Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 21 Jan 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story today's howtos Roy Schestowitz 17/01/2018 - 3:56am
Story Linux Microsoft Office Alternatives Roy Schestowitz 17/01/2018 - 3:51am
Story Security: Updates, WordPress, Hardware Patches, and Open Source Security Podcast Roy Schestowitz 17/01/2018 - 3:25am
Story GNOME Devs to Users: Desktop Icons Are Moving to GNOME Shell with GNOME 3.28 Roy Schestowitz 17/01/2018 - 3:24am
Story Red Hat News and Posts Roy Schestowitz 17/01/2018 - 3:17am
Story Yocto-on-i.MX6UL gateway serves up I2C and SPI on a DB9 port Roy Schestowitz 17/01/2018 - 3:15am
Story Fedora Elections Roy Schestowitz 17/01/2018 - 3:00am
Story Linux Foundation and Verizon Roy Schestowitz 17/01/2018 - 2:01am
Story Android Leftovers Rianne Schestowitz 16/01/2018 - 8:52pm
Story KDE Plasma's Discover Package Manager Gets Better Snap and Flatpak Support Rianne Schestowitz 16/01/2018 - 8:48pm

Security: Meltdown, Spectre, Apple, CoffeeMiner, EMC, VMware and More

Filed under
Security
  • NSA Didn't Know of Meltdown, Spectre, Trump Cyber Czar Says

    The National Security Agency didn't know about the Meltdown or Spectre flaws, White House cybersecurity coordinator Rob Joyce said at the International Conference on Cyber Security at Fordham University Law School here today (Jan. 11).

  • spectre and the end of langsec

    Like many I was profoundly saddened by this analysis. I want to believe in constructive correctness, in math and in proofs. And so with the rise of functional programming, I thought that this historical slide from reason towards observation was just that, historical, and that the "safe" languages had a compelling value that would be evident eventually: that "another world is possible".

    In particular I found solace in "langsec", an approach to assessing and ensuring system security in terms of constructively correct programs. One obvious application is parsing of untrusted input, and indeed the langsec.org website appears to emphasize this domain as one in which a programming languages approach can be fruitful. It is, after all, a truth universally acknowledged, that a program with good use of data types, will be free from many common bugs. So far so good, and so far so successful.

    The basis of language security is starting from a programming language with a well-defined, easy-to-understand semantics. From there you can prove (formally or informally) interesting security properties about particular programs. For example, if a program has a secret k, but some untrusted subcomponent C of it should not have access to k, one can prove if k can or cannot leak to C. This approach is taken, for example, by Google's Caja compiler to isolate components from each other, even when they run in the context of the same web page.

    But the Spectre and Meltdown attacks have seriously set back this endeavor. One manifestation of the Spectre vulnerability is that code running in a process can now read the entirety of its address space, bypassing invariants of the language in which it is written, even if it is written in a "safe" language. This is currently being used by JavaScript programs to exfiltrate passwords from a browser's password manager, or bitcoin wallets.

  • Is Apple Even Paying Attention To macOS Security Anymore?

    A new Mac security flaw lets you type literally any username and password in order to unlock the Mac App Store panel in System Preferences. It’s probably not a big deal practically speaking—the panel is unlocked by default—but the fact that this issue exists at all is a worrying reminder that Apple isn’t prioritizing security like they used to.

  • Ubuntu Linux Unbootable After Users Install Meltdown And Spectre Patches
  • Ubuntu Update For Meltdown And Spectre Chip Flaws Leaves Some PCs Unbootable

    Sometimes the cure is worse than the disease. Just ask the affected users of older AMD systems who had their PCs bricked after downloading and installing a Windows update that was supposed to protect them from Meltdown and Spectre. It is not just Windows users who are suffering, either. Some Ubuntu Xenial 16.04 users also report that the latest update for their OS has rendered their system unable to boot.

  • How CoffeeMiner Attack Hacks Public Wi-Fi And Uses Your PC For Mining Cryptocurrency

    After a series of ransomware attacks capturing the headlines past year, crypto mining malware and cryptojacking attacks came into the play. Just last month, a Starbucks customer found that the infected Wi-Fi hotspot was trying to mine Monero digital coins. It was a new kind of threat associated with using public hotspots, which are often labeled unsafe and users are advised to use VPN services for extra privacy.

  • Prosecutors say Mac spyware stole millions of user images over 13 years

    An indictment filed Wednesday in federal court in Ohio may answer some of those questions. It alleges Fruitfly was the creation of an Ohio man who used it for more than 13 years to steal millions of images from infected computers as he took detailed notes of what he observed.

  • EMC, VMware security bugs throw gasoline on cloud security fire

    While everyone was screaming about Meltdown and Spectre, another urgent security fix was already in progress for many corporate data centers and cloud providers who use products from Dell's EMC and VMware units. A trio of critical, newly reported vulnerabilities in EMC and VMware backup and recovery tools—EMC Avamar, EMC NetWorker, EMC Integrated Data Protection Appliance, and vSphere Data Protection—could allow an attacker to gain root access to the systems or to specific files, or inject malicious files into the server's file system. These problems can only be fixed with upgrades. While the EMC vulnerabilities were announced late last year, VMware only became aware of its vulnerability last week.

  • Malware based on open source Kotlin language discovered lurking in Google Play [Ed: This has nothing to do with "open source". They don't say "proprietary" when the framework is.]

    Basically, it's pretty typical of the malware that crops up in dodgy apps that have wormed their way past the digital bouncers on the Play Store.

  • How to increase Linux security by disabling USB support

    This may sound like a crazy way of enhancing security on a server, but if you can get away with it—as in you don't need any USB devices such as keyboards, mice, external drives—disabling USB support can be an added means of ensuring malicious files do not find their way onto your servers. Obviously, this will only work for headless machines, so you better make certain you can SSH into those servers, otherwise, you'll find yourself in trouble trying to input anything via keyboard or mouse.

OPNsense® 18.1 Release Candidate 1

Filed under
Security
BSD

For more than 3 years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.

We humbly present to you the sum of another major iteration of the OPNsense firewall. Over the second half of 2017 well over 500 changes have made it into this first release candidate. Most notably, the firewall NAT rules have been reworked to be more flexible and usable via plugins, which is going to pave the way for subsequent API works on the core firewall functionality. For more details please find the attached list of changes below.

Meltdown and Spectre patches are currently being worked on in FreeBSD[1], but there is no reliable timeline. We will keep you up to date through the usual channels as more news become available. Hang in there!

Read more

KDE: KStars, Nextcloud Talk, Akademy, Krita, Qt, Kdenlive

Filed under
KDE
  • KStars 2.9.1 is off to a fantastic start in 2018!

    We're kicking off 2018 with a new fantastic release of KStars for Windows & MacOS. Linux users should wait a few more days to get the release in the official PPA due to Canonical's Launchpad downtime because of the Meltdown and Spectre CPU vulnerabilities discovered recently.

    KStars 2.9.1 aka "Lancaster" release is primarily a bugfix release, but it brings with it as well several new features and improvements to existing technologies.

  • Nextcloud Talk is here

    Today is a big day. The Nextcloud community is launching a new product and solution called Nextcloud Talk. It’s a full audio/video/chat communication solution which is self hosted, open source and super easy to use and run. This is the result of over 1.5 years of planing and development.

    For a long time it was clear to me that the next step for a file sync and share solution like Nextcloud is to have communication and collaboration features build into the same platform. You want to have a group chat with the people you have a group file share with. You want to have a video call with the people while you are collaborative editing a document. You want to call a person directly from within Nextcloud to collaborate and discuss a shared file, a calendar invite, an email or anything else. And you want to do this using the same login, the same contacts and the same server infrastructure and webinterface.

  • Akademy 2018 Call for Participation

    Akademy is the KDE Community conference. The 2018 edition is from Saturday 11th to Friday 17th August in Vienna, Austria. If you are working on topics relevant to KDE or Qt, this is your chance to present your work and ideas at the Conference. The days for talks are Saturday and Sunday, 11th and 12th. The rest of the week will be BoFs, unconference sessions and workshops.

  • Krita 4.0 Beta 1

    We’ve officially gone into String Freeze mode now! That’s developer speak for “No New Features, Honest”. Everything that’s going into Krita 4.0 now is in, and the only thing left to do is fixing bugs and refining stuff.

    Given how much has changed between Krita 3 and Krita 4, that’s an important part of the job! Let us here repeat a very serious warning.

  • Qt 3D Studio Remote Deployment on Android Devices
  • New in Qt 5.10: QThread::create
  • Kdenlive cafés #25 and #26 – Everybody is invited

KPTI + Retpoline Linux Benchmarking On Old Laptops

Filed under
Graphics/Benchmarks

Over the past week and a half of running many benchmarks looking at the performance impact of the Linux KPTI and Retpoline patches for Spectre and Meltdown mitigation, one of the most common test requests is some thorough benchmarks on older systems. Why that's important is with older (pre-Westmere) CPUs there isn't PCID (Process Context Identifier) support that's used by KPTI, which helps offset some of the performance loss. So for some test results to share today are two old ThinkPads from the Clarksfield and Penryn days compared to a newer Broadwell ThinkPad in looking at the performance difference.

Read more

Multimedia Apps for the Linux Console

Filed under
Linux

When last we met, we learned that the Linux console supports multimedia. Yes, really! You can enjoy music, movies, photos, and even read PDF files without being in an X session with MPlayer, fbi, and fbgs. And, as a bonus, you can enjoy a Matrix-style screensaver for the console, CMatrix.

You will probably have make some tweaks to your system to make this work. The examples used here are for Ubuntu Linux 16.04.

Read more

A Look at Ubuntu Unity Remix

Filed under
Reviews
Ubuntu
  • Ubuntu Unity Remix Day 1: 27-Dec ISO

    Ubuntu Unity Remix 18.04 is already functional even though it's still very new. For you who don't know, Unity Remix is a new Ubuntu distro with Unity 7 desktop created after the official Ubuntu switched to GNOME 3. Unity Remix is based on the effort of Unity 7 Continuation Project by Khurshid Alam and Dale Beaudoin, and it calls for developers & testers right now. Today I, an Ubuntu user who likes Unity Desktop, start a series of article about my days in personal testing Ubuntu Unity Remix. This 'Day 1' covers a short overview about the latest ISO from 27-Dec-2017. This series is (again) inspired by Didier Roche's series at early Artful days. Enjoy!

  • Ubuntu Unity Remix Day 2: Nemo & Caja

    Do you like Nemo and Caja file managers? Good news for you, you can use them at Ubuntu Unity Remix now. More good news is there are 2 ISOs available (for testing purpose) for both Unity Remix Nemo and Unity Remix Caja editions! Having these two is like continuing the 17.04 but with the feels of Linux Mint 'MATE' and 'Cinnamon' editions. For you who don't know, you will find Nemo or Caja even more useful than Nautilus, because you'll have more features you cannot find at (like normal menu bar, F3, and status bar). This 'Day 2' covers simple overview about both file managers at Ubuntu Unity Remix 18.04. Enjoy!

GeckoLinux: A Polished Distro Just Got Smoother

Filed under
Linux
Reviews

I was disappointed in GeckoLinux in only one situation. The practice of including a password for the live session demo mode was a new feature promised in this release. The product description hawks the convenience of not having to enter passwords for the live session user account.

Yet the brief documentation for the ISO download mentions the user password for the live session as "linux." I was hoping that the developer merely forgot to update the download information.

Alas, the new version still needs a password. Oh well, maybe the next release.

Otherwise, GeckoLinux 423 is a worthy release that provides improvements over the standard openSuse mindset.

Read more

Games: Opus Magnum, Killing Floor 2, Where The Water Tastes Like Wine

Filed under
Gaming
  • Opus Magnum is an exceptional puzzle game available for Linux

    I decided to bite the bullet and actually pick up a personal copy of Opus Magnum [Steam, Humble Store], I’m glad I did and it's fantastic.

    At first, it’s a little bit like there’s a tiny man inside your brain just shouting “AHH!” as there’s quite a lot to take in, but once you push through the initial brain overload it’s a brilliant experience. I wouldn’t say I was generally a huge puzzle game fan, but Opus Magnum absolutely fascinates me in ways I didn’t think possible.

  • Killing Floor 2 for Linux is 'indefinitely on hold' as they can't find a developer

    Sad news, as it seems there's just no chance of Killing Floor 2 coming to Linux any more as Tripwire can't find a developer.

    Going back to February of last year, Knockout Games sneaked out before that they were working on it, but not all contracts work out of course. I assumed they had parted ways, since later in August of last year Tripwire then said it wasn't in active development. I was hoping Knockout Games (or anyone) was just quietly working on it, but I guess not.

  • Where The Water Tastes Like Wine has a new trailer, musician Sting to star in it

    Where The Water Tastes Like Wine [Steam, Official Site] is an upcoming adventure game from Dim Bulb Games and Serenity Forge has a new trailer to show off some characters, the fun news is that the musician Sting is starring in it.

    Gordon Matthew Thomas Sumner, better know by his stage name of Sting is starring is this new adventure game along side some great actors like: Dave Fennoy (The Walking Dead: A Telltale Games Series), Cissy Jones (Firewatch), Kimberly Brooks (Mass Effect) and many more.

A Science Project: “Make The 486 Great Again!” – Modern Linux In An Ancient PC

Filed under
GNU
Linux

I asked the above quiz question during the Geekcamp tech conference in Nov 2017 during my emcee role. The theoretical answer as you can glean from the title of this post is the 486 which was first released in 1989. I determined that fact from this article where support for the 386 was dropped in Dec 2012.

Read more

FUD Firms Versus Free Software (Licensing, Security, Gender)

Filed under
OSS

What Linux storage benchmarking tools are best?

Filed under
Graphics/Benchmarks

The Linux hdparm tool enables administrators to establish a basic, low-level measure of disk performance. Using hdparm with the -t option takes advantage of the Linux disk cache, while the -t option also accesses the disk through the cache, but doesn't pre-cache the results. Low-level Linux storage benchmarking tools such as hdparm are very sensitive to file systems and other higher level constructs, however, so results can vary dramatically.

Admins often use the Linux dd -- data duplicator -- command for tasks such as backup and copy, but its interaction with storage can also enable sequential throughput for storage performance.

Flexible I/O Tester (FIO) is perhaps the most versatile and popular tool for benchmarking hard disk drive and solid-state drive devices. It enables administrators to run sequential read/write tests with varied I/O block sizes and queue depths.

Read more

Ubuntu 17.04 EoL and Patches

Filed under
Security
Ubuntu

Security: Meltdown and Spectre, Apple and More

Filed under
Security
  • Meltdown and Spectre Linux Kernel Status

    By now, everyone knows that something “big” just got announced regarding computer security. Heck, when the Daily Mail does a report on it , you know something is bad…

    Anyway, I’m not going to go into the details about the problems being reported, other than to point you at the wonderfully written Project Zero paper on the issues involved here. They should just give out the 2018 Pwnie award right now, it’s that amazingly good.

  • Linux Kernels 4.14.13, 4.9.76, and 4.4.111 Bring More Security Fixes, Update Now

    As promised, Linux kernel maintainer Greg Kroah-Hartman released today new versions of the Linux 4.14, 4.9, and 4.4 kernel series to address some of the regressions from previous builds and fix more bugs.

    Linux kernels 4.14.13, 4.9.76 LTS, and 4.4.111 LTS are now available for download from kernel.org, and they include more fixes against the Spectre security vulnerability, as well as some regressions from the Linux 4.14.12, 4.9.75 LTS, and 4.4.110 LTS kernels released last week, as some reported minor issues.

  • Red Hat Researchers: Spectre Chip Vulnerability Likely Worse For VMs Than Containers
  • Watching the meltdown.

    I have been watching Meltdown and Spectre unfold from the sidelines. Other than applying available updates, I'm just watching and absorbing the process of the disclosure. This one appears mid way along a long road.

    I teach mostly administrators. I teach some developers. I teach those in, or desiring to be in, infosec. I like teaching security topics. I think securing systems requires more people thinking about security from the beginning of design and as an everyday, no big deal part of life. A question I ask with these newsworthy issues is what normal practices can mitigate even part of the problems?  There are two big basics - least privilege and patch management - to always keep in mind. Issues like ShellShock and Venom were mostly mitigated from the beginning with SElinux enabled (least privilege) and WannaCry had little impact on those systems patched long ago when the SMB bug was first found and fixed.

    However, in some cases, both exploits and accidents come from doing something that no one else thought of trying. This is why I like open source. There is the option (not always used) for more people trying different things and finding better uses as well as potential flaws. Any type of cooperation and collaboration can be the source of some of these findings including pull requests, conference talks, or corporations working with academic research projects.

  • macOS High Sierra's App Store System Preferences Can Be Unlocked With Any Password

    A bug report submitted on Open Radar this week reveals a security vulnerability in the current version of macOS High Sierra that allows the App Store menu in System Preferences to be unlocked with any password.

  • Open Source Security Podcast: Episode 77 - npm and the supply chain

    Josh and Kurt talk about the recent npm happenings. What it means for the supply chain, and we end with some thoughts on how maybe none of this matters.

City of Barcelona Kicks Out Microsoft in Favor of Linux and Open Source

Filed under
News

Barcelona city administration has prepared the roadmap to migrate its existing system from Microsoft and proprietary software to Linux and Open Source software.
Read more

NVIDIA GeForce vs. AMD Radeon Linux Gaming Performance At The Start Of 2018

Filed under
Graphics/Benchmarks
Gaming

Here is a fresh look at the NVIDIA GeForce and AMD Radeon Linux graphics card performance as we start 2018. Testing was done using the latest Linux 4.15 Git kernel -- including the KPTI page table isolation support -- as well as using the newest Mesa 17.4-dev driver code for RadeonSI/RADV and on the NVIDIA side is their brand new 390.12 beta driver.

Read more

today's leftovers

Filed under
Misc
  • Automotive Grade Linux Hits the Road Globally with Toyota; Amazon Alexa Joins AGL to Support Voice Recognition

    Automotive Grade Linux (AGL), a collaborative cross-industry effort developing an open platform for the connected car, today announced that AGL is now in Toyota vehicles around the world. AGL also announced five new members, including Amazon Alexa, which joined as a Silver member.

    "Having AGL in vehicles on the road globally is a significant milestone for both AGL and the automotive open source community," said Dan Cauchy, Executive Director of Automotive Grade Linux at The Linux Foundation. "Toyota has been a strong proponent of open source for years, and we believe their adoption of an AGL-based infotainment system has set a precedent that other automakers will follow."

  • Intel Posts Initial Open-Source Graphics Driver Patches For Icelake "Gen 11" Hardware

    While Intel Cannonlake processors aren't out yet with their new "Gen 10" graphics hardware, Intel's Open-Source Technology Center has published their first graphics driver patches for Linux enablement of Icelake "Gen 11" hardware.

    Cannonlake CPUs will be shipping this year while Icelake is at least a year out, which will feature further improvements to the Intel onboard graphics. Intel OTC developers had posted their first GPU Linux driver patches last April for Cannonlake in order to get the support reviewed and upstream well ahead of the hardware launch.

  • Best free open source alternatives to Windows 10: What's the best open source OS?

    There will most likely be a learning curve involved with picking up an open source OS, but the community, customisation and cost (free) should definitely be enough to draw you in.

  • What is your favorite desktop Linux distribution?

    There are all sorts of reasons people take their pick. It could be based on familiarity, on the UI, on performance, on package availability, on stability, on support, or thousands of other factors. Every year, just once, we let you chime in and tell us your favorite.

    This year, in an effort to keep the conversation a little more focused, we're asking specifically, what's your favorite desktop distribution? And we're adding a few more choices this year. To be as fair as possible when it's impossible to list every distribution, we pulled the top 15 distributions according to DistroWatch over the past 12 months. It's not scientific—but it's something to start with, and we had to cull it down somehow.

  •  

  • MAMA Cross Spotted in Red Hat Inc (RHT) Shares
  • A small 2017 retrospective

    In the ARM space there was quite a lot of achievements. The big one being the initial support of aarch64 SBCs (finally!), I was very proud of the work we achieved here, it’s a single install path with uEFI/grub2 and a single install path. More work in the short term, by a team of cross team distro people, which took us a lot longer than I’d hoped, but the outcome is a lot better experience for end users and a much more supportable platform for those that need to support it moving forward! It was no means our only achievement with a lot of other ARM improvements including on the Raspberry Pi, accelerated GPUs, initial support for the 96boards platforms. Three is of coarse already LOTS of work in motion for the ARM architectures in 2018 and I’m sure it’ll be as fun and insanely busy as always but I feel we’re now going into it with a good base for the aarch64 SBCs which will rapidly expand in the devices we support moving forward!

  • Razer’s Project Linda Turns Your Phone Into A Breathtaking Laptop

    Project Linda is basically a dock that lets you seamlessly dock your Android-powered Razer Phone at the place where the touchpad usually resides (see picture below). Once you connect the phone, the 5.7-inch display becomes a touchpad; it can alternatively be used as a second screen. With the press of a button, a USB-C port inserts inside the phone.

  • Most popular Tizen Apps / Games downloaded in 2017

    In a past life (a couple of weeks ago), we used to report on the previous months Tizen apps that had been downloaded from the Tizen Apps Store. Now, we have a list of the Top 20 Tizen Apps / Games for the whole of 2017. This will be our last round-up of the Tizen Store and I’m doing this more out of nostalgia than anything else.

  • 8 Best Free Android Music Players | 2018 Edition

    Android smartphones come with a default music player for audio playback. So, why should you look for an alternate music player? Because the default player might not be feature-rich, it might not provide you with a satisfactory equalizer or its user interface might not be convenient. For instance, most devices nowadays come with Google Play Music as the default music player. It is simple and does the job, but lacks features like folder view in the library, the ability to edit tags for files and many other necessary tools.

  •  

Syndicate content

More in Tux Machines

Today in Techrights

Android Leftovers

Our Favourite Apps for Ubuntu

We enjoy using Ubuntu mainly for gaming, writing, listening to music and browsing the web. (Lots and lots of browsing the web.) There are other apps that we would love to have on Ubuntu like Affinity Photo, a stunning image editor that’s on par with Adobe’s Photoshop that’s available on Windows and Mac as well as Bear, a beautifully designed note taking app that we do most of our writing on that’s only available for macOS. However, the Ubuntu platform has moved forward in leaps and bounds in recent years when it comes to the official availability of popular apps and we are confident that this trend will continue. What’s your favourite Ubuntu apps? Read more

Kernel Space: Plans for Linux 4.16, 4.15 Likely Out Shortly