Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 19 Jul 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Security: Updates, First PGPainless Release, and 'The Cloud' Roy Schestowitz 19/07/2018 - 8:39pm
Story Canonical/Ubuntu: End of Ubuntu 17.10, Ubuntu Podcast, Snaps Add Flexibility with Tracks and Canonical Needs Help Roy Schestowitz 19/07/2018 - 8:24pm
Story today's howtos Roy Schestowitz 19/07/2018 - 8:16pm
Story Graphics: ROCm, AMD, Mesa, Sway Roy Schestowitz 19/07/2018 - 8:12pm
Story Kdenlive 18.08 Beta – Film Noir Roy Schestowitz 19/07/2018 - 6:36pm
Story Today in Techrights Roy Schestowitz 19/07/2018 - 5:46pm
Story Android Leftovers Rianne Schestowitz 19/07/2018 - 4:40pm
Story Stable kernel 4.4.142 Rianne Schestowitz 19/07/2018 - 4:23pm
Story today's leftovers Roy Schestowitz 19/07/2018 - 12:56pm
Story Kernel: Linux 4.19 and LWN Coverage Unleashed From Paywall Roy Schestowitz 19/07/2018 - 12:54pm

OSS Leftovers

Filed under
OSS
  • Four top open source SIEM tools you should know

    With open source SIEM tools, organizations can test out certain capabilities and reduce cost barriers before expanding their product investments. Depending on what functions you're interested in, there is a variety of software to choose from.

    [...]

    Another choice for open source SIEM tools is Apache Metron. ELK Stack is a general purpose log and data parsing tool; Apache Metron focuses squarely on security.

    Apache Metron provides four main capabilities. First, it offers long-term, cost-effective storage of telemetry data through its security data lake feature. Second, it features an extensible framework that collects data from a variety of sources and supports any future endpoints. Third, Metron performs normal SIEM tasks, such as data ingest and threat alerts. The fourth capability is threat intelligence driven by machine learning-based anomaly detection.

  • Open Your Own Front Page Using Firefox New Tab

    Did you know Firefox has a unique page full of great links and ideas curated just for you? In one simple click, we’ve made it faster and easier for you to find things that are important to you whenever you open a new tab in Firefox.

  • pfSense Gold Free with 2.4.4-RELEASE

    Starting with the upcoming release of pfSense® 2.4.4, all of the services previously offered under “pfSense Gold” will continue, but will be free to all pfSense users. Read on for more detail.

  • Google Fined by EU for Antitrust Violations, Qt Creator 4.7.0 Now Available, New ownCloud Version 10.0.9, pfSense Gold to Be Free with the 2.4.4 Release, Kobol Relaunches Helios4

    Netgate announces that pfSense Gold will be free with the 2.4.4 release, including all services previously offered under the pfSense Gold subscription, such as the pfSense Book and monthly online Hangouts (video conferences). In addition, AutoConfigBackup (ACB) also will be free and will conform to GDPR best practices. The 2.4.4 release is planned for September 2018.

  • Emacs & TLS

    A recent query about the status of network security (TLS settings in particular) in Emacs led to a long thread in the emacs-devel mailing list. That thread touched on a number of different areas, including using OpenSSL (or other TLS libraries) rather than GnuTLS, what kinds of problems should lead to complaints out of the box, what settings should be the default, and when those settings could change for Emacs so as not to discombobulate users. The latter issue is one that lots of projects struggle with: what kinds of changes are appropriate for a bug-fix release versus a feature release. For Emacs, its lengthy development cycle, coupled with the perceived urgency of security changes, makes that question even more difficult.

  • nanotime 0.2.2

    A new maintenance release of the nanotime package for working with nanosecond timestamps just arrived on CRAN.

Openwashing Latest

Filed under
OSS

Security: Spectre V1, Gentoo, Google’s Servers and Denuvo DRM

Filed under
Security
  • Spectre V1 defense in GCC
  • Signing and distributing Gentoo

    The compromise of the Gentoo's GitHub mirror was certainly embarrassing, but its overall impact on Gentoo users was likely fairly limited. Gentoo and GitHub responded quickly and forcefully to the breach, which greatly limited the damage that could be done; the fact that it was a mirror and not the master copy of Gentoo's repositories made it relatively straightforward to recover from. But the black eye that it gave the project has led some to consider ways to make it even harder for an attacker to add malicious content to Gentoo—even if the distribution's own infrastructure were to be compromised.

    Unlike other distributions, Gentoo is focused on each user building the software packages they want using the Portage software-management tool. This is done by using the emerge tool, which is the usual interface to Portage. Software "packages" are stored as ebuilds, which are sets of files that contain the information and code needed by Portage to build the software. The GitHub compromise altered the ebuilds for three packages to add malicious content so that users who pulled from those repositories would get it.

    Ebuilds are stored in the /usr/portage directory on each system. That local repository is updated using emerge --sync (which uses rsync under the hood), either from Gentoo's infrastructure or one of its mirrors. Alternatively, users can use emerge-webrsync to get snapshots of the Gentoo repository, which are updated daily. Snapshots are individually signed by the Gentoo infrastructure OpenPGP keys, while the /usr/portage tree is signed by way of Manifest files that list the hash of each file in a directory. The top-level Manifest is signed by the infrastructure team, so following and verifying the chain of hashes down to a particular file (while also making sure there are no unlisted files) ensures that the right files are present in the tree.

  • Here’s How Hackers Are Using Google’s Servers To Host Malware For Free
  • Pirates Punish Denuvo-Protected Games With Poor Ratings

    Denuvo's anti-piracy technology is a thorn in the side of game pirates. While it has been defeated on several occasions recently, the strict anti-piracy measures have not been without consequence. According to new research, Denuvo has frustrated pirates to a point where they sabotage reviews on Metacritic, leading to significantly lower ratings for protected games.

Games: EXAPUNKS, Minecraft, The Station, Chicken Assassin: Reloaded, Stack Gun Heroes

Filed under
Gaming

GUADEC 2018 and GNOME

Filed under
GNOME
  • Felipe Borges: Summing up GUADEC 2018

    This year’s edition was once again a blast. The best opportunity to put faces into the names we interact daily throughout the communication channels of our community, and to meet new folk.

    Once again a volunteer, this year a chaired the sessions in the auditorium during the first day, organized one of the newcomers activities, and the football game. Don’t forget to check out the conference photos.

  • GUADEC 2018 (It’s a Gitlab world)

    GUADEC in Almería was a great opportunity to catch up with some technologies in the GNOME world, hang out with lovely folks again, and spend time at the beach.

  • Jakub Steiner: Detail Considered Harmful

    As many moons have passed since GNOME 3, it’s fair to stop and reconsider the aesthetic choices we made. We don’t actually present app icons at small resolutions anymore. Pixel perfection sounds like a great slogan, but maybe this is another area that dillutes our focus. Asking app authors to craft pixel precise variants that nobody actually sees? Complex size lookup infrastructure that prominent applications like Blender fail to utilize properly?

    [...]

    The irony of the previous blog post is not lost on me, as I’ve been seduced by the shading and detail of these highres artworks. But every day it’s more obvious that we need to do a dramatic redesign of the app icon style. Perhaps allowing to programatically generate the unstable/nightlies style. Allow a faster turnaround for keeping the style contemporary and in sync what other platforms are doing. Right now, the dated nature of our current guidelines shows.

More Android Leftovers (Mostly Microsoft's Antitrust Push Against Android)

Filed under
Android

Ubuntu 17.10 Reaches End of Life, Existing Users Must Upgrade to 18.04

Filed under
News

Ubuntu 17.10 reached the end of life on 19th July 2018. This means that systems running Ubuntu 17.10 won’t receive security and maintenance updates from Canonical anymore leaving them vulnerable.
Read more

3 big steps toward building authentic developer communities

Filed under
OSS

As more software businesses are selling open source products, we've seen a corresponding rise in the emphasis of building out developer communities around these products as a key metric for success. Happy users are passionate advocates, and these passionate advocates raise overall awareness of a company's product offerings. Attract the right vocal influencers into your community, and customers become more interested in forming a relationship with your company.

Doing community building the right way, however, is a delicate balance. Undercut the needs of your user community in favor of driving sales, and your company will face a decrease in adoption and unfavorable brand awareness. Meanwhile, too little focus on the bottom line isn't good for the company. So how can this tension be balanced effectively, especially in a world in which developers are the "new kingmakers" and meeting their sensibilities is a cornerstone of driving corporate purchasing decisions?

Over the past year, I've thought a lot about how to do effective community building while building the business bottom line. In this article, I'll outline three big steps to take toward building authentic, productive, sustainable developer communities.

Read more

Also: A 4-step plan for creating teams that aren't afraid to fail

Amid the 20th anniversary of open source, Tim O’Reilly warns that platform companies built on open-source software have lost their way

Filed under
OSS

It’s rare to hear Chinese philosophy quoted on stage at a software-development conference. But O’Reilly Media founder and CEO Tim O’Reilly invoked the words of Lao Tzu Wednesday morning during the opening keynotes at OSCON 2018 in hopes of convincing those in attendance — many of whom work for the big internet platform companies of our time — that the tech industry needs to return to the spirit of openness and collaboration that drove the early days of the open-source community before it is too late.

“We have an opportunity with these next generation of systems, to rebuild, to rethink the future, to discover what does it mean to get these systems right,” O’Reilly said. If the first era of the internet was dominated by open protocols, and the second era was dominated by the rise of huge platform companies like Amazon, Google, and Facebook, the third era we’re about to enter presents a chance to get it right again.

Read more

Speech to Text conversion in Linux

Filed under
Linux

This is how you can convert speech to text in Linux systems using Google Docs. There are not much speech recognition software available in Linux systems including native desktop apps. There are some apps available which uses IBM Watson and other APIs to convert speech to text but they are not user-friendly and requires advanced level of user interactions e.g. little bit of programming or scripting in respective languages.

However not many users know that Google Docs provides an advanced level of Speech Recognition using its own AI technologies which can be accessed via Chrome in Google Docs. Any category of user can use this feature to convert speech to text and this requires no advanced level of computer knowledge. The best thing about this feature of Google Docs is you can use it in any Ubuntu derivatives, any Linux distributions including Windows where Chrome is available.

Read more

Ubuntu 17.10 (Artful Aardvark) Reached End of Life, Upgrade to Ubuntu 18.04 LTS

Filed under
Ubuntu

Released nine months ago on October 19, 2017, Ubuntu 17.10 was dubbed "Artful Aardvark" by Canonical CEO Mark Shuttleworth because it was the first release of the Ubuntu Linux operating system to ship with the GNOME desktop environment instead of Unity on the Desktop edition.

To due to the sudden move from Unity to GNOME, Ubuntu 17.10 brought several substantial changes, such as the switch to the next-generation Wayland display server by default instead of X.Org Server, a decision that was reverted with the release of Ubuntu 18.04 LTS (Bionic Beaver), and the discontinuation of the Ubuntu GNOME flavor.

Read more

How to add Linux to your Chromebook

Filed under
Linux
HowTos

It's long been possible to run Linux on a Chromebook. That's no surprise. After all, Chrome OS is a Linux variant. But, doing it by using either Crouton in a chroot container or Gallium OS, a Xubuntu Chromebook-specific Linux variant, wasn't easy. Then, Google announced it was bringing a completely integrated Linux desktop to the Chromebook.

Today, with a properly-equipped Chromebook and the bravery to run canary code, you can run Debian Linux on your Chromebook. Here's how to do it.

This new Chromebook Linux feature is Crostini, the umbrella technology for getting Linux running with Chrome OS. Crostini gets enough Linux running to run KVM, Linux's built-in virtual machine (VM). On top of this, Crostini starts and runs LXC containers. You won't see it, unless you look closely, but it's in those containers that your Debian Linux instances are running.

Read more

Linux File Server Guide

Filed under
Linux

Linux file servers play an essential role. The ability to share files is a basic expectation with any modern operating system in the workplace. When using one of the popular Linux distributions, you have a few different file sharing options to choose from. Some of them are simple but not that secure. Others are highly secure, yet require some know-how to set up initially.

Once set up on a dedicated machine, you can utilize these file sharing technologies on a dedicated file server. This article will address these technologies and provide some guidance on choosing one option over another.

Read more

Security: SSL, Microsoft Windows TCO, Security Breach Detection and SIM Hijackers

Filed under
Security
  • Why Does Google Chrome Say Websites Are “Not Secure”?

    Starting with Chrome 68, Google Chrome labels all non-HTTPS websites as “Not Secure.” Nothing else has changed—HTTP websites are just as secure as they’ve always been—but Google is giving the entire web a shove towards secure, encrypted connections.

  • Biggest Voting Machine Maker Admits -- Ooops -- That It Installed Remote Access Software After First Denying It [Ed: Microsoft Windows TCO]

    We've been covering the mess that is electronic voting machines for nearly two decades on Techdirt, and the one thing that still flummoxes me is how are they so bad at this after all these years? And I don't mean "bad at security" -- though, that's part of it -- but I really mean "bad at understanding how insecure their machines really are." For a while everyone focused on Diebold, but Election Systems and Software (ES&S) has long been a bigger player in the space, and had just as many issues. It just got less attention. There was even a brief period of time where ES&S bought what remained of Diebold's flailing e-voting business before having to sell off the assets to deal with an antitrust lawsuit by the DOJ.

    What's incredible, though, is that every credible computer security person has said that it is literally impossible to build a secure fully electronic voting system -- and if you must have one at all, it must have a printed paper audit trail and not be accessible from the internet. Now, as Kim Zetter at Motherboard has reported, ES&S -- under questioning from Senator Ron Wyden -- has now admitted that it installed remote access software on its voting machines, something the company had vehemently denied to the same reporter just a few months ago.

  • Bringing cybersecurity to the DNC [Ed: Microsoft Windows TCO. Microsoft Exchange was used.]

    When Raffi Krikorian joined the Democratic National Committee (DNC) as chief technology officer, the party was still reeling from its devastating loss in 2016 — and the stunning cyberattacks that resulted in high-level officials’ emails being embarrassingly leaked online.

  • Getting Started with Successful Security Breach Detection

    Organizations historically believed that security software and tools were effective at protecting them from hackers. Today, this is no longer the case, as modern businesses are now connected in a digital global supply ecosystem with a web of connections to customers and suppliers. Often, organizations are attacked as part of a larger attack on one of their customers or suppliers. They represent low hanging fruit for hackers, as many organizations have not invested in operationalizing security breach detection.

    As this new reality takes hold in the marketplace, many will be tempted to invest in new technology tools to plug the perceived security hole and move on with their current activities. However, this approach is doomed to fail. Security is not a "set it and forget it" type of thing. Defending an organization from a breach requires a careful balance of tools and operational practices -- operational practices being the more important element.

  • The SIM Hijackers

    By hijacking Rachel’s phone number, the hackers were able to seize not only Rachel’s Instagram, but her Amazon, Ebay, Paypal, Netflix, and Hulu accounts too. None of the security measures Rachel took to secure some of those accounts, including two-factor authentication, mattered once the hackers took control of her phone number.

GNU/Linux Desktops/Laptops and Windows Spying

Filed under
GNU
Linux
  • Changes [Pop!_OS]

    For the last 12 years, my main development machine has been a Mac. As of last week, it’s a Dell XPS 13 running Pop!_OS 18.04.

    [...]

    Take note: this is the first operating system I’ve used that is simpler, more elegant, and does certain things better than macOS.

  • System76 Opens Manufacturing Facility to Build Linux Laptops

    As it turns out, System76 is making the transition from a Linux-based computer seller, into a complete Linux-based computer manufacturer. The Twitter photos are from their new manufacturing facility. This means that System76 will no longer be slapping their logo on other company’s laptops and shipping them out, but making their own in-house laptops for consumers.

  • Extension adding Windows Timeline support to third-party browsers should have raised more privacy questions

    Windows Timeline is a unified activity history explorer that received a prominent placement next to the Start menu button in Windows 10 earlier this year. You can see all your activities including your web browser history and app activity across all your Windows devices in one place; and pickup and resume activities you were doing on other devices. This is a useful and cool feature, but it’s also a privacy nightmare.

    You may have read about a cool new browser extension that adds your web browsing history from third-party web browsers — including Firefox, Google Chrome, Vivaldi, and others — to Windows Timeline. The extension attracted some media attention from outlets like MSPoweruser, Neowin, The Verge, and Windows Central.

Public money, public code? FSFE spearheads open-source initiative

Filed under
OSS

Last September, the non-profit Free Software Foundation Europe (FSFE) launched a new campaign that calls for EU-wide legislation that requires publicly financed software developed for the public sector to be made publicly available under a free and open-source software license.

According to the ‘Public Money, Public Code’ open letter, free and open-source software in the public sector would enable anyone to “use, study, share, and improve applications used on a daily basis”.

The initiative, says the non-profit, would provide safeguards against public sector organizations being locked into services from specific companies that use “restrictive licenses” to hinder competition.

The FSFE also says the open-source model would help improve security in the public sector, as it would allow backdoors and other vulnerabilities to fixed quickly, without depending on one single service provider.

Since its launch, the Public Money, Public Code initiative has gained the support of 150 organizations, including WordPress Foundation, Wikimedia Foundation, and Tor, along with nearly 18,000 individuals.

With the initiative now approaching its first anniversary, The Daily Swig caught up with FSFE spokesperson Paul Brown, who discussed the campaign’s progress.

Read more

Syndicate content

More in Tux Machines

Red Hat: Interview, Releases, Events, Compliance and Finance

Linux Foundation Expansion and Linux Development

  • Deutsche Telekom signs up as platinum member of Linux Foundation Networking
    Deutsche Telekom has doubled down on its commitment to using open source by signing up as a platinum member of Linux Foundation Networking. Earlier this year, the Linux Foundation put some of its open source communities, including the Open Network Automation Platform (ONAP), under the Linux Foundation Networking (LFN) brand in order to foster cross-project collaboration. Mainly thanks to ONAP, the LNF projects currently enable close to 70% of all the world's global mobile subscribers.
  • Deutsche Telekom Joins The Linux Foundation, Deepens Investment in Open Source Networking
  • Samsung Galaxy S Support With The Linux 4.19 Kernel
    Just in case you have your hands still on the Samsung Galaxy S or Galaxy S 4G that were released back in 2010 as once high-end Android smartphones, they have DeviceTree support with the upcoming Linux 4.19 kernel cycle. The DeviceTree additions are currently staged ahead of the Linux 4.19 kernel for these S5Pv210 Aries based smartphones. With this code in place for Linux 4.19, the Galaxy S should at least see working mainline support for storage, PMIC, RTC, fuel gauge, keys, USB, and WiFi working in order.
  • Using the Best CPU Available on Asymmetric Systems
    This is the type of situation with a patch where it might look like a lack of opposition could let it sail into the kernel tree, but really, it just hasn't been thoroughly examined by Linux bigwigs yet. Once the various contributors have gotten the patch as good as they can get it without deeper feedback, they'll probably send it up the ladder for inclusion in the main source tree. At that point, the security folks will jump all over it, looking for ways that a malicious user might force processes all onto only one particular CPU (essentially mounting a denial-of-service attack) or some such thing. Even if the patch survives that scrutiny, one of the other big-time kernel people, or even Linus Torvalds, could reject the patch on the grounds that it should represent a solution for large-scale systems as well as small. Either way, something like Dietmar and Quentin's patch will be desirable in the kernel, because it's always good to take advantages of the full range of abilities of a system. And nowadays, a lot of devices are coming out with asymmetric CPUs and other quirks that never were part of earlier general-purpose systems. So, there's definitely a lot to be gained in seeing this sort of patch go into the tree.

Games: Risin' Goat, CorsixTH, Hegemone Pass, Unreal Engine

Software: Remote Access, EncryptPad, Aria2 WebUI, Qbs

  • Best Linux remote desktop clients of 2018
    This article has been fully updated, and was provided to TechRadar by Linux Format, the number one magazine to boost your knowledge on Linux, open source developments, distro releases and much more. It appeared in issue 220, published February 2017. Subscribe to the print or digital version of Linux Format here. SSH has been the staple remote access tool for system administrators from day one. Admins use SSH to mount remote directories, backup remote servers, spring-clean remote databases, and even forward X11 connections. The popularity of single-board computers, such as the Raspberry Pi, has introduced SSH into the parlance of everyday desktop users as well. While SSH is useful for securely accessing one-off applications, it’s usually overkill, especially if you aren’t concerned about the network’s security. There are times when you need to remotely access the complete desktop session rather than just a single application. You may want to guide the person on the other end through installing software or want to tweak settings on a Windows machine from the comfort of your Linux desktop yourself.
  • EncryptPad: Encrypted Text Editor For Your Secrets
    EncryptPad is a simple, free and open source text editor that encrypts saved text files and allows protecting them with passwords, key files, or both. It's available on Windows, macOS, and Linux. The application comes with a GUI as well as a command line interface, and it also offers a tool for encrypting and decrypting binary files.
  • Aria2 WebUI: Clean Web Frontend for aria2
    Aria2 WebUI is an open source web frontend for aria2. The software bills itself as the finest interface to interact with aria2. That’s a lofty goal considering the competition from the likes of uGet Download Manager (which offers an aria2 plugin). Aria2 WebUI started as part of the GSOC program 2012. But a lot has changed since the software’s creation under that initiative. While the pace of development has lessened considerably in recent years, the software has not been abandoned.
  • qbs 1.12 released
    We are happy to announce version 1.12.0 of the Qbs build tool. [...] All command descriptions now list the product name to which the generated artifact belongs. This is particularly helpful for larger projects where several products contain files of the same name, or even use the same source file. The vcs module no longer requires a repository to create the header file. If the project is not in a repository, then the VCS_REPO_STATE macro will evaluate to a placeholder string. It is now possible to generate Makefiles from Qbs projects. While it is unlikely that complex Qbs projects are completely representable in the Makefile format, this feature might still be helpful for debugging purposes.