Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 19 Oct 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Security: WPA2, RSA/TPM, and Microsoft Breach

  • Google and Apple yet to fix Wi-Fi hole in a billion devices

    The WPA2 security protocol has been a mandatory requirement for all devices using the Wi-Fi protocol since 2006, which translates into billions of laptops, mobiles and routers. The weakness identified by Mathy Vanhoef, a digital security researcher at the Catholic University of Leuven (KUL) in Belgium, lies in the way devices running WPA2 encrypt information.

  • The Flawed System Behind the Krack Wi-Fi Meltdown

    No software is perfect. Bugs are inevitable now and then. But experts say that software standards that impact millions of devices are too often developed behind closed doors, making it difficult for the broader security community to assess potential flaws and vulnerabilities early on. They can lack full documentation even months or years after their release.

  • Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible

    Security experts say the bug has been present since 2012 and found specifically in the Infineon’s Trusted Platform Module used on a large number of business-class HP, Lenovo and Fijitsu computers, Google Chromebooks as well as routers and IoT devices.

  • ROCA: RSA encryption key flaw puts 'millions' of devices at risk

    This results in cyber criminals computing the private part of an RSA key and affects chips manufactured from 2012 onwards, which are now commonplace in the industry.

  • Infineon RSA Key Generation Issue

    Yubico estimates that approximately 2% of YubiKey customers utilize the functionality affected by this issue. We have addressed this issue in all shipments of YubiKey 4, YubiKey 4 Nano, and YubiKey 4C, since June 6, 2017.

  • Microsoft remains tight-lipped about 2013 internal database hack [sic]

    A secretive internal database used by Microsoft to track bugs in its software was compromised by hackers [sic] in 2013.

  • Exclusive: Microsoft responded quietly after detecting secret database hack in 2013

    Microsoft Corp’s secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking [sic] group more than four years ago, according to five former employees, in only the second known breach of such a corporate database.

Red Hat reduces IoT tradeoffs and Asia Coverage

  • Industry Spotlight: Red Hat reduces IoT tradeoffs
    Organizations rolling out the IoT usually aren’t prepared for the additional complexity. With the IoT, data volumes grow exponentially, infrastructure management gets more complicated and the security vulnerabilities increase disproportionately. Nevertheless, IT departments are expected to handle all these changes competently without proportional increases in budget or other resources.
  • Analyse Asia 211: Red Hat in Asia & Open Innovation Institute with Dirk-Peter van Leeuwen
    Dirk-Peter van Leeuwen, senior vice president & general manager at Redhat, Asia Pacific, joined us to discuss the company’s footprint across Asia and the recent launch of their new Open Innovation Institute in Singapore. We discuss how Asian companies are in different phases of digital transformation from culture to innovation and adjusting against digital disruption.

Samsung and Tizen: Bixby 2.0, Tizen 3.0, GNU/Linux on DeX

Ubuntu 17.10: What’s New? [Video]

It’s Artful Aardvark arrival day today (no, really!) and to mark the occasion we’ve made our first video in 3 years! Prime your eyeballs and pop in some earbuds as we (try to) bring you up to speed on what’s new in Ubuntu 17.10. At a smidgen over 3 minutes long we think our video is perfect for watching on your commute; when you’re bleary eyed in bed; or when you get the tl;dr feels thinking about our fuller, longer, and far wordier Ubuntu 17.10 review (due out shortly). Read more

Microsoft never disclosed 2013 hack of secret vulnerability database

Filed under
Microsoft
Security

Hackers broke into Microsoft's secret, internal bug-tracking database and stole information related to vulnerabilities that were exploited in later attacks. But the software developer never disclosed the breach, Reuters reported, citing former company employees.

In an article published Tuesday, Reuters said Microsoft's decision not to disclose details came after an internal review concluded the exploits used in later attacks could have been discovered elsewhere. That investigation relied, in part, on automated reports Microsoft receives when its software crashes. The problem with that approach, Reuters pointed out, is that advanced computer attacks are written so carefully they rarely cause crashes.

Reuters said Microsoft discovered the database breach in early 2013, after a still-unknown hacking group broke into computers belonging to a raft of companies. Besides Microsoft, the affected companies included Apple, Facebook, and Twitter. As reported at the time, the hackers infected a website frequented by software developers with attack code that exploited a zero-day vulnerability in Oracle's Java software framework. When employees of the targeted companies visited the site, they became infected, too.

Read more

Games Leftovers

Filed under
Gaming

Plasma 5.11 – Keep the momentum going

Filed under
KDE
Reviews

Just a few short days ago, the KDE team released Plasma 5.11, the latest edition of this desktop environment, plied with a range of bug fixes as well as some new features. Reason enough to celebrate, but even more so when you consider the fact that Plasma has been slowly, steadily – and consistently – improving over the past few years.

For me, the culmination of this effort is my great satisfaction with Plasma – epitomized in the shape and form of Kubuntu 17.04 Zesty Zoltan, including the most excellent twining of the distro with my HP Pavilion laptop. And on this very machine, I will be testing the KDE neon live edition, furnished with the latest desktop version. So let’s see what it does.

Read more

Also: GCompris at KDE-edu sprint 2017

Canonical CEO Mark Shuttleworth: IoT, Ubuntu and the yogurt of the future

Filed under
Ubuntu

Canonical founder and CEO Mark Shuttleworth is one of the most prominent people in open source software.

Ubuntu, the GNU/Linux-based operating system that he helped birth in 2004 is now one of the best-known open source projects in the world, accounting for a vast proportion of the Linux VMs in the public cloud and huge numbers of connected devices.

Read more

Ubuntu 17.10 Launches Tomorrow with GNOME 3.26, but You Can Still Use Unity

Filed under
GNOME
Ubuntu

Ubuntu contributor Didier Roche shared today the last blog article for the development cycle of the Ubuntu 17.10 (Artful Aardvark) operating system, which is expected to launch tomorrow, October 19.

Read more

Also: Ubuntu 17.10 is back on track with GNOME: Here's why that's a good thing

KDE Applications 17.12 GNU/Linux Software Stack Set to Arrive on December 14

Filed under
KDE

Now that the KDE Applications 17.08 software suite got its second point release, it's time for the KDE developers to concentrate their efforts on the next major update, KDE Applications 17.12.

Read more

Ubuntu GNOME Shell in Artful: Day 16

Filed under
GNOME
Ubuntu

All good things must come to an end, however, in that particular case, it’s rather a beginning! We are indeed almost done in our road to Artful, which means that 17.10 is just around the corner: official Ubuntu 17.10 release is due tomorrow. Of course, it doesn’t mean we stop right away working on it: you will have bug fixes and security updates for 9 months of support! It’s thus time to close this series on Artful, and for this, we are going to tackle one topic we didn’t get to yet, which is quite important approaching the release: upgrading from a previous Ubuntu release! For more background on our current transition to GNOME Shell in artful, you can refer back to our decisions regarding our default session experience as discussed in my blog post.

Read more

Trying Out System76's Pop!_OS Ubuntu-Based Operating System

Filed under
Ubuntu

Besides Ubuntu 17.10 "Artful Aardvark" launching tomorrow, System76 is also expected to issue their first official release of the Ubuntu-derived Pop!_OS operating system they plan to begin shipping on their laptops/desktops. Curious about their modifications to Ubuntu 17.10, I decided to give the latest snapshot of it a ride.

For those that missed the earlier news this summer, back in June is when System76 announced Pop!_OS as the Linux distribution to be shipped on their future PCs/laptops. System76 had been shipping stock Ubuntu installations on their systems since its founding in 2005, but with Ubuntu shifting from Unity back to GNOME Shell and other changes, System76 found it time to give their own take on a Linux desktop OS.

Read more

Rugged, Linux-driven HMI touch panel has built-in 4G

Filed under
Linux

MYIR has launched a $239, HMI touch panel with a 7-inch resistive screen that runs Linux on a TI AM335x, and offers -10 to 70°C support and a 4G LTE module.

MYIR’s Linux-based “MY-EVC5100S-HMI” touch-panel computer is designed for HMI systems in industrial control, manufacturing, vending, food and beverage, automation, and utilities applications. MYIR has already used the platform to develop a billing display application for electric vehicle charging pile stations.

Read more

Parrot Security OS 3.9 Ethical Hacking & Penetration Testing Distro Now in Beta

Filed under
Security

The Parrot Project began work on a new version of their Linux-based ethical hacking and penetration testing operating system, Parrot Security OS 3.9, and they recently put out a call for testing.

Read more

GNOME 3.28 to Bring Support for Hybrid GPU Systems to Its Mutter Window Manager

Filed under
GNOME

The development cycle of the GNOME 3.28 desktop environment kicked off with a bunch of updates for various of the core components and apps, including Mutter and GNOME Shell.

Read more

Also: GNOME 3.28 Desktop Will Add Google Safe Browsing Support to Epiphany Web Browser

Blockchain and the Web Are Coming Together, Says Berners-Lee

Filed under
Web

Sir Tim Berners-Lee is a famous computer scientist and academic who invented the World Wide Web in 1989—so when he talks about new technologies it’s worth paying attention.

Today, one of the topics on his mind is blockchain, a revolutionary way of creating permanent, tamper-proof records across a disparate network of computers.

Blockchain is most famously associated with the digital currency bitcoin but the technology is increasingly being used for record keeping by banks and retailers. It will also come to be used by more ordinary citizens in the near future, says Berners-Lee.

Read more

Control Or Consensus?

Filed under
OSS
Legal

In a recent conversation on the Apache Legal mailing list, a participant opined that “any license can be Open Source. OSI doesn’t ‘own’ the term.” He went on to explain “I could clone the Apache License and call it ‘Greg’s License’ and it would be an open source license.”

As long as the only people involved in the conversation are the speaker and people who defer to his authority, this might be OK. But as soon as there are others involved, it’s not. For the vast majority of people, the term “open source license” is not a personal conclusion resulting from considered evaluation, but rather a term of art applied to the consensus of the community. Individuals are obviously free to use words however they wish, just like Humpty Dumpty. But the power of the open source movement over two decades has arisen from a different approach.

The world before open source left every developer to make their own decision about whether software was under a license that delivers the liberty to use, improve and share code without seeking the permission of a rights holder. Inevitably that meant either uncertainty or seeking advice from a lawyer about the presence of software freedom. The introduction of the open source concept around the turn of the millennium solved that using the crystalisation of consensus to empower developers.

By holding a public discussion of each license around the Open Source Definition, a consensus emerged that could then by crystalised by the OSI Board. Once crystalised into “OSI Approval”, the community then has no need to revisit the discussion and the individual developer has no need to guess (or to buy advice) on the compatibility of a given license with software freedom. That in turn means proceeding with innovation or deployment without delay.

Read more

How To Install Sublime Text 3 Stable In Linux

Filed under
Linux

All the developers out there love Sublime Text. It has been emerging as a great text editor for learners and advanced. It is available on Linux, Mac OS and Windows. Sublime text offers features like macros, recognition of a wide variety of languages, split view etc. The editor can also be customized using different themes. Some of these themes are already popular through Notepad++.

Read<br />
more

How to create an e-book chapter template in LibreOffice Writer

Filed under
LibO
HowTos

For many people, using a word processor is the fastest, easiest, and most familiar way to write and publish an e-book. But firing up your word processor and typing away isn't enough—you need to follow a format.

That's where a template comes in. A template ensures that your book has a consistent look and feel. Luckily, creating a template is quick and easy, and the time and effort you spend on it will give you a better-looking book.

In this article, I'll walk you through how to create a simple template for writing individual chapters of an e-book using LibreOffice Writer. You can use this template for both PDF and EPUB books and modify it to suit your needs.

Read more

So the 'Year of Linux' never happened. When is it Chrome OS's turn?

Filed under
Software

The year of Linux desktop was a running joke. The concept of Linux being ready for the mainstream with users confidently running it on their desktops, sadly, never happened.

Some bravely pushed the idea: the latest being Canonical with a more macOS-like desktop, easier to configure and use than the standard Linux distro. It came with an app-store concept too.

Read more

Servers: Docker, Red Hat and InfluxData

Filed under
Red Hat
Server

Laptops: Chrome OS and System76

Filed under
GNU
Linux
Google
  • Chrome OS Gets Material Design for "Do Not Disturb," Android-Like Screenshots

    Chromium evangelist François Beaufort is sharing today information on a new Material Design refresh for Google's Chrome OS' "Do Not Disturb" mode, which landed in the latest Chrome Canary channel.

    According to the developer, the Material Design refresh for the "Do Not Disturb" mode will make the Notification Center look nicer, but also consistent with the Android user experience. Those using the Chrome Canary experimental channel can give it a try right now.

  • System76 'Lemur' and 'Galago Pro' Ubuntu Linux laptops get 8th gen Intel Core CPUs

    The famed Linux-laptop seller also says, "The Lemur you know and love is now even better with the Intel 8th Gen Coffee Lake CPU with 4 cores and 8 threads, allowing you to multitask up to 40-percent faster. The slim, 3.6 lb laptop with impressive 14.1-inch 1080p IPS display is still your perfect travel companion; easy to carry from meeting to meeting or across campus."

    New processors aside, these laptops should be pretty much identical to prior generations -- which is a very good thing. If you want to configure a Lemur with a Coffee Lake chip, you can build your own here. A Galago Pro with an 8th Gen Intel Core processor can be configured here.

Syndicate content

More in Tux Machines

Security: WPA2, RSA/TPM, and Microsoft Breach

  • Google and Apple yet to fix Wi-Fi hole in a billion devices

    The WPA2 security protocol has been a mandatory requirement for all devices using the Wi-Fi protocol since 2006, which translates into billions of laptops, mobiles and routers. The weakness identified by Mathy Vanhoef, a digital security researcher at the Catholic University of Leuven (KUL) in Belgium, lies in the way devices running WPA2 encrypt information.

  • The Flawed System Behind the Krack Wi-Fi Meltdown

    No software is perfect. Bugs are inevitable now and then. But experts say that software standards that impact millions of devices are too often developed behind closed doors, making it difficult for the broader security community to assess potential flaws and vulnerabilities early on. They can lack full documentation even months or years after their release.

  • Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible

    Security experts say the bug has been present since 2012 and found specifically in the Infineon’s Trusted Platform Module used on a large number of business-class HP, Lenovo and Fijitsu computers, Google Chromebooks as well as routers and IoT devices.

  • ROCA: RSA encryption key flaw puts 'millions' of devices at risk

    This results in cyber criminals computing the private part of an RSA key and affects chips manufactured from 2012 onwards, which are now commonplace in the industry.

  • Infineon RSA Key Generation Issue

    Yubico estimates that approximately 2% of YubiKey customers utilize the functionality affected by this issue. We have addressed this issue in all shipments of YubiKey 4, YubiKey 4 Nano, and YubiKey 4C, since June 6, 2017.

  • Microsoft remains tight-lipped about 2013 internal database hack [sic]

    A secretive internal database used by Microsoft to track bugs in its software was compromised by hackers [sic] in 2013.

  • Exclusive: Microsoft responded quietly after detecting secret database hack in 2013

    Microsoft Corp’s secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking [sic] group more than four years ago, according to five former employees, in only the second known breach of such a corporate database.

Red Hat reduces IoT tradeoffs and Asia Coverage

  • Industry Spotlight: Red Hat reduces IoT tradeoffs
    Organizations rolling out the IoT usually aren’t prepared for the additional complexity. With the IoT, data volumes grow exponentially, infrastructure management gets more complicated and the security vulnerabilities increase disproportionately. Nevertheless, IT departments are expected to handle all these changes competently without proportional increases in budget or other resources.
  • Analyse Asia 211: Red Hat in Asia & Open Innovation Institute with Dirk-Peter van Leeuwen
    Dirk-Peter van Leeuwen, senior vice president & general manager at Redhat, Asia Pacific, joined us to discuss the company’s footprint across Asia and the recent launch of their new Open Innovation Institute in Singapore. We discuss how Asian companies are in different phases of digital transformation from culture to innovation and adjusting against digital disruption.

Samsung and Tizen: Bixby 2.0, Tizen 3.0, GNU/Linux on DeX

Ubuntu 17.10: What’s New? [Video]

It’s Artful Aardvark arrival day today (no, really!) and to mark the occasion we’ve made our first video in 3 years! Prime your eyeballs and pop in some earbuds as we (try to) bring you up to speed on what’s new in Ubuntu 17.10. At a smidgen over 3 minutes long we think our video is perfect for watching on your commute; when you’re bleary eyed in bed; or when you get the tl;dr feels thinking about our fuller, longer, and far wordier Ubuntu 17.10 review (due out shortly). Read more