Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 24 Apr 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Security: Updates, Trustjacking, Breach Detection

Filed under
Security
  • Security updates for Monday
  • iOS Trustjacking – A Dangerous New iOS Vulnerability

    An iPhone user's worst nightmare is to have someone gain persistent control over his/her device, including the ability to record and control all activity without even needing to be in the same room. In this blog post, we present a new vulnerability called “Trustjacking”, which allows an attacker to do exactly that.

    This vulnerability exploits an iOS feature called iTunes Wi-Fi sync, which allows a user to manage their iOS device without physically connecting it to their computer. A single tap by the iOS device owner when the two are connected to the same network allows an attacker to gain permanent control over the device. In addition, we will walk through past related vulnerabilities and show the changes that Apple has made in order to mitigate them, and why these are not enough to prevent similar attacks.

  • What Is ‘Trustjacking’? How This New iOS Vulnerability Allows Remote Hacking?

    This new vulnerability called trustjacking exploits a convenient WiFi feature, which allows iOS device owners to manage their devices and access data, even when they are not in the same location anymore.

  • Breach detection with Linux filesystem forensics

    Forensic analysis of a Linux disk image is often part of incident response to determine if a breach has occurred. Linux forensics is a different and fascinating world compared to Microsoft Windows forensics. In this article, I will analyze a disk image from a potentially compromised Linux system in order to determine the who, what, when, where, why, and how of the incident and create event and filesystem timelines. Finally, I will extract artifacts of interest from the disk image.

    In this tutorial, we will use some new tools and some old tools in creative, new ways to perform a forensic analysis of a disk image.

SUSE Launches Beta Program for SUSE Linux Enterprise High Performance Computing

Filed under
SUSE

While SUSE is working hard on the major SUSE Linux Enterprise 15 release, they recently announced that the SUSE Linux Enterprise High Performance Computing (HPC) platform is now a dedicated SUSE Linux Enterprise product based on SUSE Linux Enterprise 15, available for public testing on 64-bit and ARM 64-bit architectures.

SUSE Linux Enterprise 15 will introduce numerous new features and improvements, including a brand new installer that offers a single unified method to install one of the supported SUSE Linux Enterprise products, including the SUSE Linux Enterprise High Performance Computing module, which comes with a set of components used in high-performance computing environments.

Read more

Also: SUSE Linux Enterprise 15 Prepares HPC Module

Programming: ThreadStack and Qt for WebAssembly

Filed under
Development
  • ThreadStack: Yet Another C++ Project Trying To Make Multi-Threading Easier

    ThreadStack is yet another C++ project trying to make it easier dealing with multiple CPU threads.

    This latest open-source C++ threading project comes out of academia research. ThreadStack is self-described by its developer, Erkam Murat Bozkurt, as "an innovative software which produces a class library for C++ multi-thread programming and the outcome of the ThreadStack acts as an autonomous management system for the thread synchronization tasks. ThreadStack has a nice and useful graphical user interface and includes a short tutorial and code examples. ThreadStack offers a new way for multi-thread computing and it uses a meta program in order to produce an application specific thread synchronization library." Erkam has been working the rounds trying to raise awareness for this research on the GCC and LLVM mailing lists.

  • Beta for Qt for WebAssembly Technology Preview

    WebAssembly is a bytecode format intended to be executed in a web browser. This allows an application to be deployed to a device with a compliant web browser without going through any explicit installation steps. The application will be running inside a secure sandbox in the web browser, making it appropriate for applications that do not need full access to the device capabilities, but benefits from a swift and uncomplicated installation process.

  • Qt for WebAssembly Tech Preview Reaches Beta

    As part of next month's Qt 5.11 tool-kit update, a new technology preview module will be WebAssembly support for running Qt5 user-interfaces within your web-browser.

Kernel and Graphics: BUS1, Linux 4.17 RC2, Wayland's Weston and Mesa

Filed under
Graphics/Benchmarks
Linux
  • BUS1 Still Remains Out Of The Mainline Linux Kernel, But DBus-Broker Continues

    The BUS1 in-kernel IPC mechanism born out of the ashes of KDBUS still hasn't been mainlined in the Linux kernel, but its code is still improved upon from time to time. At least though DBus-Broker as a new performance-oriented D-Bus implementation continues gaining ground in user-space.

    DBus-Broker was announced last year as a new message bus implementation of D-Bus focused on high performance and reliability while continuing to offer compatibility with the original D-Bus implementation.

  • Linux 4.17-rc2 Kernel Released With Mostly Routine Changes

    Linus Torvalds has announced the availability of the second weekly test release for what is becoming the Linux 4.17 kernel.

  • Wayland's Weston Gets Optimizations For Its Pixman Renderer

    Wayland's Weston reference compositor with its Pixman software-based renderer back-end has received a number of performance optimizations.

    Fabien Lahoudere of Collabora posted a set of patches today to optimize the Pixman renderer for Weston. In particular, there are optimizations around compositing damage to the screen as well as optimizing the shadow buffer usage. The Weston Pixman renderer is often used as a software accelerated fallback in cases where no GPU hardware acceleration may be available. As implied by the name, it uses the long-standing Pixman library that is also used by Cairo, the X.Org Server, etc, for pixel manipulation on the CPU.

  • Panfrost Gallium3D Driver For ARM Mali Can Now Render A Cube

    The Panfrost open-source driver project previously known as "Chai" for creating an open-source 3D driver stack for ARM's Mali Midgard hardware now has a working shaded cube being rendered using the open-source code as part of its new "half-way" driver based on Gallium3D.

Thunderbolt 3 in Fedora 28

Filed under
Red Hat
  • The state of Thunderbolt 3 in Fedora 28

    Fedora 28 is around the corner and I wanted to highlight what we did to make the Thunderbolt 3 experience as smooth as possible. Although this post focuses on Fedora 28 for what is currently packaged and shipping, all changes are of course available upstream and should hit other distributions in the future.

  • Thunderbolt 3 Support Is In Great Shape For Fedora 28

    Red Hat developers have managed to deliver on their goals around improving Thunderbolt support on the Linux desktop with the upcoming Fedora 28 distribution update.

    This has been part of their goal of having secure Thunderbolt support where users can authorize devices and/or restrict access to certain capabilities on a per-device basis, which is part of Red Hat's Bolt project and currently has UI elements for the GNOME desktop.

New Heptio Announcements

Filed under
Server
OSS

New Terminal App in Chome OS Hints at Upcoming Support for Linux Applications

Filed under
OS
Linux

According to a Reddit thread, a Chromebook user recently spotted a new Terminal app added to the app drawer when running on the latest Chrome OS Dev channel. Clicking the icon would apparently prompt the user to install the Terminal app, which requires about 200 MB of disk space.

The installation prompt notes the fact that the Terminal app can be used to develop on your Chromebook. It also suggests that users will be able to run native apps and command-line tools seamlessly and securely. Considering the fact that Chrome OS is powered by the Linux kernel, this can only mean one thing.

Read more

Raspberry Pi DAC HAT has dual Burr Brown DACs and a 128dB SNR

Filed under
Linux

Orchard Audio’s “ApplePi DAC” audio HAT add-on for the Raspberry Pi is available for $175 on Kickstarter, featuring two Burr Brown PCM1794A monoaural DACs, a 128dB SNR, and both balanced and unbalanced outputs.

Orchard Audio quickly surpassed its $5K Kickstarter goal for its ApplePi DAC HAT board, which it is promoting as “the most advanced and highest performance sound card hat for the Raspberry Pi.” It didn’t hurt that Orchard posted a couple of favorable reviews, including one from Volumio co-founder Michelangelo, who wrote: “This DAC is producing the most detailed sound to ever come out of my Raspberry Pi.”

Read more

Hands-On with Ubuntu's Brand New Welcome Screen in Ubuntu 18.04 LTS

Filed under
Ubuntu

With only three days left before Canonical's highly anticipated Ubuntu 18.04 LTS (Bionic Beaver) operating system hits the streets, today we're taking a first look at one of its newest features.

As the headline implies, the next Ubuntu release will ship with a brand new Welcome screen, for the first time in the history of the Linux-based operating system. After installing Ubuntu 18.04 LTS on your personal computer, you'll be greeted by a welcome screen to help you set up a few things.

Welcome screens have been used before in the Ubuntu world, by the Ubuntu MATE and Ubuntu Budgie official flavors for example, and are also being used by numerous other GNU/Linux distributions out there to provide a one-stop solution for setting up your freshly installed operating system.

Ubuntu itself never used a welcome screen, but with the forthcoming Ubuntu 18.04 LTS release things change in this regard. The new welcome screen in Bionic Beaver will help new and returning users better understand how the brand-new GNOME user interface works, as well as to set up things like Canonical Livepatch.

Read more

Games Leftovers

Filed under
Gaming

Security Stunts From Microsoft and Crash Reporting

Filed under
Linux
Microsoft

today's leftovers

Filed under
Misc

Software: Liberation of Code, GNU Parallel, Devhelp

Filed under
Software
  • When should you open source your software?

    It’s 20 years this this since the term ‘Open Source’ was coined. In that time the movement for free and open software has gone from a niche to a common method of distribution and a normal way of operating for businesses.

    Major technology shifts are now driven by open source technologies: Big Data (Hadoop, Spark), AI (TensorFlow, Caffe), and Containers (Docker, Kubernetes) are all open projects. Massive companies including Google, Facebook, and even Lyft regularly release Open Source tools for the world to use. Microsoft – whose former CEO once described Linux as a cancer – now embraces the concept.

  • GNU Parallel 20180422 ('Tiangong-1') released

    Quote of the month:

    Today I discovered GNU Parallel, and I don’t know what to do with all this spare time.
    --Ryan Booker

  • Devhelp news

    For more context, I started to contribute to Devhelp in 2015 to fix some annoying bugs (it’s an application that I use almost every day). Then I got hooked, I contributed more, became a co-maintainer last year, etc. Devhelp is a nice little project, I would like it to be better known and used more outside of GNOME development, for example for the Linux kernel now that they have a good API documentation infrastructure (it’s just a matter of generating *.devhelp2 index files alongside the HTML pages).

University students create award-winning open source projects

Filed under
OSS

In my short time working for Clarkson University, I've realized what a huge impact this small university is making on the open source world. Our 4,300 student-strong science and technology-focused institution, located just south of the Canadian border in Potsdam, New York, hosts the Clarkson Open Source Institute (COSI), dedicated to promoting open source software and providing equipment and support for student projects.

While many universities offer opportunities for students to get involved in open source projects, it's rare to have an entire institute dedicated to promoting open source development. COSI is part of Clarkson's Applied Computer Science Labs within the computer science department. It, along with the Internet Teaching Lab and the Virtual Reality Lab, is run by students (supported by faculty advisers), allowing them to gain experience in managing both facilities and projects while still undergraduates.

Read more

Linux 4.17-rc2

Filed under
Linux

So rc2 is out, and things look fairly normal.

The diff looks a bit unusual, with the tools subdirectory dominating,
with 30%+ of the whole diff. Mostly perf and test scripts.

But if you ignore that, the rest looks fairly usual. Arch updates
(s390 and x86 dominate) and drivers (networking, gpu, HID, mmc, misc)
are the bulk of it, with misc other changes all over (filesystems,
core kernel, networking, docs).

We've still got some known fallout from the merge window, but it
shouldn't affect most normal configurations, so go out and test.

Linus

Read more

Also: Upstream Linux support for new NXP i.MX8

Syndicate content

More in Tux Machines

today's howtos

Graphics: VC4 and AMDVLK Driver

  • VC4 display, VC5 kernel submitted
    For VC5, I renamed the kernel driver to “v3d” and submitted it to the kernel. Daniel Vetter came back right away with a bunch of useful feedback, and next week I’m resolving that feedback and continuing to work on the GMP support. On the vc4 front, I did the investigation of the HDL to determine that the OLED matrix applies before the gamma tables, so we can expose it in the DRM for Android’s color correction. Stefan was also interested in reworking his fencing patches to use syncobjs, so hopefully we can merge those and get DRM HWC support in mainline soon. I also pushed Gustavo’s patch for using the new core DRM infrastructure for async cursor updates. This doesn’t simplify our code much yet, but Boris has a series he’s working on that gets rid of a lot of custom vc4 display code by switching more code over to the new async support.
  • V3D DRM Driver Revised As It Works To Get Into The Mainline Kernel
    Eric Anholt of Broadcom has sent out his revised patches for the "V3D" DRM driver, which up until last week was known as the VC5 DRM driver. As explained last week, the VC5 driver components are being renamed to V3D since it ends up supporting more than just VC5 with Broadcom VC6 hardware already being supported too. Eric is making preparations to get this VideoCore driver into the mainline Linux kernel and he will then also rename the VC5 Gallium3D driver to V3D Gallium3D.
  • AMDVLK Driver Gets Fixed For Rise of the Tomb Raider Using Application Profiles
    With last week's release of Rise of the Tomb Raider on Linux ported by Feral Interactive, when it came to Radeon GPU support for this Vulkan-only Linux game port the Mesa RADV driver was supported while the official AMDVLK driver would lead to GPU hangs. That's now been fixed. With the latest AMDVLK/XGL source code as of today, the GPU hang issue for Rise of the Tomb Raider should now be resolved.

AMD Ryzen 7 2700X Linux Performance Boosted By Updated BIOS/AGESA

With last week's initial launch-day Linux benchmarks of the Ryzen 5 2600X / Ryzen 7 2700X some found the Linux performance to be lower than Windows. While the root cause is undetermined, a BIOS/AGESA update does appear to help the Linux performance significantly at least with the motherboard where I've been doing most of my tests with the Ryzen 7 2700X. Here are the latest benchmark numbers. Read more

GNU: The GNU C Library 2.28 and Guix on Android

  • Glibc 2.28 Upstream Will Build/Run Cleanly On GNU Hurd
    While Linux distributions are still migrating to Glibc 2.27, in the two months since the release changes have continued building up for what will eventually become the GNU C Library 2.28. The Glibc 2.28 work queued thus far isn't nearly as exciting as all the performance optimizations and more introduced with Glibc 2.27, but it's a start. Most notable at this point for Glibc 2.28 is that it will now build and run cleanly on GNU/Hurd without requiring any out-of-tree patches. There has been a ton of Hurd-related commits to Glibc over the past month.
  • Guix on Android!
    Last year I thought to myself: since my phone is just a computer running an operating system called Android (or Replicant!), and that Android is based on a Linux kernel, it's just another foreign distribution I could install GNU Guix on, right? It turned out it was absolutely the case. Today I was reminded on IRC of my attempt last year at installing GNU Guix on my phone. Hence this blog post. I'll try to give you all the knowledge and commands required to install it on your own Android device.
  • GNU Guix Wrangled To Run On Android
    The GNU Guix transactional package manager can be made to run on Android smartphones/tablets, but not without lots of hoops to jump through first.