Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 17 Oct 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story What's New Going To Be In Fedora 27 Mohd Sohail 12/10/2017 - 6:40pm
Story Open source sets sights on killing WhatsApp and Slack Rianne Schestowitz 12/10/2017 - 5:45pm
Story 10 open source alternatives to Minecraft Rianne Schestowitz 12/10/2017 - 5:38pm
Story Olimex ships open spec Linux laptop and tips new COM format Rianne Schestowitz 12/10/2017 - 5:28pm
Story Servers: Containers, Buzzwords, and Debian Roy Schestowitz 12/10/2017 - 4:25pm
Story Software: XikiHub, qTox, Dash to Panel, Slack Alternatives Roy Schestowitz 12/10/2017 - 4:24pm
Story Kernel and Graphics: LTS, NVIDIA, Mir 0.28, RADV Roy Schestowitz 12/10/2017 - 4:22pm
Story today's howtos Roy Schestowitz 12/10/2017 - 4:17pm
Story KDE/Qt: Cutelyst 1.9.0, Qt 5.10 Beta in KDE neon, Qt Creator 4.5 Beta Roy Schestowitz 12/10/2017 - 4:17pm
Story GNOME/GTK: GNOME 3.28, GTK+ 3, GNOME Photos, GNOME.Asia 2017 and Fractional Scaling Roy Schestowitz 12/10/2017 - 4:15pm

Kernel: Ubuntu, FSPERF, SLIMbus

Filed under
Linux
  • A New Ubuntu Kernel Build With The Very Latest AMDGPU DC Patches For 4.15

    This week the latest AMDGPU DC patches were queued up ahead of Linux 4.15. As covered in that article, those several dozen patches mostly further clean-up this major AMDGPU display code rework and trim it up by a few thousand lines of code. For those wishing to test out this new display stack, here is a fresh Ubutu/Debian x86_64 kernel build.

  • Facebook Developers Working On FSPERF For Better Linux File-System/Block Testing

    Josef Bacik of Facebook's file-system/storage team has announced fsperf as a new testing framework around the Linux file-system/block storage code.

    With every Linux file-system developer seeming to construct his own scripts and to test their file-system/block kernel code in a different manner, Josef is hoping fsperf can unify some of the processes by these Linux kernel developers.

  • SLIMbus Framework Revised For The Linux Kernel

    Linaro developers have restored work on the SLIMbus patches for the Linux kernel, which have long been dormant.

    SLIMbus is the Serial Low-power Inter-chip Media Bus, which is a standard from the MIPI alliance to allow multiple digital audio components to communicate simultaneously and carry multiple audio streams of differing sample rates and bit widths.

Updated Debian 9: 9.2 released

Filed under
Debian

The Debian project is pleased to announce the second update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.

New installation images will be available soon at the regular locations.

Read more

Also: Debian 9.2 Released

Security: FireEye, Disqus, EFF on Apple

Filed under
Security
  • FireEye Warns of Expanding FormBook Malware Attacks

    "Because of the affiliate model (or Malware-as-a-Service) set up and its open availability on the web, it is difficult to determine the attack origins, and could be attributed to anyone who has subscribed to the service," Randi Eitzman, FireEye Analyst, told eSecurityPlanet.

    FormBook is being distributed via different document formats, including PDF, DOC and archive files that have some form of download link, macro or executable payload.

  • Disqus hacked [sic] : More than 17.5 million users' details stolen by hackers in 2012 data breach

    About a third of the compromised accounts contained passwords that were salted and hashed using the weak SHA-1 algorithm. Disqus said the exposed user data dates back to 2007 with the most recent data exposed from July 2012.

  • iOS 11’s Misleading “Off-ish” Setting for Bluetooth and Wi-Fi is Bad for User Security

    Turning off your Bluetooth and Wi-Fi radios when you’re not using them is good security practice (not to mention good for your battery usage). When you consider Bluetooth’s known vulnerabilities, it’s especially important to make sure your Bluetooth and Wi-Fi settings are doing what you want them to. The iPhone’s newest operating system, however, makes it harder for users to control these settings.

    On an iPhone, users might instinctively swipe up to open Control Center and toggle Wi-Fi and Bluetooth off from the quick settings. Each icon switches from blue to gray, leading a user to reasonably believe they have been turned off—in other words, fully disabled. In iOS 10, that was true. However, in iOS 11, the same setting change no longer actually turns Wi-Fi or Bluetooth “off.”

    Instead, what actually happens in iOS 11 when you toggle your quick settings to “off” is that the phone will disconnect from Wi-Fi networks and some devices, but remain on for Apple services. Location Services is still enabled, Apple devices (like Apple Watch and Pencil) stay connected, and services such as Handoff and Instant Hotspot stay on. Apple’s UI fails to even attempt to communicate these exceptions to its users.

Software: Blender, OpenShot, Code Editors

Filed under
Software
  • Blender 2.79 released with new features and improvements

    Blender is a cross-platform community-driven project under the GNU General Public License (GPL) and runs equally well on Linux, Windows and Macintosh computers. Its interface uses OpenGL to provide a consistent experience. It provides a broad spectrum of modeling, texturing, lighting, animation and video post-processing functionality in one package. Through its open architecture, Blender provides cross-platform interoperability, extensibility, an incredibly small footprint, and a tightly integrated workflow. Blender is one of the most popular Open Source 3D graphics applications in the world. It supports the entirety of the 3D pipeline—modeling, rigging, animation, simulation, rendering, compositing and motion tracking, even video editing and game creation.

  • OpenShot – An Award Winning Open Source Video Editor

    We have posted a couple of video editors for Linux before including FlowBlade, LosslessCut, and Lightworks. Today, I introduce to you a video editor that has been very useful to the open source video community it needs no introduction – the reputable OpenShot Video Editor.

    OpenShot is an open source and cross-platform powerful video editor that is used for professionally creating and editing videos. It features a host of fantastic video editing tools including 3D animations, time & keyframes, audio effects, trimming & slicing, etc. It features a simple and uncluttered User Interface that is quick to learn, customize, and to use.

  • 4 Best Modern Open Source Code Editors For Linux

    If you ask the old school Linux users, their answer would be Vi, Vim, Emacs, Nano etc. But I am not talking about them. I am going to talk about new age, cutting edge, great looking, sleek and yet powerful, feature-rich best open source code editors for Linux that would enhance your programming experience.

System76 - POP! goes my heart

Filed under
GNU
Linux
Reviews

This was far more interesting than I'd expected. One, there isn't ONE font that works uniformly well across different desktop environments, and frankly, that is a little bit disturbing. Two, Ubuntu still offers the most complete default package. Three, POP! fonts are rather nice and modern, and it seems they work the best in stock Gnome, if you're not already using something like Droid Sans.

It would seem we've chipped another facet of this multi-dimensional monster called Linux Fonts, as it feels just impossible to nail down the simple, elegant formula for maximum ergonomics, productivity and fun. You have to ride the licensing, anti-aliasing and hinting shuttles all at the same time, and they seem to be going in different directions. Ubuntu is way ahead of the rest, and this is why the System76 experiment will be rather intriguing. I want to see how the complete package will behave. You should test and see how you feel about Roboto Slab and Fira. My hunch says, Gnome great, Ubuntu, not so much. But we will see. And of course, we shall be testing the distro, so stay tuned.

Read more

Latest Open Access LWN: Fedora, Linux Kernel, and Graphics

Filed under
Graphics/Benchmarks
Linux
Red Hat
  • Fedora's foundations meet proprietary drivers

    The Fedora project's four "foundations" are named "Freedom", "Friends", "Features", and "First". Among other things, they commit the project to being firmly within the free-software camp ("we believe that advancing software and content freedom is a central goal for the Fedora Project, and that we should accomplish that goal through the use of the software and content we promote") and to providing leading-edge software, including current kernels. Given that the kernel project, too, is focused on free software, it is interesting to see a call within the Fedora community to hold back on kernel updates in order to be able to support a proprietary driver.

    On September 5, Fedora kernel maintainer Laura Abbott announced that the just-released 4.13 kernel would be built for the (in-development) Fedora 27 release, and that it would eventually find its way into the Fedora 25 and 26 releases as well. That is all in line with how Fedora generally operates; new kernels are pushed out to all supported releases in relatively short order. Running current kernels by default is clearly a feature that many Fedora users find useful.

    More recently, though, James Hogarth noted that the NVIDIA proprietary driver did not work with the 4.13 kernel. This kind of breakage is not all that unusual. While the user-space ABI must be preserved, the kernel project defends its right to change internal interfaces at any time. Any problems that out-of-tree code experiences as a result of such changes is deemed to be part of the cost of staying out of the mainline. There is little sympathy for those who have to deal with such issues, and none at all if the out-of-tree code in question is proprietary. Community-oriented projects like Fedora usually take a similar attitude, refusing to slow down for the sake of proprietary code.

  • Notes from the LPC tracing microconference

    The "tracing and BPF" microconference was held on the final day of the 2017 Linux Plumbers Conference; it covered a number of topics relevant to heavy users of kernel and user-space tracing. Read on for a summary of a number of those discussions on topics like BPF introspection, stack traces, kprobes, uprobes, and the Common Trace Format.

    Unfortunately, your editor had to leave the session before it reached its end, so this article does not reflect all of the topics discussed there. For those who are interested, this Etherpad instance contains notes taken by participants at the session.

  • An update on live kernel patching

    In the refereed track at the 2017 Linux Plumbers Conference (LPC), Jiri Kosina gave an update on the status and plans for the live kernel patching feature. It is a feature that has a long history—pre-dating Linux itself—and has had a multi-year path into the kernel. Kosina reviewed that history, while also looking at some of the limitations and missing features for live patching.

    The first question that gets asked about patching a running kernel is "why?", he said. That question gets asked in the comments on LWN articles and elsewhere. The main driver of the feature is the high cost of downtime in data centers. That leads data center operators to plan outages many months in advance to reduce the cost; but in the case of a zero-day vulnerability, that time is not available. Live kernel patching is targeted at making small security fixes as a stopgap measure until the kernel can be updated during a less-hurried, planned outage. It is not meant for replacing the kernel bit by bit over time, but as an emergency measure when the kernel is vulnerable.

  • Safety-critical realtime with Linux

    Doing realtime processing with a general-purpose operating-system like Linux can be a challenge by itself, but safety-critical realtime processing ups the ante considerably. During a session at Open Source Summit North America, Wolfgang Mauerer discussed the difficulties involved in this kind of work and what Linux has to offer.

    Realtime processing, as many have said, is not synonymous with "real fast". It is, instead, focused on deterministic response time and repeatable results. Getting there involves quantifying the worst-case scenario and being prepared to handle it — a 99% success rate is not good enough. The emphasis on worst-case performance is at the core of the difference with performance-oriented processing, which uses caches, lookahead algorithms, pipelines, and more to optimize the average case.

  • A memory allocation API for graphics devices

    At last year's X.Org Developers Conference (XDC), James Jones began the process of coming up with an API for allocating memory so that it is accessible to multiple different graphics devices in a system (e.g. GPUs, hardware compositors, video decoders, display hardware, cameras, etc.). At XDC 2017 in Mountain View, CA, he was back to update attendees on the progress that has been made. He has a prototype in progress, but there is plenty more to do, including working out some of the problems he has encountered along the way.

    Jones has been at NVIDIA for 13 years and has been working on this problem in various forms for most of that time, he said. Allocating buffers and passing them around between multiple drivers is a complicated problem. The allocator will sit in the same place as the Generic Buffer Management (GBM) component is today; it will be used both by applications and by various user-space driver components. The allocator will support both vendor-agnostic (e.g. Android ION) and vendor-specific back-ends, as well as combinations of the two.

KDE: Blade, Plasma, and Ubuntu Rally

Filed under
KDE
  • Blade update - an alternative KRunner

    After David’s post, I got a few mails asking whether this change has anything to do with the project I started last summer, so I decided to provide a small update.

    My original plan was to ship a test version of Blade a few months after the project announcement, but that did not happen. The main reason was that there were some higher-priority things in Plasma I needed to work on, so I had to put this on hold a bit.

    While the project is not yet made public, some important things have happened that moved it forward quite a bit.

  • Plasma secrets: Custom app launchers - WINE, too

    I told you this was a beauty. It elegantly goes against all the accepted conventions of the Plasma desktop, including hidden desktop icons, task manager launchers linking to hidden icons, and Windows software running through WINE playing ball. All of this can be done relatively simply, quickly, easily, without any great messing about. I hope you like.

    One last thing, notice how my screenshots above no longer have any shadow, which is something that both Ksnapshot and Spectacle always do, if you use compositing? Well, that's another secret we will resolve next time!

  • KDE at #UbuntuRally in New York! KDE Applications snaps!

    I was happy to attend Ubuntu Rally last week in New York with Aleix Pol to represent KDE.

IPFire 2.19 - Core Update 114 released

Filed under
GNU
Linux
Security

This is the official release announcement for IPFire 2.19 – Core Update 114. It brings some changes under the hood and modernises the base system. On top of that, minor issues are being fixed and some packages have been updated.

Read more

Linaro, RISC-V Processor, Ryzen and 8 Most Beautiful Linux Distros You Need To Try

Filed under
Misc
  • Linaro & Co Are Working On An ARM 24-Core Desktop / Developer Box

    Slipping under our radar back during the recent Linaro Connect event in San Francisco was word that Linaro, Gigabyte, and Socionext are coming together to produce an interesting microATX-based, 24 x ARM Cortex-A53 desktop / developer box.

  • Linux Now Has its First Open Source RISC-V Processor

    When it released its first open-source system on a chip, the Freeform Everywhere 310, last year, Silicon Valley startup SiFive was aiming to push the RISC-V (“risk five”) architecture to transform the hardware industry in the way that Linux transformed the software industry. Now the company has delivered further on that promise with the release of the U54-MC Coreplex , the first RISC-V-based chip that supports Linux, Unix, and FreeBSD.

  • Ryzen and Linux is a disaster (2017)

    Ryzen 7 series was introduced early March 2017, I bought parts for my Ryzen workstation beginning June 2017 thinking that few months will allow AMD to settle down and release necessary BIOS updates and CPU microcode upgrade. I was wrong. Terribly wrong.

    I was excited when doing the build, mostly because of the new case I bought: Fractal Design Define R5 and Seasonic M12 EVO Bronze 520W. This is premium case and I enjoyed every bit of doing the build. Plenty of space for hard-drives, many cool ideas or things in the case design (screw-less mounting), huge and silent fans, modularity of the case. With a big enough SATA Seagate drive, I was planning to do bcache and never run out of space for home directory.

  • 8 Most Beautiful Linux Distros You Need To Try (2017 Edition)

    Linux users have the liberty to enjoy an unparalleled freedom while choosing the Linux distributions as per their needs. Using different open source technologies, the developers keep creating something new and surprising the enthusiasts. Here, in this article, I’ll be listing the most beautiful Linux distros that have impressed me and other Linux users. This list is a mixture of newcomers and popular distros.

Debian and Ubuntu: Development, Nominations to the LoCo Council, Kubernetes on Ubuntu VMs and Docker Swarm

Filed under
Debian
Ubuntu
  • My Free Software Activities in September 2017
  • My FOSS activities for August & September 2017
  • Call for nominations to the LoCo Council

    As you may know the LoCo council members are set with a two years term. Due this situation we are facing the difficult task of replacing existing members and a whole set of restaffing. A special thanks to all the existing members for all of the great contributions they have made while serving with us on the LoCo Council.

  • Kubernetes on Ubuntu VMs

    Recently /u/Elezium asked the following question on Reddit: Tools to deploy k8s on-premise on top of Ubuntu. This is a question that a lot of people have answered using a combination of MAAS/VMWare/OpenStack for on premise multi-node Kubernetes. If you’re looking for something with more than a two or three machines, those resources are bountiful.

    However, the question came to “How do I do Kubernetes on an existing Ubuntu VM”. This is different from LXD, which is typically a good solution — though without a bunch of networking modifications it won’t be reachable from outside that VM.

  • What you need to know: Kubernetes and Swarm

    Kubernetes and Docker Swarm are both popular and well-known container orchestration platforms. You don't need a container orchestrator to run a container, but they are important for keeping your containers healthy and add enough value to mean you need to know about them.

  •  

Linux Kernel and Graphics: Jprobes, Performance Analysis in Linux, AMDGPU, UHD Graphics and Vulkan

Filed under
Graphics/Benchmarks
Linux
  • An end to jprobes

    "Jprobes" are an ancient kernel mechanism used to trace entry into kernel functions; they were described in this 2005 LWN article.

  • Performance analysis in Linux (continued)

    This blog post is based on the talk I gave at the Open Source Summit North America 2017 in Los Angeles. Let me start by thanking my employer Collabora, for sponsoring my trip to LA.

    Last time I wrote about Performance Assessment, I discussed how an apparently naive code snippet can hide major performance drawbacks. In that example, the issue was caused by the randomness of the conditional branch direction, triggered by our unsorted vector, which really confused the Branch Predictor inside the processor.

  • AMDGPU's DC Gets More Cleanups Ahead Of Linux 4.15

    It's indeed looking like the AMDGPU DC display code stack will finally be pulled for the Linux 4.15 merge window, assuming Linus Torvalds has no issues with it in a few weeks.

    Alex Deucher of AMD today sent in a secondary AMDGPU DC update for staging alongside DRM-Next of this new display code.

  • Running OpenCL With Intel UHD Graphics On Coffeelake Under Ubuntu Linux

    After running some basic OpenCL/Vulkan UHD Graphics tests yesterday using the brand new Core i7 8700K "Coffee Lake" processor, I next ventured into OpenCL computing with the UHD Graphics using Intel's open-source Beignet CL implementation.

  • VK_KHR_maintenance2 Lands For RADV, Other Improvements

    VK_KHR_maintenance2 is the latest extension supported by this open-source Radeon Vulkan driver. VK_KHR_maintenance2 was added in Vulkan 1.0.61 last month as various changes that were previously left out of Vulkan.

  • Intel UHD Graphics 630 "Coffee Lake" On Linux

    This morning I delivered the initial Linux processor benchmarks of the Core i7 8700K and Core i5 8400 for the just-launched "Coffee Lake" desktop processors. With these Intel "Gen 8" processors, the integrated "HD Graphics" from Kabylake have been rebranded to "UHD Graphics". While there wasn't any real changes architecturally to the graphics hardware, right now the Linux support isn't quite out-of-the-box.

  •  

today's howtos and software

Filed under
HowTos

KDE: Clazy/Qt, Kirigami and Kdenlive

Filed under
KDE
  • Clazy Results Visualizer for Qt

    Clazy is a clang plugin which extends the compiler with over 50 warnings related to Qt best practices ranging from unneeded memory allocations to API misuse. It’s an opensource project spawned by KDAB’s R&D efforts for better C++ tooling.

  • Kirigami Notation App

    And here I am writing on the blog after a long time.
    This time it’s about talking about my new project, becoming a developer!
    Unfortunately I can not study full time (in fact you see the results), however, I am to show you the “results” of my study.
    Thanks to the Kirigami module developed by Marco Martin and the ease of QtQuick here is my first application, that is, the Alpha version. The application for now is called “Notation”, but I will definitely make a vote for the names (suggest the names in the comments below).

  • Kirigami and color palettes

    A new release of Kirigami is about to come with the new version of KDE Frameworks about to be released, 5.38.

  • This week in Kdenlive

    The refactoring branch of Kdenlive is progressing nicely and we hope to merge our code to master in the last days of october to meet the KDE Applications 17.12 release schedule. Today we updated the AppImages of both stable and refactoring branch.

Games: Starblast, Battle for Orion, Hat in Time, Overgrowth and More

Filed under
Gaming

Red Hat and Fedora: Container-Native Storage, Omnetric, systemd 235 and More

Filed under
Red Hat

OSS: Apache, Mozilla, Events, and 3D Printing

Filed under
OSS
  • Large-Scale Governance – 10 Apache Lessons

    Even if one of these applies, you still might be smarter to join an existing “umbrella” like Software Freedom Conservancy in the US or Public Software in the UK. But if you do end up devising your own organization, you won’t go far wrong my starting with the Apache Software Foundation’s principles.

  • Mozilla extends, and ends, Firefox support for Windows XP and Vista

    Mozilla has announced it will end support for its Firefox browser on Windows XP and Windows Vista.

    The organisation offers Firefox Extended Support Releases (ESRs) that keep getting bug fixes for 54 weeks, even though nine new versions of Firefox should come along during that time. Mozilla offers ESR releases so that organisations with standard desktop environments can pick a version of Firefox and run it for a year, without the need to update their gold images.

    Enterprise software vendors also like this arrangement: Oracle only certifies its wares for ESRs because keeping up with a six-weekly release cycle is too much effort.

  • New Sessions Announced for the Samsung Developer Conference #SDC2017
  • Who Won at OpenWorld? Oracle, or Amazon and Splunk?

    As this year's Oracle OpenWorld 2017 draws to a close, I'm convinced that the best seat in the house to watch this one wasn't anywhere near San Francisco's Moscone Convention Center, the event's venue, but sitting in front of a computer in your home or office.

  • How a university's 3D-printed prosthetics club provides devices for amputees

    Last fall, one of the co-founders of Duke University eNable published an article describing our club’s beginnings and visions for the future. In the spring of 2016, we started out as six engineering students with a passion for innovation and design, supported by a small stipend from the Innovation Co-Lab and a grant from OSPRI (Open Source Pedagogy, Research and Innovation), a project supported by Red Hat.

    Since then we have established ourselves as a presence on campus, grown into a large interdisciplinary team, and connected with multiple recipients—including a young boy in Milot, Haiti. The resources offered through Duke and the sponsorship we've received allow us to continuously transform our ideas into things we can share with open source enthusiasts, makers, and dreamers alike.

Programming: RICE, Bugs, and Java

Filed under
Development
  • Double Your Development Velocity without Growing Your Team

    The Developer Experience team at SendGrid is a small, but mighty force of two. We attempt to tackle every problem that we can get our hands on. This often means that some items get left behind.  At the outset, we surveyed everything that was going on in our open source libraries and we quickly realized that we needed to find a way to prioritize what we were going to work on. Luckily, our team lives, organizationally, on the Product Management team, and we had just received a gentle nudge and training on the RICE prioritization framework.

    On our company blog, I wrote an article about how employing this framework, using a spreadsheet, helped us double our velocity as a team within the first sprint. Our development velocity doubled because the most impactful things for the time spent are not always the biggest things, but the biggest things tend to attract the most attention due to their size.

  • Review by many eyes does not always prevent buggy code

    Writing code is hard. Writing secure code is harder—much harder. And before you get there, you need to think about design and architecture. When you're writing code to implement security functionality, it's often based on architectures and designs that have been pored over and examined in detail. They may even reflect standards that have gone through worldwide review processes and are generally considered perfect and unbreakable.*

    However good those designs and architectures are, though, there's something about putting things into actual software that's, well, special. With the exception of software proven to be mathematically correct,** being able to write software that accurately implements the functionality you're trying to realize is somewhere between a science and an art. This is no surprise to anyone who's actually written any software, tried to debug software, or divine software's correctness by stepping through it; however, it's not the key point of this article.

  • Java Moving Forward With Faster Pace Release Schedule, Modular System
  • Onwards to Valhalla: Java ain't dead yet and it's only getting bigger

    Scale was big at the JavaOne conference this week. Spotify lauded its success scaling with Java, and Oracle execs practically squealed as they reeled off adoption statistics. Big Red believes the next ten years belong to Java.

    "We want the next decade to be Java first, Java always," vice president Mark Cavage said on stage.

    Of course Java is already big and among those on stage was Alibaba, one of the world's largest Java users, which talked up its ability to run more than a million JVM instances at once.

Security: Updates, Apple APFS Passwords, WordPress, Microsoft FUD, and Internet of Broken Things

Filed under
Security
  • Security updates for Friday
  • Apple fixes Keychain vulnerability, but only in macOS High Sierra

     

    The zero-day vulnerability in macOS's Keychain has been addressed by Apple, along with some other issues in High Sierra. But other recent versions of the operating system are still vulnerable.  

  • macOS High Sierra bug exposes APFS passwords in plain text

     

    A Brazilian software developer has uncovered a bug in Apple's macOS High Sierra software that exposes the passwords of encrypted Apple File System (APFS) volumes in plain text.

  • The September 2017 WordPress Attack Report

    This edition of the WordPress Attack Report is a continuation of the monthly series we’ve been publishing since December 2016. Reports from the previous months can be found here.

    This report contains the top 25 attacking IPs for September 2017 and their details. It also includes charts of brute force and complex attack activity for the same period, along with a new section revealing changes to the Wordfence real-time IP blacklist throughout the month. We also include the top themes and plugins that were attacked and which countries generated the most attacks for this period.

  • Step aside, Windows! Open source and Linux are IT’s new security headache [Ed: Microsoft propagandist Preston Gralla is back from the woods. The typical spin, lies. Deflection. Windows has back doors.]
  • Sex Toys Are Just As Poorly-Secured As The Rest Of The Internet of Broken Things

    At this point we've pretty well documented how the "internet of things" is a privacy and security dumpster fire. Whether it's tea kettles that expose your WiFi credentials or smart fridges that leak your Gmail password, companies were so busy trying to make a buck by embedding network chipsets into everything, they couldn't be bothered to adhere to even the most modest security and privacy guidelines. As a result, billions upon billions of devices are now being connected to the internet with little to no meaningful security and a total disregard to user privacy -- posing a potentially fatal threat to us all.

Syndicate content

More in Tux Machines

Linux and Graphics: AMD, Linux 4.14 LTS, Etnaviv Gallium3D

  • Linux 4.14 Ensures The "Core Performance Boost" Bit Gets Set For AMD Ryzen CPUs
    Recently making waves in our forums was talk of a kernel patch to address a case where the AMD CPB (Core Performance Boost) isn't being exposed by Ryzen processors. Here's more details on that and some benchmarks. Being talked about recently is f7f3dc0: "CPUID Fn8000_0007_EDX[CPB] is wrongly 0 on models up to B1. But they do support CPB (AMD's Core Performance Boosting cpufreq CPU feature), so fix that."
  • Linus Torvalds Is Confident That Linux Kernel 4.14 LTS Will Arrive on November 5
    Development of Linux 4.14, the next LTS (Long Term Support) kernel series, continues with the fifth RC (Release Candidate) milestone, which was announced by Linus Torvalds himself this past weekend. According to Linus Torvalds, things have finally starting to calm down for the development of the Linux 4.14 LTS kernel, and it looks like the RC5 snapshot is smaller than he would have expected, at least smaller than last week's RC4, which is a good thing, meaning that there won't be need for eight RCs during this cycle.
  • Etnaviv Gallium3D Is Almost To OpenGL 2.0 Compliance
    The Etnaviv Gallium3D driver that provides reverse-engineered, open-source graphics support for Vivante graphics hardware is almost to exposing OpenGL 2.0. Etnaviv contributor Christian Gmeiner today posted a set of patches for adding occlusion queries support to the driver. The code at just over one thousand lines of code is the last major feature needed for exposing desktop OpenGL 2.0 capabilities with this community-driven driver.
  • AMD Developers Begin Making Open-Source FreeSync/AdaptiveSync Plans
    While the AMDGPU DC code is expected to land for Linux 4.15 with goodies like Vega display support, HDMI/DP audio, and atomic mode-setting, one of the sought after display features won't be initially supported: FreeSync or the VESA-backed AdaptiveSync. As we've known for a while, while AMDGPU DC fills out the requirements for being able to support FreeSync, the last bits of the implementation are not present as the interfaces are basically yet to be decided among the open-source driver developers. While AMD can post their existing FreeSync code as found in AMDGPU-PRO hybrid driver, they are trying to come up with a more standardized interface that will satisfy the other upstream Linux driver developers too that might want to support AdaptiveSync.

Servers and Red Hat: Cloud Foundry, Docker, CRI-O 1.0, Alibaba and Elasticsearch

  • How to deploy multi-cloud serverless and Cloud Foundry APIs at scale
    Ken Parmelee, who leads the API gateway for IBM and Big Blue’s open source projects, has a few ideas about open-source methods for “attacking” the API and how to create micro-services and make them scale. “Micro-services and APIs are products and we need to be thinking about them that way,” Parmelee says. “As you start to put them up people rely on them as part of their business. That’s a key aspect of what you’re doing in this space.”
  • Docker Opens Up to Support Kubernetes Container Orchestration
    There's been a lot of adoption of Kubernetes in the last few years, and as of Oct. 17 the open-source container orchestration technology has one more supporter. Docker Inc. announced at its DockerCon EU conference here that it is expanding its Docker platform to support Kubernetes. Docker had been directly competing against Kubernetes with its Swarm container orchestration system since 2015. The plan now is to provide a seamless platform that supports a heterogenous deployment that can include both Swarm and Kubernetes clusters. "Docker adapts to you because it's open," Docker founder Solomon Hykes said during his keynote address at DockerCon.
  • Introducing CRI-O 1.0
    Last year, the Kubernetes project introduced its Container Runtime Interface (CRI) -- a plugin interface that gives kubelet (a cluster node agent used to create pods and start containers) the ability to use different OCI-compliant container runtimes, without needing to recompile Kubernetes. Building on that work, the CRI-O project (originally known as OCID) is ready to provide a lightweight runtime for Kubernetes.
  • Red Hat brings its open source solutions to Alibaba Cloud
    Alibaba Cloud has joined the Red Hat Certified Cloud and Service Provider program, with Red Hat solutions to become directly available to Alibaba Cloud customers in the coming months.
  • Elasticsearch now on Alibaba Cloud, eyes China market
    The Amsterdam-based company behind Elasticsearch and Elastic Stack said the new offering would be available to Alibaba Cloud customers as an add-on, giving them access to real-time search, logging, and data analytics capabilities.

Software: VirtualBox 5.1.30, Cockpit 153, GNOME Mutter 3.27.1, KDE Neon

  • Oracle Releases VirtualBox 5.1.30 to Patch Glibc 2.26 Compile Bug on Linux Hosts
    Oracle released VirtualBox 5.1.30, a minor maintenance update to the open-source and cross-platform virtualization software that addresses a few important issues reported by users from previous versions. Coming one month after the VirtualBox 5.1.28 release, which probably most of you out there use right now on your personal computers, VirtualBox 5.1.30 contains a fix for a Glibc 2.26 compilation bug for Linux hosts and a 3D-related crash for Windows guest that use the Windows Additions package.
  • Cockpit 153
    Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 153.
  • GNOME Mutter 3.27.1 Brings Hybrid GPU Support
    Mutter 3.27.1 has just been released as the first development release for the GNOME 3.28 cycle of this compositor / window manager. The change most interesting to us about Mutter 3.27.1 is support for hybrid GPU systems. The context for the hybrid GPU system support is explained via this bug report, "supporting systems with multiple GPUs connected to their own connectors. A common configuration is laptops with an integrated Intel GPU connected to the panel, and a dedicated Nvidia/AMD GPU connected to the HDMI ports."
  • #KDE #KDENEON Release bonanaza! Frameworks, Plasma, KmyMoney and Digikam

Intel Ads as 'Articles'