Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 23 Feb 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Linux Domination and Bill Gates Domination Roy Schestowitz 1 20/02/2018 - 3:35pm
Story Red Hat and Fedora Leftovers Roy Schestowitz 20/02/2018 - 12:16pm
Story Devices/Embedded: ADL, Axiomtek, and FUD From Proprietary Embedded Software Firms Roy Schestowitz 20/02/2018 - 11:53am
Story Games: Deep Sixed, Lazy Galaxy, Gladiabots, Railway Empire, Hypergate, Total War Saga: Thrones of Britannia Roy Schestowitz 20/02/2018 - 11:50am
Story Sailfish OS 2.1.4 is now available to early access Rianne Schestowitz 20/02/2018 - 11:03am
Story Today in Techrights Roy Schestowitz 20/02/2018 - 10:59am
Story Qt 5.11 Alpha Released Rianne Schestowitz 20/02/2018 - 10:57am
Story Android Leftovers Rianne Schestowitz 20/02/2018 - 8:37am
Story Huawei P Smart review Rianne Schestowitz 20/02/2018 - 8:33am
Story ​Bogus Linux vulnerability gets publicity Rianne Schestowitz 20/02/2018 - 8:27am

Games, Unity3D (Microsoft Mono) and Microsoft Direct3D

Filed under
Gaming

Mozilla: Sponsored Stories and New Release of Rust

Filed under
Moz/FF
  • Firefox, Pocket and Sponsored Stories

    Well, well, remember when I told you - the more desperate Mozilla gets vis-a-vis its market share, the more aggressive they will get with pushing "quality" content onto its users? I did, I did. Well, the bonfires of the Mr. Robot fiasco have hardly cooled, and now there's a new drama developing. Mozilla will start rolling a pilot that tests sponsored stories in the Pocket recommendations section on the New Tab page.

    Since I'm usually a blithely cheerful chap, I'm actively looking for stories to sour my mood, and so I was excited (this is sales lingo, we will get to that) to read this announcement. After all, writing about how everything is peachy and efficient and good in the tech world is boring, we need these little burdocks of greed to make things complicated. After me, pioneers.

    [...]

    Actually, it does not take a wizard to figure things out. Just look what happened in the past five years, ever since the mobile world exploded. For instance, thinking wildly about some rather common examples, Windows 7 to Windows 10, and the amount of pesky, online and telemetry stuff. Just compare Skype 7.40, the last classic version. and the toy factory moronity that is Skype 8. Windows Control Panel to Windows Settings. Gnome 2 to Gnome 3. Oh, Firefox 3.6 to Firefox whatever.

    What you see is that menus get deeper and deeper and deeper and more obfuscated, with focus on aesthetic minimalism (mobile) that goes directly against user intuition and efficiency. You need more and more actions and mouse clicks to achieve the same results you could half a decade before. Now imagine what will happen in five or even ten years. Consider yourself lucky you were there to witness the early days of the Internet, when it was still all naive and innocent and not just pure money.

    [...]

    Some people may assume that I have a personal problem with Mozilla and Firefox. Not really. It's just I don't like hypocrisy, and I do not like being herded toward the pen that reads IDIOTS. I fully understand that Mozilla needs quiche. Fine, state it upfront. Don't veil it in bullshit. The words privacy, freedom and similar slogans mean nothing when you put them side by side with sponsored stories. You want money, start charging money for your browser. There's nothing wrong with that. And I would gladly pay for a high-quality product - and when needed, I do.

    I also wish that we had alternatives - the more the merrier. Alas, the exact opposite is happening. As time goes by, it will become even more difficult to have (supposedly free) products that really cater to their users. The profit slope is a one-way direction. Once you make a margin, you need to make more margin and more margin and more margin. It never stops.

    Firefox is a completely different product than it was a decade ago. It's now a big boy, trying to compete in the big arena. There's no room for niceties anymore. The only thing you can do is try to prepare for the inevitable day when this salesy nonsense becomes too much, so when you do switch, you try to do it elegantly and smartly. I cannot guarantee there's actually going to be a nice and peaceful browser for you out there when that moment comes, so if you want to sleep all relaxed, don't. The old Internet is dying, and the future does not belong to you and me or anyone willing to read this entire article without skipping words. The best you can do is play the game, so at the very least, you will be a rich idealist one day rather than a poor user. Or better yet, a rich loser rather than a poor user.

  • These Weeks in Firefox: Issue 32
  • Reps On-boarding Team

    As you already know from our discourse topic, we have created an Onboarding Screening Team.

    The scope of this team is to help on evaluating the new applications to the Reps program by helping the Reps Council on this process.

  • Announcing Rust 1.24

    The Rust team is happy to announce a new version of Rust, 1.24.0. Rust is a systems programming language focused on safety, speed, and concurrency.

  • Rust 1.24 Released With "rustfmt" Preview & Incremental Compilation By Default

    A fairly notable update to the Rust programming language compiler and its components is available today.

    With Rust 1.24 first up is a preview release of rustfmt, an official utility for formatting Rust code. Rustfmt applies a standard style of formatting to existing Rustlang code and is similar to the other LLVM-based code formatters.

Security: Blaming Russia for Windows Back Doors Being Exploited, New Updates, BuckHacker, and More

Filed under
Security

FOSS Project Spotlight: LinuxBoot

Filed under
Linux

The more things change, the more they stay the same. That may sound cliché, but it's still as true for the firmware that boots your operating system as it was in 2001 when Linux Journal first published Eric Biederman's "About LinuxBIOS". LinuxBoot is the latest incarnation of an idea that has persisted for around two decades now: use Linux as your bootstrap.

On most systems, firmware exists to put the hardware in a state where an operating system can take over. In some cases, the firmware and OS are closely intertwined and may even be the same binary; however, Linux-based systems generally have a firmware component that initializes hardware before loading the Linux kernel itself. This may include initialization of DRAM, storage and networking interfaces, as well as performing security-related functions prior to starting Linux. To provide some perspective, this pre-Linux setup could be done in 100 or so instructions in 1999; now it's more than a billion.

Read more

Software: Trizen, I Love Free Software Day, GIMP Bug Reporting and More

  • Trizen – A Lightweight AUR Package Manager For Arch-Based Systems

    Pacaur is unmaintained and the developer stepped back for unknown reason. Pacaur still works, however the Arch developers are suggesting to use another AUR package helper programs. I have already tried a few AUR helpers such as Packer, Yay, and Yaourt. Today we will see yet another AUR helper that I just came across. Say hello to Trizen, a lightweight AUR package manager written in Perl.

  • What open source software programs I love

    Earlier this week, someone asked me what Free software and open source software programs I really love. I thought I'd share that here, too.

    As I started to go through my favorite programs, I realized it was quite long. So I'm trying to keep the list short here, just the programs I use the most:

    I'll start with Linux. I first installed Linux in 1993, when I was still an undergraduate university student. When I heard about Linux, a free version of Unix that I could run on my 386 computer at home, I immediately wanted to try it out. My first Linux distribution was Softlanding Linux System (SLS) 1.03, with Linux kernel 0.99 alpha patch level 11. That required a whopping 2MB of RAM, or 4MB if you wanted to compile programs, and 8MB to run X windows.

  • I love Free Software Day 2018

    Today isn't just Valentines day, but also I love Free Software Day! I've been using (and contributing) Free Software for years now and don't want anything else. Even when I've given non-Free Software another chance, every time I was glad when I returned to Free Software.

    A big thank you goes out to all developers, sysadmins, network guru's, translators, bugsquashers and all other contributors.

    A small selection of tools/libraries/projects/organizations I'm thankful for this year: debian, ubuntu, terminator, mate, vi(m), firefox, thunderbird, postgresql, apache, kvm, libvirt, bash, openssh, nextcloud, workrave, audacious, vlc, mtp (Media Transfer Protocol), ext2/ext3/ext4/btrfs, mdadm, postfix, the linux kernel, fosdem, fsfe, eff, bitsoffreedom, ccc and kodi.

  • Automatic bug report and stack traces for GIMP

    While I was working on yet-another-crash without a backtrace, I realized that we could just generate automatic backtraces upon crashes and tell people about it. This is how I ended up writing a debug tool for GIMP, popping-up a dialog with a nice text encouraging to report bugs. You’ll notice that the main text is non-technical. The goal is not to display non-understandable error messages which nobody will understand. All the technical part is in the below section and is just to be copied by a single button click and reported to us verbatim.

  • [Proprietary] Master PDF Editor – A Cross-Platform Multifunctional PDF Editor

    Master PDF Editor is a powerful multi-purpose editor for easily and professionally viewing, scanning, creating, and modifying PDF documents.

    It features OCR functionality alongside the ability to add digital signatures to PDF files, to encrypt them, split a source document into multiple documents, and to merge several files into one, among other functions.

Defense Digital Service revamps Code.mil with clearer, more accessible guidance

Filed under
OSS

When the Defense Digital Service team launched Code.mil in February 2017, the goal was to propel the Department of Defense into the open source software community.

The team set up a repository on GitHub, got to work on a licensing agreement and by mid-March the first open-sourced project was posted.

But where there was excitement among the DoD engineering community, there also was a slight problem — the guidance on how to release code as code open source just wasn’t very accessible or clear.

Read more

GSoC Support for FOSS:

Google's Bogus Ad 'Blocker' for Chrome

Filed under
Google

Games: Project Zomboid, Prey, Maia, Momodora: Reverie Under The Moonlight, Communist Dogifesto, Dead Maze

Filed under
Gaming

GNOME Desktop/GTK: GNOME 3.27.90, ArcMPD, xdg-desktop-portal, Meson

Filed under
GNOME
  • GNOME 3.27.90 released
  • ArcMPD – An Arc-Based Translucent GTK Theme for Minimalists

    We haven’t written about any themes since 2018 began so I think it is about time that happened. That’s why I’m happy to let you in on another beautiful theme you might not have known yet – ArcMPD.

    ArcMPD is a fork of the fan favorite Arc GTK theme and its inspiration is even implied in its name. Unlike Arc GTK theme, however, it features a more transparent header, sidebar; and window control buttons reminiscent of Apple’s OS X.

  • Moving a portal

    Most of the portals in use are implemented by a module called xdg-desktop-portal, with backend implementations for Gtk+ and KDE. Many of the portals in it, such as the important file chooser portal relies on a lowlevel portal called the document portal. It is a combined dbus and fuse service that controls access to files with fine-grained per-application permissions.

  • Meson's dependency manager in action building GTK

    It is easy to see how this makes it easier for newcomers to participate. There are no longer pages upon pages of instructions on how to set up a build environment and so on. All that is required is to clone one Git repo and start building. The build system will take care of all the rest.

Server: Kubernetes, Vitess, SDS, Service Mesh, CloudStack, OpenStack/Oracle

Filed under
Server
  • Kubernetes Monitoring with Prometheus

    Kubernetes makes management of complex environments easy, but to ensure availability it's crucial to have operational insight into the Kubernetes components and all applications running on the cluster. I believe monitoring is the backbone of a good production environment.

    Applications running in containers and orchestrated by Kubernetes are highly automated and dynamic, and so, when it comes to monitoring applications in these environments, traditional server-based monitoring tools designed for static services are not sufficient.

  • CNCF’s Vitess Scales MySQL with the Help of Kubernetes

    A technology developed by YouTube to shard large MySQL databases across multiple servers, Vitess, has become the 16th hosted project of the Cloud Native Computing Foundation.

    Vitess was created for “people who love MySQL for its functionality, but have chosen not to use it because it does not scale well,” said Sugu Sougoumarane, one of the creators of Vitess who is now co-founder and chief technology officer at PlanetScale Data, a still-stealth startup centered around Vitess, in an interview with The New Stack.

  • Deepfence Emerges from Stealth with Container Security Platform

    Sandeep Lahane has been been quietly building his container security startup Deepfence since 2016. On Feb. 13, Deepfence emerged from its stealth mode, announcing the company's Security as a Microservice technology for container security.

    The Deepfence approach uses what the company refers to a a lightweight sidecar container, which runs alongside an organization's existing Docker and Kubernetes container deployments. Deepfence's technology makes use of artificial intelligence (AI) as well as policy driven rules, to help detect potential threats and enforce workload isolation.

  • What is Software Defined Storage?

    Software defined storage (SDS) decouples storage software from the underlying storage devices. It does this by creating a virtualized software management layer that operates above the storage hardware.

    While that definition may reasonably straight forward, many players in the data storage industry debate the specifics and details of what, exactly, is the true definition of SDS.

  • The History of the Service Mesh
  • The Apache Software Foundation Announces Apache® CloudStack® v4.11
  • Apache CloudStack, KDE Plasma Update, Kubernetes Engine

    Apache CloudStack 4.11 was released this week after 8 months of development. According to Rohit Yadav, Apache CloudStack v4.11 Release Manager, "v4.11 brings several important structural changes such as better support for systemd and Java 8, migration to embedded Jetty, and a new and optimized Debian 9 based systemvm template." See the release notes for more info.

  • Oracle Sees Its Future in the Cloud as Data Center Footprint Set to Expand

    Oracle uses the open-source OpenStack cloud platform as the basis for its cloud services. Oracle has been actively involved in OpenStack since at least 2014, when it announced support for OpenStack on both Oracle Linux and Solaris-based systems.

  • Oracle’s Cloud: Perception vs. Reality

    Oracle announced an impressive cloud computing initiative this week; it was very nicely packaged. But the company initially did not even take the cloud seriously, and was very slow to realize that this cloud thing was going to be massively disruptive.

Canonical: Ubuntu 18.04 Will Collect Data, Adds 'Minimal iInstall', MAAS, Mesa, GLVND

Filed under
Ubuntu

Graphics: Wayland Protocols 1.13, Mesa, AMD

Filed under
Graphics/Benchmarks
  • wayland-protocols 1.13

    wayland-protocols 1.13 is now available.

  • Wayland Protocols 1.13 Introduces New Input Timestamp Protocol

    Jonas Ådahl on Wednesday announced Wayland-Protocols 1.13, the collection of stable and unstable protocols to Wayland.

    The single major change to Wayland Protocols 1.13 is the introduction of the input-timestamps protocol. This protocol extension is for providing high resolution timestamps for input events.

  • Intel's Mesa Driver Gets Patches For New EXT_shader_framebuffer_fetch

    Open-source Intel driver developer Francisco Jerez has sent out a set of 15 patches implementing a new version of the EXT_shader_framebuffer_fetch OpenGL extension.

    EXT_shader_framebuffer_fetch in its current form on the OpenGL registry is for OpenGL ES 2.0+ and allows a fragment shader to read existing frame-buffer data as input. This is intended to allow for more advanced compositing operations.

  • Marek Updates OpenGL 3.1 ARB_compatibility Support For Mesa

    Last October well known open-source AMD driver developer Marek Olšák began work on OpenGL compatibility profile support for Mesa. This work is about OpenGL 3.1 with ARB_compatibility support, something generally relevant for workstation OpenGL users and one of the few remaining advantages of AMD's current proprietary OpenGL driver.

  • AMDVLK/XGL Gets Vega Enhancements, LLPC Optimizations

    AMD developers working on their official, cross-platform XGL/AMDVLK driver code have pushed out another batch of changes for benefiting their official AMD Vulkan Linux driver.

    The first noted change is "enhance GFX9 support", in other words, the Vega GPU support should be in better shape but they didn't provide any specifics. This is good news considering my latest AMDVLK vs. RADV Vulkan driver testing from this weekend still showed several areas where the AMDVLK driver was lagging behind RADV in Radeon RX Vega 64 performance or even not working for some games.

Linux: CI Testing, seL4, Meltdown and Spectre Mitigations, and More LWN Coverage (Now Outside Paywall)

Filed under
Linux
  • Initial Icelake Support Heading To Linux 4.17, Many Bug Fixes Thanks To CI Testing
  • Mixed-criticality support in seL4

    Linux tries to be useful for a wide variety of use cases, but there are some situations where it may not be appropriate; safety-critical deployments with tight timing constraints would be near the top of the list for many people. On the other hand, systems that can run safety-critical code in a provably correct manner tend to be restricted in functionality and often have to be dedicated to a single task. In a linux.conf.au 2018 talk, Gernot Heiser presented work that is being done with the seL4 microkernel system to safely support complex systems in a provably safe manner.

    The world contains an increasing number of "cyberphysical systems" implementing various types of safety-critical functionality. Fly-by-wire systems for aircraft and factory automation systems are a couple of examples. These systems are subject to an expensive safety-assurance process with costs that scale linearly (at least) with each line of code. When one considers that an Airbus A380 jetliner contains around 120 million lines of code, one can understand that developing that code can be a costly business.

  • Meltdown and Spectre mitigations — a February update

    The initial panic over the Meltdown and Spectre processor vulnerabilities has faded, and work on mitigations in the kernel has slowed since our mid-January report. That work has not stopped, though. Fully equipping the kernel to protect systems from these vulnerabilities is a task that may well require years. Read on for an update on the current status of that work.

  • 4.16 Merge window part 1

    As of this writing, just over 6,700 non-merge changesets have been pulled into the mainline repository for the 4.16 development cycle. Given that there are a number of significant trees yet to be pulled, the early indications are that 4.16 will be yet another busy development cycle. What follows is a summary of the significant changes merged in the first half of this merge window.

Mozilla News: Performance, Marnie Pasciuto-Wood, Tracking Protection, CSS Grid, Firefox 59 Beta 10 Testday Today

Filed under
Moz/FF
  • Firefox Performance Update #1

    In an attempt to fill the shoes of Ehsan’s excellent Quantum Flow Newsletters1, I’ve started to keep track of interesting performance bugs that have been tackled over the past little while.

    I don’t expect I’ll be able to put together such excellent essays on performance issues in Firefox, but I can certainly try to help to raise the profile of folks helping to make Firefox faster.

  • Welcome Marnie to the Test Pilot Team!

    Late last year, the Test Pilot team welcomed a new engineering program manager, Marnie Pasciuto-Wood. In this post, Marnie talks about what it’s been like joining Mozilla and what keeps her busy and inspired outside of work.

  • A Perspective: Firefox Quantum’s Tracking Protection Gives Users The Right To Be Curious

    In the physical world, we don’t wear our ID on our foreheads. This is convenient because we can walk around with a reasonable expectation of privacy and let our curiosity take us to interesting places. That shoe store you sauntered into because they had a pair that caught your eye has no idea who you are, where you live, or anything about you. More importantly, any attempt by that shoe store to have an employee follow you around would not only be impractical, but would be met with some serious side-eye from potential customers.

  • CSS Grid for UI Layouts

    CSS Grid is a great layout tool for content-driven websites that include long passages of text, and it has tremendous value for a variety of traditional UI layouts as well. In this article I’ll show you how to use CSS Grid to improve application layouts that need to respond and adapt to user interactions and changing conditions, and always have your panels scroll properly.

  • Firefox 59 Beta 10 Testday, February 16th

    We are happy to let you know that Friday, February 16th, we are organizing Firefox 59 Beta 10 Testday. We’ll be focusing our testing on Find Toolbar and Search Suggestions.

AMD Ryzen 3 2200G + Ryzen 5 2400G Linux CPU Performance, 21-Way Intel/AMD Comparison

Filed under
Graphics/Benchmarks

Yesterday I posted some initial Linux benchmarks of the Ryzen 5 2400G Raven Ridge APU when looking at the Vega 11 graphics, but for those curious about the CPU performance potential of the Ryzen 5 2400G and its ~$100 Ryzen 3 2200G sibling, here are our first CPU benchmarks of these long-awaited AMD APUs. These two current Raven Ridge desktop APUs are compared to a total of 21 different Intel and AMD processors dating back to older Kaveri APUs and FX CPUs and Ivy Bridge on the Intel side.

Read more

Also: Phoronix Test Suite 7.8 Officially Released For Open-Source, Cross-OS Benchmarking

Jupyter and Junior Developers

Filed under
Development
  • Jupyter: notebooks for education and collaboration

    The popular interpreted language Python shares a mode of interaction with many other languages, from Lisp to APL to Julia: the REPL (read-eval-print-loop) allows the user to experiment with and explore their code, while maintaining a workspace of global variables and functions. This is in contrast with languages such as Fortran and C, which must be compiled and run as complete programs (a mode of operation available to the REPL-enabled languages as well). But using a REPL is a solitary task; one can write a program to share based on their explorations, but the REPL session itself not easily shareable. So REPLs have gotten more sophisticated over time, evolving into shareable notebooks, such as what IPython, and its more recent descendant, Jupyter, have. Here we look at Jupyter: its history, notebooks, and how it enables better collaboration in languages well beyond its Python roots.

  • Who Killed The Junior Developer?

    I’m not sure what the industry-wide solution is. I’m not sure whether companies that lack junior devs are unbalanced or smart. The reality is that most software developers don’t stay one place very long, so maybe it doesn’t make sense to invest a lot in training someone? Or maybe the industry should ask itself why people keep hopping jobs? Maybe it’s because a lot of them suck, or for a lot of us it’s the only way to advance our salary. I can either wait for a stupid, meaningless yearly “performance review” to bump me up 1% or take my resume and interview elsewhere and get 10% or more.

    It’s not just a sign that an individual company is broken, it’s a sign the entire industry is broken.

Syndicate content

More in Tux Machines

GNOME and Fedora

  • RFC: Integrating rsvg-rs into librsvg
    I have started an RFC to integrate rsvg-rs into librsvg. rsvg-rs is the Rust binding to librsvg. Like the gtk-rs bindings, it gets generated from a pre-built GIR file.
  • 1+ year of Fedora and GNOME hardware enablement
    A year and a couple of months ago, Christian Schaller asked me to pivot a little bit from working full time on Fleet Commander to manage a new team we were building to work on client hardware enablement for Fedora and GNOME with an emphasis on upstream. The idea was to fill the gap in the organization where nobody really owned the problem of bringing up new client hardware features vertically across the stack (from shell down to the kernel), or rather, ensure Fedora and GNOME both work great on modern laptops. Part of that deal was to take over the bootloader and start working closer to customers and hardware manufacturing parnters.
  • Fedora Atomic Workstation: Works on the beach
    My trip is getting really close, so I decided to upgrade my system to rawhide. Wait, what ? That is usually what everybody would tell you not to do. Rawhide has this reputation for frequent breakage, and who knows if my apps will work any given day. Not something you want to deal with while traveling.
  • 4 cool new projects to try in COPR for February

Why You Shouldn’t Use Firefox Forks (and Proprietary Opera)

  • Why You Shouldn’t Use Firefox Forks Like Waterfox, Pale Moon, or Basilisk
    Mozilla Firefox is an open source project, so anyone can take its code, modify it, and release a new browser. That’s what Waterfox, Pale Moon, and Basilisk are—alternative browsers based on the Firefox code. But we recommend against using any of them.
  • Opera Says Its Next Opera Release Will Have the Fastest Ad Blocker on the Block
    Opera Software promoted today its upcoming Opera 52 web browser to the beta channel claiming that it has the faster ad blocker on the market compared to previous Opera release and Google Chrome. One of the key highlights of the Opera 52 release will be the improved performance of the built-in ad blocker as Opera claims to have enhanced the string matching algorithm of the ad blocker to make it open web pages that contain ads much faster than before, and, apparently than other web browsers, such as Chrome.

Graphics: Glxinfo, ANV, SPIR-V

  • Glxinfo Gets Updated With OpenGL 4.6 Support, More vRAM Reporting
    The glxinfo utility is handy for Linux users in checking on their OpenGL driver in use by their system and related information. But it's not often that glxinfo itself gets updated, except that changed today with the release of mesa-demos-8.4.0 as the package providing this information utility. Mesa-demos is the collection of glxinfo, eglinfo, glxgears, and utilities related to Mesa. With the Mesa-demos 8.4.0 it is predominantly glxinfo updates.
  • Intel ANV Getting VK_KHR_16bit_storage Support Wrapped Up
    Igalia's Jose Maria Casanova Crespo sent out a set of patches today for fixes that allow for the enabling of the VK_KHR_16bit_storage extension within Intel's ANV Vulkan driver. The patches are here for those interested in 16-bit storage support in Vulkan. This flips on the features for storageBuffer16BitAccess, uniformAndStorageBuffer16BitAccess, storagePushConstant16 and the VK_KHR_16bit_storage extension. This support is present for Intel "Gen 8" Broadwell graphics and newer. Hopefully the work will be landing in Mesa Git soon.
  • SPIR-V Support For Gallium3D's Clover Is Closer To Reality
    It's been a busy past week for open-source GPU compute with Intel opening up their new NEO OpenCL stack, Karol Herbst at Red Hat posting the latest on Nouveau NIR support for SPIR-V compute, and now longtime Nouveau contributor Pierre Moreau has presented his latest for SPIR-V Clover support. Pierre has been spending about the past year adding SPIR-V support to Gallium3D's "Clover" OpenCL state tracker. SPIR-V, of course, is the intermediate representation used now by OpenCL and Vulkan.

Security: Updates, Tinder, FUD and KPTI Meltdown Mitigation

  • Security updates for Friday
  • Tinder vulnerability let hackers [sic] take over accounts with just a phone number

    The attack worked by exploiting two separate vulnerabilities: one in Tinder and another in Facebook’s Account Kit system, which Tinder uses to manage logins. The Account Kit vulnerability exposed users’ access tokens (also called an “aks” token), making them accessible through a simple API request with an associated phone number.

  • PSA: Improperly Secured Linux Servers Targeted with Chaos Backdoor [Ed: Drama queen once again (second time in a week almost) compares compromised GNU/Linux boxes to "back doors"]
    Hackers are using SSH brute-force attacks to take over Linux systems secured with weak passwords and are deploying a backdoor named Chaos. Attacks with this malware have been spotted since June, last year. They have been recently documented and broken down in a GoSecure report.
  • Another Potential Performance Optimization For KPTI Meltdown Mitigation
    Now that the dust is beginning to settle around the Meltdown and Spectre mitigation techniques on the major operating systems, in the weeks and months ahead we are likely to see more performance optimizations come to help offset the performance penalties incurred by mitigations like kernel page table isolation (KPTI) and Retpolines. This week a new patch series was published that may help with KPTI performance.