Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 14 Dec 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Patent system's problems defy easy solutions

Filed under
Legal

In the early 1800s, the U.S. patent office was housed at a converted hotel in Washington, D.C., and when applications were approved, a clerk would ride the agency's pony across town to get the president's signature on them.

GPL 3 likely to appear in early 2007

Filed under
OSS

The next version of the GPL (General Public License), GPL 3, is likely to appear in early 2007, according to a board member of the Free Software Foundation (FSF) who is working on drafting the future release.

Bully draws protesters to Rockstar's front doors

Filed under
Gaming

Washington, D.C.-based group marches on developer's Manhattan headquarters to protest marketing of violent games to children.

Hacking Elevators 101!

Filed under
Hardware

Ever wonder how to hack an elevator to own it for your trip and not be stopped on any other floors?

Turning Your Printer Into A Paper Shredder

Filed under
Hardware

Laser printers are infamous for shredding papers instead of printing them. But what about turning your printer into a high-volume paper shredder - on purpose?

Corporate Mozilla gets thumbs-up from industry

Filed under
Software

The IT industry has reacted positively to the Mozilla Foundation's decision to create a commercial subsidiary that will be responsible for the development and distribution of its open-source products.

Review: Lunar Linux

Filed under
Linux
Reviews

Lunar Linux is based on the Source Mage distribution, but, as indicated on the project's Web site, Lunar Linux developers have rewritten both the install code and the package management code in an effort to increase its user-friendliness. A user-friendly source-based distribution?

Online scams net criminals £2.75 billion

Filed under
Security

Gartner estimates some three million US consumers had $2.75bn stolen out of their bank accounts in the 12 months ending May 2005.

SymphonyOS - Act II (Alpha 4)

Filed under
Linux
Reviews
-s

SymphonyOS is proud to announce the release of Alpha 4, as seen on Distrowatch and the Symphony website. Tuxmachines is proud to take a look! I first became aquainted with Symphony back in May with the release of Alpha 3 and was quite impressed at that time with Symphony's unique desktop. As we take a look at this newest release today, we will be concentrating on what's new and improved.

Linux Code Grows as Defects Decline

Filed under
Linux

Between December 2004 and July 2005, the "defect density" in the Linux kernel has fallen from 0.17 to 0.16 and all serious defects have been corrected, a new report out from code analysis firm Coverity asserts.

Cisco.com website breached - customers warned

Filed under
Security

Cisco is advising customers to update passwords for the company's web portal following a security breach reported this morning.

One blog created 'every second'

Filed under
Web

The blogosphere is continuing to grow, with a weblog created every second, according to blog trackers Technorati.

FCC may change Internet service rules

Filed under
Web

The Federal Communications Commission could make it more difficult for independent Internet providers to offer high-speed service.

IBM Pulls Open-Source License

Filed under
OSS

IBM has abused the software's open-source status to enjoy marketing and user acceptance benefits, Jonathan Eunice, principal analyst with Illuminata, argued. By revoking the open-source status, the company undermines the value of open source.

Windows offers new vistas of spending

Filed under
Microsoft

People wanting to upgrade to Windows Vista are likely to need not only a new computer with more robust hardware, but a new monitor as well.

Mozilla Foundation Reorganization

Filed under
Moz/FF

On August 3rd, 2005, the Mozilla Foundation, a non-profit public benefit software development organization, launched a wholly owned subsidiary, the Mozilla Corporation. The Mozilla Corporation is a taxable subsidiary that serves the non-profit, public benefit goals of its parent, the Mozilla Foundation, and will be responsible for product development, marketing and distribution of Mozilla products.

Documents censored in Microsoft-Google case

Filed under
Legal

Microsoft Corp. documents concerning a former executive who went to rival Google Inc. can't be sealed but deserve protection because they contain trade secrets, a judge ruled yesterday.

Army punishes soldier for blog posts

Filed under
Web

The U.S. military has demoted and fined a soldier for publishing "classified" information on his personal blog, an Army spokesperson confirmed Tuesday.

Novell Plans to Open SuSE Linux Pro to Community

Filed under
SUSE

Novell is opening SuSE Linux to community-based development, sources say, with a model similar to Red Hat's recent move with Fedora.

Sony could wait till '07 to launch PS3

Filed under
Gaming

Sony strategists may see a priced-down PS2 as all the company needs in '06; would ride $99 sticker--and profits--all the way to 2007.

Syndicate content

More in Tux Machines

Australian Securities Exchange completes Red Hat migration

The Australian Securities Exchange (ASX) has completed the migration of "mission-critical" legacy applications to the Red Hat JBoss Enterprise Application Platform (JBoss EAP). ASX first deployed JBoss EAP in 2011 to modernise its legacy technologies and to facilitate the introduction of new web applications after it realised its legacy application server platform was becoming increasingly inconsistent, unstable, and expensive. After the initial ASX Online Company migration was complete in 2012, ASX used JBoss EAP to build the ASX.com API, as well as its Sharemarket Game, which gives players the opportunity to learn how the share market works. Read more

Programming/Development: GAPID 1.0 and Atom 1.23

  • Diagnose and understand your app's GPU behavior with GAPID
  • GAPID 1.0 Released As Google's Cross-Platform Vulkan Debugger
    Back in March we wrote about GAPID as a new Google-developed Vulkan debugger in its early stages. Fast forward to today, GAPID 1.0 has been released for debugging Vulkan apps/games on Linux/Windows/Android as well as OpenGL ES on Android. GAPID is short for the Graphics API Debugger and allows for analyzing rendering and performance issues with ease using its GUI interface. GAPID also allows for easily experimenting with code changes to see their rendering impact and allows for offline debugging. GAPID has its own format and capturetrace utility for capturing traces of Vulkan (or GLES on Android too) programs for replaying later on with GAPID.
  • Hackable Text Editor Atom 1.23 Adds Better Compatibility for External Git Tools
    GitHub released Atom 1.23, the monthly update of the open-source and cross-platform hackable text editor application loved by numerous developers all over the world. Including a month's worth of enhancements, Atom 1.23 comes with the ability for packages to register URI handler functions, which can be invoked whenever the user visits a URI that starts with "atom://package-name/," and a new option to hide certain commands in the command palette when registering them via "atom.commands.add." Atom 1.23 also improves the compatibility with external Git tools, as well as the performance of the editor by modifying the behavior of several APIs to no longer make callbacks more than once in a text buffer transaction. Along with Atom 1.23, GitHub also released Teletype 0.4.0, a tool that allows developers to collaborate simultaneously on multiple files.

Red Hat GNU/Linux and More

Security: VLC Bug Bounty, Avast Tools, Intel ME

  • European Commission Kicks Off Open-Source Bug Bounty
    The European Commission has announced its first-ever bug bounty program, and is calling on hackers to find vulnerabilities in VLC, a popular open-source multimedia player loaded on every workstation at the Commission. The program has kicked off with a three-week, invitation-only session, after which it will be open to the public. Rewards include a minimum of $2,000 for critical severity bugs, especially remote code execution. High severity bugs such as code execution without user intervention, will start at $750. Medium severity bugs will start at a minimum of $300; these include code execution with user intervention, high-impact crashes and infinite loops. Low-severity bugs, like information leaks, crashes and the like, will pay out starting at $100.
  • Avast launches open-source decompiler for machine code
    Keeping up with the latest malware and virus threats is a daunting task, even for industry professionals. Any device connected to the Internet is a target for being infected and abused. In order to stop attacks from happening, there needs to be an understanding of how they work so that a prevention method can be developed. To help with the reverse engineering of malware, Avast has released an open-source version of its machine-code decompiler, RetDec, that has been under development for over seven years. RetDec supports a variety of architectures aside from those used on traditional desktops including ARM, PIC32, PowerPC and MIPS.
  • Avast makes 'RetDec' machine-code decompiler open source on GitHub
    Today, popular anti-virus and security company, Avast, announces that it too is contributing to the open source community. You see, it is releasing the code for its machine-code decompiler on GitHub. Called "RetDec," the decompiler had been under development since 2011, originally by AVG -- a company Avast bought in 2016.
  • The Intel ME vulnerabilities are a big deal for some people, harmless for most
    (Note: all discussion here is based on publicly disclosed information, and I am not speaking on behalf of my employers) I wrote about the potential impact of the most recent Intel ME vulnerabilities a couple of weeks ago. The details of the vulnerability were released last week, and it's not absolutely the worst case scenario but it's still pretty bad. The short version is that one of the (signed) pieces of early bringup code for the ME reads an unsigned file from flash and parses it. Providing a malformed file could result in a buffer overflow, and a moderately complicated exploit chain could be built that allowed the ME's exploit mitigation features to be bypassed, resulting in arbitrary code execution on the ME. Getting this file into flash in the first place is the difficult bit. The ME region shouldn't be writable at OS runtime, so the most practical way for an attacker to achieve this is to physically disassemble the machine and directly reprogram it. The AMT management interface may provide a vector for a remote attacker to achieve this - for this to be possible, AMT must be enabled and provisioned and the attacker must have valid credentials[1]. Most systems don't have provisioned AMT, so most users don't have to worry about this.