Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 23 Feb 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Graphics: Mesa and More

Filed under
Graphics/Benchmarks

Red Hat Leftovers

Filed under
Red Hat

Kernel: CH341 and LWN Articles (Just Freed)

Filed under
Linux
  • Linux Adds CH341 GPIO

    There was a time when USB to serial hardware meant one company: FTDI. But today there are quite a few to choose from and one of the most common ones is the WCH CH341. There’s been support for these chips in Linux for a while, but only for use as a communication port. The device actually has RS232, I2C, SPI, and 8 general purpose I/O (GPIO) pins. [ZooBaB] took an out-of-tree driver that exposes the GPIO, and got it working with some frightening-looking CH341 boards.

  • Shrinking the kernel with an axe

    This is the third article of a series discussing various methods of reducing the size of the Linux kernel to make it suitable for small environments. The first article provided a short rationale for this topic, and covered link-time garbage collection. The second article covered link-time optimization (LTO) and compared its results to link-time garbage collection. In this article we'll explore ways to make LTO more effective at optimizing kernel code away, as well as more assertive strategies to achieve our goal.

  • The rest of the 4.16 merge window

    At the close of the 4.16 merge window, 11,746 non-merge changesets had been merged; that is 5,000 since last week's summary. This merge window is thus a busy one, though not out of line with its predecessors — 4.14 had 11,500 changesets during its merge window, while 4.15 had 12,599. Quite a bit of that work is of the boring internal variety; over 600 of those changesets were device-tree updates, for example. But there was still a fair amount of interesting work merged in the second half of the 4.16 merge window; read on for the highlights.

Wine-Staging and Games

Filed under
Gaming

Canonical Outs New Ubuntu Kernel Update with Compiler-Based Retpoline Mitigation

Filed under
Ubuntu

New Linux kernel security updates have been released for Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 ESM (Extended Security Maintenance), adding the compiler-based retpoline kernel mitigation for the Spectre Variant 2 vulnerability on amd64 and i386 architectures.

Canonical fixed the Spectre Variant 2 security vulnerability last month on January 22, but only for 64-bit Ubuntu installations. This update apparently mitigates the issue for 32-bit installations too. Spectre is a nasty hardware bug in microprocessors that use branch prediction and speculative execution and it could allow unauthorized memory reads via side-channel attacks.

Read more

Tutanota: Encrypted Open Source Email Service for Privacy Minded People

Filed under
Reviews

If you are a privacy concerned netizen, try Tutanota. It is an open source email service for encrypted email communication. Here are the pros and cons of using Tutanota.
Read more

NuTyX 10.1-rc1 Available

Filed under
GNU
Linux

I'm very please to propose you the first release candidate version of the next version 10.1 stable version of NuTyX

As they have been so many security issues, I took the chance to recompile all the collections (1701 packages) for this coming next stable NuTyX version.

Read more

Events: FOSDEM Samba Talks, USENIX Enigma, LCA (linux.conf.au) and FAST18

Filed under
OSS
  • Authentication and authorization in Samba 4

    Volker Lendecke is one of the first contributors to Samba, having submitted his first patches in 1994. In addition to developing other important file-sharing tools, he's heavily involved in development of the winbind service, which is implemented in winbindd. Although the core Active Directory (AD) domain controller (DC) code was written by his colleague Stefan Metzmacher, winbind is a crucial component of Samba's AD functionality. In his information-packed talk at FOSDEM 2018, Lendecke said he aimed to give a high-level overview of what AD and Samba authentication is, and in particular the communication pathways and trust relationships between the parts of Samba that authenticate a Samba user in an AD environment.

  • Two FOSDEM talks on Samba 4

    Much as some of us would love never to have to deal with Windows, it exists. It wants to authenticate its users and share resources like files and printers over the network. Although many enterprises use Microsoft tools to do this, there is a free alternative, in the form of Samba. While Samba 3 has been happily providing authentication along with file and print sharing to Windows clients for many years, the Microsoft world has been slowly moving toward Active Directory (AD). Meanwhile, Samba 4, which adds a free reimplementation of AD on Linux, has been increasingly ready for deployment. Three short talks at FOSDEM 2018 provided three different views of Samba 4, also known as Samba-AD, and left behind a pretty clear picture that Samba 4 is truly ready for use. I will cover the first two talks in this article, and the third in a later one.

  • A report from the Enigma conference

    The 2018 USENIX Enigma conference was held for the third time in January. Among many interesting talks, three presentations dealing with human security behaviors stood out. This article covers the key messages of these talks, namely the finding that humans are social in their security behaviors: their decision to adopt a good security practice is hardly ever an isolated decision.

    Security conferences tend to be dominated by security researchers demonstrating their latest exploits. The talks are attack-oriented, they keep a narrow focus, and usually they close with a dark outlook. The security industry has been doing security conferences like this for twenty years and seems to prefer this format. Yet, if you are tired of this style, the annual USENIX Enigma conference is a welcome change of pace. Most of the talks are defense-oriented, they have a horizon going far beyond technology alone, and they are generally focused on successful solutions.

  • DIY biology

    A scientist with a rather unusual name, Meow-Ludo Meow-Meow, gave a talk at linux.conf.au 2018 about the current trends in "do it yourself" (DIY) biology or "biohacking". He is perhaps most famous for being prosecuted for implanting an Opal card RFID chip into his hand; the Opal card is used for public transportation fares in Sydney. He gave more details about his implant as well as describing some other biohacking projects in an engaging presentation.

    Meow-Meow is a politician with the Australian Science Party, he said by way of introduction; he has run in the last two elections. He founded BioFoundry, which is "Australia's first open-access molecular biology lab"; there are now two such labs in the country. He is also speaks frequently as "an emerging technology evangelist" for biology as well as other topics.

  • Notes from FAST18

    I attended the technical sessions of Usenix's File And Storage Technology conference this week. Below the fold, notes on the papers that caught my attention.

Security: Vista10 and uTorrent Holes Found by Google

Filed under
Security
  • Google drops new Edge zero-day as Microsoft misses 90-day deadline

    Google originally shared details of the flaw with Microsoft on 17 November 2017, but Microsoft wasn’t able to come up with a patch within Google’s non-negotiable “you have 90 days to do this” period.

  • Google Goes Public with Another Major Windows 10 Bug

    After revealing an Edge browser vulnerability that Microsoft failed to fix, Google is now back with another disclosure, this time aimed at Windows 10 Fall Creators Update (version 1709), but potentially affecting other Windows versions as well.

    James Forshaw, a security researcher that’s part of Google’s Project Zero program, says the elevation of privilege vulnerability can be exploited because of the way the operating system handles calls to Advanced Local Procedure Call (ALPC).

    This means a standard user could obtain administrator privileges on a Windows 10 computer, which in the case of an attack, could eventually lead to full control over the impacted system.

    But as Neowin noted, this is the second bug discovered in the same function, and both of them, labeled as 1427 and 1428, were reported to Microsoft on November 10, 2017. Microsoft said it fixed them with the release of the February 2018 Patch Tuesday updates, yet as it turns out, only issue 1427 was addressed.

  • uTorrent bugs let websites control your computer and steal your downloads

    The vulnerabilities, according to Project Zero, make it possible for any website a user visits to control key functions in both the uTorrent desktop app for Windows and in uTorrent Web, an alternative to desktop BitTorrent apps that uses a web interface and is controlled by a browser. The biggest threat is posed by malicious sites that could exploit the flaw to download malicious code into the Windows startup folder, where it will be automatically run the next time the computer boots up. Any site a user visits can also access downloaded files and browse download histories.

  • BitTorrent Client uTorrent Suffers Security Vulnerability (Updated)

    BitTorrent client uTorrent is suffering from an as yet undisclosed vulnerability. The security flaw was discovered by Google security researcher Tavis Ormandy, who previously said he would reveal a series of "remote code execution flaws" in torrent clients. BitTorrent Inc. has rolled out a 'patch' in the latest Beta release and hopes to fix the stable uTorrent client later this week.

Red Hat introduces updated decision management platform

Filed under
Red Hat

Troubleshoot a network? No problem. Write a 3,000 word article on Kubernetes cloud container management? When do you want it. Talk to a few hundred people about Linux's history? Been there, done that. Manage a business's delivery routing and shift scheduling? I'll break out in a cold sweat.

If you too find the nuts and bolts of business processing management a nightmare, you'll want to check out Red Hat's latest program: Red Hat Decision Manager 7.

Read more

KDE Says Its Next Plasma Desktop Release Will Start a Full Second Faster

Filed under
KDE

According to the developer, the upcoming KDE Plasma 5.13 desktop environment release will start a full second faster than previous versions because of the removal of the QmlObjectIncubationController component, which apparently slowed down the entire desktop, and promises to let users pin apps on the panel that contain spaces in their desktop file names.

Goodies are also coming to the upcoming KDE Applications 18.04 software suite this spring, which makes creating of new files with the Dolphin file manager instantaneous, improves drag-and-drop support from Spectacle to Chromium, and lets users configure the Gwenview image viewer to no longer display the image action buttons on thumbnails when they hover with the mouse cursor over them.

Read more

Intel Coffee Lake OpenGL Performance On Windows 10 vs. Linux

Filed under
Graphics/Benchmarks

For those curious about the state of Intel's open-source Mesa OpenGL driver relative to the company's closed-source Windows OpenGL driver, here are some fresh benchmark results when making use of an Intel Core i7 8700K "Coffee Lake" processor with UHD Graphics 630 and testing from Windows 10 Pro x64 against Ubuntu 16.04.3 LTS, Ubuntu with the Linux 4.16 Git kernel and Mesa 18.1-dev, and then Intel's own Clear Linux distribution.

Read more

Why open source could be IBM's key to future success in the cloud

Filed under
Server
OSS

Do those same developers need IBM? Developers certainly benefit from IBM's investments in open source, but it's not as clear that those same developers have much to gain from IBM's cloud. Google, for example, has done a stellar job open sourcing code like TensorFlow and Kubernetes that feeds naturally into running related workloads on Google Cloud Platform. Aside from touting its Java bonafides, however, IBM has yet to demonstrate that developers get significant benefits for modern workloads on its cloud.

That's IBM's big challenge: Translating its open source expertise into real, differentiated value for developers on its cloud.

Read more

Top 8 Debian-Based Distros

Filed under
Debian

Most people tend to forget that despite Ubuntu's success over the years, it's still just a distro based on another distro - Debian. Debian on its own, however, isn't really well suited for newer users...hence the explosion of distros based on Debian over the recent years. There are lot of great choices for Linux users. Which one is best for you?

Read more

Compact, rugged IoT gateway offers dual GbE with PoE

Filed under
Linux

Inforce has launched a $250 “Inforce 6320” IoT gateway that runs Linux on a quad -A53 Snapdragon 410, and offers WiFi, BT, GPS, HDMI, USB, -30 to 85°C support, and dual GbE ports with PoE.

Inforce Computing’s $250 Inforce 6320 is a compact (170 x 95 x 42mm) IoT gateway that runs Ubuntu Core (Snappy) and Debian on Qualcomm’s Snapdragon 410E. Inforce promises “periodic upstream kernel based BSP releases [that] include in-depth documentation along with a host of royalty-free software.” The Debian BSP includes LXDE, drivers for all available interfaces, as and access to the Inforce TechWeb tech support services.

Read more

today's leftovers

Filed under
Misc

Debian and Ubuntu Leftovers

Filed under
Debian
Ubuntu
  • Listing and loading of Debian repositories: now live on Software Heritage

    Software Heritage is the project for which I’ve been working during the past two and a half years now. The grand vision of the project is to build the universal software archive, which will collect, preserve and share the Software Commons.

    Today, we’ve announced that Software Heritage is archiving the contents of Debian daily. I’m reposting this article on my blog as it will probably be of interest to readers of Planet Debian.

    TL;DR: Software Heritage now archives all source packages of Debian as well as its security archive daily. Everything is ready for archival of other Debian derivatives as well. Keep on reading to get details of the work that made this possible.

  • Canonical announces Ubuntu Core across Rigado’s IoT gateways
  • Collecting user data while protecting user privacy

    Lots of companies want to collect data about their users. This is a good thing, generally; being data-driven is important, and it’s jolly hard to know where best to focus your efforts if you don’t know what your people are like. However, this sort of data collection also gives people a sense of disquiet; what are you going to do with that data about me? How do I get you to stop using it? What conclusions are you drawing from it? I’ve spoken about this sense of disquiet in the past, and you can watch (or read) that talk for a lot more detail about how and why people don’t like it.

    So, what can we do about it? As I said, being data-driven is a good thing, and you can’t be data-driven if you haven’t got any data to be driven by. How do we enable people to collect data about you without compromising your privacy?

    Well, there are some ways. Before I dive into them, though, a couple of brief asides: there are some people who believe that you shouldn’t be allowed to collect any data on your users whatsoever; that the mere act of wanting to do so is in itself a compromise of privacy. This is not addressed to those people. What I want is a way that both sides can get what they want: companies and projects can be data-driven, and users don’t get their privacy compromised. If what you want is that companies are banned from collecting anything… this is not for you. Most people are basically OK with the idea of data collection, they just don’t want to be victimised by it, now or in the future, and it’s that property that we want to protect.

    Similarly, if you’re a company who wants to know everything about each individual one of your users so you can sell that data for money, or exploit it on a user-by-user basis, this isn’t for you either. Stop doing that.

OSS Leftovers

Filed under
OSS
  • QMO: Firefox 59 Beta 10 Testday Results

    As you may already know, last Friday – February 16nd – we held a new Testday event, for Firefox 59 Beta 10.

    Thank you Mohammed Adam, Abhishek Haridass,  Fahima Zulfath A. and  Surentharan.R.A. from  India QA Community team for helping us make Mozilla a better place.

  • Bugzilla Triage Helper

    There are an awful lot of bugs filed against Firefox and all it's components in the course of a release. Keeping on top of that is hard and some teams have adopted some policies to help with that (for example see: design-decision-needed).

    Having a consistent approach to bugs across the organisation makes it a little easier for everyone to get a feel for what's going.

  • Alfresco Founder: Commercial Open Source is more than Old Stuff for Free

    February sees Open Source turn 20 years old. Or the OSI definition at least. According to the OSI, the term was coined in Palo Alto by nanotechnologist Christine Peterson during a meeting on February 3rd, 1998 shortly after the announcement of the release of Netscape’s source code.

  • EOH and LSD Information Technology partner to lead open source in Africa

    By identifying global trends and local needs, EOH is able to proactively source and secure capabilities that will assist with the adoption of the digital revolution. LSD’s offerings across Linux, automation, devops and containers is a great technology fit for EOH to lead open source in the market.

  • Choosing a tool to track and mitigate open source security vulnerabilities

    Continuously tracking your application’s dependencies for vulnerabilities and efficiently addressing them is no simple feat. In addition, this is a problem shared by all, and is not an area most companies would consider their core competency. Therefore, it is a great opportunity for the right set of tools to help tackle this concern.

  • Open source software: to be celebrated or cursed?

    The use of Open Source Software (OSS) has become widespread. The latest statistics show that 78% of companies run OSS, and a number of mainstream software and hardware products are based on the OSS model – for example Android, Skype [sic], Firefox, Amazon Kindle, Tivo and BT Home Hub.

  • Marshall Students Use Open Source Data to Help Stop Sex Trafficking Cases

    The work involved sex trafficking cases in Latin America, the Caribbean and Southeast Asia. Select students in Marshall’s Open Source Intelligence Exchange program worked to provide open source intelligence collection and analysis for law enforcement and other clients. Open source refers to data collection from publicly available sources.

  • Stanford scholar celebrates Western culture’s open-access tradition

    The move toward “open access” to research and scholarship, far from being a modern digital-age creation, has roots in the West that date back to medieval times, writes a Stanford education scholar. John Willinsky’s new book explains how learning has long benefited from efforts to increase its circulation.

Syndicate content

More in Tux Machines

Windows 10 WSL vs. Linux Performance For Early 2018

Back in December was our most recent round of Windows Subsystem for Linux benchmarking with Windows 10 while since then both Linux and Windows have received new stable updates, most notably for mitigating the Spectre and Meltdown CPU vulnerabilities. For your viewing pleasure today are some fresh benchmarks looking at the Windows 10 WSL performance against Linux using the latest updates as of this week while also running some comparison tests too against Docker on Windows and Oracle VM VirtualBox. Read more

Endless OS Helps Tear Down Linux Wall

The free version of Endless OS adheres to the free license policy. It includes preinstalled video and audio codecs that are free of patents. That can limit the types of files you can play. Non-included codecs are available for purchase at the Endless OS Store. If you dislike managing frequent system updates and new release upgrades, you may have a special liking for Endless OS. As long as you have an Internet connection, the OS periodically checks for updates and automatically downloads and applies them in the background. You get a notification to restart. Although this desktop design should be an ideal environment for touchscreens, Endless OS does not take to touch very well. This is a major feature weakness if you have a touchscreen laptop or desktop monitor. Read more

Overview Of tcpdump With Examples

You can view information about traffic coming and going from a given network interface using tcpdump. This diagnostic tool allows you to see packet information, that is where incoming packets come from and where outgoing packets are heading to on an interface, with some extra information. You can even save the output to a file to inspect later on. This article will demonstrate the simple examples of tcpdump. Read
more

today's leftovers

  • State of Linux Containers
    In this video from the Stanford HPC Conference, Christian Kniep from Docker Inc. presents: State of Containers. “This talk will recap the history of and what constitutes Linux Containers, before laying out how the technology is employed by various engines and what problems these engines have to solve. Afterward, Christian will elaborate on why the advent of standards for images and runtimes moved the discussion from building and distributing containers to orchestrating containerized applications at scale. In conclusion, attendees will get an update on what problems still hinder the adoption of containers for distributed high performance workloads and how Docker is addressing these issues.”
  • ONS 2018: Networking Reimagined
    For the past seven years, Open Networking Summit (ONS) has brought together the networking industry’s ecosystem of network operators, vendors, open source projects, leading researchers, and investors to discuss the latest SDN and NFV developments that will shape the future of the networking industry. With this year’s event, taking place March 26-29, 2018 in Los Angeles, ONS will evolve its approach as the premier open source networking event. We’re excited to share three new aspects of this year’s ONS that you won’t want to miss:
  • AT&T contributes code to Linux open source edge computing project
    The Linux Foundation recently announced a new project, dubbed Akraino, to develop an open source software stack capable of supporting high-availability cloud services for edge computing systems and applications. To kick off the project, AT&T will contribute code made for carrier-scale edge computing applications running in virtual machines and containers.
  • AT&T Brings Akraino Networking Project to Edge of the Linux Foundation
    The Linux Foundation has been particularly busy in 2018 thus far consolidating its existing networking project under a single umbrella, known as LF Networking. That umbrella might need to get a bit larger, as on Feb. 20 the Linux Foundation announced the new Akraino project, with code coming initially from AT&T.
  • FreeOffice 2016 – An Efficient Alternative to Microsoft Office
    FreeOffice 2016 is the latest version of the Office software from SoftMaker. In fact, you wouldn’t be wrong if you called it the free version of SoftMaker Office 2018 seeing as it features the same suite of applications.
  • Stellaris 2.0 'Cherryh' patch & Stellaris: Apocalypse expansion released, over 1.5 million copies sold
    Stellaris: Apocalypse [Steam], the latest expansion for the grand space strategy game from Paradox Development Studio is out. The big 2.0 'Cherryh' patch is also now available. Paradox has also announced today, that Stellaris has officially passed 1.5 million copies sold making it one of their most popular games ever made. I'm not surprised by this, as I consider Stellaris their most accessible game.
  • Action-packed platformer with local and online co-op 'Vagante' has left Early Access
    After being in Early Access for quite some time, the action-packed platformer 'Vagante' [Steam, Official Site] has now officially left Early Access.
  • Gentoo has been accepted as a Google Summer of Code 2018 mentoring organization
  • Getting Debian booting on a Lenovo Yoga 720
    I recently got a new work laptop, a 13” Yoga 720. It proved difficult to install Debian on; pressing F12 would get a boot menu allowing me to select a USB stick I have EFI GRUB on, but after GRUB loaded the kernel and the initrd it would just sit there never outputting anything else that indicated the kernel was even starting. I found instructions about Ubuntu 17.10 which helped but weren’t the complete picture. What seems to be the situation is that the kernel won’t happily boot if “Legacy Support” is not enabled - enabling this (and still booting as EFI) results in a happier experience.
  • Dell PowerEdge T30
    I just did a Debian install on a Dell PowerEdge T30 for a client. The Dell web site is a bit broken at the moment, it didn’t list the price of that server or give useful specs when I was ordering it. I was under the impression that the server was limited to 8G of RAM, that’s unusually small but it wouldn’t be the first time a vendor crippled a low end model to drive sales of more expensive systems. It turned out that the T30 model I got has 4*DDR4 sockets with only one used for an 8G DIMM. It apparently can handle up to 64G of RAM.
  • Quad-Ethernet SBC and controller tap new Renesas RZ/N1D SoC
    Emtrion’s Linux-ready “SBC-RZN1D” SBC, which will soon power a “Flex2COM” controller, features a Renesas dual-core -A7 RZ/N1D SoC and 4x LAN ports, and is designed for multi-protocol fieldbus communications. Emtrion, which recently announced its emCON-RZ/G1H module based on an octa-core Renesas RZ/G1H SoC, has unveiled a Renesas based, quad-LAN port SBC-RZN1D SBC focused on industrial communication. The SBC-RZN1D taps the Renesas RZ/N1D (R9006G032), one of a new line of RZ/N1D SoCs launched last year by Renesas for industrial multi-protocol communications. Renesas recently collaborated with Avnet to ship its own dual-Ethernet Renesas RZ/N1D Solution Kit (see farther below).
  • Postage-Stamp Linux
    There was a time when big operating systems ran on big iron. IBM, Data General, Burroughs, DEC, and other computer makers built big machines with big, blinking lights, and big price tags. They ran grown-up software and they supported multiuser operating systems. If you wanted a toy, you built a microcomputer. If you wanted a real machine for serious work, you bought a mainframe. Maybe a minicomputer, if it were for lesser tasks.
  • Most Popular Android Versions In February 2018 (Always Updated List)
    Android is the most used operating system on the planet. In fact, it’s almost omnipresent in the mobile ecosystem. Even the Android versions, like Nougat, Marshmallow, Lollipop, etc. have been able to build their individual fan following.