Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 08 Dec 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

AsteroidOS is an open source project that wants to save your smartwatch from obsolescence

Filed under
OS
OSS

Android was once the darling of the open source community, though you'd be forgiven for forgetting that - these days its commercial elements seem to be all that make the news. One developer is hoping that community can save the smartwatch, or at the very least, breathe a little new life into existing designs. Florent Revest, a French computer science student, released the 1.0 alpha version of AsteroidOS today. It's ready to run on multiple Android Wear devices: the original LG G Watch, the Watch Urbane, the Asus ZenWatch 2, and the Sony Smartwatch 3.

Read more

Also: AteroidOS Alpha released: open source smartwatch operating system

Kodi-Based LibreELEC 8.0 "Krypton" Sees New Alpha Powered by Linux Kernel 4.8.12

Filed under
OS
Linux

The development of the open-source and platform-independent LibreELEC (Libre Embedded Linux Entertainment Center) operating system based on the latest Kodi media center software received a new Alpha milestone on December 6, 2016.

Read more

Second Parsix GNU/Linux 8.15 "Nev" Preview Out Now with Linux Kernel 4.4.35 LTS

Filed under
GNU
Linux
Debian

Today, December 7, 2016, the development team behind the Debian-based Parsix GNU/Linux operating system have announced the release of the second preview version of the upcoming Parsix GNU/Linux 8.15 "Nev" distribution.

Still based on the Debian GNU/Linux 8 "Jessie" repositories, Parsix GNU/Linux 8.15 "Nev" Test2 is here one and a half months after the previous development release, and ships with more recent technologies and Open Source software projects, including the latest GNOME 3.22.2 desktop environment and Linux 4.4.35 LTS kernel.

Read more

Also: Welcome to Parsix GNU/Linux 8.15-TEST-2 Release Notes

AMD/ATI Catalyst fglrx rpms, end of an era!

Filed under
Graphics/Benchmarks

We had the hope of getting it working for Leap 42.2 in October, but except freezing kernel and xorg, you will not get what you would expect: a stable xorg session

Read more

Intel GPU Tools 1.17 Released for Linux with Kaby Lake Support, Many New Tests

Filed under
Graphics/Benchmarks
Linux

It's been two months since the release of Intel GPU Tools (intel-gpu-tools) 1.16, the open-source collection of tools for development and testing of the Intel DRM driver for Linux-based operating systems, and Petri Latvala announced the release of version 1.17.

Read more

New CloudLinux 7 Kernel Released, Rebased to Red Hat's OpenVZ Linux 3.10 Kernel

Filed under
Red Hat

CloudLinux's Mykola Naugolnyi announced the general availability of an updated kernel package for the enterprise-ready CloudLinux 7 operating system based on the freely distributed sources of Red Hat Enterprise Linux.

CloudLinux is the operating system of choice for hosting providers and data centers, powering over 20 million websites. It's a super-platform designed for stability, security, and efficiency in shared hosting by isolating each occupant and giving them allocated server resources.

A new kernel version, tagged as build 3.10.0-427.36.1.lve1.4.26, has been announced earlier for those who are using the CloudLinux 7 release on their server infrastructures, and it's now available for installation from the updates-testing repository. It's been rebased on Red Hat Enterprise Linux 7's OpenVZ rh7-3.10.0-327.36.1.vz7.18.7 kernel.

Read more

Leftovers: OSS

Filed under
OSS
  • Dutch govt should consider sharing all its software

    The Dutch government is to create a vision document on how all software developed for and by public administrations can be made available as open source. On Tuesday, the Lower House of the Dutch Parliament agreed that sharing software developed for or by the government has significant benefits, including information security, efficiency and openness.

  • Communicating To The World: Why Open-Source Could Help Your Small Business

    Just as groundbreaking advancements in technology in the ‘90s and 2000s have fundamentally changed the way film, music and television are produced and distributed today, more recent tech innovations have also provided entrepreneurs with the tools they need to compete in the global marketplace. Here is a look at some of the open-source solutions that you can use in order to realize your entrepreneurial ambitions.

    [...]

    The rise of high quality open-source web utilities has made it possible for anyone with even a rudimentary understanding of web design to make a quality site. In fact, open-source content management systems like WordPress are so easy to use and comprehensive, companies like Best Buy and Xerox use them to maintain their web presences. Additionally, open-source business management and accounting program Solegis, customer relationship management app ConcourseSuite and e-commerce solution Zen Cart all exist to empower entrepreneurs with limited resources.

  • What lies ahead for open source technology in 2017?

    2016 has been a polarising year. A year when the unexpected and largely unpredicted has occurred, shocking people worldwide. We have lurched into a post-truth era, where emotion transcends logic, and maintaining the status quo is no longer a given.

    Change is inevitable and there are vast swathes of global society who are disappointed and apprehensive about what lies ahead. In times of uncertainty, an increased focus on collaboration and community is appealing and desirable.

    The internet has long been a polarising force, a connecting platform that allows individuals to find kindred spirits they might not have been able to find before, regardless of their allegiances and views.

  • Financial tech-ops chief: open source is a recruitment talent imperative

    Developers don’t want to take what companies tell them at face value: they want to look under the bonnet, and assess the quality and design of the code for themselves. If you want to win credibility among the developer community and encourage the right people to your brand, you need to share your work and demonstrate best practice, not just talk about it.

    The benefits to an open source approach don’t end with the positive impression it can help foster among developers.

  • Speaking in Tech: Did an open source guru just ask us to join Amazon?
  • Family Farming and Open Source Wireless Networking

    Open source methods are being covered more often on television and radio these days, as witnessed by this recent story posted Monday on YouTube by CNBC that mentions Drupal-based Farm OS and covers the story of Dorn Cox, an organic grain grower at Tuckaway Farm in Lee NH; the Director of Green Start, an organization working towards food and fuel security; and co-founder of Farm Hack, an open source community for resilient agriculture.

  • WordPress 4.7 Provides Improved Customization

    WordPress 4.7 was released on December 6, providing the tens of millions of internet users that rely on it, with a long list of new features.

    As always with every new major WordPress milestone, there is a new theme. For WordPress 4.7 the new theme is Twenty Seventeen, which provides users with video headers and features images.

  • Open Compliance in the Enterprise: Why Have an Open Source Compliance Program?

    Traditionally, platforms and software stacks were implemented using proprietary software, and consisted of various software building blocks that originated as a result of internal development or via third-party software providers with negotiated licensing terms.

    The business environment was predictable and companies mitigated potential risks through license and contract negotiations with the software vendors. It was very easy to know who was the provider for every software component.

  • Why You Should Have a Personal CI Server

    As a developer, I rely on a CI server to take care of the day-to-day routine of building, testing and deploying software...so much so that I often find myself committing code after every new class or group of methods as a “fire and forget” signal to the CI server to go ahead and run my tests, check my code for style violations, and push a new version to the dev server. When I have finished my train of thought, I can jump into the CI server and either be greeted with a green tick or have a handy (and more importantly authoritative) list of issues to be addressed.

    However, for all the convenience that a central CI server brings, there are times when this environment lets me down. Maybe my jobs are at the end of the queue, I can’t deploy to the dev servers during a certain time frame, or the configuration of the build just doesn’t quite do what I want it to do but I don’t have the authority to change it.

Leftovers: Software

Filed under
Software
  • grep-2.27 released

    There have been 40 commits by 4 people in the 9 weeks since 2.26. Note that there were many additional important changes via gnulib.

  • GCC 6.3 Should Be Here By Christmas

    For those looking toward the next maintenance release of GCC 6, the GNU Compiler Collection 6.3 is aiming to be out by Christmas.

  • Yum! GNOME Recipes is a New Cooking App for Linux

    Do you like to cook? No, me neither. And that’s largely because I don’t know how to cook.

    Could a desktop cooking app help? GNOME’s Matthias Clasen is hoping so, and has started work on a brand-new desktop recipe app that you — and anyone you know — can help contribute to.

  • Heron Animation, Free Stop Motion Software for Linux

    Looking for free stop motion animation software? If so, you’ll definitely want to check out Heron Animation.

    A free program, Heron Animation lets you take a series of pictures from a connected webcam and assemble each shot into a real moving animation.

    The tool, which is written in web technologies, pitches itself as ‘perfect for beginners and more experienced animators alike’. That sort of balance is notoriously hard to achieve.

  • EasyTAG 2.4.3 Audio Tag Editor Supports MP4 Files with the .aac File Extension

    EasyTAG, an open-source, simple, free, and cross-platform application for viewing and editing tags in audio files, supporting MP3, MP4, FLAC, Ogg, MusePack, Monkey's Audio, and WavPack files, was updated to version 2.4.3.

    It's been more than nine months since EasyTAG 2.4.2 was released, and we're now finally able to update the software on our GNU/Linux or Windows operating systems. Version 2.4.3 is out as of December 5, 2016, bringing support for MP4 files that use the .aac file extension, as well as Adwaita-style artist and album icons.

  • FSF Blogs: Seventeen new GNU releases in November
  • IceCat 45.5.1 release

    GNUzilla is the GNU version of the Mozilla suite, and GNU IceCat is the GNU version of the Firefox browser. Its main advantage is an ethical one: it is entirely free software. While the Firefox source code from the Mozilla project is free software, they distribute and recommend non-free software as plug-ins and addons. Also their trademark license restricts distribution in several ways incompatible with freedom 0.

  • Permabit Hits New Milestone in 2016 by Delivering the First Complete Data Reduction for Linux
  • FOSS DOS for 21st Century Hardware

    The founder and coordinator of the FreeDOS Project writes about FreeDOS 1.2, which is scheduled for a Christmas Day release. There is good news for classic gamers and nostalgia buffs: this one’s got games.

  • A Look At Async/Await JavaScript For Firefox 52

    While Chrome 55 has JavaScript async/await support, the Firefox support isn't coming until the Firefox 52.0 stable release in March while currently it's available in the latest Firefox Developer Edition and early alpha builds.

    Mozilla developer Dan Callahan wrote a post today on hacks.mozilla.org for the async/await support in Firefox and can be used if you are running the latest Firefox Developer Edition. Check it out if you're interested in JavaScript async await support for more asynchronous programming for the web.

  • Chrome bug triggered errors on websites using Symantec SSL certificates
  • Announcing openSUSE’s GPG Key Server – keyserver.opensuse.org

    Does it happen to you, too, that there are moments where you ask yourself why others want something from you that is there already since a while? Exactly this happened with https://keyserver.opensuse.org/: the original machine was set up a long time ago to make it easier for people attending the openSUSE GPG key-signing parties, but it looks like nobody officially announced this “new service” for our users…

    …and so here we are: the openSUSE Heroes team is pleased to announce that keyserver.opensuse.org is up and running as public GPG keyserver. We are of course also part of the official keyserver pool, which means that some people might already noticed us, as they got redirected to our server with their requests. (And for those who are interested to setup their own SKS keyserver: we have also written a nice monitoring plugin that helps you keeping an eye on the pool status of your machine and the ones of your peers.)

Office Suites

Filed under
LibO
  • Microsoft Office, Google Docs beware: This open-source startup is after your users

    "That was one of the reasons why we chose an open-source model. We want be open, want people to trust us, want to overcome that barrier they have in mind, those strong beliefs that there's nothing but Microsoft Office, that nothing better could be created. We won't change our mind about open source."

    Bannov says he ultimately sees OnlyOffice becoming a firm that provides consulting, technical support and remote managed services to companies using its open-source products.

  • Collabora Online 2.0 Puts LibreOffice In the Cloud, Adds Collaborative Editing

    Today, December 7, 2016, Collabora Productivity, through Michael Meeks, is proud to inform Softpedia about the general availability of the long anticipated Collabora Online 2.0 office suite based on the LibreOffice, Nextcloud, and ownCloud technologies.

    After being in development for the past six months, Collabora Online 2.0 is finally here as the powerful cloud-based office suite that promises to protect users' privacy and freedom of expression while editing various documents formats online. Collabora Online is mainly targeted at the enterprise world, hosting and cloud businesses.

Leftovers: Ubuntu

Filed under
Ubuntu

Kernel Space/Linux

Filed under
Linux
  • Why Is Microsoft Showing So Much Interest In Linux? [Ed: Someone needs to explain to Mathew Lodge what EEE is and how it works. Is the Linux Foundation (including Rorvalds as well) still permitted to criticise Microsoft or is it frowned upon internally?]
  • Linux on the Mac — state of the union

    The MacBook Pro introduction in October caused unusually negative reactions among professional users due to the realization that Apple no longer caters equally to casual and professional customers as it had in the past [YouTube video]. Instead, the company appears to be following an iOS-focused, margin-driven strategy that essentially relegates professionals to a fringe group. This has well-known developers such as Salvatore Sanfilippo (of the Redis project) consider a move back to Linux. Perhaps that's a good moment to look at the current state of Mac hardware support in the kernel. While Macs are x86 systems, they possess various custom chips and undocumented quirks that the community needs to painstakingly reverse-engineer.

  • How well does the Linux kernel support Mac hardware?

    There is an interesting subset of Linux users that prefer to run it on a Mac. Yes, a Mac. That might seem odd given how Apple is known for its closed ecosystems and high cost hardware, but the Linux on Mac folks really do exist out there.

    But how well does the Linux kernel support Mac hardware? LWN.net has a “state of the union” article for Linux on the Mac that could be quite helpful if you are thinking about installing Linux on your Mac.

  • New Kernel Vulnerability Allows Local Root For Unprivileged Processes

    There is yet another new Linux kernel vulnerability being disclosed today that allows for unprivileged processes to gain kernel code execution abilities.

    This new vulnerability is CVE-2016-8655 but it doesn't seem to be getting too much attention yet. CVE-2016-8655 comes down to a race condition within the af_packet.c code for gaining local root access. The researcher that found it was able to write an exploit to gain root shell on an Ubuntu 16.04 LTS system and defeats SMEP/SMAP protection too.

  • Avoiding CVE-2016-8655 with systemd

    Just a quick note: on recent versions of systemd it is relatively easy to block the vulnerability described in CVE-2016-8655 for individual services.

    Since systemd release v211 there's an option RestrictAddressFamilies= for service unit files which takes away the right to create sockets of specific address families for processes of the service. In your unit file, add RestrictAddressFamilies=~AF_PACKET to the [Service] section to make AF_PACKET unavailable to it (i.e. a blacklist), which is sufficient to close the attack path. Safer of course is a whitelist of address families whch you can define by dropping the ~ character from the assignment. Here's a trivial example:

  • The Best Features Of The Linux 4.9 Kernel

Server Administration

Security Leftovers

Filed under
Security
  • Security advisories for Wednesday
  • There’s a new DDoS army, and it could soon rival record-setting Mirai

    For almost three months, Internet-of-things botnets built by software called Mirai have been a driving force behind a new breed of attacks so powerful they threaten the Internet as we know it. Now, a new botnet is emerging that could soon magnify or even rival that threat.

    The as-yet unnamed botnet was first detected on November 23, the day before the US Thanksgiving holiday. For exactly 8.5 hours, it delivered a non-stop stream of junk traffic to undisclosed targets, according to this post published Friday by content delivery network CloudFlare. Every day for the next six days at roughly the same time, the same network pumped out an almost identical barrage, which is aimed at a small number of targets mostly on the US West Coast. More recently, the attacks have run for 24 hours at a time.

  • Open source Roundcube webmail can be attacked ... by sending it an e-mail

    The developers of open source webmail package Roundcube want sysadmins to push in a patch, because a bug in versions prior to 1.2.3 let an attacker crash it remotely – by sending what looks like valid e-mail data.

    The authors overlooked sanitising the fifth argument (the _from parameter) in mail() – and that meant someone only needed to compose an e-mail with malicious info in that argument to attack Roundcube.

    [...]

    Roundcube posted a patch to GitHub at the end of November, and issued a version 1.2.3 here.

  • Latest Android security update fixes Dirty COW, GPS vulnerabilities
  • Open Source Flaws Found in Security Software

    Yet another industry survey has flagged open source software that according to one estimate accounts for half of the global code base as a growing security threat. Moreover, a review released by Flexera Software also found that the very security products designed to protect IT infrastructure are themselves riddled with vulnerabilities embedded in open source software.

Tizen News

Filed under
Linux

Android Leftovers

Filed under
Android

Fedora News

Filed under
Red Hat
  • Fedora 25: Bleeding edge and bloody brilliant

    I honestly never thought I'd consider Fedora a rock solid enough distribution to serve as a daily driver for anything but developing and testing. This came with good reason: Fedora was always released as a bleeding edge platform, a playground for testers and developers.

    That was the Fedora of old. What they have created with their 25th iteration is some sort of magical confluence of bleeding edge and bloody brilliant.

  • Developers Discuss Future Of CD/DVD Optical Images For Fedora

    With more laptops abandoning DVD drives, USB-based flash drive installers being well supported and widely-used, and CD/DVDs just being far less popular these days, Fedora developers are discussing the future of the official status for optical images in future Fedora releases.

    While Fedora developers continue discussing the possibility of making their release cycles longer, the latest post-F25 topic is the official state for the optical Fedora images. In particular, Fedora QA wondering about future requirements given the significant time requirements spent on testing Fedora CD/DVD images.

  • Korora 25 'Gurgle' Fedora-based Linux distribution now available for download

    I regularly try many Linux-based desktop operating systems on my computers, just so I can be familiar with them. Ultimately, I always return to my favorite -- Fedora. While that distribution is very good, it can also be a bit difficult to use -- for some. Don't get me wrong, it functions well 'out of the box', but once a user begins needing some non-free packages, it can be tough going. In other words, setting it up can sometimes be a chore.

Linux Foundation events expand with Open Source Summits

Filed under
Linux
OSS

The Linux Foundation released its 2017 schedule, including an Embedded Linux Conference in Portland on Feb. 21-23 that needs proposal ideas by Dec. 10.

This year, Linux Foundation events attracted over 20,000 “developers, maintainers, sysadmins, thought leaders, business executives and other industry professionals from more than 4,000 organizations across 85 countries,” and 25,000 are expected in 2017, says the not-for-profit Linux advocacy organization. In truth, the LF is now more of an open source advocacy organization as it spreads into non-Linux projects like Zephyr. Fittingly, the co-located LinuxCon + ContainerCon + CloudOpen events in Japan, North America and Europe have this year combined into new umbrella events called Open Source Summits.

Read more

Syndicate content

More in Tux Machines

Remembering Linux Installfests

Ah, yes. I remember the good old days when you had to be a real man or woman to install Linux, and the first time you tried you ended up saying something like “Help!” or maybe “Mommmmyyyyy!” Really, kids, that’s how it was. Stacks of floppies that took about 7,000 hours to download over your 16 baud connection. Times sure have changed, haven’t they? I remember Caldera advertising that their distribution autodetected 1,500 different monitors. I wrote an article titled “Monitor Number 1501,” because it didn’t detect my monitor. And sound. Getting sound going in Linux took mighty feats of systemic administsationish strength. Mere mortals could not do it. And that’s why we had installfests: so mighty Linux he-men and she-women could come down from the top of Slackware Mountain or the Red Hat Volcano and share their godlike wisdom with us. We gladly packed up our computers and took them to the installfest location (often at a college, since many Linux-skilled people were collegians) and walked away with Linuxized computers. Praise be! Read more

What New Is Going To Be In Ubuntu 17.04 'Zesty Zapus'

Right on the heels of Ubuntu 16.10 'Yakkety Yak' is Ubuntu 17.04 Zesty Zapus. Ubuntu 17.04 is currently scheduled for release on April 13, 2017 but know that this is only an estimate. One thing to know is that all things being equal, it is going to be released in April 2017. Ubuntu Zesty Zapus will be supported for only 9 months until January 2018 as it is not a LTS (long term support) release. Read
more

Security News

  • News in brief: DirtyCOW patched for Android; naked lack of security; South Korea hacked
  • Millions exposed to malvertising that hid attack code in banner pixels
    Researchers from antivirus provider Eset said "Stegano," as they've dubbed the campaign, dates back to 2014. Beginning in early October, its unusually stealthy operators scored a major coup by getting the ads displayed on a variety of unnamed reputable news sites, each with millions of daily visitors. Borrowing from the word steganography—the practice of concealing secret messages inside a larger document that dates back to at least 440 BC—Stegano hides parts of its malicious code in parameters controlling the transparency of pixels used to display banner ads. While the attack code alters the tone or color of the images, the changes are almost invisible to the untrained eye.
  • Backdoor accounts found in 80 Sony IP security camera models
    Many network security cameras made by Sony could be taken over by hackers and infected with botnet malware if their firmware is not updated to the latest version. Researchers from SEC Consult have found two backdoor accounts that exist in 80 models of professional Sony security cameras, mainly used by companies and government agencies given their high price. One set of hard-coded credentials is in the Web interface and allows a remote attacker to send requests that would enable the Telnet service on the camera, the SEC Consult researchers said in an advisory Tuesday.
  • I'm giving up on PGP
    After years of wrestling GnuPG with varying levels of enthusiasm, I came to the conclusion that it's just not worth it, and I'm giving up. At least on the concept of long term PGP keys. This is not about the gpg tool itself, or about tools at all. Many already wrote about that. It's about the long term PGP key model—be it secured by Web of Trust, fingerprints or Trust on First Use—and how it failed me.

OpenSUSE Ends Support For Binary AMD Graphics Driver

Bruno Friedmann has announced the end to AMD proprietary driver fglrx support in openSUSE while also announcing they don't plan to support the hybrid proprietary AMDGPU-PRO stack either. Friedmann wrote, "Say goodbye fglrx!, repeat after me, goodbye fglrx... [In regards to the newer AMDGPU-PRO stack] I will certainly not help proprietary crap, if I don’t have a solid base to work with, and a bit of help from their side. I wish good luck to those who want to try those drivers, I’ve got a look inside, and got a blame face." Read more