Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 18 Dec 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Typesort icon Title Author Replies Last Post
goblinxfc srlinuxx 26/04/2007 - 6:30pm
nixsys.com srlinuxx 24/09/2007 - 11:24pm
wolvixondisk srlinuxx 02/10/2007 - 10:49pm
arnybw srlinuxx 18/10/2007 - 3:39pm
webpathinlovelinux srlinuxx 07/02/2008 - 3:44pm
bluewhite srlinuxx 25/03/2008 - 10:44pm
pclos srlinuxx 15/06/2008 - 11:18pm
nixsys2 srlinuxx 18/08/2008 - 7:12am
nixsys3 srlinuxx 18/08/2008 - 7:22am
gg 480x60 srlinuxx 03/09/2008 - 11:55am

Mozilla Adware

Filed under
Moz/FF
  • Mozilla Angers Firefox Users After Force-Installing Mr. Robot Promo Add-On

    Mozilla took a bit of heat this week after the organization force-installed a Mr. Robot promotional add-on in some Firefox browsers.

    The add-on, called Looking Glass, was intended to promote the season 3 finale of Mr. Robot that aired on Wednesday, December 13, but the whole media stunt failed miserably.

  • Firefox is on a slippery slope

    This extension was sideloaded into browsers via the “experiments” feature. Not only are these experiments enabled by default, but updates have been known to re-enable it if you turn it off. The advertisement addon shows up like this on your addon page, and was added to Firefox stable. If I saw this before I knew what was going on, I would think my browser was compromised! Apparently it was a mistake that this showed up on the addon page, though - it was supposed to be silently sideloaded into your browser!

    There’s a ticket on Bugzilla (Firefox’s bug tracker) for discussing this experiment, but it’s locked down and no one outside of Mozilla can see it. There’s another ticket, filed by concerned users, which has since been disabled and had many comments removed, particularly the angry (but respectful) ones.

Review: Daphile 17.09

Filed under
Reviews

Daphile is a minimal Linux distribution which is designed to be run on a computer dedicated to playing music. Daphile can be run on headless machines and its media controls are managed through a web-based interface. Basically, Daphile is intended to be run on a computer we can stick in the corner of a room and use it as a media centre without worrying about managing software, tweaking settings or navigating desktop environments. Daphile can be run from a CD or USB thumb drive for maximum portability and does not need to be installed directly on a hard drive to work.

Daphile reportedly has the ability to rip audio CDs, play audio files from a local drive or stream music across network shares (Samba, NFS, FTP and OpenSSH services are supported). This gives us a pretty good range of media sources for our music collection.

Under the hood, Daphile has its roots in Gentoo, though the operating system is somewhat stripped down and we cannot use Gentoo's package management utilities. Daphile runs the Busybox userland tools and a light web server, and very little else. In fact, Daphile does not provide a login interface to allow us to tinker with the operating system. The operating system is dedicated entirely to the task of playing music and our sole access to the media controls are through its web interface.

The distribution is available in 32-bit and 64-bit builds and the ISO file we download for Daphile is 195MB in size. While Daphile is capable of running entirely without a screen, when we do boot from Daphile's media the distribution displays the distribution's IP address, which it obtains over DHCP. We can connect to the IP address using any modern web browser which automatically gives us access to Daphile's media controls, there is no user authentication built into the web interface.

Read more

Linux Mint Releases Last KDE Edition "Sylvia"

Filed under
Linux

​Mint fans rejoice as the latest version of Linux Mint 18.3 Sylvia with the KDE desktop is available to download on Linux Mint’s official website. The sad part is that this will be the last offering from Linux Mint that will feature the KDE desktop environment.

Read<br />
more

today's leftovers

Filed under
Misc
  • Schaller On Linux In 2018: Rust Rules, Apple Declines, Linux Graphics Compete

    Christian Schaller who has long been involved in GNOME/Fedora development while serving as a senior software engineering manager at Red Hat and formerly with Collabora has some bold predictions about 2018 for open-source software.

  • Fedora Classroom Session: Fedora QA 102

    Fedora Classroom sessions continue next week with a session on Fedora QA. The general schedule for sessions appears on the wiki. You can also find resources and recordings from previous sessions there. Here are details about this week’s session on Wednesday, December 22 at 16:00 UTC. That link allows you to convert the time to your timezone.

  • Cura, the nice 3D print slicer, is now in Debian Unstable

    After several months of working and waiting, I am happy to report that the nice and user friendly 3D printer slicer software Cura just entered Debian Unstable. It consist of five packages, cura, cura-engine, libarcus, fdm-materials, libsavitar and uranium. The last two, uranium and cura, entered Unstable yesterday. This should make it easier for Debian users to print on at least the Ultimaker class of 3D printers. My nearest 3D printer is an Ultimaker 2+, so it will make life easier for at least me. Smile

  • #PeruRumboGSoC2018 – Session 5

    Today we have celebrated another session for the #PeruRumboGSoC2018 program at CCPP UNI. It was one of the longest sessions we have experienced.

  • Mozilla releases tools and data for speech recognition

    Voice computing has long been a staple of science fiction, but it has only relatively recently made its way into fairly common mainstream use. Gadgets like mobile phones and "smart" home assistant devices (e.g. Amazon Echo, Google Home) have brought voice-based user interfaces to the masses. The voice processing for those gadgets relies on various proprietary services "in the cloud", which generally leaves the free-software world out in the cold. There have been FOSS speech-recognition efforts over the years, but Mozilla's recent announcement of the release of its voice-recognition code and voice data set should help further the goal of FOSS voice interfaces.

    There are two parts to the release, DeepSpeech, which is a speech-to-text (STT) engine and model, and Common Voice, which is a set of voice data that can be used to train voice-recognition systems. While DeepSpeech is available for those who simply want to do some kind of STT task, Common Voice is meant for those who want to create their own voice-recognition system—potentially one that does even better (or better for certain types of applications) than DeepSpeech.

  • FreeBSD-Based TrueOS 17.12 Focuses on Faster Boot, Bhyve and LibreSSL Support

    en Moore, the creator of the FreeBSD-based TrueOS computer operating system and Lumina desktop environment, released the TrueOS 17.12 update, which introduces multiple enhancements.

    Synced with the FreeBSD 12.0-CURRENT and FreeBSD ports tree software repositories as of December 4 and November 30, 2017, respectively, TrueOS 17.12 is an incremental update to the operating system adding improvements to the OpenRC-based boot process, removable-device management, LibreSSL and SysAdm API integrations, as well as Bhyve support for TrueOS Server Install.

    "We have also been working quite a bit on the server offering of TrueOS, and are pleased to provide new text-based server images with support for Virtualization systems such as bhyve," said Ken Moore in the release announcement. "This allows for simple server deployments which also take advantage of the TrueOS improvements to FreeBSD."

  • Will Your Taxes Go Up or Down? A Calculator for the New Tax Bill

    ...Tax-Calculator, an open-source tax-modeling program.

Games: Slaps and Beans and Games Online For Android

Filed under
Android
Gaming
  • Slaps and Beans now in Early Access

    Bud Spencer & Terence Hill: Slaps and Beans [Steam] is now in Early Access after a successful Kickstarter campaign in which the developers gained over $200k.

  • Best First Person Shooter Games Online For Android

    With the ever shining genre of First Person Shooters making it Huge in the PC market, game studios have brought the best of FPS action to people’s mobile devices. Here I present to you my best picks for the Free first person shooter games online for Android.

Software and howtos

Filed under
Software
HowTos

New: NuTyX 9.93 and Linux Mint 18.3

Filed under
GNU
Linux
  • NuTyX 9.93 available with cards 2.3.105

    The NuTyX team is please to annonce the 9.93 release of NuTyX.

    NuTyX 9.92 comes with kernel LTS 4.14.6, glibc 2.26, gcc 7.2.0, binutils 2.29.1, python 3.6.0, xorg-server 1.19.5, qt 5.10.0, KDE plasma 5.11.3, KDE Framework 5.41.0, KDE Applications 17.12.0, mate 1.18.2, xfce4 4.12.4, firefox 57.0.2 Quantum, etc...

  • Linux Mint 18.3 'Sylvia' Xfce and KDE editions are available for download

    Linux Mint is killing the KDE version of its operaring system -- a move some people applaud. That's what makes the new 18.3 version -- named "Sylvia" -- so frustrating. It's bizarre to release a new version of an operating system that essentially has no future. But oh well, here we are. After a short beta period, the KDE distro is now available for download -- if you still care. I recommend that KDE loyalists just switch to Kubuntu or Netrunner, but I digress.

    Despite being the final version of Linux Mint KDE, it is still a great alternative to the consistently disappointing Windows 10. After all, it has been discovered that Microsoft is bundling a bug-ridden password-manager with its operating system without user consent! How can you trust such an OS?! Sigh.

  • Linux Mint 18.3 "Sylvia" KDE and Xfce Editions Officially Released, Download Now

    The Linux Mint team released the final Linux Mint 18.3 "Sylvia" Xfce and Linux Mint 18.3 "Sylvia" KDE editions to download, as well as an upgrade for existing Linux Mint 18.2 "Sonya" users.

    Previously in beta, the Linux Mint 18.3 "Sylvia" KDE and Xfce editions are now officially released and ready for production use. Just like the Cinnamon and MATE flavors, they are based on Canonical's long-term supported Ubuntu 16.04 LTS (Xenial Xerus) operating system and use the Linux 4.10 kernel by default for new installations.

GNU: Glibc, GIMP, GCC

Filed under
GNU
  • Glibc 2.27 Lands Yet More Performance Optimizations

    Earlier this month I wrote how Intel engineers have been busy with continuing to tune glibc's performance with FMA and AVX optimizations. That work has continued but also other architectures continue tuning their GNU C Library performance ahead of the expected v2.27 update.

    There has been a ton of optimization work this cycle, particularly on the Intel/x86_64 front. For those with newer Intel 64-bit processors, this next glibc release is shaping up to be a speedy update.

  • GIMP PIcks Up Support For The New Flatpak/FreeDesktop.org Screenshot API

    Hot off the release of the new GIMP 2.9.8 and ahead of the expected GIMP 2.10 release candidates that are expected to begin, a new addition to GIMP is a plug-in supporting the new FreeDesktop.org/Flatpak screenshot API.

    The org.freedesktop.portal.Screenshot specification aims to be a screenshot API that will work not only cross-desktop (e.g. KDE, GNOME, etc) but also work for sandboxed applications (i.e. Flatpak) and also work regardless of whether you are using Wayland or X11.

  • GCC Prepares For Fortran 2018 Support

    The Fortran committee decided last month to rename the upcoming Fortran 2015 programming language update to Fortran 2018. GCC support is being prepped.

    With this updated programming language technical specification not expected to be published until mid-2018, the committee behind this long-standing programming language decided to rename Fortran 2015 to Fortran 2018. Fortran 2018 should further improve interoperability with C code, improve its parallel programming capabilities, support hexadecimal inputs/outputs, and other improvements over Fortran 2008.

Security: Hackers, Back Doors, Microsoft Scam and Bots

Filed under
Security
  • Why Hackers Are in Such High Demand, and How They're Affecting Business Culture

    News headlines often focus on the hackers who launch cyber attacks and leak confidential data such as National Security Agency exploits, sensitive political emails, and unreleased HBO programming, but hackers can also affect organizations in positive ways. White hat hackers (as opposed to black hats) increasingly are finding employment in companies as security researchers.

    From conducting penetration tests and identifying vulnerabilities in software to providing companies with guidance about emerging threats, white hat hackers bring considerable value to organizations and play an instrumental role in helping them defend against today's advanced threats. White hats are highly coveted not only for their knowledge but also for their unique mindsets and ability to change corporate culture.

  • We need to talk about mathematical backdoors in encryption algorithms

    Security researchers regularly set out to find implementation problems in cryptographic algorithms, but not enough effort is going towards the search for mathematical backdoors, two cryptography professors have argued.

    Governments and intelligence agencies strive to control and bypass or circumvent cryptographic protection of data and communications. Backdooring encryption algorithms is considered as the best way to enforce cryptographic control.

    In defence of cryptography, researchers have set out to validate technology that underpins the secure exchange of information and e-commerce. Eric Filiol,  head of research at ESIEA, the operational cryptology and virology lab, argued that only implementation backdoors (at the protocol/implementation/management level) are generally considered. Not enough effort is being put into looking for mathematical backdoors or by-design backdoors, he maintains.

  • How a Dorm Room Minecraft Scam Brought Down the Internet

     

    Originally, prosecutors say, the defendants hadn’t intended to bring down the internet—they had been trying to gain an advantage in the computer game Minecraft.

  • Microsoft's Edge browser is in serious trouble

     

    Analytics firm Net Applications revised its methodology to cull bots from its browser share numbers and found that as much as half of the traffic to Edge on Windows 10 was artificially inflated.  

Mobile Linux: Tizen and Android

Filed under
Android
Linux

Security: Vista 10, Ransom, and "Zealot"

Filed under
Security
  • Face Palm: Windows 10 Bundled A Password Manager That Exposed Your Saved Passwords

    bout 16 months ago, a Google Project Zero researcher found a critical bug in a password manager named Keeper. The bug allowed Keeper to inject its trusted UI into untrusted web pages with a content script. This allowed websites to steal user passwords using techniques like clickjacking.

    In a surprising development, Tavis Ormandy, the same researcher, has found that Microsoft bundled the same password manager with Windows 10. “I recently created a fresh Windows 10 VM with a pristine image from MSDN, and found that a password manager called “Keeper” is now installed by default,” he said. Moreover, a similar flaw was again found in this pre-installed password manager, which remained present for eight days.

  • British companies 'stockpile' Bitcoin to use as ransomware hush money
  • "Zealot" Campaign Uses NSA Exploits to Mine Monero on Windows and Linux Servers

    An aggressive and sophisticated malware campaign is currently underway, targeting Linux and Windows servers with an assortment of exploits with the goal of installing malware that mines the Monero cryptocurrency.

    The campaign was detected by security researchers from F5 Networks, who named it Zealot, after zealot.zip, one of the files dropped on targeted servers.

today's howtos

Filed under
HowTos

FLOSSophobia

Filed under
GNU
Linux

I have seen it many times. "Linux is a cancer". "Open sauce". "Linuxtard". I even remember the teacher who did not bring a laptop for her presentation and, when I offered her my Linux netbook, she rejected it as if I had presented her something illegal. She tried to use an old Windows computer instead but, when the computer failed, she ended up displaying her presentation with my Linux netbook.
Clearly, this teacher's position was not based on ignorance or lack of expertise because she knew Linux existed and all she had to do was to display slides. Her refusal was due to indoctrination: she had learned that Linux and non-Microsoft office suites had to be rejected.

Read more

Hands on With elementary OS Powered Centurion Nano Laptop by Alpha Store

Filed under
Linux
Reviews

If you want to buy a new laptop, no doubt you should consider the Centurion line. It will be a good choice for you, Linux aficionado. As well as for your Windows-addicted husband/wife/employees. The Centurion Nano is certainly not a “gamer” laptop. However, besides that particular use case, and for an interesting price, you will get a very competent computer, 100% compatible with Linux and usable for a broad range of tasks.

Read more

Tryton and Python Deprecation Warnings

Filed under
Development
  • Trying Tryton

    The quest to find a free-software replacement for the QuickBooks accounting tool continues. In this episode, your editor does his best to put Tryton through its paces. Running Tryton proved to be a trying experience, though; this would not appear to be the accounting tool we are searching for.
    Tryton is a Python 3 application distributed under the GPLv3 license. Its home page mentions that it is based on PostgreSQL, but there is support for MySQL and SQLite as well. Tryton, it is said, is "a three-tier high-level general purpose application platform" that is "the core base of a complete business solution providing modularity, scalability and security". The "core base" part of that claim is relevant: Tryton may well be a solid base for the creation of a small-business accounting system, but it is not, out of the box, such a system itself.

  • Who should see Python deprecation warnings?

    As all Python developers discover sooner or later, Python is a rapidly evolving language whose community occasionally makes changes that can break existing programs. The switch to Python 3 is the most prominent example, but minor releases can include significant changes as well. The CPython interpreter can emit warnings for upcoming incompatible changes, giving developers time to prepare their code, but those warnings are suppressed and invisible by default. Work is afoot to make them visible, but doing so is not as straightforward as it might seem.
    In early November, one sub-thread of a big discussion on preparing for the Python 3.7 release focused on the await and async identifiers. They will become keywords in 3.7, meaning that any code using those names for any other purpose will break. Nick Coghlan observed that Python 3.6 does not warn about the use of those names, calling it "a fairly major oversight/bug". In truth, though, Python 3.6 does emit warnings in that case — but users rarely see them.

Red Hat News

Filed under
Red Hat

Linux Kernel Space: eBPF and More (LWN Paywall Expired)

Filed under
Linux
  • A thorough introduction to eBPF

    In his linux.conf.au 2017 talk [YouTube] on the eBPF in-kernel virtual machine, Brendan Gregg proclaimed that "super powers have finally come to Linux". Getting eBPF to that point has been a long road of evolution and design. While eBPF was originally used for network packet filtering, it turns out that running user-space code inside a sanity-checking virtual machine is a powerful tool for kernel developers and production engineers. Over time, new eBPF users have appeared to take advantage of its performance and convenience. This article explains how eBPF evolved how it works, and how it is used in the kernel.

  • Restricting automatic kernel-module loading

    The kernel's module mechanism allows the building of a kernel with a wide range of hardware and software support without requiring that all of that code actually be loaded into any given running system. The availability of all of those modules in a typical distributor kernel means that a lot of features are available — but also, potentially, a lot of exploitable bugs. There have been numerous cases where the kernel's automatic module loader has been used to bring buggy code into a running system. An attempt to reduce the kernel's exposure to buggy modules shows how difficult some kinds of hardening work can be.

  • Container IDs for the audit subsystem

    Linux containers are something of an amorphous beast, at least with respect to the kernel. There are lots of facilities that the kernel provides (namespaces, control groups, seccomp, and so on) that can be composed by user-space tools into containers of various shapes and colors; the kernel is blissfully unaware of how user space views that composition. But there is interest in having the kernel be more aware of containers and for it to be able to distinguish what user space considers to be a single container. One particular use case for the kernel managing container identifiers is the audit subsystem, which needs unforgeable IDs for containers that can be associated with audit trails.

    Back in early October, Richard Guy Briggs posted the second version of his RFC for kernel container IDs that can be used by the audit subsystem. The first version was posted in mid-September, but is not the only proposal out there. David Howells proposed turning containers into full-fledged kernel objects back in May, but seemingly ran aground on objections that the proposal "muddies the waters and makes things more brittle", in the words of namespaces maintainer Eric W. Biederman.

Syndicate content

More in Tux Machines

Android Leftovers

Linux Mint Releases Last KDE Edition "Sylvia"

​Mint fans rejoice as the latest version of Linux Mint 18.3 Sylvia with the KDE desktop is available to download on Linux Mint’s official website. The sad part is that this will be the last offering from Linux Mint that will feature the KDE desktop environment. Read
more

today's leftovers

  • Schaller On Linux In 2018: Rust Rules, Apple Declines, Linux Graphics Compete
    Christian Schaller who has long been involved in GNOME/Fedora development while serving as a senior software engineering manager at Red Hat and formerly with Collabora has some bold predictions about 2018 for open-source software.
  • Fedora Classroom Session: Fedora QA 102
    Fedora Classroom sessions continue next week with a session on Fedora QA. The general schedule for sessions appears on the wiki. You can also find resources and recordings from previous sessions there. Here are details about this week’s session on Wednesday, December 22 at 16:00 UTC. That link allows you to convert the time to your timezone.
  • Cura, the nice 3D print slicer, is now in Debian Unstable
    After several months of working and waiting, I am happy to report that the nice and user friendly 3D printer slicer software Cura just entered Debian Unstable. It consist of five packages, cura, cura-engine, libarcus, fdm-materials, libsavitar and uranium. The last two, uranium and cura, entered Unstable yesterday. This should make it easier for Debian users to print on at least the Ultimaker class of 3D printers. My nearest 3D printer is an Ultimaker 2+, so it will make life easier for at least me. :)
  • #PeruRumboGSoC2018 – Session 5
    Today we have celebrated another session for the #PeruRumboGSoC2018 program at CCPP UNI. It was one of the longest sessions we have experienced.
  • Mozilla releases tools and data for speech recognition
    Voice computing has long been a staple of science fiction, but it has only relatively recently made its way into fairly common mainstream use. Gadgets like mobile phones and "smart" home assistant devices (e.g. Amazon Echo, Google Home) have brought voice-based user interfaces to the masses. The voice processing for those gadgets relies on various proprietary services "in the cloud", which generally leaves the free-software world out in the cold. There have been FOSS speech-recognition efforts over the years, but Mozilla's recent announcement of the release of its voice-recognition code and voice data set should help further the goal of FOSS voice interfaces. There are two parts to the release, DeepSpeech, which is a speech-to-text (STT) engine and model, and Common Voice, which is a set of voice data that can be used to train voice-recognition systems. While DeepSpeech is available for those who simply want to do some kind of STT task, Common Voice is meant for those who want to create their own voice-recognition system—potentially one that does even better (or better for certain types of applications) than DeepSpeech.
  • FreeBSD-Based TrueOS 17.12 Focuses on Faster Boot, Bhyve and LibreSSL Support
    en Moore, the creator of the FreeBSD-based TrueOS computer operating system and Lumina desktop environment, released the TrueOS 17.12 update, which introduces multiple enhancements. Synced with the FreeBSD 12.0-CURRENT and FreeBSD ports tree software repositories as of December 4 and November 30, 2017, respectively, TrueOS 17.12 is an incremental update to the operating system adding improvements to the OpenRC-based boot process, removable-device management, LibreSSL and SysAdm API integrations, as well as Bhyve support for TrueOS Server Install. "We have also been working quite a bit on the server offering of TrueOS, and are pleased to provide new text-based server images with support for Virtualization systems such as bhyve," said Ken Moore in the release announcement. "This allows for simple server deployments which also take advantage of the TrueOS improvements to FreeBSD."
  • Will Your Taxes Go Up or Down? A Calculator for the New Tax Bill
    ...Tax-Calculator, an open-source tax-modeling program.

Games: Slaps and Beans and Games Online For Android

  • Slaps and Beans now in Early Access
    Bud Spencer & Terence Hill: Slaps and Beans [Steam] is now in Early Access after a successful Kickstarter campaign in which the developers gained over $200k.
  • Best First Person Shooter Games Online For Android
    With the ever shining genre of First Person Shooters making it Huge in the PC market, game studios have brought the best of FPS action to people’s mobile devices. Here I present to you my best picks for the Free first person shooter games online for Android.