Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 22 Nov 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story pfSense 2.4.2-RELEASE now available Roy Schestowitz 22/11/2017 - 8:26am
Story LXLE Eclectica 16.04.3 Released Roy Schestowitz 22/11/2017 - 8:22am
Story Kernel Releases: Linux 4.14.1, 4.13.15, 4.9.64, 4.4.100, and 3.18.83 Roy Schestowitz 22/11/2017 - 8:13am
Story MAAS 2.3.0 (final) Released! Roy Schestowitz 22/11/2017 - 8:08am
Story Fedora 27 GNOME: Quick Screenshot Tour Roy Schestowitz 22/11/2017 - 8:02am
Story today's leftovers Roy Schestowitz 21/11/2017 - 9:56pm
Story Software and Games Leftovers Roy Schestowitz 21/11/2017 - 9:54pm
Story today's howtos Roy Schestowitz 21/11/2017 - 9:52pm
Story Tizen News Roy Schestowitz 21/11/2017 - 9:49pm
Story OSS Leftovers Roy Schestowitz 21/11/2017 - 9:48pm

Programming Leftovers

Filed under
Development

Security: Linux, Free Software Principles, Microsoft and Intel

Filed under
Security
  • Some 'security people are f*cking morons' says Linus Torvalds

    Linux overlord Linus Torvalds has offered some very choice words about different approaches security, during a discussion about whitelisting features proposed for version 4.15 of the Linux kernel.

    Torvalds' ire was directed at open software aficionado and member of Google's Pixel security team Kees Cook, who he has previously accused of idiocy.

    Cook earned this round of shoutiness after he posted a request to “Please pull these hardened usercopy changes for v4.15-rc1.”

  • Free Software Principles

    Ten thousand dollars is more than $3,000, so the motives don't add up for me. Hutchins may or may not have written some code, and that code may or may not have been used to commit a crime. Tech-literate people, such as the readers of Linux Magazine, understand the difference between creating a work and using it to commit a crime, but most of the media coverage – in the UK, at least – has been desperate to follow the paradigm of building a man up only to gleefully knock him down. Even his achievement of stopping WannaCry is decried as "accidental," a word full of self-deprecating charm when used by Hutchins, but which simply sounds malicious in the hands of the Daily Mail and The Telegraph.

  • New warning over back door in Linux

    Researchers working at Russian cyber security firm Dr Web claim to have found a new vulnerability that enables remote attackers to crack Linux installations virtually unnoticed.

    According to the anti-malware company, cyber criminals are getting into the popular open-source operating system via a new backdoor.

    This, they say, is "indirect evidence" that cyber criminals are showing an increasing interest in targeting Linux and the applications it powers.

    The trojan, which it's calling Linux.BackDoor.Hook.1, targets the library libz primarily. It offers compression and extraction capabilities for a plethora of Linux-based programmes.

  • IN CHATLOGS, CELEBRATED HACKER AND ACTIVIST CONFESSES COUNTLESS SEXUAL ASSAULTS
  • Bipartisan Harvard panel recommends hacking [sic] safeguards for elections

     

    The guidelines are intended to reduce risks in low-budget local races as well as the high-stakes Congressional midterm contests next year. Though most of the suggestions cost little or nothing to implement and will strike security professionals as common sense, notorious attacks including the leak of the emails of Hillary Clinton’s campaign chair, John Podesta, have succeeded because basic security practices were not followed.  

  • Intel Chip Flaws Leave Millions of Devices Exposed

     

    On Monday, the chipmaker released a security advisory that lists new vulnerabilities in ME, as well as bugs in the remote server management tool Server Platform Services, and Intel’s hardware authentication tool Trusted Execution Engine. Intel found the vulnerabilities after conducting a security audit spurred by recent research. It has also published a Detection Tool so Windows and Linux administrators can check their systems to see if they're exposed.

Debian Buster-Based SparkyLinux 5 Development Version Adds Full Disk Encryption

Filed under
Debian

Shipping a few days after the release of SparkyLinux 4.7 "Tyche" stable operating system based on Debian GNU/Linux 9 "Stretch," the SparkyLinux 5-dev20171120 development build includes up-to-date packages based on the repositories of the upcoming Debian GNU/Linux 10 "Buster" operating system.

Apart from rebasing the operating system on the latest Debian Testing repos as of November 20, 2017, the new SparkyLinux 5 development images are the first to enable full disk encryption by default in the Calamares graphical installer, as you can see from the screenshots attached at the end of the article.

Read more

Raspberry Slideshow 10 Operating System Released for Raspberry Pi Computers

Filed under
Linux

Raspberry Slideshow is another Linux-based operating system that runs on Raspberry Pi single-board computers, this time designed to provide image and video slideshows, as its name implies. The OS is capable of playing different media formats from a Windows (Samba), FTP, or web server share, or from a USB flash drive.

The latest version, Raspberry Slideshow 10.0, is using packages from Raspberry Pi Foundation's Raspbian Stretch release, which is based on the Debian GNU/Linux 9 "Stretch" operating system series. It also adds support for all the Raspberry Pi models available on the market, as well as a number of improvements for better performance.

Read more

REVIEW: The OnePlus 5T is not only a bargain, it's the best Android phone you can buy at any price

Filed under
Android
Reviews

The new OnePlus 5T is an excellent smartphone, but thing about it stands out from the rest — its $500 price.

That amount is actually near the top of what OnePlus has charged for its past smartphones. But the price is hundreds of dollars cheaper than that of many other top-of-the-line devices. Indeed, many of the latest flagship smartphones, including Apple's iPhone X and Samsung's Galaxy Note 8, cost more than $900.

Read more

Linux Kernel 4.14 Now Ready for Mass Deployments as First Point Release Debuts

Filed under
Linux

Renowned Linux kernel developer Greg Kroah-Hartman announced today the Linux 4.14.1 kernel, the first point release of the Linux 4.14 kernel series, which is the first to be supported for the next six years. The Linux 4.14.1 kernel is marked as "stable" on the kernel.org website, giving the green light to OS developers to add it to their repositories.

Arch Linux developers have already pushed the Linux 4.14.1 kernel to the "Testing" repositories, for early adopters, so we may soon see a rebase of the operating system on Linux kernel 4.14, which brings major new features like support for AMD Secure Memory Encryption, Heterogeneous Memory Management to support upcoming GPUs, and bigger memory limits in x86 hardware.

Read more

LibreOffice 6.0 Beta to Arrive by Week's End for Second Bug Hunting Session

Filed under
LibO

Announced today by Mike Saunders, the event will be held for the first time on a Monday, on November 27, 2017, from 8 a.m. UTC to 10 p.m. UTC. During the event, which will take place online, LibreOffice developers will try to triage and fix as many bugs as possible for the first LibreOffice 6.0 Beta.

A few days before the event, The Document Foundation will release the LibreOffice 6.0 Beta 1 builds for GNU/Linux distributions using either the DEB or RPM binary formats, as well as for macOS and Microsoft Windows operating systems. These beta builds can run in parallel with the production version, LibreOffice 5.4.

Read more

The Impact Of HDD/SSD Performance On Linux Gaming

Filed under
Graphics/Benchmarks
Gaming

Last week we presented our initial benchmarks of the Intel Optane SSD 900P on Linux and it offers mighty performance potential for those using I/O heavy workloads thanks to the use of 3D XPoint memory. But is a solid-state drive like this really worth the price if you are just a Linux gamer? Here are some tests comparing load times and boot times between a HDD, SATA 3.0 SSD, NVMe SSD, and this 3D XPoint NVMe U.2 SSD.

Read more

Is your company an open source parasite?

Filed under
OSS

Getting involved in the open source projects that matter to a company, in other words, gives them more ability to influence their future today, even as dependence on a vendor results in putting one's future in the hands of that vendor to resolve on their timetable. It's simply not smart business, not if an open source alternative exists and your company already depends upon it.

In sum, the GitHub contributor counts should be much higher, and not merely for those in the business of selling software (or tech, generally). Any company defined by software—and that's your company, too—needs to get more involved in both using and contributing open source software.

Read more

LibreELEC Embedded Linux OS Now Compatible with Windows 10 Fall Creators Update

Filed under
Linux

The LibreELEC 8.2.1 update is based on the latest Kodi 17.6 "Krypton" open-source and cross-platform media center software and it mostly patches some Samba (SMB) "file exists" share errors on Windows 10 Fall Creators Update by updating the protocol to Samba 4.6.10, implementing SMB client options for minimum SMB protocol and an SMB legacy security option with NTLMv1, and disabling SPNEGO.

"LibreELEC 8.2.x includes changes that allow the Kodi SMB client and our embedded Samba server to support SMB2/3 connections; deprecating SMB1 to improve security and performance. This is necessary to cope with changes Microsoft introduced in the Windows 10 ‘Fall Creators Update’ to resolve SMB1 security issues," explained the developers.

Read more

Canonical Releases Major Kernel Update for Ubuntu 16.04 to Fix 13 Security Flaws

Filed under
Ubuntu

The update is a major one patching a total of 13 security flaws, including race conditions in Linux kernel's ALSA subsystem, the packet fanout implementation, and the key management subsystem, as well as use-after-free vulnerabilities in both the USB serial console driver and the ALSA subsystem.

Various other issues were also patched for Linux kernel's key management subsystem, the Ultra Wide Band driver, the ALSA subsystem, the USB unattached storage driver, and the USB subsystem, which received the most attention in this update as several security flaws were recently disclosed.

Read more

Graphics: NVIDIA and AMD

Filed under
Graphics/Benchmarks

Ubuntu Boot Times From Linux 4.6 To 4.15 Kernels

Filed under
Graphics/Benchmarks
Linux
Ubuntu

It's been a while since last doing any Linux boot speed comparisons while this morning I have some numbers to share when looking at the boot performance from the Linux 4.6 kernel through Linux 4.15 Git to see how it's changed over time,

These tests were being done using a Lenovo ThinkPad X1 Carbon notebook using a mature Intel Broadwell CPU. Linux 4.6 through 4.15 Git was chosen since that's as far back as the mainline kernel would work with this Ubuntu 17.10 user-space. Linux 4.5 and older would fail to boot.

Read more

Games: Humble Store, LWJGL, Beamdog, GOG and Retro

Filed under
Gaming

Security: MuddyWater, DJI, Updates, Reproducible Builds and Excel

Filed under
Security

7 tools for analyzing performance in Linux with bcc/BPF

Filed under
Linux

A new technology has arrived in Linux that can provide sysadmins and developers with a large number of new tools and dashboards for performance analysis and troubleshooting. It's called the enhanced Berkeley Packet Filter (eBPF, or just BPF), although these enhancements weren't developed in Berkeley, they operate on much more than just packets, and they do much more than just filtering. I'll discuss one way to use BPF on the Fedora and Red Hat family of Linux distributions, demonstrating on Fedora 26.

BPF can run user-defined sandboxed programs in the kernel to add new custom capabilities instantly. It's like adding superpowers to Linux, on demand. Examples of what you can use it for include:

Read more

Syndicate content

More in Tux Machines

Programming and howtos: Python, Swift and Recipes

Security: Updates, Intel, Torvalds

  • Security updates for Tuesday
  • Intel: We've found severe bugs in secretive Management Engine, affecting millions
    Thanks to an investigation by third-party researchers into Intel's hidden firmware in certain chips, Intel decided to audit its firmware and on Monday confirmed it had found 11 severe bugs that affect millions of computers and servers. The flaws affect Management Engine (ME), Trusted Execution Engine (TXE), and Server Platform Services (SPS).
  • Open Source Security Podcast: Episode 71 - GitHub's Security Scanner
    Josh and Kurt talk about GitHub's security scanner and Linus' security email. We clarify the esoteric difference between security bugs and non security bugs.
  • Linus Torvalds 'sorry' for swearing, blames popularity of Linux itself
    Linux overlord Linus Torvalds has apologised – a bit – for calling some security-centric kernel contributors “f*cking morons”. Torvalds unleashed a profanity-laden rant at Google developer Kees Cook, over the latter's proposal to harden the kernel. Another Google security chap, Matthew Garret, asked Torvalds “ Can you clarify a little with regard to how you'd have liked this patchset to look?” To which Torvalds responded that “I think the actual status of the patches is fairly good with the default warning.”

Benchmarks: Linux Power Use, Sabrent EC-SS31, Phoronix Test Suite 7.6 M3

LinuxAndUbuntu Review Of Ubuntu MATE 17.10

Ubuntu Mate 17.10 is a pretty stable and rock solid distribution which has got most things right. There is nothing unlikable about the distro. However, I feel it could have been a lot better if they had allowed 4 windows to be snapped on each corners and done something about the opaque top panel. The software included are very much standard and even though some of their names have been changed we all know what’s under the hood. Overall Experience has been good. Having already tested Ubuntu with Gnome 3, I can say that Ubuntu Mate 17.10 feels a lot faster and quicker in terms of GUI response. Read more