Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 19 Aug 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story OSCON 2018 Events Coverage by LWN Roy Schestowitz 16/08/2018 - 4:53am
Story LWN on Linux Kernel: Scheduler, Speck, and WireGuard Roy Schestowitz 16/08/2018 - 4:49am
Story Software: Selenium, Password Managers, MAAS Roy Schestowitz 16/08/2018 - 4:45am
Story A 'Bridge' for GNU/Linux Games Roy Schestowitz 16/08/2018 - 3:38am
Story Security: Updates, IPSec, Elections, AWS and Surveillance Roy Schestowitz 16/08/2018 - 3:24am
Story Mozilla: WebTorrent, Bitslicing, Firefox Security Add-on and Time Dilation Roy Schestowitz 16/08/2018 - 3:17am
Story Programming: Go, Agile, and Literature Roy Schestowitz 16/08/2018 - 3:12am
Story Railway computer runs Linux on Kaby Lake Roy Schestowitz 16/08/2018 - 3:07am
Story GNOME Linux Desktop With Only Keyboard and a New Anniversary Release Roy Schestowitz 16/08/2018 - 3:04am
Story today's howtos Roy Schestowitz 16/08/2018 - 3:02am

Security: Defcon 2018, Cortana and Windows Updates That Break Windows

Filed under
Security

today's howtos

Filed under
HowTos

Review: NomadBSD 1.1

Filed under
Reviews
BSD

One of the most recent additions to the DistroWatch database is NomadBSD. According to the NomadBSD website: "NomadBSD is a 64-bit live system for USB flash drives, based on FreeBSD. Together with automatic hardware detection and setup, it is configured to be used as a desktop system that works out of the box, but can also be used for data recovery."

The latest release of NomadBSD (or simply "Nomad", as I will refer to the project in this review) is version 1.1. It is based on FreeBSD 11.2 and is offered in two builds, one for generic personal computers and one for Macbooks. The release announcement mentions version 1.1 offers improved video driver support for Intel and AMD cards. The operating system ships with Octopkg for graphical package management and the system should automatically detect, and work with, VirtualBox environments.

Nomad 1.1 is available as a 2GB download, which we then decompress to produce a 4GB file which can be written to a USB thumb drive. There is no optical media build of Nomad as it is designed to be run entirely from the USB drive, and write data persistently to the drive, rather than simply being installed from the USB media.

Read more

Also: Happy Bob's Libtls tutorial

Tesla Software Code

Filed under
OSS
Security
  • Tesla Will Open-Source Its Vehicle Security Software In Push For Safer Vehicles

    Tesla has also directly communicated with hackers to improve its vehicles’ software. Back in 2016, Keen Security Lab, a white hat hacker group based in China, was able to remotely hack a Model S through a compromised WiFi hotspot, conducting one of the first known instances of a Tesla being hacked. Keen Security Lab contacted Tesla after they successfully compromised the electric car, and Tesla promptly pushed an update to address the vulnerability.

  • Tesla Plans to Open-Source Its Vehicle Security Software for Free to Other Automakers

    Believing he has the best solution, Elon Musk plans to make Tesla’s vehicle security software open source so other automakers can adopt the technology for "a safe self-driving future for all." On top of "specialized encryption" for "multiple sub-systems," future Tesla vehicles will ensure drivers always have "override authority" in the event their cars become "wacky."

  • Elon Musk Plans To Open Source Tesla Software Code

    One of the biggest advantages of open sourcing your software is allowing the independent security researchers to access the code and spot the vulnerabilities that might go unnoticed during the internal auditing.

  • Tesla plans to open source its car security software to other automakers for free

    According to the Electrek, with the rise of autonomous driving and car networking technology, the risk of malicious attacks on cars increased. Tesla CEO Elon Musk believes that the company’s car safety software is the best solution, and he plans to open source car safety software to other automakers for a safer autopilot future.

    Musk has publicly expressed concern about hackers attacking car systems. He said that fully blocking ” hacking” is Tesla’s primary security task.

Build Your Own Linux Single Board Computer

Filed under
GNU
Linux
Hardware

We are fortunate enough to have a huge choice of single-board computers before us, not just those with a bare-metal microcontroller, but also those capable of running fully-fledged general purpose operating systems such as GNU/Linux. The Raspberry Pi is probably the best known of this latter crop of boards, and it has spawned a host of competitors with similarly fruity names. With an entire cornucopia to choose from, it takes a bit more than evoking a berry to catch our attention. The form factors are becoming established and the usual SoCs are pretty well covered already, show us something we haven’t seen before!

[Marcel Thürmer] may have managed that feat, with his Blueberry Pi. On the face of it this is just Yet Another SBC With A Fruity Pi Name, but what caught our attention is that unlike all the others, this is one you can build yourself if you want. It’s entirely open-source, but it differs from other boards that release their files to the world in that it manages to keep construction within the realm of what is possible on the bench rather than the pick-and-place. He’s done this by choosing an Alwinner V3, an SoC originally produced for the action camera market that is available in a readily-solderable TQFP package. It’s a choice that has allowed him to pull off another constructor-friendly feat: the board is only two layers, so it won’t break the bank to have it made.

Read more

The House of Elive Linux Revamped!

Filed under
GNU
Linux
Debian

I visited the www.elivecd.org, the page that houses Elive. This is one Linux distro that caught my eye in 2009 and that I have been following ever since.

The site is being redecorated and renovated, which is a great change to reflect the polished nature of the distro that Thanatermesis (Samuel Flores Baggen) crafts there.

Read more

Also: DebConf in Taiwan!

Security Leftovers

Filed under
Security
  • #DEFCON DHS Says Collaboration Needed for Secure Infrastructure and Elections

    Speaking at DEFCON 26 in Las Vegas on the subject of “Securing our Nation's Election Infrastructure”, Jeanette Manfra, assistant secretary, Office of Cybersecurity and Communications from the Department of Homeland Security stressed the need for public and private sector collaboration.

    She said that “instead of thinking of individual risk and your own part, try to think about enterprise and government as a whole.”

    In terms of critical infrastructure, Manfra said that this is “purely voluntary in the private sector” and includes “everyone working for yourself or your company, and this includes academic institutions and the broader private and public partnership to work together to figure our critical infrastructure.”

    She went on to talk about the concept of collective defense, saying that government is “one player in the community,” and with companies and citizens on the front line with government sectors “we have to share information and be transparent and build trust with individuals and entities that we have not done before.”

  • The Enigma of AI & Cybersecurity

    We've only seen the beginning of what artificial intelligence can do for information security.

    Alan Turing is famous for several reasons, one of which is that he cracked the Nazis' seemingly unbreakable Enigma machine code during World War II. Later in life, Turing also devised what would become known as the Turing test for determining whether a computer was "intelligent" — what we would now call artificial intelligence (AI). Turing believed that if a person couldn't tell the difference between a computer and a human in a conversation, then that computer was displaying AI.

    AI and information security have been intertwined practically since the birth of the modern computer in the mid-20th century. For today's enterprises, the relationship can generally be broken down into three categories: incident detection, incident response, and situational awareness — i.e., helping a business understand its vulnerabilities before an incident occurs. IT infrastructure has grown so complex since Turing's era that it can be months before personnel notice an intrusion.

  • Open-source snafu leaves patient data exposed [Ed: They never generalise like this about proprietary software]

    Researchers at cyber security outfit Project Insecurity discovered dozens of security bugs in the OpenEMR system, which is described as the “most popular open source electronic health records and medical practice management solution”.

    Many of the flaws were classified as being of high severity, leaving patient records and other sensitive information within easy reach of would-be hackers.

    One critical flaw meant that an unauthenticated user was able to bypass the patient portal login simply by navigating to the registration page and modifying the URL, Project Insecurity reported in its findings.

  • Open Source Security Podcast: Episode 109 - OSCon and actionable advice

Let’s share

Filed under
OSS

“Information wants to be free” goes the slogan of the social movement encouraging open-source software, file sharing and a permissive legal environment for modifying and distributing the creative works in the form of open content or free content by using the internet and other forms of media. The free software and open access movements are among the most important developments after the rise of the world wide web. Swartz was not the only internet activist who believed in the concept of an open and free internet. There were people like Richard Stallman, who gave birth to the term “free software”, free as in freedom, not free as in no cost.

The aura of the information age is not just about new ideas but about a shift in the paradigms of communication and control. In this age of digital feudalism, we do not actually own the products we buy, but we are merely granted limited use of them as long as we continue to pay the rent. The radical expansion of intellectual property (IP) rights threatens to reach the point where they suppress any and all other rights of the individual and society. The current copyright laws have hindered creativity and resulted in a read-only internet culture in which we only consume information/content, despite technology advances that make it easy to create and contribute to culture. Copyright law doesn’t extend neatly to the digital world and the digital rights management tools the industry is endeavouring to develop to maintain copyright control are dampening the growth of a rich read-or-write culture.

We need to bring that open-source mentality to the content layer. Two-thirds of all websites run on open-source software, but most of the premium academic resources remain closed behind digital gates. The Directory of Open Access Journals reports that nearly 4,000 publications are available to the masses via the internet, a number that grows rapidly each year. It is essential to liberate data, liberate knowledge — especially data that taxpayers have already paid for.

Thanks to the Free Culture movement, vast knowledge repositories like Wikipedia and Stack Exchange and open access efforts like the science article sharing site arXiv.org have flourished as they permit content to be re-used for free and built upon, and many major websites offer Creative Commons (CC) licensing as part of their user interfaces (UI). In 2012, Google launched a worldwide campaign named Take Action for building a free and open world wide web. Here is the kernel of Google’s argument: “A free and open world depends on a free and open internet. Governments alone, working behind closed doors, should not direct its future. The billions of people around the globe who use the internet should have a voice”.

Read more

DXVK 0.65

Filed under
Gaming

Linux 4.19 and More

Filed under
Linux
  • New ARM SoCs & Boards To Be Supported By The Linux 4.19 Kernel

    Hardware support improvements coming for Linux 4.19 aren't limited to the x86 space but a lot of new ARM hardware support is also being introduced in this imminent kernel cycle.

    While the Linux 4.19 kernel merge window isn't quite open yet -- it should open tonight, following the release of Linux 4.18 -- the new feature work is already staged. There is the for-next arm-soc.git branch.

  • F2FS In Linux 4.19 Will Fix Big Performance Issue For Multi-Threaded Reads

    The Linux 4.19 kernel updates for the Flash-Friendly File-System (F2FS) should bring much faster performance for multi-threaded sequential reads -- as much as multiple times faster.

    Two years ago F2FS dropped its write-pages lock on the basis it could improve multi-threading performance... 4KB writes across 32 threads went up from 25 to 28MB/s on some tests done on the developer's hardware. While it was a minor win for multi-threaded writes, it turns out dropping the write-pages lock took a major toll on the multi-threaded read performance. Now with Linux 4.19, that write-pages lock is being restored.

  • SoundWire For Linux Preps Support For Multiple Masters

    Back in Linux 4.16 the SoundWire subsystem was added to the staging area as the MIPI standard for a low-power, two-wire sound bus that can support multiple audio streams and primarily utilized by small audio peripherals like IoT and mobile devices. With the next Linux kernel cycle, the SoundWire support is being improved upon.

Sparky 5.5 RC

Filed under
GNU
Linux

There are new iso images of SparkyLinux 5.5 Release Candidate available to download.
Sparky 5 follows rolling release model and is based on Debian testing “Buster”.

ISO images of Sparky 5.5 RC provides bug fixing found in the 5.5 dev20180725 release.

Read more

Akademy 2018 Day 1

Filed under
KDE

Akademy 2018 got off to a wet start with rains accompanying all attendees pouring into Vienna for KDE's largest annual community conference. Although the Pre-Registration event was held on Day Zero (Friday the 10th) and it was a fun-filled affair, Akademy kicked off in earnest on Saturday, with talks, panels and demonstrations. Read on to find out about Day 1 of Akademy and all that transpired:

Read more

The Release of Linux 4.18

Filed under
Linux
  • Linux 4.18

    One week late(r) and here we are - 4.18 is out there.

    It was a very calm week, and arguably I could just have released on
    schedule last week, but we did have some minor updates. Mostly
    networking, but some vfs race fixes (mentioned in the rc8 announment
    as "pending") and a couple of driver fixes (scsi, networking, i2c).
    Some other minor random things (arm crypto fix, parisc memory ordering
    fix). Shortlog appended for the (few) details.

    Some of these I was almost ready to just delay to until the next merge
    window, but they were marked for stable anyway, so it would just have
    caused more backporting. The vfs fixes are for old races that are
    really hard to hit (which is obviously why they are old and weren't
    noticed earlier). Some of them _have_ been seen in real life, some of
    them probably need explicit help to ever trigger (ie artificial delays
    just to show that "yes, this can actually happen in theory").

    Anyway, with this, the merge window for 4.19 is obviously open, and
    I'll start pulling tomorrow. I already have a couple of dozen pull
    requests pending due to the one-week delay of 4.18, but keep them
    coming.

    Linus

  • The 4.18 kernel is out

    Linus has released the 4.18 kernel. "It was a very calm week, and arguably I could just have released on schedule last week, but we did have some minor updates.

  • Linux 4.18 Kernel Officially Released

    Following the one week setback, the Linux 4.18 kernel is now officially available just a little more than two months since the cycle officially began.

    Linux 4.18 is now shipping and the latest kernel carrying the continued "Merciless Moray" codename.

today's leftovers

Filed under
Misc
  • Linux Apps Are Now Available on More Chromebooks Powered by Intel Braswell CPUs

    It looks like Google is taking support for Linux apps very serious lately by recently enabling its integrated virtualization machine for running Linux apps on Chrome OS to support Chromebooks powered by Intel Braswell CPUs.

  • The Academy launches open-source foundation for media developers

    The idea is to enable them to share resources and collaborate on technologies for image creation, visual effects, animation and sound.

    “We are thrilled to partner with The Linux Foundation for this vital initiative that fosters more innovation, more collaboration, more creativity among artists and engineers in our community,” said Academy CEO Dawn Hudson. “The Academy Software Foundation is core to the mission of our Academy: promoting the arts and sciences of motion pictures.”

  • GSoC’18 Phase-3

    For this phase, I started with implementing Stamps feature in the Drawing activity. This feature allows users to use different stamps images in their beautiful arts. For now, I have added images from solar activity to use as stamps.

  • This week in Usability & Productivity, part 31

    This week we’re all at Akademy–KDE’s yearly gathering of developers, designers, system administrators, and users. I’m giving a presentation later today about how we can make KDE Software irresistible!

    As such, it as a bit of a lighter week for the Usability & Productivity initiative, what with all the preparation and conference-going, but we still managed to get quite a bit done. And all the in-person interactions are setting the stage for many more good things to come.

  • Something Happened to My OpenMandriva Lx OS

    Yesterday I booted my laptop with OpenMandriva Lx and went to look for a book. When I returned to the machine, a kernel panic was waiting for me on the screen.

    Apparently, something went very wrong with the updates that I performed last week, but I did not notice.

    This has happened before, though. As the laptop boots seven OSs (OpenMandriva, Mageia, PCLinuxOS, Pisi, Elive, Fedora, and PicarOS), when I install a system that changes the OMV-controlled GRUB2, OpenMandriva gets a panic.

    I do not have the expertise to rectify things other than by performing a re-install. So, I reinstalled OpenMandriva, updated it (the process did not last more than an hour or so) and, sure enough, the OS was bootable again.

    [...]

    Maybe it is time for me to start experimenting with BSD, Haiku, or something.

  • Google Pixel 3 XL Leak Reveals 6.7-inch Screen With Triple Camera Setup
  • Intel has no chance in servers and they know it

    Intel is flying press to an Analyst day to discuss their impending server meltdown. SemiAccurate has been detailing this impending catastrophe for over a year now, it is now time for the details.

  • Journeys

    This would be a long blog post as I would be sharing a lot of journeys, so have your favorite beverage in your hand and prepare for an evening of musing.

    Before starting the blog post, I have been surprised as the last week and the week before, lot of people have been liking my Debconf 2016 blog post on diaspora which is almost two years old. Almost all the names mean nothing to me but was left unsure as to reason of the spike. Were they debconf newcomers who saw my blog post and their experience was similar to mine or something, don’t know.

Source Analysis Research

Filed under
OSS
Security
  • Stylistic analysis can de-anonymize code, even compiled code

     

    A presentation today at Defcon from Drexel computer science prof Rachel Greenstadt and GWU computer sicence prof Aylin Caliskan builds on the pair's earlier work in identifying the authors of software and shows that they can, with a high degree of accuracy, identify the anonymous author of software, whether in source-code or binary form.  

  • Even Anonymous Coders Leave Fingerprints

     

    Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt's former PhD student and now an assistant professor at George Washington University, have found that code, like other forms of stylistic expression, are not anonymous. At the DefCon hacking conference Friday, the pair will present a number of studies they've conducted using machine learning techniques to de-anonymize the authors of code samples. Their work could be useful in a plagiarism dispute, for instance, but it also has privacy implications, especially for the thousands of developers who contribute open source code to the world.

OSS Leftovers

Filed under
OSS
  • Tesla may Open Source Vehicle security Software to Other Car Manufacturers

    The best explanation to Tesla’s decision to give away its patents in good faith was written by  Bin Hu, Ming Hu, and Yi Yang on Informs.Org. They wrote, “We believe that Tesla opened up its patents to tip the scale between the two competing technologies in its favor. This is the logic: if Tesla’s patents are more likely to be adopted by other auto makers because they are free, the electric vehicle technology is more likely to become mainstream, and holding on to this belief, component suppliers (including energy companies by extension) are more likely to make investments into the electric vehicle technology rather than the competing hydrogen fuel-cell vehicle technology.”

  • Openbook is the latest dream of a digital life beyond Facebook

    As tech’s social giants wrestle with antisocial demons that appear to be both an emergent property of their platform power, and a consequence of specific leadership and values failures (evident as they publicly fail to enforce even the standards they claim to have), there are still people dreaming of a better way. Of social networking beyond outrage-fuelled adtech giants like Facebook and Twitter.

    There have been many such attempts to build a ‘better’ social network of course. Most have ended in the deadpool. A few are still around with varying degrees of success/usage (Snapchat, Ello and Mastodon are three that spring to mine). None has usurped Zuckerberg’s throne of course.

    [...]

    The team behind Openbook includes crypto(graphy) royalty, Phil Zimmermann — aka the father of PGP — who is on board as an advisor initially but billed as its “chief cryptographer”, as that’s what he’d be building for the platform if/when the time came. 

  • Classic Shell Rebrands Itself as Open Shell and Transitions into Open Source [Ed: If it only runs in Windows, then how "Open" can it really be? It's just a companion for spyware.]
  • Badgy is an open source E Ink badge

    Squaro Engineering has just developed their first e Ink product called Badgey. It features a 2.9 inch e-paper display with a resolution of 296×128 E and a five-way tactical switch for user input. The default firmware includes support for WiFiManager and OTA updates. This device retails for $29.99 and they offer volume pricing options, but it does not come with a battery, it has to be purchased separately.

  • Unifont 11.0.02 Released

    Unifont 11.0.02 is now available. This is an interim release, with another released planned in the autumn of 2018. The main addition in this release is David Corbett's contribution of the over 600 glyphs in the Sutton SignWriting Unicode block.

BSD: OpenSSH 7.8, mandoc, nbdkit

Filed under
BSD
Syndicate content

More in Tux Machines

A Look At The Windows vs. Linux Scaling Performance Up To 64 Threads With The AMD 2990WX

This past week we looked at the Windows 10 vs. Linux performance for AMD's just-launched Ryzen Threadripper 2990WX and given the interest from that then ran some Windows Server benchmarks to see if the performance of this 64-thread CPU would be more competitive to Linux. From those Windows vs. Linux tests there has been much speculation that the performance disparity is due to Windows scheduler being less optimized for high core/thread count processors and its NUMA awareness being less vetted than the Linux kernel. For getting a better idea, here are benchmarks of Windows Server 2019 preview versus Ubuntu Linux when testing varying thread/core counts for the AMD Threadripper 2990WX. Toggled via the BIOS was SMT as well as various CCX configurations and each step of the way comparing the Windows Server 2019 Build 17733 performance to that of Ubuntu 18.04 LTS with the Linux 4.18 kernel in various multi-threaded benchmarks supported under both operating systems. Read more

Kernel: RISC-V and Virtual Machine

  • RISC-V's Linux Kernel Support Is Getting Into Good Shape, Userspace Starting To Work
    The RISC-V open-source processor ISA support within the mainline kernel is getting into good shape, just a few releases after this new architecture port was originally added to the Linux Git tree. The RISC-V code for Linux 4.19 includes the ISA-mandated timers and first-level interrupt controllers, which are needed to actually get user-space up and running. Besides the RISC-V first-level interrupt controller, Linux 4.19 also adds support for SiFive's platform-level interrupt controller that interfaces with the actual devices.
  • A Hearty Batch Of KVM Updates Land In Linux 4.19
    There is a lot of new feature work for the Kernel-based Virtual Machine (KVM) within the Linux 4.19 kernel.

Kate/KTextEditor Picks Up Many Improvements To Enhance KDE Text Editing

Even with KDE's annual Akademy conference happening this past week in Vienna, KDE development has been going strong especially on the usability front. The Kate text editor and the KTextEditor component within KDE Frameworks 5 have been the largest benefactors of recent improvements. This KDE text editing code now has support for disabling syntax highlighting entirely if preferred. When using syntax highlighting, there have been many KTextEditor enhancements to improve the experience as well as improvements to the highlighting for a variety of languages from JavaScript to YAML to AppArmor files. Read more

KStars v2.9.8 released

KStars 2.9.8 is released for Windows, MacOS, and Linux. It is a hotfix release that contains bug fixes and stability improvements over the last release. Read more Also: KDE Itinerary - How did we get here?