Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 19 Jan 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Leftovers: Ubuntu and Debian Roy Schestowitz 19/01/2017 - 5:29pm
Story today's howtos Roy Schestowitz 19/01/2017 - 5:27pm
Story GNU/Linux and Servers Roy Schestowitz 19/01/2017 - 5:26pm
Story Kernel Space: Linux, Graphics Roy Schestowitz 19/01/2017 - 5:24pm
Story Leftovers: Software and Games Roy Schestowitz 19/01/2017 - 5:22pm
Story Security Leftovers Roy Schestowitz 19/01/2017 - 5:19pm
Story 4.9 is a longterm kernel Rianne Schestowitz 19/01/2017 - 5:02pm
Story openSUSE Package Management Cheat Sheet Rianne Schestowitz 19/01/2017 - 4:57pm
Story Mozilla News Roy Schestowitz 19/01/2017 - 4:40pm
Story GNU/Linux Desktop Roy Schestowitz 19/01/2017 - 3:42pm

Security News

Filed under
Security
  • Reproducible Builds: week 90 in Stretch cycle

    The F-Droid Verification Server has been launched. It rebuilds apps from source that were built by f-droid.org and checks that the results match.

  • 6 Week Progress Update for PGP Clean Room

    One of the PGP Clean Room’s aims is to provide users with the option to easily initialize one or more smartcards with personal info and pins, and subsequently transfer keys to the smartcard(s). The advantage of using smartcards is that users don’t have to expose their keys to their laptop for daily certification, signing, encryption or authentication purposes.

  • New Kali Linux Professional Information Security Certification to debut at Black Hat USA, 2017

    First Official Kali Linux book release will coincide with launch of the new information security training program as the Penetration Testing platform celebrates its 10th anniversary.

  • The flatpak security model – part 1: The basics

    This is the first part of a series talking about the approach flatpak takes to security and sandboxing.

    First of all, a lot of people think of container technology like docker, rkt or systemd-nspawn when they think of linux sandboxing. However, flatpak is fundamentally different to these in that it is unprivileged.

  • Newly discovered Mac malware found in the wild also works well on Linux [Ed: Only if fools are stupid enough to actually INSTALL malware.]

    The malware, which a recent Mac OS update released by Apple is detecting as Fruitfly, contains code that captures screenshots and webcam images, collects information about each device connected to the same network as the infected Mac, and can then connect to those devices, according to a blog post published by anti-malware provider Malwarebytes. It was discovered only this month, despite being painfully easy to detect and despite indications that it may have been circulating since the release of the Yosemite release of OS X in October 2014. It's still unclear how machines get infected.

    [...]

    Another intriguing finding: with the exception of Mac-formatted Mach object file binary, the entire Fruitfly malware library runs just fine on Linux computers.

Solus Goes Flatpak for Better, Reliable Distribution of Third-Party Applications

Filed under
OS

In an unexpected turn of events, Ikey Doherty, the founder and lead developer of the Solus Project announced a few moments ago that he's adopting the well-known Flatpak application sandboxing and distribution framework for the Solus operating system.

Read more

Latest LibreELEC 8.0 Beta Updates Linux Kernel Support Patches for Raspberry Pi

Filed under
Linux

A new development release of the LibreELEC open-source operating system for Raspberry Pi and similar embedded devices has been unveiled recently, versioned 7.95.1 Beta. LibreELEC lets you transform a Raspberry Pi into a HTPC.

Read more

Why Linux Installers Need to Add Security Features

Filed under
Linux
Security

Twelve years ago, Linux distributions were struggling to make installation simple. Led by Ubuntu and Fedora, they long ago achieved that goal. Now, with the growing concerns over security, they need to reverse directions slightly, and make basic security options prominently available in their installers rather than options that users can add manually later.

At the best of times, of course, convincing users to come anywhere near security features is difficult. Too many users are reluctant even to add features as simple as unprivileged user accounts or passwords, apparently preferring the convenience of the moment to reducing the risk of an intrusion that will require reinstallation, or a consultation with a computer expert at eighty dollars an hour.

Read more

Linus Torvalds Announces Subsurface 4.6 Open-Source Dive Log and Planning App

Filed under
Linux
OSS

Linus Torvalds not only works on the Linux kernel, but he's also part of the development team behind the open-source dive log and dive planning application most of you out there know as Subsurface.

Read more

openSUSE Tumbleweed Gets XOrg Server 1.19 & Irssi 1.0, PulseAudio 10 Coming Soon

Filed under
SUSE

openSUSE Project's Douglas DeMaio is informing the Tumbleweed community today, January 18, 2017, about the latest software updates and other improvements delivered by a total of two snapshots released last week.

Read more

today's leftovers

Filed under
Misc
  • Linux use on Pornhub surged 14% in 2016

    Pornhub is one of the preeminent porn sites on the web. Each year Pornhub releases a year in review post with anonymous details about the site’s users. More and more Linux users are visiting Pornhub, Linux saw an impressive 14% increase in traffic share in 2016.

  • Amdocs partners with Linux Foundation to accelerate OpenECOMP adoption in Open Source
  • Calamares 2.4.6 Distribution-Independent Linux Installer Delivers Improvements

    The Calamares team is proud to announce the availability of the sixth maintenance update to the 2.4 stable series of the open-source, distribution-independent system installer Calamares, for Linux-based operating systems.

    Calamares 2.4.6 comes approximately two months after the release of the previous version, namely Calamares 2.4.5, and, as expected, it's a bugfix release that only delivers various improvements and bug fixes for some of the issues reported by users during all this time.

  • Shotwell Photo Manager 0.25.3 Released

    Photography fans will be pleased to hear that a new bug-fix release of photo management app Shotwell is now available to download.

  • AntiX 16.1 is available for public

    AntiX is Debian based Linux distribution. It uses lightweight desktop environments like Fluxbox, Icewm, Xfce, etc. This distribution is originated in Greece and is typically ideal for old systems. Few hours ago AntiX team released new version named AntiX 16.1. It is based on Debian Jessie.

  • Tumbleweed Preps for PulseAudio 10, Gets Ruby, Python Updates

    Developers using openSUSE Tumbleweed are always getting the newest packages as well as updated languages and past week’s snapshots delivered update versions of Python and Ruby.

    The most recent snapshot, 20170112, brought Python 2.x users version 2.7.13, which updated cipher lists for openSSL wrapper and supports versions equal to or greater than OpenSSL 1.1.0. Python-unidecode 0.04.20 was also updated in the snapshot. Another update related to OpenSSL 1.1.0 was PulseAudio 9.99.1, which is a release in preparation for PulseAudio 10.0. PulseAudio 10.0 includes compatibility with OpenSSL 1.1.0, a fix for hotplugged USB surround sound cards and and automatic switching of Bluetooth profile when using VoIP applications.

  • Genode OS Framework Planning For Async I/O, App ABI, Qt5 Plans For 2017

    The Genode Operating System Framework has announced their planned roadmap for this year as the involved developers continue working on this original OS initiative.

    The overall theme of the Genode OS work in 2017 is to focus on stability and scalability, but there is also much more on their road-map for this calendar year.

  • PrestaShop

    Helping people overcome the challenges of building and growing an online business is what the PrestaShop open-source ecommerce platform is all about. The significant PrestaShop 1.7 release provides innovations focused on three themes: sell faster, create easier and code better.

  • This Week in Spring: Reactor 3.0, Open Source CD, and All Kinds of Cloud

Linux on Servers

Filed under
GNU
Linux
Server
  • IBM i Open Source Business Architect Lays Out A Plan

    Enterprise level application development is no place for open source languages. Can you believe it? That was once the widely accepted truth. Jiminy Crickets! Things have changed. The number of the stable open source distributions available with comprehensive support and maintenance goes well beyond common knowledge. Industry giants, successful SMB players, and mom and pop businesses are finding good reasons to use open source. Even IBM uses open source for internal business reasons.

    There are reasons for you to do the same.

  • Lightning Talk - Realizing the Multi-Cloud Promise of Kubernetes by Blake White, The Walt Disney Co.
  • How Disney Is Realizing the Multi-Cloud Promise of Kubernetes

    The Walt Disney Company is famous for “making magic happen,” and their cross-cloud, enterprise level Kubernetes implementation is no different. In a brief but information-packed lightning talk at CloudNativeCon in Seattle in November, Disney senior cloud engineer Blake White laid out a few of the struggles and solutions in making Kubernetes work across clouds.

  • Puppet Launches its Latest State of DevOps Survey

    Folks who are focused on container technology and virtual machines as they are implemented today might want to give a hat tip to some of the early technologies and platforms that arrived in the same arena. Among those, Puppet, which was built on the legacy of the venerable Cfengine system, was an early platform that helped automate lots of virtual machine implementations. We covered it in depth all the way back in 2008. Fast-forward to today, and Puppet is still making news, creating jobs and more.

More Games

Filed under
Gaming

Red Hat News

Filed under
Red Hat

Goodbye Solaris

Filed under
OS
Server
  • Guilty SPARC: Oracle euthanizes Solaris 12, expunging it from roadmap

    Rumors have been circulating since late last year that Oracle was planning to kill development of the Solaris operating system, with major layoffs coming to the operating system's development team. Others speculated that future versions of the Unix platform Oracle acquired with Sun Microsystems would be designed for the cloud and built for the Intel platform only and that the SPARC processor line would meet its demise. The good news, based on a recently released Oracle roadmap for the SPARC platform, is that both Solaris and SPARC appear to have a future.

    The bad news is that the next major version of Solaris—Solaris 12— has apparently been canceled, as it has disappeared from the roadmap. Instead, it's been replaced with "Solaris 11.next"—and that version is apparently the only update planned for the operating system through 2021.

  • Oracle Finally Confirms It's Canning Solaris 12

    At the beginning of December there were rumors of Oracle canning Solaris and now that's finally been confirmed by Oracle more or less as they will not be delivering Solaris 12.

    According to Ars, they got confirmation from Oracle that they will not be going ahead with Solaris 12 as planned. Solaris 12 has been canceled and wiped off their roadmap. Oracle is said to be working on a "Solaris.next", but no details yet. This "Solaris.next" is also reportedly the only planned Solaris update through 2021.

Fedora vs. Ubuntu vs. openSUSE vs. Clear Linux For Intel Steam Gaming Performance

Filed under
Graphics/Benchmarks

With this week Clear Linux now being able to run Steam, I was excited to see how this performance-minded Linux distribution out of Intel's Open-Source Technology Center would compare to other more popular Linux distributions when it comes to Intel Linux gaming performance. Here are some benchmarks of this traditionally workstation/server-oriented Intel Linux distribution running some Steam Linux games.

For those that haven't read our past articles with Clear Linux benchmarks, it tends to perform very well for a variety of reasons. Delivering the best Linux performance possible on Intel hardware is one of their driving forces and include features like aggressive CFLAGS/CXXFLAGS by default, using CPUFreq over P-State for CPU frequency scaling, building software packages with function multi-versioning to support both older and newer processors, selectively choosing Clang vs. GCC compilers for each package based upon the performance, carrying some out-of-tree patches, and various other optimizations/tweaks as outlined at ClearLinux.org.

Read more

Ubuntu Leftovers

Filed under
Ubuntu
  • Some thoughts on switching from Ubuntu to Antergos for Linux gaming

    There’s many reasons for my switch, but the main one has been stability. Ubuntu has been getting more problem-filled with every new release for me so I had enough. Not only that, but due to it being dependent on GNOME packages, stuff was being stripped away too and it’s just a mess now. Some applications have normal title-bars, some have GNOME’s new styling with everything sodding hidden and it’s just all mashed together.

  • Canonical Announces Snapcraft 2.25 with Rust Plugin Improvements, Many Bug Fixes

    Canonical's Sergio Schvezov is announcing the release of Snapcraft 2.25, the open-source tool designed to allow application developers, and anyone else for that matter, to package software projects to the Snap universal binary format.

    Snapcraft 2.25 has been in development since December 16, 2016, when Canonical announced the release of Snapcraft 2.24, which most of you probably already use on their Ubuntu systems.

  • Dell Precision 5520 Is World’s Thinnest and Lightest 15” Notebook with Ubuntu

    Well, that didn't take too long, and Dell's Barton George announced today, January 18, 2017, the availability for pre-order of the second mobile workstation from the recently unveiled Precision line powered by Ubuntu Linux.

    The Dell Precision 5520 mobile workstation is now available for pre-order, and you can choose to get it pre-loaded with the long-term supported Ubuntu 16.04 (Xenial Xerus) operating system. Dell Precision 5520 is the second mobile workstation from Dell to be powered by Canonical's Ubuntu OS after Dell Precision 3520.

Solus to Move to GNOME 3.22 Stack Soon, Adopt Linux 4.9 and Bulletproof Updates

Filed under
GNU
Linux

It's been a little over two weeks since the Solus Project launched the first ISO snapshot of their Linux-based operating system, Solus 2017.01.01.0, but its development team has been engaged in various duties since then.

We've already told you about their plans to concentrate on delivering the Linux Driver Management tool that lets users more easily choose and install the perfect drivers for their hardware, as well as the long-anticipated Budgie 11 desktop environment for Q1 2017.

Read more

The Fairphone 2 Running Ubuntu Will Be On Show at MWC17

Filed under
Ubuntu

Mobile World Congress 2017 kicks off next month, and Canonical is, once again, going to be in attendance.

But although there are unlikely to be any shiny new Ubuntu phones and tablets to show off, Ubuntu Touch won’t be entirely absent.

Read more

Linux Devices, Raspberry Pi, and Tizen

  • Rugged, customizable POS system runs on Braswell

    Advantech’s rugged “UBX-310D” POS computer offers a quad-core, 2.0GHz Celeron J1900, plus SATA, mSATA, and mini-PCIe.

    Advantech’s UBX-310D is a fanless point of sale computer intended for small countertops and limited-space installations. The shock and vibration resistant device has a modest, 245 x 185 x 45mm footprint. The system runs Windows 7 or 8 as a default, with optional Linux 3.13, and supports applications such as retail, self-service, digital signage, and store management.

  • Open spec, $29 COM shrinks Pine A64 to SODIMM dimensions

    Pine64’s open spec, 67.9 x 31mm “SoPine A64” COM has a quad-core -A53 Allwinner A64 and 2GB RAM, plus an optional baseboard that mimics a Pine A64+ SBC.

  • RetroPie, NES Classic and Bluetooth peripherals

    I wanted to write a more in-depth post about RetroPie the Retro Gaming Appliance OS for Raspberry Pis, either technically or more positively, but unfortunately I don't have much positive to write.

    What I hoped for was a nice appliance that I could use to play old games from the comfort of my sofa. Unfortunately, nine times out of ten, I had a malfunctioning Linux machine and the time I'd set aside for jumping on goombas was being spent trying to figure out why bluetooth wasn't working. I have enough opportunities for that already, both at work and at home.

    I feel a little bad complaining about an open source, volunteer project: in its defence I can say that it is iterating fast and the two versions I tried in a relatively short time span were rapidly different. So hopefully a lot of my woes will eventually be fixed. I've also read a lot of other people get on with it just fine.

    Instead, I decided the Nintendo Classic NES Mini was the plug-and-play appliance for me. Alas, it became the "must have" Christmas toy for 2016 and impossible to obtain for the recommended retail price. I did succeed in finding one in stock at Toys R Us online at one point, only to have the checkout process break and my order not go through. Checking Stock Informer afterwards, that particular window of opportunity was only 5 minutes wide. So no NES classic for me!

  • Raspberry Pi Compute Module 3 Extends IoT

    Raspberry Pi Foundation updates embedded Compute Module with faster ARM processor to help developers and businesses build new IoT devices.

    The Raspberry Pi Foundation announced its new Compute Module 3 (CM3) on Jan. 16, providing internet of things (IoT) device makers with a powerful new option for embedded compute capabilities.

    The CM3 should not be confused with the Raspberry Pi's namesake device, which had its last major update in February 2016 with the debut of the Raspberry Pi 3 device. The Raspberry Pi is a small form-factor ARM-powered computer that was originally developed in 2012 as a way to help both kids and adults learn about computer science.

  • Smartphone App: Saavn Music app hits the Tizen Store

    Saavn Music app, which lets you listen to music online, is now available on your Tizen Store via Openmobile World Wide Inc. Previously Indian Z2 smartphone users got JioMusic app for it’s 4G & Jio support feature. Now, the online music Saavn app is available for the Samsung Z1 & Z3, as well as the Samsung Z2.

Debian News (manpages and TeX Live)

Filed under
Debian
  • manpages.debian.org has been modernized (2017-01-18)

    https://manpages.debian.org has been modernized! We have just launched a major update to our manpage repository. What used to be served via a CGI script is now a statically generated website, and therefore blazingly fast.

    While we were at it, we have restructured the paths so that we can serve all manpages, even those whose name conflicts with other binary packages (e.g. crontab(5) from cron, bcron or systemd-cron). Don’t worry: the old URLs are redirected correctly.

  • Debian/TeX Live January 2017

    As the freeze of the next release is closing in, I have updated a bunch of packages around TeX: All of the TeX Live packages (binaries and arch independent ones) and tex-common. I might see whether I get some updates of ConTeXt out, too.

Security News

Filed under
Security
  • Wednesday's security updates
  • Secure your Elasticsearch cluster and avoid ransomware

    Last week, news came out that unprotected MongoDB databases are being actively compromised: content copied and replaced by a message asking for a ransom to get it back. As The Register reports: Elasticsearch is next.

    Protecting access to Elasticsearch by a firewall is not always possible. But even in environments where it is possible, many admins are not protecting their databases. Even if you cannot use a firewall, you can secure connection to Elasticsearch by using encryption. Elasticsearch by itself does not provide any authentication or encryption possibilities. Still, there are many third-party solutions available, each with its own drawbacks and advantages.

  • Resolve to Follow These 8 Steps for Better Data Security in 2017

    Getting physically fit is a typical New Year's resolution. Given that most of us spend more time online than in a gym, the start of the new year also might be a great time to improve your security “fitness.” As with physical fitness challenges, the biggest issue with digital security is always stagnation. That is, if you don't move and don't change, atrophy sets in. In physical fitness, atrophy is a function of muscles not being exercised. In digital fitness, security risks increase when you fail to change passwords, update network systems and adopt improved security technology. Before long, your IT systems literally become a “sitting duck.” Given the volume of data breaches that occurred in 2016, it is highly likely that everyone reading this has had at least one breach of their accounts compromised in some way, such as their Yahoo data account. Hackers somewhere may have one of the passwords you’ve used at one point to access a particular site or service. If you're still using that same password somewhere, in a way that can connect that account to you, that's a non-trivial risk. Changing passwords is the first of eight security resolutions that can help to improve your online security fitness in 2017. Click through this eWEEK slide show to discover the rest.

  • Pwn2Own 2017 Takes Aim at Linux, Servers and Web Browsers

    10th anniversary edition of Pwn2Own hacking contest offers over $1M in prize money to security researchers across a long list of targets including Virtual Machines, servers, enterprise applications and web browsers.

    Over the last decade, the Zero Day Initiative's (ZDI) annual Pwn2Own competition has emerged to become one of the premiere events on the information security calendar and the 2017 edition does not look to be any different. For the tenth anniversary of the Pwn2Own contest, ZDI, now owned and operated by Trend Micro, is going farther than ever before, with more targets and more prize money available for security researchers to claim by successfully executing zero-day exploits.

  • 'Factorio' is another game that was being hit by key scammers

    In another case of scammers trying to buy keys with often stolen credit cards to sell on websites like G2A, the developers of 'Factorio' have written about their experience with it (and other stuff too).

Syndicate content

More in Tux Machines

Canonical Patches Nvidia Graphics Drivers Vulnerability in All Ubuntu Releases

It's time to update your Ubuntu Linux operating system if you have a Nvidia graphics card running the Nvidia Legacy 340 or 304 binary X.Org drivers provided on the official software repositories. Read more

Long-term Embedded Linux Maintenance andd New Device From CompuLab

  • Long-term Embedded Linux Maintenance Made Easier
    The good old days when security breaches only happened to Windows folk are fading fast. Malware hackers and denial of service specialists are increasingly targeting out of date embedded Linux devices, and fixing Linux security vulnerabilities was the topic of several presentations at the Embedded Linux Conference Europe (ELCE) in October. One of the best attended was “Long-Term Maintenance, or How to (Mis-)Manage Embedded Systems for 10+ Years” by Pengutronix kernel hacker Jan Lübbe. After summarizing the growing security threats in embedded Linux, Lübbe laid out a plan to keep long-life devices secure and fully functional. “We need to move to newer, more stable kernels and do continuous maintenance to fix critical vulnerabilities,” said Lübbe. “We need to do the upstreaming and automate processes, and put in place a sustainable workflow. We don’t have any more excuses for leaving systems in the field with outdated software.”
  • CompuLab Has Upgraded Their Small Form Factor "IPC" Line To Kabylake
    HARDWARE -- Our friends and Linux-friendly PC vendor, CompuLab, have announced a new "IPC" line-up of their small form factor computers now with Intel Kabylake processors. In the past on Phoronix we tested CompuLab's Intense-PC (IPC) and then the IPC2 with Haswell processors, among other innovative PCs from CompuLab. Now they are rolling out the IPC3 with Intel's latest Kabylake processors.
  • Fanless mini-PC runs Linux Mint on Kaby Lake
    Compulab launched a rugged “IPC3” mini-PC that runs Linux on dual-core, 7th Gen Core i7/i5 CPUs, and also debuted three GbE-equipped FACE expansion modules. Compulab has opened pre-orders starting at $693 for the first mini-PCs we’ve seen to offer the latest, 14nm-fabricated 7th Generation Intel Core “Kaby Lake” processors. The passively cooled, 190 x 160 x 40mm IPC3 (Intense PC 3), which is available in up to industrial temperature ranges, follows two generations of similarly sized IPC2 mini-PCs. There’s the still available, 4th Gen “Haswell” based IPC2 from 2014 and the apparently discontinued 5th Gen “Broadwell” equipped IPC2 from 2015.
  • Compulab IPC3 is a tiny, fanless PC with Intel Kaby Lake CPU
    Compulab is an Israeli company that makes small, fanless computers for home or commercial use. The company’s latest mini PC aimed at enterprise/industrial usage is called the IPC3, and it has a die-cast aluminum case with built-in heat sinks for passive cooling and measures about 7.4″ x 6.3″ x 1.6″.

Games for GNU/Linux

  • Imperium Galactica II: Alliances released for Linux & SteamOS, seems native too
    Imperium Galactica II: Alliances [GOG, Steam] just released for Linux & SteamOS and it looks like it's a native version. Note: My friends at GOG sent over a copy, so big thanks to them. There's no sign of DOSBox or Wine and I had no idea this game had ever been ported to Linux. Pretty awesome really for a game like this to get a proper Linux build when it gets a new release.
  • Nearly five years after the Kickstarter, Carmageddon still isn’t on Linux despite the stretch goal being reached
    The problem here, for me, is that they later did a revamp of the title called Carmageddon: Max Damage. This was to fix some problems, boost sales again and port it to consoles. Carmageddon: Max Damage also never made it to Linux. Fun fact, they actually released a trailer where they just run over a ton of penguins, make from that what you will: Not saying this was trolling the entire Linux gaming community, but it sure felt like it after their previous trolling attempts directed at our official Twitter account.
  • Valve Rolls Out New Steam Client Stable Update with Promised Linux Changes, More
    Today Valve announced the availability of a new stable update of the Steam Client for all supported platforms, including the company's SteamOS operating system for Steam Machines, as well as GNU/Linux, macOS, and Microsoft Windows. Bringing all the new features during the Beta stages of development, the new Steam Client update improves the interaction between the Steam runtime and your GNU/Linux distribution's libraries. This is a huge and long-anticipated milestone for the Steam Client, which, unfortunately, did not work out-of-the-box on all Linux-based operating systems.

Robolinux 8.7.1 Linux OS Is Out and It's Based on Debian GNU/Linux 8.7 "Jessie"

The developers of the Robolinux GNU/Linux distribution have announced today, January 18, 2017, the release and immediate availability of a new stable update based on the latest Debian GNU/Linux 8 "Jessie" operating system series. Still offering a free installer, the Robolinux 8.7.1 "Raptor" edition is now available for download with the usual Cinnamon, MATE 3D, Xfce 3D, and LXDE flavors. It's based on the recently released Debian GNU/Linux 8.7.1 "Jessie" operating system, which means that it ships with its newest Linux 3.16 kernel and over 170 bug fixes and security patches. The GRUB bootloader and login screens have been refreshed too. Read more