Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 23 Feb 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Red Hat and Fedora: David Egts, Radcom, Google Summer of Code 2018, FOSS Wave Roy Schestowitz 22/02/2018 - 9:08pm
Story OSS Leftovers Roy Schestowitz 22/02/2018 - 9:05pm
Story OpenBSD Gets Mitigated For Meltdown CPU Vulnerability Roy Schestowitz 22/02/2018 - 9:03pm
Story France Proposes Software Security Liability For Manufacturers, Open Source As Support Ends Roy Schestowitz 22/02/2018 - 7:07pm
Story today's howtos Roy Schestowitz 22/02/2018 - 6:55pm
Story Security: Updates, Word and More Roy Schestowitz 22/02/2018 - 6:53pm
Story Mozilla Development and News Roy Schestowitz 22/02/2018 - 6:00pm
Story Google Summer of Code 2018 for Qt and Qt Roadmap for 2018 Roy Schestowitz 22/02/2018 - 5:57pm
Story Calculate Linux 17.12.2 released Roy Schestowitz 22/02/2018 - 4:57pm
Story The Community Has Brought The Unity 8 Desktop To Ubuntu 18.04 Roy Schestowitz 22/02/2018 - 4:33pm

You Can Now Turn Your Old Moto G2 "Titan" Phone Into an Ubuntu Phone, Here's How

Filed under
Ubuntu
Gadgets

Walid Hammami managed to port UBports' Ubuntu Touch mobile operating system on the Moto G2 2014 smartphone, which features a Qualcomm MSM8226 Snapdragon 400 chip, 1GB RAM, and 8GB internal storage.

As such, Moto G2 has been accepted by the UBports project as the first community supported device, and it's a well-done port with everything working just fine, including Wi-Fi, GSM, 3G, GPS, Bluetooth, SMS, Camera, Ubuntu Store, etc.

Read more

OSS: IBM, Logz.io, Forbes FUD and OpenAI

Filed under
OSS

Graphics: Mesa and More

Filed under
Graphics/Benchmarks

Red Hat Leftovers

Filed under
Red Hat

Kernel: CH341 and LWN Articles (Just Freed)

Filed under
Linux
  • Linux Adds CH341 GPIO

    There was a time when USB to serial hardware meant one company: FTDI. But today there are quite a few to choose from and one of the most common ones is the WCH CH341. There’s been support for these chips in Linux for a while, but only for use as a communication port. The device actually has RS232, I2C, SPI, and 8 general purpose I/O (GPIO) pins. [ZooBaB] took an out-of-tree driver that exposes the GPIO, and got it working with some frightening-looking CH341 boards.

  • Shrinking the kernel with an axe

    This is the third article of a series discussing various methods of reducing the size of the Linux kernel to make it suitable for small environments. The first article provided a short rationale for this topic, and covered link-time garbage collection. The second article covered link-time optimization (LTO) and compared its results to link-time garbage collection. In this article we'll explore ways to make LTO more effective at optimizing kernel code away, as well as more assertive strategies to achieve our goal.

  • The rest of the 4.16 merge window

    At the close of the 4.16 merge window, 11,746 non-merge changesets had been merged; that is 5,000 since last week's summary. This merge window is thus a busy one, though not out of line with its predecessors — 4.14 had 11,500 changesets during its merge window, while 4.15 had 12,599. Quite a bit of that work is of the boring internal variety; over 600 of those changesets were device-tree updates, for example. But there was still a fair amount of interesting work merged in the second half of the 4.16 merge window; read on for the highlights.

Wine-Staging and Games

Filed under
Gaming

Canonical Outs New Ubuntu Kernel Update with Compiler-Based Retpoline Mitigation

Filed under
Ubuntu

New Linux kernel security updates have been released for Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 ESM (Extended Security Maintenance), adding the compiler-based retpoline kernel mitigation for the Spectre Variant 2 vulnerability on amd64 and i386 architectures.

Canonical fixed the Spectre Variant 2 security vulnerability last month on January 22, but only for 64-bit Ubuntu installations. This update apparently mitigates the issue for 32-bit installations too. Spectre is a nasty hardware bug in microprocessors that use branch prediction and speculative execution and it could allow unauthorized memory reads via side-channel attacks.

Read more

Tutanota: Encrypted Open Source Email Service for Privacy Minded People

Filed under
Reviews

If you are a privacy concerned netizen, try Tutanota. It is an open source email service for encrypted email communication. Here are the pros and cons of using Tutanota.
Read more

NuTyX 10.1-rc1 Available

Filed under
GNU
Linux

I'm very please to propose you the first release candidate version of the next version 10.1 stable version of NuTyX

As they have been so many security issues, I took the chance to recompile all the collections (1701 packages) for this coming next stable NuTyX version.

Read more

Events: FOSDEM Samba Talks, USENIX Enigma, LCA (linux.conf.au) and FAST18

Filed under
OSS
  • Authentication and authorization in Samba 4

    Volker Lendecke is one of the first contributors to Samba, having submitted his first patches in 1994. In addition to developing other important file-sharing tools, he's heavily involved in development of the winbind service, which is implemented in winbindd. Although the core Active Directory (AD) domain controller (DC) code was written by his colleague Stefan Metzmacher, winbind is a crucial component of Samba's AD functionality. In his information-packed talk at FOSDEM 2018, Lendecke said he aimed to give a high-level overview of what AD and Samba authentication is, and in particular the communication pathways and trust relationships between the parts of Samba that authenticate a Samba user in an AD environment.

  • Two FOSDEM talks on Samba 4

    Much as some of us would love never to have to deal with Windows, it exists. It wants to authenticate its users and share resources like files and printers over the network. Although many enterprises use Microsoft tools to do this, there is a free alternative, in the form of Samba. While Samba 3 has been happily providing authentication along with file and print sharing to Windows clients for many years, the Microsoft world has been slowly moving toward Active Directory (AD). Meanwhile, Samba 4, which adds a free reimplementation of AD on Linux, has been increasingly ready for deployment. Three short talks at FOSDEM 2018 provided three different views of Samba 4, also known as Samba-AD, and left behind a pretty clear picture that Samba 4 is truly ready for use. I will cover the first two talks in this article, and the third in a later one.

  • A report from the Enigma conference

    The 2018 USENIX Enigma conference was held for the third time in January. Among many interesting talks, three presentations dealing with human security behaviors stood out. This article covers the key messages of these talks, namely the finding that humans are social in their security behaviors: their decision to adopt a good security practice is hardly ever an isolated decision.

    Security conferences tend to be dominated by security researchers demonstrating their latest exploits. The talks are attack-oriented, they keep a narrow focus, and usually they close with a dark outlook. The security industry has been doing security conferences like this for twenty years and seems to prefer this format. Yet, if you are tired of this style, the annual USENIX Enigma conference is a welcome change of pace. Most of the talks are defense-oriented, they have a horizon going far beyond technology alone, and they are generally focused on successful solutions.

  • DIY biology

    A scientist with a rather unusual name, Meow-Ludo Meow-Meow, gave a talk at linux.conf.au 2018 about the current trends in "do it yourself" (DIY) biology or "biohacking". He is perhaps most famous for being prosecuted for implanting an Opal card RFID chip into his hand; the Opal card is used for public transportation fares in Sydney. He gave more details about his implant as well as describing some other biohacking projects in an engaging presentation.

    Meow-Meow is a politician with the Australian Science Party, he said by way of introduction; he has run in the last two elections. He founded BioFoundry, which is "Australia's first open-access molecular biology lab"; there are now two such labs in the country. He is also speaks frequently as "an emerging technology evangelist" for biology as well as other topics.

  • Notes from FAST18

    I attended the technical sessions of Usenix's File And Storage Technology conference this week. Below the fold, notes on the papers that caught my attention.

Security: Vista10 and uTorrent Holes Found by Google

Filed under
Security
  • Google drops new Edge zero-day as Microsoft misses 90-day deadline

    Google originally shared details of the flaw with Microsoft on 17 November 2017, but Microsoft wasn’t able to come up with a patch within Google’s non-negotiable “you have 90 days to do this” period.

  • Google Goes Public with Another Major Windows 10 Bug

    After revealing an Edge browser vulnerability that Microsoft failed to fix, Google is now back with another disclosure, this time aimed at Windows 10 Fall Creators Update (version 1709), but potentially affecting other Windows versions as well.

    James Forshaw, a security researcher that’s part of Google’s Project Zero program, says the elevation of privilege vulnerability can be exploited because of the way the operating system handles calls to Advanced Local Procedure Call (ALPC).

    This means a standard user could obtain administrator privileges on a Windows 10 computer, which in the case of an attack, could eventually lead to full control over the impacted system.

    But as Neowin noted, this is the second bug discovered in the same function, and both of them, labeled as 1427 and 1428, were reported to Microsoft on November 10, 2017. Microsoft said it fixed them with the release of the February 2018 Patch Tuesday updates, yet as it turns out, only issue 1427 was addressed.

  • uTorrent bugs let websites control your computer and steal your downloads

    The vulnerabilities, according to Project Zero, make it possible for any website a user visits to control key functions in both the uTorrent desktop app for Windows and in uTorrent Web, an alternative to desktop BitTorrent apps that uses a web interface and is controlled by a browser. The biggest threat is posed by malicious sites that could exploit the flaw to download malicious code into the Windows startup folder, where it will be automatically run the next time the computer boots up. Any site a user visits can also access downloaded files and browse download histories.

  • BitTorrent Client uTorrent Suffers Security Vulnerability (Updated)

    BitTorrent client uTorrent is suffering from an as yet undisclosed vulnerability. The security flaw was discovered by Google security researcher Tavis Ormandy, who previously said he would reveal a series of "remote code execution flaws" in torrent clients. BitTorrent Inc. has rolled out a 'patch' in the latest Beta release and hopes to fix the stable uTorrent client later this week.

Red Hat introduces updated decision management platform

Filed under
Red Hat

Troubleshoot a network? No problem. Write a 3,000 word article on Kubernetes cloud container management? When do you want it. Talk to a few hundred people about Linux's history? Been there, done that. Manage a business's delivery routing and shift scheduling? I'll break out in a cold sweat.

If you too find the nuts and bolts of business processing management a nightmare, you'll want to check out Red Hat's latest program: Red Hat Decision Manager 7.

Read more

KDE Says Its Next Plasma Desktop Release Will Start a Full Second Faster

Filed under
KDE

According to the developer, the upcoming KDE Plasma 5.13 desktop environment release will start a full second faster than previous versions because of the removal of the QmlObjectIncubationController component, which apparently slowed down the entire desktop, and promises to let users pin apps on the panel that contain spaces in their desktop file names.

Goodies are also coming to the upcoming KDE Applications 18.04 software suite this spring, which makes creating of new files with the Dolphin file manager instantaneous, improves drag-and-drop support from Spectacle to Chromium, and lets users configure the Gwenview image viewer to no longer display the image action buttons on thumbnails when they hover with the mouse cursor over them.

Read more

Intel Coffee Lake OpenGL Performance On Windows 10 vs. Linux

Filed under
Graphics/Benchmarks

For those curious about the state of Intel's open-source Mesa OpenGL driver relative to the company's closed-source Windows OpenGL driver, here are some fresh benchmark results when making use of an Intel Core i7 8700K "Coffee Lake" processor with UHD Graphics 630 and testing from Windows 10 Pro x64 against Ubuntu 16.04.3 LTS, Ubuntu with the Linux 4.16 Git kernel and Mesa 18.1-dev, and then Intel's own Clear Linux distribution.

Read more

Why open source could be IBM's key to future success in the cloud

Filed under
Server
OSS

Do those same developers need IBM? Developers certainly benefit from IBM's investments in open source, but it's not as clear that those same developers have much to gain from IBM's cloud. Google, for example, has done a stellar job open sourcing code like TensorFlow and Kubernetes that feeds naturally into running related workloads on Google Cloud Platform. Aside from touting its Java bonafides, however, IBM has yet to demonstrate that developers get significant benefits for modern workloads on its cloud.

That's IBM's big challenge: Translating its open source expertise into real, differentiated value for developers on its cloud.

Read more

Top 8 Debian-Based Distros

Filed under
Debian

Most people tend to forget that despite Ubuntu's success over the years, it's still just a distro based on another distro - Debian. Debian on its own, however, isn't really well suited for newer users...hence the explosion of distros based on Debian over the recent years. There are lot of great choices for Linux users. Which one is best for you?

Read more

Compact, rugged IoT gateway offers dual GbE with PoE

Filed under
Linux

Inforce has launched a $250 “Inforce 6320” IoT gateway that runs Linux on a quad -A53 Snapdragon 410, and offers WiFi, BT, GPS, HDMI, USB, -30 to 85°C support, and dual GbE ports with PoE.

Inforce Computing’s $250 Inforce 6320 is a compact (170 x 95 x 42mm) IoT gateway that runs Ubuntu Core (Snappy) and Debian on Qualcomm’s Snapdragon 410E. Inforce promises “periodic upstream kernel based BSP releases [that] include in-depth documentation along with a host of royalty-free software.” The Debian BSP includes LXDE, drivers for all available interfaces, as and access to the Inforce TechWeb tech support services.

Read more

Syndicate content

More in Tux Machines

Mozilla: Code of Conduct, Kelly Davis, Celebrate Firefox Internet Champions

  • ow We’re Making Code of Conduct Enforcement Real — and Scaling it
    This is the first line of our Community Participation Guidelines — and an nudge to keep empathy at center when designing response processes. Who are you designing for? Who is impacted? What are their needs, expectations, dependencies, potential bias and limitations?
  • Role Models in AI: Kelly Davis
    Meet Kelly Davis, the Manager/Technical Lead of the machine learning group at Mozilla. His work at Mozilla includes developing an open speech recognition system with projects like Common Voice and Deep Speech (which you can help contribute to). Beyond his passion for physics and machine learning, read on to learn about how he envisions the future of AI, and advice he offers to young people looking to enter the field.
  • Celebrate Firefox Internet Champions
    While the world celebrates athletic excellence, we’re taking a moment to share some of the amazing Internet champions that help build, support and share Firefox.

Canonical Ubuntu 2017 milestones, a year in the rulebook

So has Canonical been breaking rules with Ubuntu is 2017, or has it in been writing its own rulebook? Back in April we saw an AWS-tuned kernel of Ubuntu launched, the move to cloud is unstoppable, clearly. We also saw Ubuntu version 17.04 released, with Unity 7 as the default desktop environment. This release included optimisations for environments with low powered graphics hardware. Read more Also: Ubuntu will let upgraders ‘opt-in’ to data collection in 18.04

The npm Bug

  • ​Show-stopping bug appears in npm Node.js package manager
    Are you a developer who uses npm as the package manager for your JavaScript or Node.js code? If so, do not -- I repeat do not -- upgrade to npm 5.7.0. Nothing good can come of it. As one user reported, "This destroyed 3 production servers after a single deploy!" So, what happened here? According to the npm GitHub bug report, "By running sudo npm under a non-root user (root users do not have the same effect), filesystem permissions are being heavily modified. For example, if I run sudo npm --help or sudo npm update -g, both commands cause my filesystem to change ownership of directories such as /etc, /usr, /boot, and other directories needed for running the system. It appears that the ownership is recursively changed to the user currently running npm."
  • Botched npm Update Crashes Linux Systems, Forces Users to Reinstall
    A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as /etc, /usr, /boot. Changing ownership of these files either crashes the system, various local apps, or prevents the system from booting, according to reports from users who installed npm v5.7.0. —the buggy npm update.

Windows 10 WSL vs. Linux Performance For Early 2018

Back in December was our most recent round of Windows Subsystem for Linux benchmarking with Windows 10 while since then both Linux and Windows have received new stable updates, most notably for mitigating the Spectre and Meltdown CPU vulnerabilities. For your viewing pleasure today are some fresh benchmarks looking at the Windows 10 WSL performance against Linux using the latest updates as of this week while also running some comparison tests too against Docker on Windows and Oracle VM VirtualBox. Read more