Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 23 May 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Benchmarks and Phoronix Test Suite Roy Schestowitz 16/05/2018 - 8:22pm
Story Xubuntu 18.04 Bionic Beaver - Middle ground Roy Schestowitz 16/05/2018 - 8:21pm
Story Creating Virtual Disks Using Linux Command Line Mohd Sohail 16/05/2018 - 7:59pm
Story Red Hat: 'Serverless' and Women Roy Schestowitz 16/05/2018 - 7:56pm
Story DOSBox Part 1: Introduction, Startup Scripts and The Keymapper Mohd Sohail 16/05/2018 - 7:56pm
Story Red Eclipse: A Fast Paced First Person Shooter Game Mohd Sohail 16/05/2018 - 7:54pm
Story Graphics: NVIDIA, AMD/Vega and Mesa Roy Schestowitz 16/05/2018 - 7:52pm
Story The curl 7 series reaches 60 Roy Schestowitz 16/05/2018 - 7:13pm
Story Games: Fibrillation HD, Xenosis: Alien Infection, Project Zomboid, Interactive Fiction Roy Schestowitz 16/05/2018 - 6:58pm
Story Linspire Server 2018 Released Roy Schestowitz 16/05/2018 - 6:08pm

Mozilla: Firefox 60, Things Gateway, Activity Stream and More

Filed under
  • Open for business: Firefox Quantum is ready for IT

    The new, super fast Firefox supports Windows Group Policy, so enterprise IT pros can easily configure the browser for organizational use.

    In the fall of 2017, Mozilla introduced Firefox Quantum — the blazing fast, completely reinvented Firefox. The new Firefox quickly won critical acclaim, with Wired writing that “Firefox Quantum is the browser built for 2017”.

  • Firefox 60 Is Here, And It (Finally) Includes Linux CSD Support

    Firefox 60 is now available to download and among the changes it sports is support for CSD on Linux.

    The latest stable release of Mozilla’s hugely influentially open-source web browser also brings a number of other tweaks, including a somewhat controversial change to the new tab page…

  • Firefox 60 released
  • An Enterprising Future

    So, to say that I’m happy about this particular release would be an understatement. I’m absolutely ecstatic that Mozilla decided that adding support for enterprise features was important.

    But I have to admit something; over the years in my zeal to get enterprise support into Firefox, I’ve encouraged just about every method possible to get customizations into Firefox. As a result, I know there are many installations of Firefox that use methods that are definitely not recommended anymore, especially now that we have real policy support.

  • Things Gateway - Monitoring Solar Panels
  • L10N Report: May Edition

    Activity Stream has become an integral part of Firefox, officially replacing the existing New Tab and soon integrating code for displaying snippets and onboarding content. For this reason, we’re working on moving translations to mozilla-central.

    Currently, Activity Stream is managed as a stand-alone project in Pontoon, and store its translations in a GitHub repository. Once this meta bug is fixed, Activity Stream’s strings will be exposed as part of the Firefox project.

    While this makes the relation between Activity Stream and Firefox more obvious for localizers, it will also allow to make some improvements in the future, like reducing the lag between translations landing in repositories and actually being available for testing in Firefox.

Security: Updates, "Hide n Seek" and World of Warcraft

Filed under

Ubuntu: Livepatch, Microsoft's Belly, and Ubuntu 18.04 LTS Screenshots Tour

Filed under
  • How to set up Livepatch and the information gathering tool in Ubuntu 18.04

    Ubuntu Bionic Beaver is here and it brings along with it a number of very useful and shiny new features. Two of those features appear in the first-run wizard: One of which is Livepatch. With Livepatch up and running, many security-related updates, such as the kernel, will not require a reboot. For anyone that's served as a Linux admin, you know how big a step forward that is. What Canonical has done with Livepatch, in Ubuntu 18.04, is fairly remarkable. I say that because the setup of this new feature is incredibly simple. In fact, on first boot, you are greeted with a wizard that walks you through the process.

    Within that same first-run wizard is the notorious information gathering tool. Rumors of Canonical collecting user data were rampant, which led to many believing a breach of privacy was imminent. The reality is much less intrusive. I'm going to show you how easy it is to set up this often mission-critical feature on the latest iteration of Ubuntu Linux. I'll be demonstrating on the desktop version of the release. You'll be surprised at how easy it is.

  • Build 2018: Ubuntu support is coming to the Subsystem for Linux on Windows 10 on ARM [Ed: Microsoft aspires to see GNU/Linux viewed as a "Windows feature" of Vista 10 "selling point" rather than an independent thing (UEFI blocks it on some PCs)]

    It was almost exactly one year ago today that Microsoft shocked the world by announcing developers would be getting Ubuntu support on Windows 10 via the Windows Subsystem for Linux (WSL.) This was great, and yesterday at a breakout session at Build 2018, Microsoft hinted that Windows 10 on ARM WSL is also getting support for Ubuntu and other Linux distributions (via Neowin.)

  • Windows on ARM is getting 64-bit app support… and a Linux subystem

    Oh, and it looks like the move will also let you use the Windows Subsystem for Linux on ARM PCs, allowing you to run native Linux apps on the HP Envy x2, Asus NovaGo, or Lenovo Miix 630.

  • Ubuntu 18.04 LTS Screenshots Tour

    The ‘main' archive of Ubuntu 18.04 LTS will be supported for 5 years until April 2023. Ubuntu 18.04 LTS will be supported for 5 years for Ubuntu Desktop, Ubuntu Server, and Ubuntu Core. Ubuntu Studio 18.04 will be supported for 9 months. All other flavors will be supported for 3 years.

You have GNU sense of humor! Glibc abortion 'joke' diff tiff leaves Richard Stallman miffed

Filed under

Late last month, open-source contributor Raymond Nicholson proposed a change to the manual for glibc, the GNU implementation of the C programming language's standard library, to remove "the abortion joke," which accompanied the explanation of libc's abort() function.

Nicholson said: "The joke does not provide any useful information about the abort() function so removing it will not hinder use of glibc."

Read more

System76 launches a 4.4 pound Linux laptop with 6-core Intel CPU, NVIDIA graphics (Oryx Pro)

Filed under

Linux computer maker System76 launched its first laptops with 8th-gen Intel Core processors last year. Those computers featured quad-core, 15 watt processors based on Intel’s Kaby Lake Refresh architecture. But now System76 is taking pre-orders for a laptop that packs much more power.

The updated System76 Oryx Pro features an Intel Core i7-8750H hexa-core, 45 watt processor and support for up to NVIDIA GeForce 1070 graphics.

Read more

Red Hat News

Filed under
Red Hat
  • CollabNet VersionOne To Demonstrate Enterprise Value Stream Management Solution for Red Hat OpenShift at Red Hat Summit

    CollabNet VersionOne, a global leader in enterprise value stream management, ALM, release automation, agile management and DevOps solutions, announces its Bronze Sponsorship of Red Hat® Summit 2018. Visit the CollabNet VersionOne booth, #832, for a demonstration of Lifecycle, Continuum and VS for Red Hat OpenShift.

  • Is the sun shining brightly on Red Hat's cloud plans? Two deals offer hints.

    Red Hat's strategy these days revolves around making it easier for customers to set up back-end software systems that can operate simultaneously on their in-house data clouds and the public cloud services of industry players like Microsoft, Google and Amazon, company leaders say.

    The "hybrid cloud is not only a reality, it's the driving model in enterprise computing today," Paul Cormier, Red Hat's president for products and technologies, said Tuesday at the kickoff of the annual Red Hat Summit, which is taking place this week in San Francisco.

  • IBM Vet Alfred Zollar Appointed to Red Hat Board of Directors

    Alfred Zollar, a veteran of IBM, has been named to Red Hat‘s board of directors.

    “Al will help us continue to anticipate and deliver open source technologies,” Naren Gupta, the board of directors chairman at Red Hat, said in Monday’s press release.

    Zollar’s career started at IBM where he progressed to senior leadership roles that included serving as a division general manager for network computer software, as president and CEO for the Lotus Software division and as general manager of the eServer iSeries.

  • Spectre, Meltdown made industry collaborate: Red Hat

    Open source giant Red Hat has suggested the Meltdown and Spectre vulnerabilities helped to solve a major industry issue of "polarisation" between software and hardware developers, two groups that were required to work together to release fixes.

    Red Hat's chief ARM architect John Masters said that the security industry suffered from a lack of communication between software and hardware companies, and that vulnerabilities exposed earlier this year forced the industry to reassess how new products are developed.

  • Red Hat (RHT) PT Raised to $180 at RBC Capital Following Analyst Day

CCNY faculty and student to learn how Pixar works its magic

Filed under

Laisa Barro says “Studying Computer Science and Art allows me to combine my creative and technical skills in unique and innovative ways. As a Production Support Engineer intern at Pixar, I’ll have the opportunity to apply those skills while working with almost every group at the studio to help diagnose and problem-solve issues for users on GNU/Linux-based desktop platforms."

Read more

Best Free Photoshop Alternative: GIMP

Filed under

Adobe Photoshop is a household name, and is widely regarded as one of, if not THE best photo editing and image manipulation suites around.

Basically, it's an industry leader, and if you work in a professional industry that relates to photography, publishing, design or any other simiar creative sphere, chances are it takes centre stage.

It's useful in a non-professional capacity too, however, being a much more powerful editing suite than things like Microsoft Paint.

But the problem is, it's expensive. You have to buy Adobe Photoshop and it costs a fair bit to do so. Hardly surprising that quite a few alternative software packages have emerged over the years for those on a budget, or for those who don't want to pay a penny.

For this article I could have quite easily put together a list of multiple different free alternatives to Adobe Photoshop, however, from my years of dabbling with what's available there's only one I can really say is worth bothering with - Gnu Image Manipulation Program, aka GIMP.

Read more

Here's what happens to CoreOS now that Red Hat owns it

Filed under
Red Hat

One of the biggest questions at Red Hat Summit in San Francisco was "What will Red Hat be doing with its recent CoreOS acquisition?" Now we know. In a presentation, Ben Breard, Red Hat product manager for Linux Containers, and Brandon Philips, CTO of CoreOS, explained where CoreOS offerings are going now that the company is part of Red Hat.

Red Hat will be integrating CoreOS Tectonic, its Kubernetes distribution; Quay, its enterprise container registry; and Container Linux, its lightweight cluster Linux distribution, into Red Hat's container and Kubernetes-based software portfolio. One popular CoreOS technology won't be making the trip: The rkt container standard. Instead, it will become a community-supported container technology.

Read more

Also: Bringing CoreOS technology to Red Hat OpenShift to deliver a next-generation automated Kubernetes platform

Red Hat Unveils Roadmap for CoreOS Integration with Red Hat OpenShift

Four Android Things production boards span Cortex-A7, -A35, and -A53

Filed under

Google unveiled four ARM-based production boards for Android Things 1.0: Innocomm’s i.MX8M based WB10-AT, Intrinsyc’s Open-Q 212A and Open-Q 624A, based on the Snapdragon 212 and 634, respectively, and the MediaTek MT8516.

Earlier this week, Google released Android Things 1.0 and announced several consumer products that will ship in the coming months based on the stripped-down, IoT-oriented Android variant. Google also showed off four official production platforms.

Read more

today's leftovers

Filed under
  • Bcachefs File-System Is Working On Going Upstream In The Linux Kernel

    Kent Overstreet who has been spending the past few years working on the Bcachefs file-system born out of the BCache block cache technology is now starting work on upstreaming the code to the mainline kernel.

    For facilitating an easier review process, he begun by sending out the patches for the on-disk data structures and ioctl interface exposed to user-space. This is just over one thousand lines of code while the entire file-system implementation is more than fifty thousand lines of new code.

  • ROCm 1.8 Beta Packages Available For Radeon GPU Compute/OpenCL Testing

    While ROCm 1.7.2 is the latest stable release for this Radeon GPU compute stack, there are 1.8.0 beta packages available for testing.

    A few days ago AMD developers quietly made available ROCm 1.8 beta packages for Ubuntu 16.04 and RHEL/CentOS 7.4.

  • Docker for Desktop is Certified Kubernetes

    “You are now Certified Kubernetes.” With this comment, Docker for Windows and Docker for Mac passed the Kubernetes conformance tests. Kubernetes has been available in Docker for Mac and Docker for Windows since January, having first being announced at DockerCon EU last year. But why is this important to the many of you who are using Docker for Windows and Docker for Mac?

    Kubernetes is designed to be a platform that others can build upon. As with any similar project, the risk is that different distributions vary enough that applications aren’t really portable. The Kubernetes project has always been aware of that risk – and this led directly to forming the Conformance Working Group. The group owns a test suite that anyone distributing Kubernetes can run, and submit the results for to attain official certification. This test suite checks that Kubernetes behaves like, well, Kubernetes; that the various APIs are exposed correctly and that applications built using the core APIs will run successfully. In fact, our enterprise container platform, Docker Enterprise Edition, achieved certification using the same test suite You can find more about the test suite at

  • Redesigning the lock screen

    Last November we had a small hackfest in London, focused on GNOME Shell design. We explored various themes during the hackfest and came up with a bunch of initial designs, which we’ve subsequently been developing. The main area of recent work has been the login and unlock experience. The rest of this post gives an overview of the design that we’ve come up with.

  • Trello Alternative Project Management Tool Zenkit is Now Available as Snap Package

    Brief: Project management app Zenkit is now available as a Snap application for Linux desktop.

    Zenkit – in case you did not know – is a collaboration tool for managing projects and tasks for work just like Trello. And, recently, Zenkit released a “snap” on Snapcraft which enables you to use Zenkit on any Linux distribution without having to worry about updates and stability.

  • Starting Up With Xubuntu

    Xubuntu is a variant of Ubuntu without GNOME as its default desktop environment. It comes with XFCE desktop environment, and X-F-C-E just pronounced as it is, is not an abbreviated word at all.


  • Qualcomm announces support for 'fast commercial availability' of Android P

    Qualcomm announced today that it's working with Google to get Android P to more devices, sooner. The chipmaker had early access to the new OS version, allowing it to optimize its Snapdragon 845, 660, and 636 processors "to ensure readiness for OEMs to upgrade to Android P at the time of launch."

GNU/Linux in the 'Mainstream'

Filed under

Software: ThetaPad, Piwigo, Orbital Apps

Filed under
  • ThetaPad – A Feature-Rich Note Taking & Data Management App

    ThetaPad is a modern hierarchical cross-platform note-taking application that also serves as an efficient personal wiki and data managing application.

    It features a clutter-free UI with a typical note-taking app layout consisting of a search field, note creation and editing function icons, and a file tree view.

    ThetaPad tree-based notes hierarchy allows users to manage their content in a clean and properly structured way without losing sight of the location of their files.

  • Piwigo – Create Your Own Photo Gallery Website

    Piwigo is an open source project which allows you to create your own photo gallery on the web and upload photos and create new albums. The platform includes some powerful features built-in, such as albums, tags, watermark, geolocation, calendars, system notifications, access control levels, themes and statistics.

    Piwigo has a huge amount of available plugins (over 200) and a great collection of themes. It is also translated in more than 50 languages. Its core functions are written in PHP programming language and requires a RDBMS database backend, such as MySQL database.

  • Orbital Apps – A New Generation Of Linux applications

    Today, we are going to learn about Orbital Apps or ORB (Open Runnable Bundle) apps, a collection of free, cross-platform, open source applications. All ORB apps are portable. You can either install them on your Linux system or on your USB drive, so that you you can use the same app on any system. There is no need of root privileges, and there are no dependencies. All required dependencies are included in the apps. Just copy the ORB apps to your USB drive and plug it on any Linux system, and start using them in no time. All settings and configurations, and data of the apps will be stored on the USB drive. Since there is no need to install the apps on the local drive, we can run the apps either in online or offline computers. That means we don’t need Internet to download any dependencies.


Canonical Outs Kernel Security Update for Ubuntu 17.10, 16.04 LTS, and 14.04 LTS

Filed under

Following in the footsteps of the Debian Project, which recently released a similar kernel security patch for Debian GNU/Linux 9 "Stretch" and Debian GNU/Linux 8 "Jessie" operating system series to address two security vulnerabilities, Canonical also released kernel updates to patch these two flaws and another vulnerability in Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS.

One of these security vulnerabilities was caused by the way Linux kernel handled debug exceptions delivered via Mov SS or Pop SS instructions, which could allow a local attacker to crash the system by causing a denial of service. The issue (CVE-2018-8897) was discovered by Nick Peterson and affects only the amd64 architecture.

Read more

KDE: Falkon 3.0.1, Kdenlive, Skrooge 2.13.0, Qt 5.11.0 RC

Filed under
  • Falkon 3.0.1 released

    Starting with this release, there are official builds available for Linux and Windows platforms.

    In addition to nightly Linux Flatpak builds, there is now also AppImage for stable releases.

    For Windows, there are 32 and 64-bit installers, which now includes both standard and portable versions.

    State of macOS port is currently in bad shape, so there won’t be any macOS builds until the situation changes.

  • This Week in KDE, Part 1 : GSoC, Kool Kommunity, Single/Double Click Bug

    Technically single/double-click setting is not part of the “Mouse” settings. When the user changes the setting from the “Mouse” settings, it also affects other input devices like touchpad because the option is related to the “Dolphin”. Solution plan for the bugs consist of 3 main parts.

  • Kdenlive Paris sprint & LGM report

    From the 25th to the 29th of April, 5 members of our team had a sprint in Paris to focus on the future of Kdenlive. And it was fantastic! We met for the first time in person, made friends and worked a lot! But let’s start with the beginning. We were warmly welcomed by Mathieu at the Carrefour Numérique, part of the Cité des Sciences in Paris.

    On the first day after a brief introduction, the team started working on the vision of the project, defining objectives, discussing technical issues and schedules and by the end of the day came up with a roadmap (see below) with a clear set of short, mid and long term goals post the refactoring release.

  • WikiToLearn GSoC goals and expectations

    Hi everyone, I’m Demetrio, a student of University of Milano-Bicocca, who has been contributing to WikiToLearn since 2017. I found this community very helpful and friendly, they have worked immediately to make me feel important by giving me resources and primary tasks to do. They included me in their official meetings so I felt motivated: this has been the main reason I am still happy to contribute to this great project.

  • Into Google Summer of Code

    I can’t believe I was selected for the Google Summer of Code program for working on Krita. The proyect I’ll be working this summer is on optimizing Krita’s brush mask to work with AVX instructions. These instructions will be coded using the Vc library, a “zero overhead C++ types for parallel computing” that enables to efficiently transform the mask’s generator code to SIMD instructions for vectorization.

    Brush masks is a core process in the painting task as it creates the shape it will be imprinted in the canvas. This, depending on brush settings, can be done as much as thousends of times per second. Having this optimized will greatly improve painting enjoyment keeping the brush stroke responsive on bigger sizes.

  • Skrooge 2.13.0 released

    The Skrooge Team announces the release 2.12.0 version of its popular Personal Finances Manager based on KDE Frameworks.

  • Qt 5.11.0 RC released

    We have released Qt 5.11.0 RC today. It is still online delivery only and you can get it via online installer as an update to existing installation or just doing fresh installation & selecting 5.11 rc from 'preview' section.

  • Qt 5.11 Release Candidate Arrives, Final Release May Come Early

    While there have been several Qt5 tool-kit releases where they have arrived late, the upcoming Qt 5.11 might be released one week ahead of schedule.

    The Qt Company today announced the Qt 5.11 release candidate. Their new target for the actual release is 22 May and they might forego doing a second release candidate if testing pans out well for this RC1 release.

Red Hat and Fedora Leftovers

Filed under
Red Hat

OSS Leftovers

Filed under
  • 5 Awesome Open Source Cloning Software

    Cloning is nothing but the copying of the contents of a server hard disk to a storage medium (another disk) or to an image file. Disk cloning is quite useful in modern data centers for:

  • ETSI gets closer to open source bodies as OPNFV enriches platform

    Standards body ETSI has been a critical contributor to the spread of virtualization and SDN in telco networks. It is the home of several initiatives which have turned into key foundations of the new software-driven telecoms network, notably NFV (Network Functions Virtualization), OSM (Open Source MANO or management and orchestration) and MEC (Multi-access Edge Compute). However, as open source methods become increasingly important to operators via initiatives like OpenStack and the Open Networking Foundation, some argue that the processes of the traditional standards body are outdated and too slow. Even in areas where ETSI has done the groundwork, nimbler and wider open ecosystems are often taking up the baton. The Linux Foundation-hosted ONAP (Open Network Automation Protocol) has attracted broader…

  • Open source makes software engineering a social phenomenon

    Open source has upended the secluded lives of the classic software engineer, with introverts now required to interact even more with the community as part of the job becomes increasingly people orientated.

    “People think of [open source] as a software development methodology, and it is. But fundamentally it’s a social phenomenon. … [The] social aspect of this for an introvert like myself is at the same time a little scary, but also it’s super exciting because it is people who are driving this industry,” stated Dirk Hohndel (pictured), vice president and chief open source officer at VMware Inc.

  • Going with the grain

    All open source community members care about the “four freedoms” – the permission given in advance to use, study, improve and share software in source and deployable forms. Some do so as an ethical imperative, while others do so as a matter of pragmatism related to their use of the code. But everyone in a community expects to be able to take the code and do what they want with it, without needing to get any further permission from anyone.

    They expect to be able to contribute in good faith. There may be rules about who can contribute when and how, but they will be reasonable and apply equally to everyone. Contributing isn’t a matter of (just) philanthropy; one of the important benefits of community-maintained code is sharing the ongoing maintenance.

    They also expect all the interactions of the community to be transparent. Where there are leadership roles, they expect them to be filled by the most appropriate willing person, probably chosen by voting where there’s a choice of candidates. In an open source community, participants expect reasoned fairness.

  • Helping kids answer: What do you want to be when you grow up?

    The statement by Cathy Davidson of the MacArthur Foundation that "65% of today's grade-school kids may end up doing work that hasn't been invented yet" has resonated so deeply because it adds urgency to what should be obvious, especially considering the rapid, technology-driven changes we've seen in the workforce over the past 10 years.

    All signs indicate that future job skills will be vastly different from what students are taught in schools, and the World Mentoring Academy is trying to close those gaps. In his Lightning Talk, "Mentoring and Creative Spaces," at the 16th annual Southern California Linux Expo (SCALE), Michael Williams describes one of the Academy's projects: exposing students to skills of the future by interviewing professional astronauts, activists, journalists, spies, authors, chefs, athletes, government officials, and others about their jobs.

  • Open source vulnerabilities boost DevSecOps investments [Ed: This may look like an article, but it is not. It's an ad, based on attacking Free software, intended to help market the FUD firm Sonatype.]
  • Apple's FoundationDB goes open source [Ed: Another belated puff piece from the same publication.]
  • DragonFlyBSD Finishes Up Spectre Mitigation, Fix For Mysterious CVE-2018-8897

    DragonFlyBSD lead developer Matthew Dillon has just pushed out DragonFly's Spectre mitigation code as well as fixing "CVE-2018-8897" which is what might be the recently rumored "Spectre-NG" vulnerabilities.

    Matthew Dillon was very quick to be the first major BSD player pushing out patches for Spectre and Meltdown back in January, beating the other BSDs by a significant amount of time to getting mitigated for these CPU vulnerabilities.

  • LibreDWG - Smokers and mirrors

    I've setup continuous integration testing for all branches and pull requests at for GNU/Linux, and at for windows, which also generates binaries (a dll) automatically.

  • Backdrop CMS is the Conservancy's Newest Member Project

    Software Freedom Conservancy is excited to announce that Backdrop CMS has joined as its newest member project. Backdrop CMS is a lightweight content management system for small to medium sized businesses and non-profits.

    Backdrop CMS best serves the kinds of organizations that need complex functionality, on a budget. Smaller organizations deserve a tool built especially for their changing and particular needs. Backdrop CMS is committed to providing that service by leveraging the flexibility and collaborative nature of free and open source software.

    Conservancy, a public charity focused on ethical technology, is home to over forty member projects dedicated to developing and promoting free and open source software. Conservancy acts as a corporate umbrella, allowing member projects to operate as charitable initiatives without having to manage their own corporate structure and administrative services.

  • Typemock Launches C/C++ Mocking Framework for Linux

    Typemock, the leader in unit testing solutions, today announced the launch of Isolator++ for Linux. For over a decade, Typemock has been the smart way for developers to unit test .NET and C/C++ on Windows, and with this new release, developers will be able to easily unit test their code on Linux as well.

Syndicate content

More in Tux Machines

Security Leftovers

  • efail: Outdated Crypto Standards are to blame
    I have a lot of thoughts about the recently published efail vulnerability, so I thought I'd start to writeup some of them. I'd like to skip all the public outrage about the disclosure process for now, as I mainly wanted to get into the technical issues, explain what I think went wrong and how things can become more secure in the future. I read lots of wrong statements that "it's only the mail clients" and the underlying crypto standards are fine, so I'll start by explaining why I believe the OpenPGP and S/MIME standards are broken and why we still see these kinds of bugs in 2018. I plan to do a second writeup that will be titled "efail: HTML mails are to blame". I assume most will have heard of efail by now, but the quick version is this: By combining a weakness in cryptographic modes along with HTML emails a team of researchers was able to figure out a variety of ways in which mail clients can be tricked into exfiltrating the content of encrypted e-mails. Not all of the attack scenarios involve crypto, but those that do exploit a property of encryption modes that is called malleability. It means that under certain circumstances you can do controlled changes of the content of an encrypted message. [...] Properly using authenticated encryption modes can prevent a lot of problems. It's been a known issue in OpenPGP, but until know it wasn't pressing enough to fix it. The good news is that with minor modifications OpenPGP can still be used safely. And having a future OpenPGP standard with proper authenticated encryption is definitely possible. For S/MIME the situation is much more dire and it's probably best to just give up on it. It was never a good idea in the first place to have competing standards for e-mail encryption. For other crypto protocols there's a lesson to be learned as well: Stop using unauthenticated encryption modes. If anything efail should make that abundantly clear.
  • Comcast Leaked Customer Wi-Fi Logins in Plaintext, Change Your Passcode Now
    A Comcast Xfinity website was leaking Wi-Fi names and passwords, meaning now is a good time to change your Wi-Fi passcode. The site, intended to help new customers set up new routers, could easily be fooled into revealing the location of and password for any customer’s Wi-Fi network. A customer ID and a house or apartment number was all would-be attackers needed to get full access to your network, along with your full address.
  • Update Fedora Linux using terminal for latest software patches
  • Patch for New Spectre-Like CPU Bug Could Affect Your Performance
  • container_t versus svirt_lxc_net_t

today's howtos

Red Hat News

  • “Ultimate Private Cloud” Demo, Under The Hood!
    At the recent Red Hat Summit in San Francisco, and more recently the OpenStack Summit in Vancouver, the OpenStack engineering team worked on some interesting demos for the keynote talks. I’ve been directly involved with the deployment of Red Hat OpenShift Platform on bare metal using the Red Hat OpenStack Platform director deployment/management tool, integrated with openshift-ansible. I’ll give some details of this demo, the upstream TripleO features related to this work, and insight around the potential use-cases.
  • Discover the possibilities of hybrid cloud during a joint virtual event with Red Hat & Microsoft [Ed: [Ed: When Red Hat pus Microsoft executives at top positions inside Red Hat...]
  • Red Hat OpenStack Customer Survey 2018: containers, technical support top of mind
    In 2016, we surveyed our customer base on their use of OpenStack in production, getting a pulse-check on the top considerations, expectations, and benefits of a Red Hat OpenStack Platform deployment. With 2018 marking five years of Red Hat OpenStack Platform, we checked back in with our customers to see if their experiences or expectations of OpenStack have changed. Our survey found:
  • Red Hat CEO Jim Whitehurst On How He Plans To Win The Container Market
  • Juniper, Red Hat Tighten Integration to Fend Off VMware
    Juniper Networks and Red Hat have tightened their integration efforts in a move to help ease enterprise adoption of cloud-native platforms and bolster their own offerings against the likes of VMware and Cisco. The latest platform integration includes the Red Hat OpenStack Platform; Red Hat’s OpenShift Container Platform running as a platform-as-a-service (PaaS) on top of or next to the OpenStack platform depending on deployment architecture; and Juniper’s Contrail Enterprise Multi-Cloud platform running as the networking and security layer to unify those together. This integration is designed as a managed system to help deploy and run applications and services on any virtual machine (VM), container platform, and any cloud environment.
  • Red Hat OpenStack HCI Targets Telco Hybrid Cloud, 5G Deployments
    Red Hat today rolled out a hyperconverged infrastructure (HCI) platform based on OpenStack compute and Ceph storage. The new product targets service providers looking to deploy virtual network functions (VNFs) and 5G technologies on top of open source software. Launched at this week’s OpenStack Summit, the Red Hat Hyperconverged Infrastructure for Cloud combines Red Hat OpenStack Platform 13 and Red Hat Ceph Storage 3 into one product. Red Hat says it is the largest contributor to both open source projects.
  • Red Hat Hyperconverged Infrastructure for Cloud Bridges Datacenters and Edge Deployments
  • GSoC 2018: Week 1
    This time, I am working on improving the Fedora Community App with the Fedora project. It’s been a week since we started off our coding on may 14. The Fedora App is a central location for Fedora users and innovators to stay updated on The Fedora Project. News updates, social posts, Ask Fedora, as well as articles from Fedora Magazine are all held under this app.

Today in Techrights