that caused a significant internet outage on Friday.

    The botnet, which is powered by the malware known as Mirai, is in part responsible for the attack that intermittently knocked some popular websites offline, according to Level 3 Communications, one of the world’s largest internet backbone providers, and security firm Flashpoint.

    “We are seeing attacks coming from a number of different locations. We’re seeing attacks coming from an Internet of Things botnet that we identified called Mirai, also involved in this attack,” Dale Drew, chief security officer at Level 3 Communications, said on a livestream on Friday afternoon.

  • How to Understand Today’s Internet Outage in 4 Words

    A massive DDoS attack against a major DNS service likely using a botnet of IoT devices resulted in Internet issues across the eastern United States Friday, making it hard for many users to access their favorite sites.

    Phew. That’s a lot of acronyms.

  • IoT Can Never Be Fixed

    This title is a bit click baity, but it's true, not for the reason you think. Keep reading to see why.

    If you've ever been involved in keeping a software product updated, I mean from the development side of things, you know it's not a simple task. It's nearly impossible really. The biggest problem is that even after you've tested it to death and gone out of your way to ensure the update is as small as possible, things break. Something always breaks.

    If you're using a typical computer, when something breaks, you sit down in front of it, type away on the keyboard, and you fix the problem. More often than not you just roll back the update and things go back to the way they used to be.

  • Hacked Cameras, DVRs Powered Today’s Massive Internet Outage

    A massive and sustained Internet attack that has caused outages and network congestion today for a large number of Web sites was launched with the help of hacked “Internet of Things” (IoT) devices, such as CCTV video cameras and digital video recorders, new data suggests.

    Earlier today cyber criminals began training their attack cannons on Dyn, an Internet infrastructure company that provides critical technology services to some of the Internet’s top destinations. The attack began creating problems for Internet users reaching an array of sites, including Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix.

  • How an army of vulnerable gadgets took down the web today

    At some point this morning, one of the US’s critical internet infrastructure players was hit with a staggering distributed denial of service (DDoS) attack that has taken out huge swaths of the web. Sites like Twitter, Netflix, Spotify, Reddit, and many others — all clients of a domain registration service provider called Dyn — have suffered crippling interruptions and, in some cases, blanket outages.

    Details are now emerging about the nature of the attack. It appears the cause is what’s known as a Mirai-based IoT botnet, according to security journalist Brian Krebs, who cited cyber-threat intelligence firm Flashpoint. Dyn’s chief strategy officer Kyle Owen, who spoke with reporters this afternoon, later confirmed Flashpoint’s claim, revealing that traffic to its servers was clogged with malicious requests from tens of millions of IP addresses in what the company is calling a "very sophisticated and complex attack."

  • Fixing the IoT isn't going to be easy

    A large part of the internet became inaccessible today after a botnet made up of IP cameras and digital video recorders was used to DoS a major DNS provider. This highlighted a bunch of things including how maybe having all your DNS handled by a single provider is not the best of plans, but in the long run there's no real amount of diversification that can fix this - malicious actors have control of a sufficiently large number of hosts that they could easily take out multiple providers simultaneously.

    To fix this properly we need to get rid of the compromised systems. The question is how. Many of these devices are sold by resellers who have no resources to handle any kind of recall. The manufacturer may not have any kind of legal presence in many of the countries where their products are sold. There's no way anybody can compel a recall, and even if they could it probably wouldn't help. If I've paid a contractor to install a security camera in my office, and if I get a notification that my camera is being used to take down Twitter, what do I do? Pay someone to come and take the camera down again, wait for a fixed one and pay to get that put up? That's probably not going to happen. As long as the device carries on working, many users are going to ignore any voluntary request.

  • Indiscreet Logs: Persistent Diffie-Hellman Backdoors in TLS

    Software implementations of discrete logarithm based cryptosystems over finite fields typically make the assumption that any domain parameters they are presented with are trustworthy, i.e., the parameters implement cyclic groups where the discrete logarithm problem is assumed to be hard. An informal and widespread justification for this seemingly exists that says validating parameters at run time is too computationally expensive relative to the perceived risk of a server sabotaging the privacy of its own connection. In this paper we explore this trust assumption and examine situations where it may not always be justified.

    We conducted an investigation of discrete logarithm domain parameters in use across the Internet and discovered evidence of a multitude of potentially backdoored moduli of unknown order in TLS and STARTTLS spanning numerous countries, organizations, and protocols. Although our disclosures resulted in a number of organizations taking down suspicious parameters, we argue the potential for TLS backdoors is systematic and will persist until either until better parameter hygiene is taken up by the community, or finite field based cryptography is eliminated altogether.

Blockchain and FOSS

Filed under
  • R3 Finally Open Sources Blockchain Project, Admits Budget Difficulty

    One major criticism on private Blockchain development initiatives led by banks and financial institutions has been the ambiguity in the coding language and structure of permissioned ledgers. The R3 Consortium is attempting to neutralize it by open sourcing its technology.

    R3 Corda, a private Blockchain platform specifically developed for financial establishments with massive transactional volumes by R3CEV, is officially rendered open source by the consortium after over 70 of its member financial institutions came to a consensus in setting a standard for the Blockchain technology.

  • Blockchain-Fueled Open-Source P2P Energy Trading System Wins Energy Hackathon

    Following a weekend of solution seeking, collaboration and competition, the highlight of the Hackenergy 2016 event was a blockchain-fueled peer-to-peer (P2P) energy trading system called EcoCoin, which grabbed top honors.

Tizen News

Filed under
  • New details revealed about future Samsung QLED TVs

    Samsung has unveiled the latest details of his stunning, next-generation TV. Named SUHD Qualmark Red TV, it’s based on the proprietary technology Samsung has pioneered: QLED, long for Quantum dot Light-Emitting Diode.

    According to sources from Samsung Electronics, the product will cover the high-end spectrum of the market, proposing itself as the top premium TV produced by the South Korean company. This move, which confirms Samsung’s continuos attention to innovation, proves the drive of the enterprise on delivering the highest quality products with consistency while maintaining a strong focus on research and development.

  • Samsung Z2 Officially Launched in Indonesia

    The Samsung Z2 launch which was initially planned for the month of September in Indonesia, however that didn’t turn out to be true. Samsung Indonesia have finally launched the Z2 in the country at an official launch event. The launch took place at the country’s capital Jakarta on Wednesday that is the 19th of October. The smartphone has been priced at 899,000 Indonesian Rupiah ($70 approx.). Samsung are also bundling a free Batik back cover with the smartphone for the early customers. This is also the first Tizen smartphone to be launched in Indonesia.

  • Game: Candy Funny for your Tizen smartphone

    Here is another puzzle type game that has recently hit the Tizen Store for you to enjoy. “Candy Funny” is brought to you by developer Julio Cesar and is very similar to Candy Crush.

    You have 300 levels available to play and all levels have 3 stars , the number of stars shows how good or bad you actually are. You don’t have much time to accumulate the highest score you can and unlock further screens.

  • Master Blaster T20 Cup 2016 Game for Tizen Smartphones

    Games2Win India Pvt. Ltd. ( an Indian app development company has more than 800 proprietary apps and games in all smartphone and tablet platforms. Now, they have 51 million downloads of their apps and games in all platforms. They have already got 8 games in the Tizen Store and today they added a new cricket game “Master Blaster T20 Cup 2016”.

  • Slender Man Game Series now available on Tizen Store

Red Hat and Fedora

Filed under
Red Hat
  • Rivals Red Hat, Mirantis Announce New OpenStack Partnerships

    The cloud rivals both announce new telco alliances as competition in the cloud market heats up.
    Red Hat and Mirantis both announced large agreements this week that bring their respective OpenStack technologies to carrier partners. The news comes ahead of the OpenStack Summit that kicks off in Barcelona, Spain, on Oct. 24.

    Red Hat announced on Oct. 19 that it has a new OpenStack partnership with telco provider Ericsson.

    "Ericsson and Red Hat recognize that we share a common belief in using open source to transform the telecommunications industry, and we are collaborating to bring more open solutions, from OpenStack-based clouds to software-defined networking and infrastructure, to customers," Radhesh Balakrishnan, general manager of OpenStack at Red Hat, told eWEEK.

  • Turbulent Week Ends, How Did This Stock Fare: Red Hat, Inc. (NYSE:RHT)
  • Flatpak; the road to CI/CD for desktop applications?

    In this presentation I will introduce Flatpak and how it changes the software distribution model for Linux. In short it will explain the negatives of using packages, how Flatpak solves this, and how to create your own applications and distribute them for use with Flatpak. This presentation was given at the GNOME 3.22 release party, organized by the Beijing GNOME User Group.

  • The who in the where?

    The job is like many other roles called “Community Manager” or “Community Lead.” That means there is a focus on metrics and experiences. One role is to try ensure smooth forward movement of the project towards its goals. Another role is to serve as a source of information and motivation. Another role is as a liaison between the project and significant downstream and sponsoring organizations.

    In Fedora, this means I help the Fedora Project Leader. I try to be the yen to his yang, the zig to his zag, or the right hand to his right elbow. In all seriousness, it means that I work on a lot of the non-engineering focused areas of the Fedora Project. While Matthew has responsibility for the project as a whole I try to think about users and contributors and be mechanics of keeping the project running smoothly.

Development News

Filed under
  • Eclipse Foundation Collaboration Yields Open Source Technology for Computational Science

    The gap between the computational science and open source software communities just got smaller – thanks to a collaboration among national laboratories, universities and industry.

  • PyCon India 2016

    “This is awesome!”, this was my first reaction when I boarded my first flight to Delhi. I was having trouble in finding a proper accommodation Kushal, Sayan and Chandan helped me a lot in that part, I finally got honour of bunking with Sayan , Subho and Rtnpro which I will never forget. So, I landed and directly went to JNU convention center. I met the whole Red Hat intern gang . It was fun to meet them all. I had proposed Pagure for Dev Sprint and I pulled in Vivek to do the same.

    The dev sprint started and there was no sign of Vivek or Saptak, Saptak is FOSSASIA contributor and Vivek contributes to Pagure with me. Finally it was my turn to talk about Pagure on stage , it was beautiful the experience and the energy. We got a lot of young and new contributors and we tried to guide them and make them send at least one PR. One of them was lucky enough to actually make a PR and it got readily merged.

  • Hack This: An Overdue Python Primer

    In writing the most recent Hack This ("Scrape the Web with Beautiful Soup") I again found myself trapped between the competing causes of blog-brevity and making sure everything is totally clear for non-programmers. It's a tough spot! Recapping every little Python (the default language of Hack This) concept is tiring for everyone, but what's the point in the first place if no one can follow what's going on?

    This post is then intended then as a sort of in-between edition of Hack This, covering a handful of Python features that are going to recur in pretty much every programming tutorial that we do under the Hack This name. A nice thing about Python is that it makes many things much clearer than is possible in almost any other language.

  • Why I won’t be attending Systems We Love

    Here’s one way to put it: to me, Bryan Cantrill is the opposite of another person I admire in operating systems (whom I will leave unnamed). This person makes me feel excited and welcome and safe to talk about and explore operating systems. I’ve never seen them shame or insult or put down anyone. They enthusiastically and openly talk about learning new systems concepts, even when other people think they should already know them. By doing this, they show others that it’s safe to admit that they don’t know something, which is the first step to learning new things. They are helping create the kind of culture I want in systems programming – the kind of culture promoted by Papers We Love, which Bryan cites as the inspiration for Systems We Love.

    By contrast, when I’m talking to Bryan I feel afraid, cautious, and fearful. Over the years I worked with Bryan, I watched him shame and insult hundreds of people, in public and in private, over email and in person, in papers and talks. Bryan is no Linus Torvalds – Bryan’s insults are usually subtle, insinuating, and beautifully phrased, whereas Linus’ insults tend towards the crude and direct. Even as you are blushing in shame from what Bryan just said about you, you are also admiring his vocabulary, cadence, and command of classical allusion. When I talked to Bryan about any topic, I felt like I was engaging in combat with a much stronger foe who only wanted to win, not help me learn. I always had the nagging fear that I probably wouldn’t even know how cleverly he had insulted me until hours later. I’m sure other people had more positive experiences with Bryan, but my experience matches that of many others. In summary, Bryan is supporting the status quo of the existing culture of systems programming, which is a culture of combat, humiliation, and domination.


    He gaily recounts the time he gave a highly critical keynote speech at USENIX, bashfully links to a video praising him at a Papers We Love event, elegantly puts down most of the existing operating systems research community, and does it all while using the words “ancillary,” “verve,” and “quadrennial.” Once you know the underlying structure – a layer cake of vituperation and braggadocio, frosted with eloquence – you can see the same pattern in most of his writing and talks.

Android Leftovers

Filed under

The basics of open source quality assurance

Filed under

Open source depends on a sustainable community to develop code rapidly, debug code effectively, and build out new features. Because community involvement is voluntary, people's skills, levels of involvement, and time commitments can vary. Given the variable nature of these factors, along with the fact that open source often relies on a philosophy of "release early, release often," quality assurance can be become challenging.

Read more

Open Source CMS Pros and Cons - a Developer's Perspective

Filed under

The phrase "Open Source CMS" lingers in the minds and hearts of many developers. CMSes are today's talk of the Internet, and you won't miss the discussion in local schools and private offices either. I don't remember for how long I have used Open Source Content Management Systems (CMS) to manage local and international websites. However, I have implemented CMS-based solutions long enough, and I can tell you from experience these tools did become the big digital craze for many professional reasons.

Read more

today's leftovers

Filed under
  • Puppet Rolls Out New Docker Image Builds

    Folks who are focused on container technology and virtual machines as they are implemented today might want to give a hat tip to some of the early technologies and platforms that arrived in the same arena. Among those, Puppet, which was built on the legacy of the venerable Cfengine system, was an early platform that helped automate lots of virtual machine implementations. We covered it in depth all the way back in 2008.

    Earlier this year, Puppet Labs rebranded as simply Puppet, and also named its first president and COO, Sanjay Mirchandani, who came to the company from VMware, where he was a senior vice-president. Now, at PuppetConf, the company has announced the availability of Puppet Docker Image Build, which "automates the container build process to help organizations as they define, build and deploy containers into production environments." This new set of capabilities adds to existing Puppet functionality for installing and managing container infrastructure, including Docker, Kubernetes and Mesos, among others.

  • Five Cool Alternative Open Source Linux Shells

    We are going to look at some of the available Linux shells out there that users have access to free of charge since they are open source, they come in a number of different licenses and this mainly depends on the software creator but in essence one doesn’t have to pay to use the system; so that a major plus in whichever way we look at it.
    We find that there are different kinds of users when it comes to Linux, the ones who tread carefully preferring to stick to tried and tested software, the other kinds are the ones who dive into the deep end of cutting edge software; head first.

  • openSUSE Tumbleweed – Review of the Week 2016/42

    This was week 42 – The openSUSE LEAP week of the Year. It can’t be a co-incidence that the Release Candidate 1 was announced in Week 42, on the 2nd day (42.2 – European counting, we start our week on Monday, not on Sunday).

    But also in Tumbleweed things are not standing still: of course many of the things are well in line with what Leap received (like for example Plasma updates), but Tumbleweed rolls at a different pace ahead of the game.

Red Hat News

Filed under
Red Hat

Leftovers: OSS and Sharing

Filed under
  • The Open Source Way

    "Open source", in the world of IT, is program code that is meant for collaboration and open contribution. Intended to be modified and shared, because by design and spirit, it is meant for the public at large.

    It’s been said that “"open source" intimates a broader set of values—what we call "the open source way." Open source projects, products, or initiatives embrace and celebrate principles of open exchange, collaborative participation, rapid prototyping, transparency, meritocracy, and community-oriented development.” So it is a natural conclusion that in this age of open and transparent government, that the government IT manager or technician would be one of the first to want to embrace this new role of collaborative team member within a larger community.

  • Another rift in the open source BPM market: @FlowableBPM forks from @Alfresco Activiti

    In early 2013, Camunda – at the time, a value-added Activiti consulting partner as well as a significant contributor to the open source project – created a fork from Activiti to form what is now the Camunda open source BPM platform as well as their commercial version based on the open source core.

  • Pydio, an Open Source File Sharing and Sync Solution, Out in New Version

    If you've followed us here at OStatic, you've probably seen our coverage of open source file sharing, cloud and synchronization tools. For example, we've covered ownCloud and Nextcloud extensively.

    Not so many people know about Pydio, though, which is out in a new version Pydio7. It's an open source file sharing & sync solution that now has a host of new features and performance upgrades. It's worth downloading and trying.

    Through a new partnership with Collabora Productivity (the LibreOffice Cloud provider), Pydio7 now combines file sharing, document editing and online collaboration. Users can now not only access documents online, but also co-author new content and work collaboratively.

  • Chrome 55 Beta: Input handling improvements and async/await functions

    Unless otherwise noted, changes described below apply to the newest Chrome Beta channel release for Android, Chrome OS, Linux, Mac, and Windows.

  • Chrome 55 Beta Brings Async/Await To JavaScript

    Google is ending this week by rolling out the Chrome/Chromium 55 web-browser beta.

    Chrome 55 Beta brings support for the async and await keywords to JavaScript for Promise-based JavaScript coding. Great to see them finally improving the asynchronous JS support.

  • Open-Source Innovations Driving Demand for Hadoop

    AtScale, provider of BI (Business Intelligence) on Hadoop, has released its study titled "The Business Intelligence Benchmark for SQL-on-Hadoop engines," which is a performance test of BI workloads on Hadoop. The report also studies the strengths and weaknesses of Hive, Presto, Impala and Spark SQL, which are the most popular analytical engines for Hadoop.

  • Microsoft CEO Offers SQL Server for Linux Update [Ed: bad idea to use it [1, 2]]
  • New SafariSeat wheelchairs made from bicycle parts help East Africans roam rough terrain
  • SafariSeat, an Open Source Wheelchair for Rural Offroading

    If you’re disabled in a poorly developed part of the world, even a great modern wheelchair may be next to useless. What’s needed is a more off-road design that’s made to be easy to manufacture and repair than something built for a city with sidewalks.

    SafariSeat is a newly designed open-source wheelchair that hopes to make a big impact for disabled people the world over. It uses push bars for power and has large front wheels and small rear ones to easily roll over large objects.

    In a novel move, the designers included a moving seat that shifts bit every time you push the bars to help prevent pressure sores on the butt.

  • Five 3D printing projects for Halloween

    With Halloween fast approaching I figured it was time to add some 3D printed decorations to the office. Below are some of my pictures for fun Halloween-themed prints. I tried to pick some models that demonstrate varied printing techniques.

Linux 4.8.4

Filed under

I'm announcing the release of the 4.8.4 kernel. And yeah, sorry about
the quicker releases, I'll be away tomorrow and as they seem to have
passed all of the normal testing, I figured it would be better to get
them out earlier instead of later. And I like releasing stuff on this
date every year...

All users of the 4.8 kernel series must upgrade.

The updated 4.8.y git tree can be found at:
git:// linux-4.8.y
and can be browsed at the normal git web browser:

Read more

Also: Linux 4.7.10

Linux 4.4.27

New Releases: Budgie, Solus, SalentOS, and Slackel

Filed under
  • Open-Source Budgie Desktop Sees New Release

    The pet parakeet of the Linux world, Budgie has a new release available for download. in this post we lookout what's new and tell you how you can get it.

  • Solus Linux Making Performance Gains With Its BLAS Configuration

    Those making use of the promising Solus Linux distribution will soon find their BLAS-based workloads are faster.

    Solus developer Peter O'Connor tweeted this week that he's found some issues with the BLAS linking on the distribution and he's made fixes for Solus. He also mentioned that he uncovered these BLAS issues by using our Phoronix Test Suite benchmarking software.

  • SalentOS “Luppìu” 1.0 released!

    With great pleasure the team announces the release of SalentOS “Luppìu” 1.0.

  • Slackel "Live kde" 4.14.21

    This release is available in both 32-bit and 64-bit architectures, while the 64-bit iso supports booting on UEFI systems.
    The 64-bit iso images support booting on UEFI systems.
    The 32-bit iso images support both i686 PAE SMP and i486, non-PAE capable systems.
    Iso images are isohybrid.

Security News

Filed under
  • Free tool protects PCs from master boot record attacks [Ed: UEFI has repeatedly been found to be both a detriment to security and enabler of Microsoft lock-in]

    Cisco's Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks.

    The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub.

    The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems.

    Since the MBR code is executed before the OS itself, it can be abused by malware programs to increase their persistence and gain a head start before antivirus programs. Malware programs that infect the MBR to hide from antivirus programs have historically been known as bootkits -- boot-level rootkits.

    Microsoft attempted to solve the bootkit problem by implementing cryptographic verification of the bootloader in Windows 8 and later. This feature is known as Secure Boot and is based on the Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.

  • DDOS Attack On Internet Infrastructure

    I hope somebody's paying attention. There's been another big DDOS attack, this time against the infrastructure of the Internet. It began at 7:10 a.m. EDT today against Dyn, a major DNS host, and was brought under control at 9:36 a.m. According to Gizmodo, which was the first to report the story, at least 40 sites were made unreachable to users on the US East Coast. Many of the sites affected are among the most trafficed on the web, and included CNN, Twitter, PayPal, Pinterest and Reddit to name a few. The developer community was also touched, as GitHub was also made unreachable.

    This event comes on the heels of a record breaking 620 Gbps DDOS attack about a month ago that brought down security expert Brian Krebs' website, KrebsonSecurity. In that attack, Krebs determined the attack had been launched by botnets that primarily utilized compromised IoT devices, and was seen by some as ushering in a new era of Internet security woes.

  • This Is Why Half the Internet Shut Down Today [Update: It’s Getting Worse]

    Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.

  • Major DNS provider Dyn hit with DDoS attack

    Attacks against DNS provider Dyn continued into Friday afternoon. Shortly before noon, the company said it began "monitoring and mitigating a DDoS attack" against its Dyn Managed DNS infrastructure. The attack may also have impacted Managed DNS advanced service "with possible delays in monitoring."

  • What We Know About Friday’s Massive East Coast Internet Outage

    Friday morning is prime time for some casual news reading, tweeting, and general Internet browsing, but you may have had some trouble accessing your usual sites and services this morning and throughout the day, from Spotify and Reddit to the New York Times and even good ol’ For that, you can thank a distributed denial of service attack (DDoS) that took down a big chunk of the Internet for most of the Eastern seaboard.

    This morning’s attack started around 7 am ET and was aimed at Dyn, an Internet infrastructure company headquartered in New Hampshire. That first bout was resolved after about two hours; a second attack began just before noon. Dyn reported a third wave of attacks a little after 4 pm ET. In all cases, traffic to Dyn’s Internet directory servers throughout the US—primarily on the East Coast but later on the opposite end of the country as well—was stopped by a flood of malicious requests from tens of millions of IP addresses disrupting the system. Late in the day, Dyn described the events as a “very sophisticated and complex attack.” Still ongoing, the situation is a definite reminder of the fragility of the web, and the power of the forces that aim to disrupt it.

  • Either IoT will be secure or the internet will be crippled forever

    First things first a disclaimer. I neither like nor trust the National Security Agency (NSA). I believe them to be mainly engaged in economic spying for the corporate American empire. Glenn Greenwald has clearly proven that in his book No Place to Hide. At the NSA, profit and power come first and I have no fucking clue as to how high they prioritize national security. Having said that, the NSA should hack the Internet of (insecure) Things (IoT) to death. I know Homeland Security and the FBI are investigating where the DDoS of doomsday proportions is coming from and the commentariat is already screaming RUSSIA! But it is really no secret what is enabling this clusterfuck. It’s the Mirai botnet. If you buy a “smart camera” from the Chinese company Hangzhou XiongMai Technologies and do not change the default password, it will be part of a botnet five minutes after you connect it to the internet. We were promised a future where we would have flying cars but we’re living in a future where camera’s, light-bulbs, doorbells and fridges can get you in serious trouble because your home appliances are breaking the law.

  • IoT at the Network Edge

    Fog computing, also known as fog networking, is a decentralized computing infrastructure. Computing resources and application services are distributed in logical, efficient places at any points along the connection from the data source (endpoint) to the cloud. The concept is to process data locally and then use the network for communicating with other resources for further processing and analysis. Data could be sent to a data center or a cloud service. A worthwhile reference published by Cisco is the white paper, "Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are."

  • Canonical now offers live kernel patching for Ubuntu 16.04 LTS users

    Canonical has announced its ‘Livepatch Service’ which any user can enable on their current installations to eliminate the need for rebooting their machine after installing an update for the Linux kernel. With the release of Linux 4.0, users have been able to update their kernel packages without rebooting, however, Ubuntu will be the first distribution to offer this feature for free.

  • ​The Dirty Cow Linux bug: A silly name for a serious problem

    Dirty Cow is a silly name, but it's a serious Linux kernel problem. According to the Red Hat bug report, "a race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."

  • Ancient Privilege Escalation Bug Haunts Linux
  • October 21, 2016 Is Dirty COW a serious concern for Linux?
  • There is a Dirty Cow in Linux
  • Red Hat Discovers Dirty COW Archaic Linux Kernel Flaw Exploited In The Wild
  • Linux kernel bug being exploited in the wild
  • Update Linux now: Critical privilege escalation security flaw gives hackers full root access
  • Linux kernel bug: DirtyCOW “easyroot” hole and what you need to know
  • 'Most serious' Linux privilege-escalation bug ever discovered
  • New 'Dirty Cow' vulnerability threatens Linux systems
  • Serious Dirty Cow Linux Vulnerability Under Attack
  • Easy-to-exploit rooting flaw puts Linux PCs at risk
  • Linux just patched a vulnerability it's had for 9 years
  • Dirty COW Linux vulnerability has existed for nine years
  • 'Dirty Cow' Linux Vulnerability Found
  • 'Dirty Cow' Linux Vulnerability Found After Nine Years
  • FakeFile Trojan Opens Backdoors on Linux Computers, Except openSUSE

    Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed in live attacks.

    Russian antivirus vendor Dr.Web discovered this new trojan in October. The company's malware analysts say the trojan is spread in the form of an archived PDF, Microsoft Office, or OpenOffice file.

Syndicate content

More in Tux Machines

A History Of Everyday Linux User's 350 Blog Posts

This article is something of a landmark as it is the 350th post on Everyday Linux User. I took last week off to celebrate. Well actually I went away with the family down to England for a few days and didn't take a computer with me. I did take in Alnwick Castle however which is the location for Hogwarts from the Harry Potter films. Read more

Kodi 17 "Krypton" Beta 4 Released with ARMv8A 64-bit Builds for Android, Fixes

Today, October 25, 2016, Martijn Kaijser had the great pleasure of announcing the release and immediate availability of the fourth, and probably the last Beta milestone of the upcoming Kodi 17 open-source and cross-platform media center software. Read more

GNOME's Epiphany 3.24 Web Browser to Use Firefox Sync Service, HTTPS Everywhere

The GNOME developers are preparing to release the first development version of the upcoming GNOME 3.24 desktop environment, versioned 3.23.1, and we can't help but notice that some of the core apps were updated recently. Read more

Suse: Question. What do you call second-place in ARM enterprise server linux? Answer: Red Hat

ARM TechCon Suse is claiming victory over Red Hat by announcing – and these caveats are all crucial – "the first commercial enterprise Linux distribution optimized for ARM AArch64 architecture servers." In plainer English, Suse has developed an enterprise-grade Linux distribution that runs on 64-bit ARM servers (should you happen to ever find one). Suse claims this software is a world first because it is a finished commercial product, thus beating Red Hat to the punch: Red Hat Enterprise Linux Server for ARM is still only available as a beta-like development preview. Read more