Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 21 Apr 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story BSD Leftovers Roy Schestowitz 15/04/2018 - 10:19pm
Story Wine Development: Wine-Staging 3.6, DXVK, and API Copyrights Roy Schestowitz 15/04/2018 - 9:54pm
Story KDE: KDE Plasma 5.13, Modern KDE Applications on FreeBSD and More Roy Schestowitz 15/04/2018 - 9:51pm
Story More on GNOME 3.28.1 Roy Schestowitz 15/04/2018 - 9:34pm
Story Ubuntu Spotted in ‘Maze Runner: The Death Cure’ Roy Schestowitz 15/04/2018 - 9:29pm
Story today's howtos Roy Schestowitz 15/04/2018 - 8:38am
Story Programming: Subversion 1.10 and INN 2.6.2 Roy Schestowitz 15/04/2018 - 8:37am
Blog entry Holidays Calm Roy Schestowitz 1 15/04/2018 - 1:27am
Story Android Leftovers Rianne Schestowitz 15/04/2018 - 12:13am
Story Today in Techrights Roy Schestowitz 14/04/2018 - 11:42pm

OSS Leftovers

Filed under
OSS
  • This Week in Mixed Reality: Issue 1

    In the spirit of This week in Firefox/Rust/Servo, we’ve decided to start sharing weekly updates on the progress of the Mozilla Mixed Reality team. Late last year, we brought together all of the people working on Virtual and Augmented Reality at Mozilla to work in our new Mixed Reality program.

  • Microsoft’s Open Source Tool To Run More Linux Distros on Windows
  • Open source isn’t the community you think it is [Ed: The usual from Mac Asay]

    Thirteen years ago, I dug into academic research that showed how Mozilla’s Firefox browser and the Apache HTTP Server were both developed by a small cadre of core contributors. While the population of contributors broadened with things like bug fixes, the central development work for these and virtually all other projects was done by a talented group of core committers.

  • ZeMarmot, main contributor of GIMP 2.10.0-RC1!

    Two weeks ago, we released GIMP 2.10.0-RC1! This is our first release candidate before the stable release GIMP 2.10.0. Yes, you heard it well, the release you have been waiting for, for 6 years, is just around the corner!

  • Matthew Garrett Calls on Symantec to Share Its Code, EFF Questions Google's Work on Project Maven and More

    Linux kernel developer, free software activist and Google engineer Matthew Garrett discovered that Symantec is using a Linux distro based on the QCA Software Development Kit (QSDK) project: "This is a GPLv2-licensed, open-source platform built around the Linux-based OpenWrt Wi-Fi router operating system" (if true, this means Symantic needs to share the Norton Core Router's code). So, Garrett tweeted "Hi @NortonOnline the Norton Core is clearly running Linux and the license requires you to distribute the kernel source code so where can I get it?"

  • Best Programming Language

    Python wins Best Programming Language again this year in Linux Journal's annual Readers' Choice Awards. It's easy to use, powerful and versatile with a really large and active community. Having that supportive community ensures that developers of all skill levels easily can find the support and documentation they require, which feeds Python's popularity. It certainly helps that Python has something like a corporate sponsor. Python is recognized as an official language at Google, running on many of its internal systems and showing up in many Google APIs. In fact, Google's developer website offers free Python classes, videos and exercises.

Microsoft's Excellence

Filed under
Microsoft
  • Microsoft Might Start Showing Ads in Windows 10 Mail App

    The latest update for the Mail app in Windows 10 appears to include something that nobody expected: a small ad in the lower left corner that recommends users to “Get Office 365.”
    By the looks of things, only a small number of users get this new button in their Mail app, judging from this discussion on reddit. There doesn’t seem to be a pattern to trigger the ad to show up, but the Get Office 365 banner is only displayed when the left pane isn’t collapsed.

    Mail doesn’t show any banner on Windows 10 for me, even after updating to the latest version of the app, which is 17.9126.21425.0 and was released today.

  • Office 365 Services Hit by Outage, Outlook, Skype, OneDrive Down - April 6, 2018

    Microsoft’s Office 365 is down once again, with users in Europe reporting issues connecting to their accounts. Services like Outlook, Skype, and OneDrive are currently not available.
    While Microsoft hasn’t released a statement to acknowledge the problems, DownDetector seems to point that several European countries are affected. Parts of the United Kingdom, Belgium, Sweden, Germany, France, Italy, and Latvia are most affected.

    Somewhat surprising is that Microsoft’s Office 365 service health page claims “everything is up and running” with all services that users indicate to be down, including Outlook, OneDrive, and Yammer said to be running properly.

    Some users reveal that Exchange clients work correctly, and only the web access appears to be impacted by the outage. Others point out they’re not able to login to Skype and their password is being refused. Several said that they can send emails but not receive anything.

  • Office 365 goes down across Europe, again

    Users attempting to access Office 365 email are reportedly being greeted with an 'AADSTS90033' error message, alongside the unhelpful warning: "Service is temporarily unavailable. Please retry later."

    The AADSTS90033 error message is typically displayed under normal circumstances when a user cannot get a token from Azure for the services they need to access.

CentOS 7.4 upgrade - Still got it

Filed under
Red Hat

The upgrade of CentOS to 7.4 (1708) worked fine. I did hit a few snags, but they were entirely due to my own use of third party sources. Once I had that ironed out, the process was robust. Even my extra programs were correctly carried over, all except Skype. Not bad, given that I have a beautiful, slick, and fully functional desktop with ten years of stability and support.

Now, not all is golden. The old kernel 3.X is not as fast as the new 4.X stuff, and you can feel it. CentOS is pretty nimble, but modern distros are nimbler. And Plasma 5 is superior to KDE 4. Which is in fact my next project. See if I can get a custom kernel running and perhaps even grab Plasma. I'm not in the mood for excessive manual labor and compilations, but this might be doable.

All in all, for those comfortable with running a somewhat conservative server distro with top-notch stability and many years of updates, and who do not mind not having always the latest and greatest stuff, CentOS 7.4 makes for an almost ideal candidate. Actually, the ideal candidate would have kernel 4.15 and Plasma, but that's a story for another time. Anyway, 18 months of neglect have got nothing on CentOS. Linux on.

Read more

Graphics: Sway 1.0 Reaches Alpha, NVIDIA Preparing To Drop Fermi Support, VKVG: Vulkan Vector Graphics

Filed under
Graphics/Benchmarks
  • Sway 1.0 Reaches Alpha For This Popular Wayland Compositor

    The Sway Wayland Compositor that is known for its compatibility and inspiration from the i3 tiling window manager is nearly out with its version 1.0 release.

    Sway 1.0 Alpha was released this Saturday evening as the first step towards the big 1.0 milestone. This release is now based on the wlroots Wayland compositor library and the code-base itself to the compositor was completely overhauled. In the process, the NVIDIA proprietary driver support was also removed.

  • NVIDIA Preparing To Drop Fermi Support From Their Mainline Drivers

    NVIDIA is in the process of retiring GeForce 400/500 "Fermi" GPU support from their mainline graphics drivers on Windows and Linux/BSD/Solaris.

    Yesterday NVIDIA announced that critical security updates for Fermi series GPUs will continue through January 2019, but after that be cut off while for now they will still be issuing "Game Ready Driver" (Windows) drivers with Fermi support included.

  • VKVG: Vulkan Vector Graphics With A Cairo-Like API

    The latest nifty open-source Vulkan project we have come across worthy of a shout-out is VKVG. VKVG is short for Vulkan Vector Graphics and is a C library for drawing 2D vector graphics using the Vulkan graphics API.

POWER Updates For Linux 4.17 Drop POWER4 CPU Support

Filed under
Linux

In addition to Linux 4.17 dropping eight obsolete CPU architectures, this next kernel release is also doing away with POWER4 CPU support.

The IBM POWER4 architecture dates back to 2001 for RS/6000 and AS/400 computers with just above 1.0GHz clock frequencies, dual cores, and around a 115 Watt TDP. POWER4 was succeeded by POWER5 in 2004. While POWER4 and POWER4+ support is removed, PowerPC 970 and POWER5 and newer support remains.

It turns out back in 2016, the POWER4 CPU support was accidentally broken and with no one noticing the past two years, developers have decided to just do away with this older PowerPC architecture. This frees up some maintenance burden and "blocked use of some modern instructions."

Read more

Important Kernel Update for Ubuntu 16.04 LTS Patches 39 Security Vulnerabilities

Filed under
Security
Ubuntu

After releasing a major kernel update for the Ubuntu 17.10 (Artful Aardvark) operating system series on both 64/32-bit and Raspberry Pi 2 devices, Canonical released an important kernel update for Ubuntu 16.04 LTS (Xenial Xerus) systems.

The new kernel update published earlier this week addresses a total of 39 security vulnerabilities for the long-term supported Ubuntu 16.04 LTS (Xenial Xerus) operating system series and its official derivatives, including Kubuntu, Lubuntu, Xubuntu, Ubuntu MATE, Ubuntu Kylin, and Ubuntu Studio.

Read more

Debian GNU/Linux Operating System Is Now Supported on 64-bit RISC-V Hardware

Filed under
Debian

If you want to use the Debian GNU/Linux operating system on 64-bit RISC-V devices, you should know that there's now an official port for the RISC-V 64-bit (riscv64) architecture in Debian infrastructure.

The announcement comes from developer Manuel Fernandez Montecelo, who said that after a few weeks of hard work, he and his team managed to do an official 64-bit RISC-V bootstrap, which is now available in Debian Project's debian-ports infrastructure for those who want to download packages on their RISC-V devices.

“We've been working in the last few weeks to do a (second) bootstrap of Debian for RISC-V, and after a few weeks of hard work it is now bootstrapped and has been imported into the Debian infrastructure, in particular, debian-ports," said Manuel Fernandez Montecelo in the announcement.

Read more

12 Best GTK Themes for Ubuntu and other Linux Distributions

Let’s have a look at some of the beautiful GTK themes that you can use not only in Ubuntu but other Linux distributions that use GNOME.
Read more

AMD Ryzen 7 Performance On Windows 10, Windows Server 2016, Six Linux Distributions

Filed under
Graphics/Benchmarks

Our latest Windows vs. Linux benchmarking interest has been seeing how the AMD Ryzen 7 performance compares with the latest operating systems / Linux distributions. We have recently posted some Windows 10 vs. Windows WSL vs. Windows Linux benchmarks, relative Spectre/Meltdown mitigation impact tests on Windows vs. Linux, and other benchmarks but has mostly been done with Intel or server hardware. For those curious, today's tests were done with an AMD Ryzen 7 1700 platform.

Read more

5 Raspberry Pi Operating Systems That Aren’t Linux

Filed under
OS
Hardware

Looking for a way to get the most out of your Raspberry Pi? Running a project that just needs something more? Odd as it may seem, Linux might be the problem, so why not consider a non-Linux operating system? Several have been released, or adapted, for use on the Raspberry Pi.

Read more

Security: Storing Passwords, Updates, and FUD

Filed under
Security
  • Another day, another breach: At what point does storing passwords in plaintext become criminally negligent?

    News of the Finnish breach (Google Translate) arrived yesterday, and while there isn’t a lot of details, we learn two important things: the leak was relatively big (the third largest in Finland), and cleartext passwords with usernames leaked, because they had hundreds of thousands of passwords stored in cleartext.

    …and they had passwords stored in cleartext.

    This is so bad security, it should not exist anywhere, period. It should not even be taught in a coding class as an intermediate step on the way to how to do it the right way.

    You don’t store passwords in cleartext because of two reasons combined:

  • Storing passwords in cleartext: don't ever

    This year I've implemented a rudimentary authentication server for work, called Qvisqve. I am in the process for also using it for my current hobby project, ick, which provides HTTP APIs and needs authentication. Qvisqve stores passwords using scrypt: source. It's not been audited, and I'm not claiming it to be perfect, but it's at least not storing passwords in cleartext. (If you find a problem, do email me and tell me: liw@liw.fi.)

    This week, two news stories have reached me about service providers storing passwords in cleartext. One is a Finnish system for people starting a new business. The password database has leaked, with about 130,000 cleartext passwords. The other is about T-mobile in Austria bragging on Twitter that they store customer passwords in cleartext, and some people not liking that.

    In both cases, representatives of the company claim it's OK, because they have "good security". I disagree. Storing passwords is itself shockingly bad security, regardless of how good your other security measures are, and whether your password database leaks or not. Claiming it's ever OK to store user passwords in cleartext in a service is incompetence at best.

  • Security updates for Friday
  • One-Fifth of Open-Source Serverless Apps Have Critical Vulnerabilities [Ed: One-Fifth of [buzzword] Apps [sic] need to be updated. Problem solved. With proprietary software you have back doors that cannot be fixed]

Canonical Releases Major Linux Kernel Update for Ubuntu 17.10 for Raspberry Pi 2

Filed under
Ubuntu

Canonical released a major Linux kernel update for Ubuntu 17.10 for Raspberry Pi 2, addressing various security vulnerabilities that were previously patched for 64-bit and 32-bit architectures earlier this week.

The security advisory mentions a total of 21 security vulnerabilities fixed for linux-raspi2, the Linux kernel for Raspberry Pi 2 on Ubuntu 17.10 (Artful Aardvark) operating systems, including a race condition that could lead to a use-after-free vulnerability in Linux kernel's ALSA PCM subsystem, and a use-after-free vulnerability in the network namespaces implementation.

The update also addresses a race condition in Linux kernel's OCFS2 filesystem and loop block device implementations, as well as a null pointer dereference in the RDS (Reliable Datagram Sockets) protocol implementation. Most of these flaws could allow a local attacker to crash the vulnerable system by causing a denial of service or possibly execute arbitrary code.

Read more

Latest on Linux 4.17

Filed under
Linux
  • PCI, Crypto & Other Updates Head Into Linux 4.17

    We are at the end of the first (and busiest) week of the two-week long Linux 4.17 kernel merge window. There have been many articles on Phoronix about the big highlights of this next kernel version while here are some of the smaller change-sets that came about this week.

  • Thunderbolt Updates Head Into Linux 4.17, Adds USB/SL4 Security Level

    Greg Kroah-Hartman's char/misc pull this week included a fair amount of Thunderbolt support improvements for the forthcoming Linux 4.17 kernel.

    Thunderbolt changes queued for Linux 4.17 include support for the new Intel Titan Ridge controller, support for a USB-only SL4 security level, prevent crashes when the ICM firmware is not active, support for a pre-boot ACL, handling for rejected Thunderbolt devices, and other error handling improvements and Thunderbolt related fixes.

Improved Flathub Website Makes It Easier to Find Flatpak Apps

Filed under
Red Hat

It just got a whole heap easier to find and install Flatpak apps on Linux distros like Ubuntu.

A new version of the Flathub website is now live on Flathub.org, albeit in beta.

The improved front-end to what is the de facto Flatpak app store offers search, browsing and install options.

It’s packed with app descriptions, screenshots, browsable categories, search, meta info, and a beautifully fluid design.

Read more

OSS Leftovers

Filed under
OSS
  • Haiku monthly activity report - 03/2018

    Hrishi Hiraskar (one of our GSoC applicants) reworked the management of the shutdown phase. This revolves around both launch daemon and the BRoster, which collaborate together to coordinate system shutdown. Things must happen in a specific order to make sure all apps are properly terminated (leaving the user a chance to save his work if not done yet), and only then, system servers are stopped. There were some problemw with the existing implementation where it would be possible to start an application while another one was waiting for a save, and it could eventually lead to loss of work (a little unlikely, but still). We now have a better shutdown process which will make sure everything happens in the correct order.

  • BeOS-Inspired Haiku OS Continues Chugging Along With Driver Improvements, UI Changes

    The open-source Haiku operating system that is still striving for compatibility with BeOS had another busy month.

  • Substratum: An Open Source Network for Computing Power

    As centralized entities like Facebook and Google continue to be exposed for their improper handling of user data and questionable censorship, many are beginning to second guess their online habits. Add to that the exceedingly blatant government interference with actions like the repealing of Net Neutrality, and it becomes clear that new, decentralized alternatives need to be developed.

  • Goofy learns to fish: Why good documentation matters

    No matter what type of project you're working on, you can't expect users to fully understand it on their own. That's where documentation comes in. Docs can be anything from simple procedures to thorough user stories. Sure, a web UI can sometimes speak for itself (and the best ones do), but I'm sure you've seen tales of readers questioning basic UI paths or squirming about doing anything on the command line.

  • Coreboot Lands Updated ME_Cleaner, Purism TPM & Other Updates

    A number of improvements to Coreboot were merged to Git master overnight.

    The latest improvements now in the Coreboot Git tree include:

    - ME_Cleaner v1.2 for aiming to strip out and disable the Intel Management Engine support. ME_Cleaner 1.2 adds support for the HAP/AltMeDisable bit, support for selective partition removal, wiping ME6 Ignition firmware images, adding a man page, a new Python setup script, and various other changes.

    - The Purism Librem Skylake laptop support now has TPM support following the company recently started shipping all their new laptops with the Trusted Platform Module (TPM) present and enabled.

Games: RUINER, Emulation, Ash of Gods

Filed under
Gaming

12 Best GTK Themes for Ubuntu and other Linux Distributions

Filed under
GNOME

For those of us that use Ubuntu proper, the move from Unity to Gnome as the default desktop environment has made theming and customizing easier than ever. Gnome has a fairly large tweaking community, and there is no shortage of fantastic GTK themes for users to choose from. With that in mind, I went ahead and found some of my favorite themes that I have come across in recent months. These are what I believe offer some of the best experiences that you can find.

Read more

Slimbook Curve: Enjoy Using Linux On This 24″ Curved Screen All-In-One Powerhouse

Filed under
Linux

Slimbook has added another machine to their PC lineup which lets people experience Linux on quality machines. Their latest offering is an All-In-One desktop computer called Slimbook Curve.

As the name suggests, it lets you use your favorite Linux distro on a 24-inch FHD curved screen display that is enclosed in a beautiful aluminum body. Slimbook Curve comes with all the features and enough power a regular user would want from their PC.

Read more

Syndicate content

More in Tux Machines

OpenBSD and NetBSD

Security: Twitter and Facebook

  • Twitter banned Kaspersky Lab from advertising in Jan
     

    Twitter has banned advertising from Russian security vendor Kaspersky Lab since January, the head of the firm, Eugene Kaspersky, has disclosed.  

  • When you go to a security conference, and its mobile app leaks your data
     

    A mobile application built by a third party for the RSA security conference in San Francisco this week was found to have a few security issues of its own—including hard-coded security keys and passwords that allowed a researcher to extract the conference's attendee list. The conference organizers acknowledged the vulnerability on Twitter, but they say that only the first and last names of 114 attendees were exposed.

  • The Security Risks of Logging in With Facebook
     

    In a yet-to-be peer-reviewed study published on Freedom To Tinker, a site hosted by Princeton's Center for Information Technology Policy, three researchers document how third-party tracking scripts have the capability to scoop up information from Facebook's login API without users knowing. The tracking scripts documented by Steven Englehardt, Gunes Acar, and Arvind Narayanan represent a small slice of the invisible tracking ecosystem that follows users around the web largely without their knowledge.

  • Facebook Login data hijacked by hidden JavaScript trackers
     

    If you login to websites through Facebook, we've got some bad news: hidden trackers can suck up more of your data than you'd intended to give away, potentially opening it up to abuse.

Beginner Friendly Gentoo Based Sabayon Linux Has a New Release

The team behind Sabayon Linux had issued a new release. Let’s take a quick look at what’s involved in this new release. Read more

Android Leftovers