Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 19 Sep 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Typesort icon Title Author Replies Last Post
goblinxfc srlinuxx 26/04/2007 - 6:30pm
nixsys.com srlinuxx 24/09/2007 - 11:24pm
wolvixondisk srlinuxx 02/10/2007 - 10:49pm
arnybw srlinuxx 18/10/2007 - 3:39pm
webpathinlovelinux srlinuxx 07/02/2008 - 3:44pm
bluewhite srlinuxx 25/03/2008 - 10:44pm
pclos srlinuxx 15/06/2008 - 11:18pm
nixsys2 srlinuxx 18/08/2008 - 7:12am
nixsys3 srlinuxx 18/08/2008 - 7:22am
gg 480x60 srlinuxx 03/09/2008 - 11:55am

Red Hat: PodCTL, Security Embargos at Red Hat and Energy Sector

Filed under
Red Hat
  • [Podcast] PodCTL #50 – Listener Mailbag Questions

    As the community around PodCTL has grown (~8000 weekly listeners) we’ve constantly asked them to give us feedback on topics to discuss and areas where they want to learn. This week we discussed and answered a number of questions about big data and analytics, application deployments, routing security, and storage deployment models.

  • Security Embargos at Red Hat

    The software security industry uses the term Embargo to describe the period of time that a security flaw is known privately, prior to a deadline, after which time the details become known to the public. There are no concrete rules for handling embargoed security flaws, but Red Hat uses some industry standard guidelines on how we handle them.

    When an issue is under embargo, Red Hat cannot share information about that issue prior to it becoming public after an agreed upon deadline. It is likely that any software project will have to deal with an embargoed security flaw at some point, and this is often the case for Red Hat.

  • Transforming oil & gas: Exploration and production will reap the rewards

    Through advanced technologies based on open standards, Red Hat deliver solutions that can support oil and gas companies as they modernize their IT infrastructures and build a framework to meet market and technology challenges. Taking advantage of modern, open architectures can help oil and gas providers attract new customers and provide entry into markets where these kinds of services were technologically impossible a decade ago.

BlackArch Linux Ethical Hacking OS Now Has More Than 2000 Hacking Tools

Filed under
GNU
Linux
Security

The BlackArch Linux penetration testing and ethical hacking computer operating system now has more than 2000 tools in its repositories, announced the project's developers recently.

Used by thousands of hundreds of hackers and security researchers all over the world, BlackArch Linux is one of the most acclaimed Linux-based operating systems for hacking and other security-related tasks. It has its own software repositories that contain thousands of tools.

The OS is based on the famous Arch Linux operating system and follows a rolling release model, where users install once and receive updates forever, or at least until they do something that can't be repaired and need to reinstall.

Read more

Debian Patches for Intel's Defects, Canonical to Fix Ubuntu Security Flaws for a Fee

Filed under
Security
Debian
Ubuntu
  • Debian Outs Updated Intel Microcode to Mitigate Spectre V4 and V3a on More CPUs

    The Debian Project released an updated Intel microcode firmware for users of the Debian GNU/Linux 9 "Stretch" operating system series to mitigate two of the latest Spectre vulnerabilities on more Intel CPUs.

    Last month, on August 16, Debian's Moritz Muehlenhoff announced the availability of an Intel microcode update that provided Speculative Store Bypass Disable (SSBD) support needed to address both the Spectre Variant 4 and Spectre Variant 3a security vulnerabilities.

    However, the Intel microcode update released last month was available only for some types of Intel CPUs, so now the Debian Project released an updated version that implements SSBD support for additional Intel CPU models to mitigate both Spectre V4 and V3a on Debian GNU/Linux 9 "Stretch" systems.

  • Announcing Extended Security Maintenance for Ubuntu 14.04 LTS – “Trusty Tahr” [Ed: Canonical looking to profit from security flaws in Ubuntu like Microsoft does in Windows.]

    Ubuntu is the basis for the majority of cloud-based workloads today. With over 450 million public cloud instances launched since the release of Ubuntu 16.04 LTS, a number that keeps accelerating on a day-per-day basis since, many of the largest web-scale deployments are using Ubuntu. This includes financial, big data, media, and many other workloads and use cases, which rely on the stability and continuity of the underlying operating system to provide the mission-critical service their customers rely on.

    Extended Security Maintenance (ESM) was introduced for Ubuntu 12.04 LTS as a way to extend the availability of critical and important security patches beyond the nominal End of Life date of Ubuntu 12.04. Organisations use ESM to address security compliance concerns while they manage the upgrade process to newer versions of Ubuntu under full support. The ability to plan application upgrades in a failsafe environment continues to be cited as the main value for adoption of ESM. With the End of Life of Ubuntu 14.04 LTS in April 2019, and to support the planning efforts of developers worldwide, Canonical is announcing the availability of ESM for Ubuntu 14.04.

  • Canonical Announces Ubuntu 14.04 LTS (Trusty Tahr) Extended Security Maintenance

    Canonical announced today that it would extend its commercial Extended Security Maintenance (ESM) offering to the Ubuntu 14.04 LTS (Trusty Tahr) operating system series starting May 2019.

    Last year on April 28, 2017, when the Ubuntu 12.04 LTS (Precise Pangolin) operating system series reached end of life, Canonical announced a new way for corporate users and enterprises to receive security updates if they wanted to keep their current Ubuntu 12.04 LTS installations and had no plans to upgrade to a newer LTS (Long Term Support) release. The offering was called Extended Security Maintenance (ESM) and had a great success among businesses.

Graphics: NVIDIA and AMD

Filed under
Graphics/Benchmarks
  • Initial NVIDIA GeForce RTX 2080 Ti Linux Benchmarks

    This article is going to be short and sweet as just receiving the GeForce RTX 2080 Ti yesterday and then not receiving the Linux driver build until earlier today... The GeForce RTX 2080 Ti has been busy now for a few hours with the Phoronix Test Suite on the Core i7 8086K system running Ubuntu 18.04 LTS with the latest drivers.

  • NVIDIA Introduces A Number Of New OpenGL Extensions For Turing

    As part of the GeForce RTX 2080 series launching with the new GPU architecture, NVIDIA has published a number of new OpenGL extensions for making use of some of Turing's new capabilities.

  • Vulkan 1.1.85 Released With Raytracing, Mesh Shaders & Other New NVIDIA Extensions

    Leading up to the Turing launch we weren't sure if NVIDIA was going to deliver same-day Vulkan support for RTX/ray-tracing with the GeForce RTX graphics cards or if it was going to be left up to Direct3D 12 on Windows for a while... Fortunately, as already reported, their new driver has Vulkan RTX support. Additionally, the NVX_raytracing extension and other NVIDIA updates made it into today's Vulkan 1.1.85 release.

  • Radeon/GPUOpen OCAT 1.2 Released But No Linux Support Yet

    A new feature release is out for the Radeon/GPUOpen "OCAT" open-source capture and analytics tool.

    OCAT 1.2 is their first release of the year and includes VR head-mounted display (HMD) support, new visualization tools, system information detection, new settings, and other enhancements.

Security: Updates, US Demand for Back Doors, and Microsoft's Collusion with the NSA Keeps Serving Crackers

Filed under
Security
  • Security updates for Wednesday
  • State Department Still Sucks At Basic Cybersecurity And Senators Want To Know Why

    The senators are hoping the State Department will have answers to a handful of cybersecurity-related questions by October 12th, but given the agency's progress to compliance with a law that's been on the book for two years at this point, I wouldn't expect responses to be delivered in a timelier fashion.

    The agency's track record on security isn't great and these recent developments only further cement its reputation as a government ripe for exploitation. The agency's asset-tracking program only tracks Windows devices, its employees are routinely careless with their handling of classified info, and, lest we forget, its former boss ran her own email server, rather than use the agency's. Of course, given this long list of security failures, there's a good possibility an off-site server had more baked-in security than the agency's homebrew.

  • EternalBlue Vulnerability Puts Pirated Windows Systems at Malware Risk [Ed: Microsoft's collusion with the NSA (for US-controlled back doors) continues to cost billions... paid by people who foolishly chose or accepted PCs with Windows.]

    A particular vulnerability that has been codenamed EternalBlue is to be blamed for this misfortune. The malware risk especially affects computers which use pirated Windows versions. This gap in security has its traces back in the legacies of US secret service NSA. Even after several years, many systems continue to be vulnerable. For more than three years, US intelligence was using it for performing hidden attacks on all kinds of targets. The agency finally had to leak the vulnerability to Microsoft due to the danger of hacking by a famous hacker group, Shadow Brokers. Microsoft then consequently had to abandon a patch day for the very first time in the company’s history for filling in the gap as quickly as possible.

Moving Compiler Dependency Checks to Kconfig

Filed under
Development
Linux

One reason became clear recently when Linus Torvalds asked developers to add an entirely new system of dependency checks to the Kconfig language, specifically testing the capabilities of the GCC compiler.

It's actually an important issue. The Linux kernel wants to support as many versions of GCC as possible—so long as doing so would not require too much insanity in the kernel code itself—but different versions of GCC support different features. The GCC developers always are tweaking and adjusting, and GCC releases also sometimes have bugs that need to be worked around. Some Linux kernel features can only be built using one version of the compiler or another. And, some features build better or faster if they can take advantage of various GCC features that exist only in certain versions.

Up until this year, the kernel build system has had to check all those compiler features by hand, using many hacky methods. The art of probing a tool to find out if it supports a given feature dates back decades and is filled with insanity. Imagine giving a command that you know will fail, but giving it anyway because the specific manner of failure will tell you what you need to know for a future command to work. Now imagine hundreds of hacks like that in the Linux kernel build system.

Read more

Fedora be pretty - The ultimate customization guide

Filed under
Red Hat

I am quite pleased with the final result of this transformation. But it also requires a lot of non-standard changes, which is a shame, because none of what I did, subjective taste elements aside, is super complicated. Imagine a Fedora, or for that any which distro, that has everything really nicely tailored for max. efficiency, ergonomics, productivity, and fun.

My journey encompasses the use of third-party repos, extra software, Gnome Tweak Tool, about a dozen extensions, new themes, icons, and fonts, the use of a dock, plus some extra visual polish. In the end, though, Fedora 28 looks and behaves the part. This is something I could happily show to other people, and I am convinced they would be inclined to try it. Well, there you go. The guide. Hopefully, you'll find it useful, and perhaps it may even hype up your enthusiasm for Linux. In these dreary times, an injection of fanboyese is quite needed. Take care.

Read more

Red Hat Reports Results, Shares Collapse

Filed under
Red Hat

today's leftovers

Filed under
Misc
  • Opus 1.3 Codec Library Nears, New Tools Release

    Back in June was the first release candidate of Opus 1.3 (libopus v1.3) with this open-source audio codec allowing to use SILK down to bitrates of about 5kb/s, wideband encoding down to 9kb/s, improved security, improved Ambisonics support, and much more. Libopus 1.3 RC2 is now available along with some tooling updates.

    Libopus 1.3 RC2 was released on Tuesday to fix issues with bandwidth detection, enable Ambisonics support by default, and enables security hardening by default.

  • Akademy 2018

    I had the awesome opportunity to attend Akademy in Vienna this year. First off, a big thank you to the organising team for pulling off this years Akademy without a hitch.

    This Akademy was a bit more special, since it was decided to switch up the format, which in my opinion worked quite well. There were training’s that ran alongside the talk’s and BoF’s, which I think was a great idea. I signed up to the Public Speaking Training and the Non Violent Communication training, which I think were run exceptionally. I hope that these training sessions are run again next Akademy because I found them exceptionally valuable.

  • NetworkManager Merges An Initrd Generator For Early Boot Handling

    Days following the NetworkManager 1.14 release, feature activity on the next release is progressing and the newest addition is nm-initrd-generator.

    The NetworkManager Initrd Generator is used to generate an early-boot NetworkManager configuration. This new utility scans the command line for supported options and from there generates a network configuration and the necessary configuration files to handle an early instance of NetworkManager that runs from the initial ramdisk during the system's early boot stage.

  • Mageia at fête de l’humanité 2018

    The booths were in a different place from previous years, and we had a lot more visitors. We gave out all the flyers we brought by Saturday evening – there was only one left for Sunday – so we gave out Mageia stickers instead. We did not sell any T-shirts, but we sold two USB sticks.

    Many people asked for general information; I spoke so much that I lost my voice! We had strong interest, coming from people already using a Linux distribution as well as from people wishing to turn to free software.

  • Troubleshooting FDB table wrapping in Open vSwitch

    When most people deploy an Open vSwitch configuration for virtual networking using the NORMAL rule, that is, using L2 learning, they do not think about configuring the size of the Forwarding DataBase (FDB).

  • Test Day: Fedora Silverblue

    Fedora Silverblue is a new variant of Fedora Workstation with rpm-ostree at its core to provide fully atomic upgrades. Furthermore, Fedora Silverblue is immutable and upgrades as a whole, providing easy rollbacks from updates if something goes wrong. Fedora Silverblue is great for developers using Fedora with good support for container-focused workflows.

    Additionally, Fedora Silverblue delivers desktop applications as Flatpaks. This provides better isolation/sandboxing of applications, and streamlines updating applications — Flatpaks can be safely updated without reboot.

  • Understand Fedora memory usage with top

    Have you used the top utility in a terminal to see memory usage on your Fedora system? If so, you might be surprised to see some of the numbers there. It might look like a lot more memory is consumed than your system has available. This article will explain a little more about memory usage, and how to read these numbers.

    [...]

    Your system has another facility it uses to store information, which is swap. Typically this is an area of slower storage (like a hard disk). If the physical memory on the system fills up as needs increase, the OS looks for portions of memory that haven’t been needed in a while. It writes them out to the swap area, where they sit until needed later.

    Therefore, prolonged, high swap usage usually means a system is suffering from too little memory for its demands. Sometimes an errant application may be at fault. Or, if you see this often on your system, consider upgrading your machine’s memory, or restricting what you run.

  • Global Open-Source Learning Management Systems Software Market Size, Status and Forecast 2022
  • The Commons Clause vs. Open Source controversy, explained [iophk: "if it has the "Commons Clause" in it then it does not qualify as Open Source"]

    So, what is Commons Clause and why isn’t it the same thing as open source?

Endless OS May Be the Best Linux Version for New Computer Users

Filed under
GNU
Linux

Linux appeals to a certain kind of computer user: if you like computers enough to read about or tinker with them in your free time, then there’s a good chance you’ll find something to like about Linux. Otherwise, you will probably consider it too much work to bother.

Endless Computer’s Endless OS aims to provide a complete desktop experience that’s versatile enough to serve families. Is this the ideal way to introduce newcomers to Linux?

Read more

Andrew Crouthamel: How I Got Involved in KDE

Filed under
KDE

Since this blog is starting after the beginning of my contributions to KDE, the first few regular posts will be explaining my prior contributions, before moving into the present.

Read more

Security: Debian LTS, Linux Potential Local Privilege Escalation Bug, Australia Wants to Mandate Back Doors, Equifax Breach the Fault of Equifax

Filed under
Security

Graphics: NVIDIA and Gallium3D

Filed under
Graphics/Benchmarks
  • NVIDIA Vulkan Beta Adds New KHR_driver_properties & KHR_shader_atomic_int64

    Not to be confused with the new NVIDIA Linux/Windows drivers that should be out today for RTX 2070/2080 "Turing" support and also initial RTX ray-tracing support, there is also out a new Vulkan beta driver this morning.

    The NVIDIA 396.54.06 driver is this new Vulkan beta and as implied by the version number is still on the current stable branch and not in the Turing era. But this driver release is quite exciting as it does bring support for two new extensions... These extensions are very fresh and not yet in the official Vulkan specification: VK_KHR_driver_properties and VK_KHR_shader_atomic_int64.

  • GeForce RTX 2080 Ti Linux Benchmarks Coming Today, NVIDIA Driver Bringing Vulkan RTX

    NVIDIA's review/performance embargo has now lifted on the GeForce RTX 2080 series ahead of the cards shipping tomorrow. I should have out initial Linux benchmarks later today, assuming Linux driver availability.

    As wrote about yesterday, just yesterday I ended up receiving the GeForce RTX 2080 Ti for Linux benchmarking. But, unfortunately, no Linux driver yet... But I am told it will be posted publicly soon with the Windows driver. Assuming that happens within the hours ahead, I'll still have initial RTX 2080 Ti benchmarks on Ubuntu Linux out by today's end -- thanks to the Phoronix Test Suite and recently wrapping up other NVIDIA/AMD GPU comparison tests on the current drivers.

  • Intel's New Iris Gallium3D Driver Picks Up Experimental Icelake Bits, GL Features

    One of the talks we are most interested in at XDC2018 is on the Intel "Iris" Gallium3D driver we discovered last month was in development.

    We stumbled across the Iris Gallium3D driver that's been in development for months as a potential replacement to their "i965" classic Mesa driver. But they haven't really detailed their intentions in full, but we should learn more next week. This is particularly exciting the prospects of an official Intel Gallium3D driver as the company is also expected to introduce their discrete GPUs beginning in 2020 and this new driver could be part of that plan.

Survey: Console Based Linux File Managers

Filed under
GNU
Linux

The term ‘file management functions’ refers to the functions used to manage files, such as creating, deleting, opening, closing, reading from, and writing to files.

In the field of system administration, Linux has bags of graphical file managers. However, some users prefer managing files from the shell, finding it the quickest way to navigate the file system and perform file operations. This is, in part, because console based file managers are more keyboard friendly, enabling users to perform file operations without using a mouse, and make it quicker to navigate the filesystem and issue commands in the console at the same time.

A console application is computer software which can be used with a text-only computer interface, the command line interface, or a text-based interface included within a graphical user interface operating system, such as a terminal emulator. Whereas a graphical user interface application generally involves using the mouse and keyboard (or touch control), with a console application the primary (and often only) input method is the keyboard. Many console applications are command line tools, but there is a wealth of software that has a text-based user interface making use of ncurses, a library which allow programmers to write text-based user interfaces.

Read more

Linux and Open Source FAQs: Common Myths and Misconceptions Addressed

Filed under
OSS
Security

LinuxSecurity debunks some common myths and misconceptions regarding open source and Linux by answering a few Linux-related frequently asked questions.

Open source and Linux are becoming increasingly well-known and well-respected because of the myriad benefits they offer. Seventy-eight percent of businesses of all sizes across all industries are now choosing open source software over alternative proprietary solutions according to ZDNet (https://zd.net/2GCrTrk). Facebook, Twitter and Google are are among the many companies currently using, sponsoring and contributing to open source projects. Although Linux and open source are widely recognized for the advantages they provide, there are still many myths and misconceptions that surround these terms. Here are some answers to frequently asked questions about Linux and open source:

Question: What are the advantages of the open source development model? How can using and contributing to open source software benefit my business?

Answer: Open source offers an array of inherent advantages which include increased security, superior product quality, lower costs and greater freedom and flexibility compared to other models. It also is accompanied by strong community values and high standards, which encourage the highest levels of creativity and innovation in engineering.

Read more

Mozilla and Data Protection and Privacy Commissioners

Filed under
Moz/FF
  • Lessons from Carpenter – Mozilla panel discussion at ICDPPC

    The US Supreme Court recently released a landmark ruling in Carpenter vs. United States, which held that law enforcement authorities must secure a warrant in order to access citizens’ cell-site location data. At the upcoming 40th Conference of Data Protection and Privacy Commissioners, we’re hosting a panel discussion to unpack what Carpenter means in a globalised world.

  • The future of online advertising – Mozilla panel discussion at ICDPPC

    At the upcoming 40th International Conference of Data Protection and Privacy Commissioners, we’re convening a timely high-level panel discussion on the future of advertising in an open and sustainable internet ecosystem.

Games: Spearmint, Rise to Ruins, Depth of Extinction, Puzlogic, Never Split the Party, Godot Engine, DXVK

Filed under
Gaming
  • Ioquake3-Derived Spearmint 1.0 Engine Coming Next Month, But Ceasing Development

    Spearmint, an enhanced version of the open-source ioquake3 engine in turn derived from the id Tech 3 source code, will see the big "1.0" milestone in October. But that will also coincide with the developer and ioquake3 maintainer ceasing work on this engine now with an eighteen year lineage.

  • Village building god sim 'Rise to Ruins' had an absolutely massive update

    Rise to Ruins, a village builder that mixes in some god sim fun just went through a bit of an evolution with the latest patch, which really is absolutely massive. In terms of file-size the patch was relatively small, but good things come in small packages!

  • Roguelike RPG 'Depth of Extinction' is nearing release with a launch trailer

    I'm personally very excited about Depth of Extinction, a roguelike RPG with turn-based battles and an interesting setting. The release is closing in for this month and they have a new launch trailer. Note: This was a personal purchase for me.

  • Puzlogic combines elements from Sudoku and Kakuro to make an interesting puzzle game

    Puzlogic from developer Eduardo Barreto was released on Steam back in July and it just recently gained Linux support. It combines elements from Sudoku and Kakuro along with some lovely ambient music to create a pretty decent and relaxing experience.

    Currently in Early Access, the developer expects the full release to be available in the first part of 2019.

  • Never Split the Party, a free online team-based action-RPG is now on Linux

    Never one to pass up trying out a free game, today I tested out some of Never Split the Party, an "an ultra social rogue-like" and it's not bad. While the game is free to play, you only get given one single character. If you want access to the others, you need to buy the Fellowship DLC which will unlock the Cleric, Rogue, Mage, Ranger and Mercenary.

  • Godot Engine 3.1 will have support for simplex noise generation which looks incredibly useful

    Godot Engine 3.1 [Official Site], the big upgrade coming to the open source game engine has gained another exciting feature with simplex noise generation.

  • One of the fine folks in the Intel Mesa driver team has written up a post on their work improving games in DXVK

    Writing on their personal blog, Jason Ekstrand from the Intel Mesa team has written up some information on what they've been doing to improve the Intel drivers on Linux. What they're talking about isn't exactly new, since the fixes are already in Mesa but it's nice to get some information about how they came across the issues and what they did to solve them.

    Regardless of your feelings towards Wine, DXVK, Steam Play and so on, no one can ignore the benefits they bring to the people actually working on the drivers. Giving them so many more ways to test and push Linux graphics drivers is a good thing, as it means we can end up with much better drivers for all sorts of workloads (not just gaming!).

LLVM 7.0.0 Released

Filed under
BSD
  • LLVM 7.0.0 released

    The release contains the work on trunk up to SVN revision 338536 plus work on the release branch. It is the result of the community's work over the past six months, including: function multiversioning in Clang with the 'target' attribute for ELF-based x86/x86_64 targets, improved PCH support in clang-cl, preliminary DWARF v5 support, basic support for OpenMP 4.5 offloading to NVPTX, OpenCL C++ support, MSan, X-Ray and libFuzzer support for FreeBSD, early UBSan, X-Ray and libFuzzer support for OpenBSD, UBSan checks for implicit conversions, many long-tail compatibility issues fixed in lld which is now production ready for ELF, COFF and MinGW, new tools llvm-exegesis, llvm-mca and diagtool. And as usual, many optimizations, improved diagnostics, and bug fixes.

  • LLVM 7.0 Released: Better CPU Support, AMDGPU Vega 20; Clang 7.0 Gets FMV & OpenCL C++

    As anticipated, LLVM release manager Hans Wennborg announced the official availability today of LLVM 7.0 compiler stack as well as associated sub-projects including the Clang 7.0 C/C++ compiler front-end, Compiler-RT, libc++, libunwind, LLDB, and others.

    There is a lot of LLVM improvements ranging from CPU improvements for many different architectures, Vega 20 support among many other AMDGPU back-end improvements, the new machine code analyzer utility, and more. The notable Clang C/C++ compiler has picked up support for function multi-versioning (FMV), initial OpenCL C++ support, and many other additions. See my LLVM 7.0 / Clang 7.0 feature overview for more details on the changes with this six-month open-source compiler stack update.

Syndicate content

More in Tux Machines

Graphics: NVIDIA and AMD

  • Initial NVIDIA GeForce RTX 2080 Ti Linux Benchmarks
    This article is going to be short and sweet as just receiving the GeForce RTX 2080 Ti yesterday and then not receiving the Linux driver build until earlier today... The GeForce RTX 2080 Ti has been busy now for a few hours with the Phoronix Test Suite on the Core i7 8086K system running Ubuntu 18.04 LTS with the latest drivers.
  • NVIDIA Introduces A Number Of New OpenGL Extensions For Turing
    As part of the GeForce RTX 2080 series launching with the new GPU architecture, NVIDIA has published a number of new OpenGL extensions for making use of some of Turing's new capabilities.
  • Vulkan 1.1.85 Released With Raytracing, Mesh Shaders & Other New NVIDIA Extensions
    Leading up to the Turing launch we weren't sure if NVIDIA was going to deliver same-day Vulkan support for RTX/ray-tracing with the GeForce RTX graphics cards or if it was going to be left up to Direct3D 12 on Windows for a while... Fortunately, as already reported, their new driver has Vulkan RTX support. Additionally, the NVX_raytracing extension and other NVIDIA updates made it into today's Vulkan 1.1.85 release.
  • Radeon/GPUOpen OCAT 1.2 Released But No Linux Support Yet
    A new feature release is out for the Radeon/GPUOpen "OCAT" open-source capture and analytics tool. OCAT 1.2 is their first release of the year and includes VR head-mounted display (HMD) support, new visualization tools, system information detection, new settings, and other enhancements.

Security: Updates, US Demand for Back Doors, and Microsoft's Collusion with the NSA Keeps Serving Crackers

  • Security updates for Wednesday
  • State Department Still Sucks At Basic Cybersecurity And Senators Want To Know Why
    The senators are hoping the State Department will have answers to a handful of cybersecurity-related questions by October 12th, but given the agency's progress to compliance with a law that's been on the book for two years at this point, I wouldn't expect responses to be delivered in a timelier fashion. The agency's track record on security isn't great and these recent developments only further cement its reputation as a government ripe for exploitation. The agency's asset-tracking program only tracks Windows devices, its employees are routinely careless with their handling of classified info, and, lest we forget, its former boss ran her own email server, rather than use the agency's. Of course, given this long list of security failures, there's a good possibility an off-site server had more baked-in security than the agency's homebrew.
  • EternalBlue Vulnerability Puts Pirated Windows Systems at Malware Risk [Ed: Microsoft's collusion with the NSA (for US-controlled back doors) continues to cost billions... paid by people who foolishly chose or accepted PCs with Windows.]
    A particular vulnerability that has been codenamed EternalBlue is to be blamed for this misfortune. The malware risk especially affects computers which use pirated Windows versions. This gap in security has its traces back in the legacies of US secret service NSA. Even after several years, many systems continue to be vulnerable. For more than three years, US intelligence was using it for performing hidden attacks on all kinds of targets. The agency finally had to leak the vulnerability to Microsoft due to the danger of hacking by a famous hacker group, Shadow Brokers. Microsoft then consequently had to abandon a patch day for the very first time in the company’s history for filling in the gap as quickly as possible.

today's howtos

Moving Compiler Dependency Checks to Kconfig

One reason became clear recently when Linus Torvalds asked developers to add an entirely new system of dependency checks to the Kconfig language, specifically testing the capabilities of the GCC compiler. It's actually an important issue. The Linux kernel wants to support as many versions of GCC as possible—so long as doing so would not require too much insanity in the kernel code itself—but different versions of GCC support different features. The GCC developers always are tweaking and adjusting, and GCC releases also sometimes have bugs that need to be worked around. Some Linux kernel features can only be built using one version of the compiler or another. And, some features build better or faster if they can take advantage of various GCC features that exist only in certain versions. Up until this year, the kernel build system has had to check all those compiler features by hand, using many hacky methods. The art of probing a tool to find out if it supports a given feature dates back decades and is filled with insanity. Imagine giving a command that you know will fail, but giving it anyway because the specific manner of failure will tell you what you need to know for a future command to work. Now imagine hundreds of hacks like that in the Linux kernel build system. Read more