Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 23 May 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story GCC vs. LLVM Clang vs. AOCC Compilers On AMD Threadripper Rianne Schestowitz 23/05/2018 - 4:55pm
Story LibreOffice 6.1 Beta Arrives Next Week for Second Bug Hunting Session on May 28 Rianne Schestowitz 23/05/2018 - 4:52pm
Story Canonical Releases Major Kernel Updates for Ubuntu 17.10, 16.04 LTS & 14.04 LTS Rianne Schestowitz 23/05/2018 - 4:50pm
Story Open source image recognition with Luminoth Rianne Schestowitz 23/05/2018 - 4:48pm
Story AsteroidOS and OpenWatch Aim to Open Up Smartwatch Market Rianne Schestowitz 23/05/2018 - 4:42pm
Story Best Linux Laptops of 2018 Rianne Schestowitz 23/05/2018 - 4:40pm
Story Red Hat and Fedora News Roy Schestowitz 23/05/2018 - 4:19pm
Story Free/Open Source AI Projects Roy Schestowitz 23/05/2018 - 4:10pm
Story Games Leftovers Roy Schestowitz 23/05/2018 - 3:54pm
Story DragonFlyBSD 5.2.1 Released Roy Schestowitz 23/05/2018 - 3:41pm

Do European Governments Publish Open Source Software?

Filed under
OSS

From time to time I come across news articles about Governmental bodies in Europe adopting the use of Open Source Software. This seems to be a slowly increasing trend. But if European Governments make software for themselves, or are having it made for them, do they publish that software as Open Source?

This was a question that came up in a meeting at one of my clients. To find an answer, I asked my friends at the FSFE NL-team and did a Quick Scan. Here are the results.

The short answer: Yes, they do!

The longer answer: read on.

Read more

Openwashing and FOSS FUD

Filed under
OSS
Security
  • Release: The Winemakers Co-Op to Debut Collaborative Wine: Open-Source Chardonnay June 3
  • Facebook open sources Katran networking tool, outlines automation system called Vending Machine [Ed: When surveillance giants are engaging in openwashing campaigns (all the core code is secret and abuses people)...]
  • Facebook Open Sources Katran Load Balancer; Details Network Provisioning Tool
  • Security and Open Source: Open Source Components Save Time but Need to be Closely Monitored [Ed: After Black Duck, Snyk and White Source another anti-FOSS firm spreads its FUD to sell services; ads disguised as 'articles'. Many of them this month, flooding FOSS news.]

    Chris Wysopal, CTO of Veracode, said that “the universal use of components in application development means that when a single vulnerability in a single component is disclosed, that vulnerability now has the potential to impact thousands of applications – making many of them breachable with a single exploit.”.

  • Linux Redis Automated Mining For Worm Analysis and Safety Advice [Ed: Rather old an issue]

    Since Redis has not authorized the disclosure of the attack method of root authority of Linux system, because of its ease-of-use, the hacking behaviors of mining and scanning of Linux services by using this issue have been endless. Among the many cases that handle this problem to invade the server for black production, there is a class of mining that USES this problem and can automatically scan the infected machine with pnscan. The attack has always been there, but it has shown a recent trend of increasing numbers, which has been captured many times, and we've been able to do a specific analysis of it.

  • Turla cyberespionage group switched to open-source malware [Ed: Crackers share code, so let's badmouth FOSS?]

    The Turla cyberespionage group has implemented some new tactics over the last few months incorporating some open-source exploitation tools instead of relying solely on their own creations to run campaigns.

    ESET researchers found that starting in March the Turla has been leveraging the open-source framework Metasploit to drop the group's proprietary Mosquito backdoor. The group has periodically used open-source hacking tools for other tasks, but ESET believes the group has never before used Metasploit as a first stage backdoor.

  • A Complete Beginner’s Guide to Not Getting Hacked

    Crackers are so to speak the evil hackers. Although these very often also do not offer the possibilities in order to do justice to the descriptions of the media. Then there are the would-be hackers, also called ScriptKiddies who use themTrojan2 and pre-programmed programs to get into computers and do damage.

    The “Kiddie” leads is a departure from the English “kid” (child), since young people are often behind such attacks. Due to their young age and lack of experience, ScriptKiddies often do not even know what they are doing. Let me give you an example. I have seen ScriptKiddies that use methods to intrude into Windows NT Calculator tried to break into a Linux machine. ScriptKiddies are often bored teenagers who try to have fun with the first tool. These tools are usually so simply knitted that actually, each normal, somewhat educated user can serve them.

    [...]

    According to Blendrit, co-founder at Tactica “One thing is clear: this language culture is constantly evolving, and many words find their way into the media, where they have a completely different meaning. Just as our most famous word, “hacker”, has fared.”

Kata Containers 1.0

Filed under
Server
OSS
  • Kata Containers 1.0

    The 1.0 release of Kata Containers is here! Thank you to the more than 40 individuals who have contributed to the first release of Kata Containers and to developing the Kata community.

  • VM-container chimera Kata Containers emerges from lab

    The open source Kata Containers project, an effort to combine the security advantages of virtual machines with the deployment and management advantages of software-based containers, hit its 1.0 milestone on Tuesday.

    Forged from a merger of Intel’s Clear Containers and Hyper’s runV announced last December, Kata Containers delivers an Open Container Initiative (OCI)-compatible runtime that addresses the downside of traditional container architecture, a shared kernel.

  • Kata Containers Project Releases 1.0 to Build Secure Container Infrastructure
  • Kata Containers 1.0
  • OpenStack Makes its Open Source CI/CD Platform Available to the Wider World

    The OpenStack Foundation made Zuul, an open source continuous integration/continuous development (CI/CD) platform, into an independent project. Zuul also released version 3 of its software.

    Zuul was originally developed for OpenStack CI testing and has since attracted contributors and users across many different organizations, including BMW, GoDaddy, OpenLab, and Wikimedia. It’s the third project to be managed by the OpenStack Foundation, joining OpenStack and Kata Containers.

Security Leftovers

Filed under
Security
  • efail: Outdated Crypto Standards are to blame

    I have a lot of thoughts about the recently published efail vulnerability, so I thought I'd start to writeup some of them. I'd like to skip all the public outrage about the disclosure process for now, as I mainly wanted to get into the technical issues, explain what I think went wrong and how things can become more secure in the future. I read lots of wrong statements that "it's only the mail clients" and the underlying crypto standards are fine, so I'll start by explaining why I believe the OpenPGP and S/MIME standards are broken and why we still see these kinds of bugs in 2018. I plan to do a second writeup that will be titled "efail: HTML mails are to blame".

    I assume most will have heard of efail by now, but the quick version is this: By combining a weakness in cryptographic modes along with HTML emails a team of researchers was able to figure out a variety of ways in which mail clients can be tricked into exfiltrating the content of encrypted e-mails. Not all of the attack scenarios involve crypto, but those that do exploit a property of encryption modes that is called malleability. It means that under certain circumstances you can do controlled changes of the content of an encrypted message.

    [...]

    Properly using authenticated encryption modes can prevent a lot of problems. It's been a known issue in OpenPGP, but until know it wasn't pressing enough to fix it. The good news is that with minor modifications OpenPGP can still be used safely. And having a future OpenPGP standard with proper authenticated encryption is definitely possible. For S/MIME the situation is much more dire and it's probably best to just give up on it. It was never a good idea in the first place to have competing standards for e-mail encryption.

    For other crypto protocols there's a lesson to be learned as well: Stop using unauthenticated encryption modes. If anything efail should make that abundantly clear.

  • Comcast Leaked Customer Wi-Fi Logins in Plaintext, Change Your Passcode Now

    A Comcast Xfinity website was leaking Wi-Fi names and passwords, meaning now is a good time to change your Wi-Fi passcode.

    The site, intended to help new customers set up new routers, could easily be fooled into revealing the location of and password for any customer’s Wi-Fi network. A customer ID and a house or apartment number was all would-be attackers needed to get full access to your network, along with your full address.

  • Update Fedora Linux using terminal for latest software patches
  • Patch for New Spectre-Like CPU Bug Could Affect Your Performance
  • container_t versus svirt_lxc_net_t

Red Hat News

Filed under
Red Hat
  • “Ultimate Private Cloud” Demo, Under The Hood!

    At the recent Red Hat Summit in San Francisco, and more recently the OpenStack Summit in Vancouver, the OpenStack engineering team worked on some interesting demos for the keynote talks.

    I’ve been directly involved with the deployment of Red Hat OpenShift Platform on bare metal using the Red Hat OpenStack Platform director deployment/management tool, integrated with openshift-ansible. I’ll give some details of this demo, the upstream TripleO features related to this work, and insight around the potential use-cases.

  • Discover the possibilities of hybrid cloud during a joint virtual event with Red Hat & Microsoft [Ed: [Ed: When Red Hat pus Microsoft executives at top positions inside Red Hat...]
  • Red Hat OpenStack Customer Survey 2018: containers, technical support top of mind

    In 2016, we surveyed our customer base on their use of OpenStack in production, getting a pulse-check on the top considerations, expectations, and benefits of a Red Hat OpenStack Platform deployment. With 2018 marking five years of Red Hat OpenStack Platform, we checked back in with our customers to see if their experiences or expectations of OpenStack have changed. Our survey found:

  • Red Hat CEO Jim Whitehurst On How He Plans To Win The Container Market
  • Juniper, Red Hat Tighten Integration to Fend Off VMware

    Juniper Networks and Red Hat have tightened their integration efforts in a move to help ease enterprise adoption of cloud-native platforms and bolster their own offerings against the likes of VMware and Cisco.

    The latest platform integration includes the Red Hat OpenStack Platform; Red Hat’s OpenShift Container Platform running as a platform-as-a-service (PaaS) on top of or next to the OpenStack platform depending on deployment architecture; and Juniper’s Contrail Enterprise Multi-Cloud platform running as the networking and security layer to unify those together. This integration is designed as a managed system to help deploy and run applications and services on any virtual machine (VM), container platform, and any cloud environment.

  • Red Hat OpenStack HCI Targets Telco Hybrid Cloud, 5G Deployments

    Red Hat today rolled out a hyperconverged infrastructure (HCI) platform based on OpenStack compute and Ceph storage. The new product targets service providers looking to deploy virtual network functions (VNFs) and 5G technologies on top of open source software.

    Launched at this week’s OpenStack Summit, the Red Hat Hyperconverged Infrastructure for Cloud combines Red Hat OpenStack Platform 13 and Red Hat Ceph Storage 3 into one product. Red Hat says it is the largest contributor to both open source projects.

  • Red Hat Hyperconverged Infrastructure for Cloud Bridges Datacenters and Edge Deployments
  • GSoC 2018: Week 1

    This time, I am working on improving the Fedora Community App with the Fedora project. It’s been a week since we started off our coding on may 14.

    The Fedora App is a central location for Fedora users and innovators to stay updated on The Fedora Project. News updates, social posts, Ask Fedora, as well as articles from Fedora Magazine are all held under this app.

Ubuntu's Mark Shuttleworth pulls no punches on Red Hat and VMware in OpenStack cloud

Filed under
Red Hat
Ubuntu

At OpenStack Summit in Vancouver, Canada, the opening keynote speeches started out the way they usually do. There were demos, there were companies saying how their latest release was the best thing since sliced bread... and then, there was Canonical CEO and Ubuntu Linux founder Mark Shuttleworth. Shuttleworth came out firing at two of his major enterprise OpenStack competitors: Red Hat and VMware.

Shuttleworth opened quietly enough, saying, "Mission is to remove all the friction from deploying OpenStack. We can deliver OpenStack deployments with two people in less two weeks anywhere in the world." So far, so typical for a keynote speech.

Read more

The Top 10 Endless Runner Games

Filed under
Reviews

Endless running has always been a favorite for hardcore as well as casual gamers. Creating a high score while running endlessly through various traps, hurdles and scenes. You receive various power-ups and boosters on your way and most probably there is someone trying to catch you

Read<br />
more

Here Is What's New In Fedora 28

Filed under
Linux

For those who don't know about this Linux distro, Fedora is one of those Linux distributions that comes released with cutting-edge software rather than staying on the same boat with other distributions that prefers stability. Fedora comes in three flavors: Workstation, Server, and Atomic. I'll be reviewing Fedora Workstation; used by many developers and users as their general purpose computing platform.

Read<br />
more

Stable kernels 4.16.11, 4.14.43 and 4.9.102

Filed under
Linux

today's leftovers

Filed under
Misc

Software: Grafana, Heaptrack, Vim

Filed under
Software
  • Grafana – An Open Source Software for Analytics and Monitoring

    Grafana is an open source, feature rich, powerful, elegant and highly-extensible analytics and monitoring software that runs on Linux, Windows and MacOS. It is a de facto software for data analytics, being used at Stack Overflow, eBay, PayPal, Uber and Digital Ocean – just to mention but a few.

    It supports 30+ open source as well as commercial databases/data sources including MySQL, PostgreSQL, Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB. It allows you to dig deeply into large volumes of real-time, operational data; visualize, query, set alerts and get insights from your metrics from differen

  • Heaptrack v1.1.0 release

    Better memory profiling on Linux

    After more than a year of work, I’m pleased to release another version of heaptrack, the Linux memory profiler! The new version 1.1.0 comes with some new features, significant performance improvements and – most importantly – much improved stability and correctness. If you have tried version v1.0 in the past and encountered problems, update to the new v1.1 and try again!

  • Ten Years of Vim

     

    The philosophy behind Vim takes a while to sink in: While other editors focus on writing as the central part of working with text, Vim thinks it's editing.

     

    You see, most of the time I don't spend writing new text; instead, I edit existing text.

  •  

GNU/Linux: Parrot 4.0, Oregan, Containers and Linux 4.18 Plans

Filed under
Linux
  • Parrot 4.0 is out

    Parrot 4.0 has been released. Parrot is a security-oriented distribution aimed at penetration tests and digital forensics analysis, with additional tools to preserve privacy.

  • Parrot 4.0 release notes
  • Oregan launches SparQ middleware for Linux and Android TV

    Oregan said that the open standards-based offering resolves the differences between the current security and performance requirements of modern-day TV services and the hardware capabilities of STBs that were deployed up to a decade ago.

  • Linux app support coming to older Chrome OS devices

    Linux apps on Chrome OS is one of the biggest developments for the OS since Android apps. Previous reports stated Chromebooks with certain kernel versions would be left in the dust, but the Chrome OS developers have older devices on the roadmap, too.

    When Google first broke silence on Linux app functionality, it was understood that Linux kernel 4.4 was required to run apps due to dependencies on newer kernel modules. Thanks to an issue found on Chromium’s public bugtracker, we have confirmation that containers won’t be limited to the handful of Chrome OS devices released with kernel 4.4.

  • Looking Ahead To The Linux 4.18 Kernel

    There still are several weeks to go until the Linux 4.17 kernel will be officially released and for that to initiate the Linux 4.18 merge window, but we already know some of the features coming to this next kernel cycle as well as an idea for some other work that may potentially land.

Red Hat and Fedora Leftovers

Filed under
Red Hat

Canonical founder Mark Shuttleworth takes aim at VMware and Red Hat at OpenStack Summit

Filed under
Red Hat
Server
Ubuntu

“Google, IBM, Microsoft [are] all investing and innovating to drive down the cost of infrastructure. Every single one of those companies engages with Canonical to deliver public services,” he said.

“Not one of them engages with VMware to offer those public services – they can’t afford to. Clearly they have the cash, but they have to compete – and so does your private cloud.”

To capitalise on this trend, the firm is in the throes of rolling out a migration service to help users shift from VMware to a “fully managed” version of Canonical’s Ubuntu OpenStack distribution, which Shuttleworth said costs half as much to run.

“When we take out VMware, and displace VMware, we are regularly told that a fully managed OpenStack solution costs half of the equivalent VMware estate [to run],” he added.

Read more

Syndicate content

More in Tux Machines

today's howtos

Ubuntu: Ubuntu 18.04 Install and First Look, Canonical and Trilio Deal, Ubuntu Server Development and Shuttleworth's Controversy

  • Ubuntu 18.04 Install and First Look
    The long anticipated Ubuntu 18.04 “Bionic Beaver” Long Term Support (LTS) release has arrived… Let’s install it and take a look around.
  • Canonical Managed Cloud adds data protection and recovery with Trilio
    Canonical and Trilio announced today a partnership agreement to deliver TrilioVault backup and recovery solutions as part of BootStack, Canonical’s fully managed OpenStack private cloud solution. TrilioVault will also be made available as an option to Ubuntu Advantage support customers. As a result, users already taking advantage of the Ubuntu platform for their OpenStack deployment now have seamless access to the only OpenStack-native data protection solution on the market. Together, the two companies are pushing the boundaries of enterprise OpenStack clouds to become increasingly easier to build, simpler to manage, and more reliable in the event of a disaster.
  • Ubuntu Server development summary – 22 May 2018
  • Ubuntu's Shuttleworth Creates Controversy with OpenStack Summit Vancouver Keynote
    The OpenStack Foundation is facing a bit of drama and controversy as it deals with issues related to a keynote delivered by Ubuntu Linux founder, Mark Shuttleworth at the OpenStack Summit here on May 21. Typically the OpenStack Foundation posts videos of all its session online within 24 hours, but with the Shuttleworth keynote, the video was apparently posted and then promptly removed. During his keynote, Shuttleworth took direct aim at his OpenStack competitor Red Hat, which apparently made some people in the OpenStack Summit community uncomfortable.

Offline Computing – 10 Apps for the Digital Nomad

In today’s always-connected, constantly-inturrupted world, it can often be rewarding to go offline. Disconnecting from the Internet doesn’t mean you have to buy a yurt, live on beans, and get no work done though! While there’s a ton of great apps in the Snap store which rely on a connection to function, there’s also a lot you can do offline. So whether you’re taking a trip that doesn’t offer (reasonably priced) in-flight wifi, or want to live life the digital nomad style, we’ve got some apps for you! These all work offline, so once installed you can work, study & play without a connection. Read more Also: Linux Release Roundup: GNOME Twitch, Shotwell & GIMP

Finally: Historic Eudora email code goes open source

The source code to the Eudora email client is being released by the Computer History Museum, after five years of discussion with the IP owner, Qualcomm. The Mac software was well loved by early internet adopters and power users, with versions appearing for Palm, Newton and Windows. At one time, the brand was so synonymous with email that Lycos used Eudora to brand its own webmail service. As the Mountain View, California museum has noted, "It’s hard to overstate Eudora’s popularity in the mid-1990s." Read more Also: The Computer History Museum Just Made Eudora Open Source