Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 18 Aug 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

GNU/Linux on Chromebooks

Filed under
GNU
Linux
Google
  • How to install Linux apps on your Chromebook

    Chromebooks are great because they're simple: there's a lot you can get done with web services without exposing yourself to the troubles and security issues that plague more complex platforms.

    But if you need to do a bit more with your Chromebook, you have a few options. Most Chromebooks these days allow you to install apps from the Google Play Store, which should fill most productivity gaps. If not, you'll soon have one more option: installing Linux apps. To be clear, you've been able to install Linux apps on Chromebooks for years because Chrome OS is Linux. But, it's about to get much easier.

  • Top 5 Features Still Missing From Chrome OS

    Google’s Chrome OS gets a lot of things right, and the platform has evolved considerably over the years. Not only does it offer an always up-to-date version of the Chrome browser, but there are also Android apps, stylus input, and even Linux support on some devices. However, Chrome OS is far from perfect. You have to make compromises if you choose to live with a Chromebook, but you shouldn’t have to make quite this many. Here are the top five things Google should fix.

  • Walmart's selling an all-aluminum Chromebook with a comfy keyboard for just $220

    If you’re not considering a Chromebook when you're shopping for a notebook, you’re doing it wrong. Google's low-cost laptops are typically light, fast, secure, and have almost everything you need for remote work a.k.a. the Internet. Today, you can get in on the action for a great price. Walmart is selling the Acer Chromebook 14 (CB3-431-C6ZB) for $220. That’s about $30 to $40 cheaper than you’d usually pay for this laptop.

Microsoft Versus Linux

Filed under
GNU
Linux
Microsoft

OSCON 2018 Events Coverage by LWN

Filed under
OSS
  • Using AI on patents

    Software patents account for more than half of all utility patents granted in the US over the past few years. Clearly, many companies see these patents as a way to fortune and growth, even while software patents are hated by many people working in the free and open-source movements. The field of patenting has now joined the onward march of artificial intelligence. This was the topic of a talk at OSCON 2018 by Van Lindberg, an intellectual-property lawyer, board member and general counsel for the Python Software Foundation, and author of the book Intellectual Property and Open Source. The disruption presented by deep learning ranges from modest enhancements that have already been exploited—making searches for prior art easier—to harbingers of automatic patent generation in the future.

  • Diverse technical topics from OSCON 2018

    The O'Reilly Open Source Conference (OSCON) returned to Portland, Oregon in July for its 20th meeting. Previously, we covered some retrospectives and community-management talks that were a big part of the conference. Of course, OSCON is also a technology conference, and there were lots of talks on various open-source software platforms and tools.

    An attendee who was coming back to OSCON after a decade would have been somewhat surprised by the themes of the general technical sessions, though. Early OSCONs had a program full of Perl, Python, and PHP developer talks, including the famous "State of The Onion" (Perl) keynote. Instead, this year's conference mostly limited the language-specific programming content to the tutorials. Most of the technical sessions in the main program were about platforms, administration, or other topics of general interest, some of which we will explore below.

LWN on Linux Kernel: Scheduler, Speck, and WireGuard

Filed under
Linux
  • Scheduler utilization clamping

    Once upon a time, the only way to control how the kernel's CPU scheduler treated any given process was to adjust that process's priority. Priorities are no longer enough to fully control CPU scheduling, though, especially when power-management concerns are taken into account. The utilization clamping patch set from Patrick Bellasi is the latest in a series of attempts to allow user space to tell the scheduler more about any specific process's needs.

    Contemporary CPU schedulers have a number of decisions to make at any given time. They must, of course, pick the process that will be allowed to execute in each CPU on the system, distributing processes across those CPUs to keep the system as a whole in an optimal state of busyness. Increasingly, the scheduler is also involved in power management — ensuring that the CPUs do not burn more energy than they have to. Filling that role requires placing each process on a CPU that is appropriate for that process's needs; modern systems often have more than one type of CPU available. The scheduler must also pick an appropriate operating power point — frequency and voltage — for each CPU to enable it to run the workload in a timely manner while minimizing energy consumption.

  • Reconsidering Speck

    The Speck cipher is geared toward good performance in software, which makes it attractive for smaller, often embedded, systems with underpowered CPUs that lack hardware crypto acceleration. But it also comes from the US National Security Agency (NSA), which worries lots of people outside the US—and, in truth, a fair number of US citizens as well. The NSA has earned a reputation for promulgating various types of cryptographic algorithms with dubious properties. While the technical arguments against Speck, which is a fairly simple and straightforward algorithm with little room for backdoors, have not been all that compelling, the political arguments are potent—to the point where it is being dropped by the main proponent for including it in the kernel.

  • WireGuarding the mainline

    The WireGuard VPN tunnel has been under development — and attracting attention — for a few years now; LWN ran a review of it in March. While WireGuard can be found in a number of distribution repositories, it is not yet shipped with the mainline kernel because its author, Jason Donenfeld, hasn't gotten around to proposing it for upstreaming. That changed on on July 31, when Donenfeld posted WireGuard for review. Getting WireGuard itself into the mainline would probably not be all that hard; merging some of the support code it depends on could be another story, though.

    WireGuard implements a simple tunneling protocol allowing network traffic to be routed through a virtual private network provider. It has been developed with an eye toward smallness, ease of verification, and performance, rather than large numbers of features. It is, according to the patch posting, "used by some massive companies pushing enormous amounts of traffic". Some effort has gone into making WireGuard widely available, an effort that has helped to create a significant user community. But the ultimate way to make this kind of software widely available is to get it into everybody's kernel; that requires upstreaming.

Software: Selenium, Password Managers, MAAS

Filed under
Software
  • Testing web applications with Selenium

    Whenever one is engaged in large-scale changes to a software project, it is nice to have some assurance that regressions are not being introduced in the process. Test suites can be helpful in that regard. But while the testing of low-level components can be relatively straightforward, testing at the user-interface level can be harder. Web applications, which must also interact with web browsers, can be especially challenging in this regard. While working on just this sort of project, your editor finally got around to looking at Selenium WebDriver as a potential source of help for the testing problem.

    The overall goal of the Selenium project is automating the task of dealing with web browsers (from the user side). The WebDriver component, in particular, provides an API allowing a program to control a browser and observe how the browser reacts. There are many potential applications for this kind of functionality; it could be used to automate any of a number of tiresome, web-oriented tasks that resist the use of simpler tools, for example. But perhaps the most obvious use case is regression-testing of web applications.

    The Selenium code is distributed under version 2.0 of the Apache license; it is available on GitHub. The WebDriver component offers API bindings for a number of languages, including Java, JavaScript, C#, Perl, PHP, Python (2 and 3), and Ruby. Your editor, naturally, was interested in the Python bindings. Fedora 28 packages the relatively old 3.7.0 release from December 2017, which is discouraging, but the current 3.14.0 release can be had from PyPI. One must also obtain a "driver" for one or more specific browsers; your editor has been using geckodriver to test with Firefox.

  • Best Free Linux Password Managers

    A password manager is a utility which helps users store and retrieve passwords and other data. Most password managers use a local database to hold the encrypted password data.

    In modern society, people face a bamboozling amount of information to retain. Most people read a considerable amount of information online on a regular basis. Whether you conduct business online, read for your job, or just read for pleasure, the internet is a vast source of information. Retaining that information on a long-term basis can be difficult. However, some nuggets of information need to be recalled quickly. Passwords are one such example.

    As a computer user, you’ll no doubt have numerous passwords to remember. Sites have arbitrary rules for various services. For example, a site may insist on a minimum number of characters, capital letters, numerals, and special characters which make choosing the same password for each site to be impossible. More importantly, there are good security reasons not to duplicate passwords. Password reuse and simple, easy-to-guess passwords are difficult issues. If you’re using the same password on more than one site, you risk having several accounts stolen if any one of them is breached.

  • MAAS 2.4.1 released!

    MAAS 2.4.1 has now been released and it is a bug fix release. Please see more details in discourse.maas.io [1].

Oracle Yields GraphPipe

Filed under
OSS
  • Oracle open sources Graphpipe to standardize machine learning model deployment

    Oracle, a company not exactly known for having the best relationship with the open source community, is releasing a new open source tool today called Graphpipe, which is designed to simplify and standardize the deployment of machine learning models.

    The tool consists of a set of libraries and tools for following the standard.

  • Oracle open-sources Graphpipe to make it easier to deploy machine learning models

    Oracle today open-sourced Graphpipe, a tool created to make it easy to serve machine learning models in the cloud made by popular frameworks like TensorFlow, MXNet, Caffe2, and PyTorch. Graphpipe was designed to simplify the deployment of machine learning for use on mobile apps and IoT devices, as well as web services for end users or AI for internal use at companies.

    “Graphpipe is an attempt to standardize the protocol by which you speak to a remotely deployed machine learning model, and it includes some reference servers that allow you to deploy machine learning models from existing frameworks very easily in an efficient way,” Oracle cloud architect Vish Abrams told VentureBeat in a phone interview. Prior to joining Oracle, Abrams led efforts at NASA to open-source the OpenStack cloud computing platform.

  • Oracle open sources GraphPipe, a new standard for machine learning models

    Machine learning is expected to transform industries. However, its adoption in the enterprise has been slower than some might expect because it's difficult for organizations to deploy and manage machine learning technology on their own. Part of the challenge is that machine learning models are often trained and deployed using bespoke techniques, making it difficult to deploy models across servers or within different departments.

  • Oracle offers GraphPipe spec for machine learning data transmission

    Oracle has developed an open source specification for transmitting tensor data, which the company wants to become a standard for machine learning.

    Called GraphPipe, the specification provides a protocol for network data transmission. GraphPipe is intended to bring the efficiency of a binary, memory-mapped format while being simple and light on dependencies. There also are clients and servers for deploying and querying machine learning models from any framework.

  • Oracle releases GraphPipe, an open-source tool for deploying AI models

    Major tech firms regularly open-source internal software projects, but it’s not often that Oracle Corp.’s name comes up in this context. Today marked one of those occasions.

    The database giant this morning released GraphPipe, a tool for easing the deployment of machine learning models. Development on the project was led by Oracle cloud architect Vish Abrams, an open-source veteran who previously worked at NASA as part of the team that created the OpenStack data center operating system.

  • Oracle Open Sources GraphPipe for 'Dead Simple' Machine Learning Deployment

A 'Bridge' for GNU/Linux Games

Filed under
GNU
Linux
Gaming
  • Valve seems to be working on tools to get Windows games running on Linux

    Valve appears to be working on a set of "compatibility tools," called Steam Play, that would allow at least some Windows-based titles to run on Linux-based SteamOS systems.

    Yesterday, Reddit users noticed that Steam's GUI files (as captured by SteamDB's Steam Tracker) include a hidden section with unused text related to the unannounced Steam Play system. According to that text, "Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems."

  • Valve could be working on compatibility tools to make gaming on Linux easier than ever

    Something to look forward to: Gaming on Linux has never been the ideal experience, and the lack of AAA game compatibility is one of the main reasons for this. That's where Valve comes in, apparently - the company seems to be quietly working on a compatibility tool of its own, called "Steam Play."

    It seems Valve could be taking another shot at bringing Linux to the forefront of PC gaming if recently-discovered Steam GUI files are anything to go by.

    Curious Reddit users dug into Steam database files obtained by Steam Tracker. Recent updates to the database include numerous hints at something called "Steam Play," which is beginning to sound like a compatibility tool of sorts.

  • Steam may be getting tools that will enable Windows games to run in Linux

    Valve announced the Linux-based SteamOS in 2013, just prior to the reveal of the vaguely console-like Steam Machine PCs. It was a big, bold move that ultimately petered out: Valve ditched the Steam Machines section of its website in April, aalthough you can still hit it directly if you know the URL.

  • Looks like Steam’s getting built-in tools to run Windows games on Linux

    A few lines of code uncovered in Steam suggest that Valve is working on compatibility tools to allow users to play games regardless of operating system. Put another way, Steam’s going to let you run Windows games on Mac and Linux with a set of software built directly into the client.

    Uncovered strings all come under the “Steam_Settings_Compat” header, and all reference back to Steam Play. That’s currently the moniker Valve used to distinguish games that come as a single purchase playable across Windows, Mac, and Linux, but the strings suggest a new definition on the way.

  • Rumour: Valve May Be Adding Windows Steam Game Compatibility to Linux

    In a very interesting move, sleuths over at GamingOnLinux appear to unearthed evidence that Valve is experimenting with tools that could allow Windows Steam games to be playable on Linux operating systems.

    Up until this point, a game has to be specifically developed for Linux in order to be compatible with Unix-based operating systems. There are workarounds available right now, but it’s notoriously unreliable and a major hassle to get sorted.

    However, updates posted to the Steam Database github indicates Valve is at least testing an automatic method for running Windows games on Linux. Picking through the github notes, the tool appears to be called ‘Steam Play’, which the compatibility info says “Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems.”

Security: Updates, IPSec, Elections, AWS and Surveillance

Filed under
Security
  • Security updates for Wednesday
  • Cisco, Huawei, ZyXel, and Huawei patch Cryptographic IPSEC IKE Vulnerability
  • 11-year-old shows it’s child’s play to mess with elections

    At the DefCon Voting Village in Las Vegas last year, participants proved it was child’s play to hack voting machines: As Wired reported, within two minutes, democracy-tech researcher Carsten Schürmann used a novel vulnerability to get remote access to a WinVote machine.

    This year, it was literally child’s play: the DefCon village this past weekend invited 50 kids between the ages of 8 and 16 to compromise replicas of states’ websites in the so-called “DEFCON Voting Machine Hacking Village.”

  • Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms

    Both adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections.

    Two 11-year-old budding hackers last week at DEF CON in Las Vegas used SQL injection attack code to break into a replica of the Florida Secretary of State's website within 15 minutes, altering vote count reports on the site.

    Meanwhile, further down the hall in the adult Voting Machine Hacking Village at Caesars Palace, one unidentified hacker spent four hours trying to break into a replica database that housed the real, publicly available state of Ohio voter registration roll. He got as far as the secured server — penetrating two layers of firewalls with a Khali Linux pen testing tool — but in the end was unable to grab the data from the database, which included names and birthdates of registered voters.

  • How Netflix Secures AWS Cloud Credentials

    Netflix has long been the poster child for being an "all-in-the-cloud" organization. The streaming media service relies on Amazon Web Services (AWS) for infrastructure and computing resources that it uses to operate.

  • Researchers Reveal Security Vulnerabilities in Tracking Apps

    Millions of users around the world regularly install tracker apps on their Android devices to help them keep track of friends and loved ones. Some of those tracker apps, however, contain vulnerabilities that could potentially enable an attacker to track the users of the apps.

    Researchers from the Fraunhofer Institute for Secure Information Technology detailed 37 vulnerabilities found in 19 mobile tracking apps in a session at Defcon in Las Vegas on Aug. 11. The researchers responsibly disclosed the flaws to Google and noted that, as of the time of their presentation, 12 of the apps had been removed from the Google Play store, leaving seven still publicly available and vulnerable.

    "In this project it was very easy to find vulnerabilities," security researcher Siegfried Rasthofer said. "There were no sophisticated exploits."

L1TF/Foreshadow News and Benchmarks

Filed under
Graphics/Benchmarks
Security
  • Three More Intel Chip Exploits Surface
  • Spectre-like “Foreshadow” Flaw In Intel CPUs Can Leak Your Secrets
  • QEMU 3.0 Brings Spectre V4 Mitigation, OpenGL ES Support In SDL Front-End

    QEMU 3.0 is now officially available. This big version bump isn't due to some compatibility-breaking changes, but rather to simplify their versioning and begin doing major version bumps on an annual basis. As an added bonus, QEMU 3.0 comes at a time of the project marking its 15th year in existence.

    QEMU 3.0 does amount to being a big feature release with a lot of new functionality as well as many improvements. Changes in QEMU 3.0 include Spectre V4 mitigation for x86 Intel/AMD, improved support for nested KVM guests on Microsoft Hyper-V, block device support for active mirroring, improved support for AHCI and SCSI emulation, OpenGL ES support within the SDL front-end, improved latency for user-mode networking, various ARM improvements, some POWER9 / RISC-V / s390 improvements too, and various other new bits.

  • How the L1 Terminal Fault vulnerability affects Linux systems

    Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?

  • An Early Look At The L1 Terminal Fault "L1TF" Performance Impact On Virtual Machines

    Yesterday the latest speculative execution vulnerability was disclosed that was akin to Meltdown and is dubbed the L1 Terminal Fault, or "L1TF" for short. Here are some very early benchmarks of the performance impact of the L1TF mitigation on the Linux virtual machine performance when testing the various levels of mitigation as well as the unpatched system performance prior to this vulnerability coming to light.

  • Phoronix Test Suite 8.2 M2 Released With Offline Improvements, L1TF/Foreshadow Reporting

    The second development snapshot of the upcoming Phoronix Test Suite 8.2-Rakkestad to benchmark to your heart's delight on Linux, macOS, Windows, Solaris, and BSD platforms from embedded/SBC systems to cloud and servers.

  • The Linux Benchmarking Continues On The Threadripper 2950X & 2990WX

    While I haven't posted any new Threadripper 2950X/2990WX benchmarks since the embargo expired on Monday with the Threadripper 2 Linux review and some Windows 10 vs. Linux benchmarks, tests have continued under Linux -- as well as FreeBSD.

    I should have my initial BSD vs. Linux findings on Threadripper 2 out later today. There were about 24 hours worth of FreeBSD-based 2990WX tests going well albeit DragonFlyBSD currently bites the gun with my Threadripper 2 test platforms. More on that in the upcoming article as the rest of those tests finish. It's also been a madhouse with simultaneously benchmarking the new Level 1 Terminal Fault (L1TF) vulnerability and the performance impact of those Linux mitigations on Intel hardware will start to be published in the next few hours.

Mozilla: WebTorrent, Bitslicing, Firefox Security Add-on and Time Dilation

Filed under
Moz/FF
  • These Weeks in Firefox: Issue 42
  • Dweb: Building a Resilient Web with WebTorrent

    WebTorrent is the first torrent client that works in the browser. It’s written completely in JavaScript – the language of the web – and uses WebRTC for true peer-to-peer transport. No browser plugin, extension, or installation is required.

    Using open web standards, WebTorrent connects website users together to form a distributed, decentralized browser-to-browser network for efficient file transfer. The more people use a WebTorrent-powered website, the faster and more resilient it becomes.

  • Bitslicing, An Introduction

    Bitslicing (in software) is an implementation strategy enabling fast, constant-time implementations of cryptographic algorithms immune to cache and timing-related side channel attacks.

    This post intends to give a brief overview of the general technique, not requiring much of a cryptographic background. It will demonstrate bitslicing a small S-box, talk about multiplexers, LUTs, Boolean functions, and minimal forms.

  • Firefox Security Add-on on 222k Devices Found Sending Browsing Data to Remote German Server

    There is a popular browser add-on which is installed by 222,746 Firefox users according to Mozilla’s own statistics of add-on downloads. According to a German security blogger, Mike Kuketz, and the author of uBlock Origin, Raymond Hill, this particular add-on has been spying on users’ activity by tapping into their browser histories and keeping track of the web pages that they visit. This add-on is the Web Security extension for the Mozilla Firefox browser.

    Web Security is designed to protect users from online phishing and malware attacks that could potentially steal personal information. This comes across as ironic as the extension is found to be unethically keeping tabs (pun intended) on your own information, evading your privacy without your consent. The reason that this news is hitting the stands so massively is that the add-on was publicized by Mozilla itself in a blog post just last week. The add-on boasts fantastic reviews and that’s why it is used so widely by so many people too.

  • Time Dilation

    I riffed on this a bit over at twitter some time ago; this has been sitting in the drafts folder for too long, and it’s incomplete, but I might as well get it out the door. Feel free to suggest additions or corrections if you’re so inclined.

    You may have seen this list of latency numbers every programmer should know, and I trust we’ve all seen Grace Hopper’s classic description of a nanosecond at the top of this page, but I thought it might be a bit more accessible to talk about CPU-scale events in human-scale transactional terms. So: if a single CPU cycle on a modern computer was stretched out as long as one of our absurdly tedious human seconds, how long do other computing transactions take?

Programming: Go, Agile, and Literature

Filed under
Development
  • File Indexing In Golang

    I have been working on a pet project to write a File Indexer, which is a utility that helps me to search a directory for a given word or phrase.

    The motivation behind to build this utility was so that we could search the chat log files for dgplug. We have a lot of online classes and guest session and at time we just remember the name or a phrase used in the class, backtracking the files using these are not possible as of now. I thought I will give stab at this problem and since I am trying to learn golang I implemented my solution in it. I implemented this solution over a span of two weeks where I spent time to upskill on certain aspects and also to come up with a clean solution.

  • How Agile helps non-technical teams get things done

    What are the best ways for governments to improve effectiveness and efficiency? At San Jose City Hall, we’re getting traction with an unconventional approach: agile for non-technical teams. Public servants who do everything from emergency management to parks programs are finding that Agile methods help them with that most basic of challenges: Getting things done amid frequent interruptions and evolving priorities.

    Last September, I proclaimed, "Scrum is the best thing that’s happened to our government team." Our innovation team of five had discovered that planning and delivering work in small increments enables us to stay focused, aligned, and continuously improving. We didn’t yet know if our experience would be replicable by other teams in our organization. We offered Agile training for 10 colleagues to see what would happen.

    Nine months later, 12 teams and more than 100 staff members throughout our organization are using Agile methods to organize their work. Notably, the spread of Agile among city teams has been largely organic, not driven by top-down mandates.

  • Top Linux developers' recommended programming books

    Without question, Linux was created by brilliant programmers who employed good computer science knowledge. Let the Linux programmers whose names you know share the books that got them started and the technology references they recommend for today's developers. How many of them have you read?

    [...]

    Linux was developed in the 1990s, as were other fundamental open source applications. As a result, the tools and languages the developers used reflected the times, which meant a lot of C programming language. While C is no longer as popular, for many established developers it was their first serious language, which is reflected in their choice of influential books.

    “You shouldn't start programming with the languages I started with or the way I did,” says Torvalds. He started with BASIC, moved on to machine code (“not even assembly language, actual ‘just numbers’ machine code,” he explains), then assembly language and C.

    “None of those languages are what anybody should begin with anymore,” Torvalds says. “Some of them make no sense at all today (BASIC and machine code). And while C is still a major language, I don't think you should begin with it.”

    It's not that he dislikes C. After all, Linux is written in GNU C. "I still think C is a great language with a pretty simple syntax and is very good for many things,” he says. But the effort to get started with it is much too high for it to be a good beginner language by today's standards. “I suspect you'd just get frustrated. Going from your first ‘Hello World’ program to something you might actually use is just too big of a step."

Railway computer runs Linux on Kaby Lake

Filed under
Linux
Hardware

Lanner’s rugged, Linux-friendly “R6S” railway computer runs on an Intel 7th Gen Core i7-7600U chip and offers 10x M12 PoE ports, 3x mini-PCIe slots, and EN 50155 and EN 45545 certification.

The R6S uses the same dual-core, Kaby Lake Core i7-7600U CPU as Lanner’s recent V6S vehicle surveillance NVR computer and similarly offers 10x GbE ports with Power-over-Ethernet (PoE). Yet, the R6S is more specifically targeted at trains. It offers compliance with ISO 7637-2, EN 50155, and EN 45545 certifications, and has passed EN 61373/MIL-STD-810G shock and vibration resistance certifications. It also supports a wider set of applications, including “rolling stock control and monitoring, infotainment, video surveillance and fleet management.”

Read more

GNOME Linux Desktop With Only Keyboard and a New Anniversary Release

  • How to navigate your GNOME Linux desktop with only a keyboard

    Almost ever since I first started using Linux, I've been on a mission to find the perfect window manager.

    My first experience with Linux was in the late 90s, and I first tried installing it on my own in the early 2000s. Like many converts, my previous experience was largely with Windows, and so my early mission was to find an experience that closely replicated Windows, or at least let me interact with it in a familiar way.

    [...]

    So I've been making a concerted effort to learn the GNOME keyboard shortcuts, and honestly, it hasn't been as hard to stick with them as I had thought. Just like any other set of keyboard shortcuts, the trick is to practice them a bit, and then do what you can to discourage you from slipping back into your old ways. I set my mouse just a wee bit further away, and when practical, will flip the switch on the bottom when I'm in a keyboard-heavy activity so I'm not tempted by muscle memory.

    The other trick is to have a good cheat sheet handy, posted up somewhere that you can easily see it. I made my own for GNOME, and I've created a version of it that you can download too.

    The GNOME project turns twenty-one years old this month, but as it keeps growing and evolving to keep up with the changing needs of computing environments, it wouldn't surprise me if I'm still using it twenty-one years from now. And if you are too, I hope you will have taken the time to learn the keyboard shortcuts by then.

  • GNOME Celebrates Its 21st Birthday By Releasing GNOME 3.29.91

    Today marks 21 years since the GNOME desktop environment project was started by Miguel de Icaza and Federico Mena. Coincidentally, released today is GNOME 3.29.91 that is the GNOME 3.30 desktop's second beta release.

  • GNOME 3.29.91 released

    GNOME 3.29.91 is now available!

Upcoming Linux Foundation Events

Filed under
Linux
  • Embedded Linux Conference Europe tackles tech’s diversity problem

    The Linux Foundation has posted session descriptions for the Embedded Linux Conference Europe and OpenIoT Summit Europe, to be held Oct. 22-24, in Edinburgh, with topics ranging from RISC-V to deep learning to workplace diversity.

    Even if you can’t make it to Edinburgh Oct. 22-24 for the Embedded Linux Conference Europe (ELCE) and co-located OpenIoT Summit Europe, the session descriptions are a good place to find clues about what’s hot in Linux and open source embedded technology. To be sure, the Linux Foundation offers a heavy dose of sessions on Linux Foundation projects such as Zephyr or Yocto Project, but it’s still a very inclusive collection from across the industry.

  • 10 Reasons to Attend ONS Europe in September | Registration Deadline Approaching – Register & Save $605

Rodrigo Siqueira's Work on VKMS

Filed under
Linux
  • GSoC Final Report

    Nothing lasts forever, and this also applies for GSoC projects. In this report, I tried to summarize my experience in the DRI community and my contributions.

  • VKMS Coming In Linux 4.19 Is One Of The Best GSoC & Outreachy Projects Of The Year

    One of the student summer coding projects that ended up being a cross between Google Summer of Code (GSoC) and Outreachy was the VKMS driver to provide a virtual KMS implementation for headless systems and other interesting use-cases.

    Rodrigo Siqueira applied to GSoC 2018 to work on the long talked about "VKMS" driver while separately Haneen Mohammed had applied to Outreachy with a similar goal. Given the overlap, they worked together to get the Virtual KMS driver working. These summer student coding projects are drawing to a close and this initial driver is being sent sent into Linux 4.19 via the DRM tree. Not bad considering most GSoC/Outreachy projects introducing new code don't make it mainline so quickly, if ever.

Games: SteamPlay, The Free Ones, Crazy Justice, State of Mind, Graveyard Keeper, Boyfriend Dungeon, Red Alert & Tiberian Sun

Filed under
Gaming

Kernel: Speck/NSA, Big Networking Update, 64-bit ARM, Locking Down the Kernel

Filed under
Linux
  • Crypto Updates Sent In For Linux 4.19 Kernel, Speck Is Still In The Kernel

    The Linux kernel's crypto subsystem updates were sent out today with its new feature work for the Linux 4.19 kernel. One change we were curious to see was whether they were going to nuke the Speck cipher code, but they did not.

    Back during Linux 4.17, the Crypto updates added the Speck block cipher (and in 4.18, file-system encryption support with Speck was added) which has come under fire since Speck was developed by the US National Security Agency (NSA) and it's speculated that it could be back-doored by the agency but at the very least can't be a fully trusted for encryption.

  • The Big Networking Update Sent In For Linux 4.19, Including 802.11ax Bits

    David Miller sent in the networking subsystem updates today for the Linux 4.19 kernel merge window.

  • New round of 64-bit ARM Patches Merged into Linux 4.19 Kernel, Includes GCC Stackleak Plugin Support

    A new round of changes for 64-bit ARM architecture (ARM64/AArch64) were just loaded into the Linux 4.19 kernel merge window, and its generally some pretty good stuff being included.

    The 64-bit ARM space on Linux as been fairly busy, and there’s likely more to come before Linux 4.19 kernel is released.

  • 64-bit ARM Changes For Linux 4.19 Has "A Bunch Of Good Stuff"

    Will Deacon submitted the 64-bit ARM (ARM64/AArch64) changes on Tuesday for the Linux 4.19 kernel merge window.

  • Why Locking Down the Kernel Won’t Stall Linux Improvements

    The Linux Kernel Hardening Project is making significant strides in reducing vulnerabilities and increasing the effort required to exploit vulnerabilities that remain. Much of what has been implemented is obviously valuable, but sometimes the benefit is more subtle. In some cases, changes with clear merit face opposition because of performance issues. In other instances, the amount of code change required can be prohibitive. Sometimes the cost of additional security development overwhelms the value expected from it.

    The Linux Kernel Hardening Project is not about adding new access controls or scouring the system for backdoors. It’s about making the kernel harder to abuse and less likely for any abuse to result in actual harm. The former is important because the kernel is the ultimate protector of system resources. The latter is important because with 5,000 developers working on 25 million lines of code, there are going to be mistakes in both how code is written and in judgment about how vulnerable a mechanism might be. Also, the raw amount of ingenuity being applied to the process of getting the kernel to do things it oughtn’t continues to grow in lockstep with the financial possibilities of doing so.

    The Linux kernel is written almost exclusively in the C programming language — while the most significant reasons that the kernel needs to be hardened arise from aspects of this programming language.

Graphics: Intel, Mesa, DRM, and NVIDIA

Filed under
Graphics/Benchmarks
  • Intel Begins Teasing Their Discrete Graphics Card
  • Mesa 18.2-RC3 Released With Two Dozen Fixes

    Mesa 18.2 as the next quarterly feature release to the contained OpenGL/Vulkan drivers is about two weeks out if all goes well, but today for testing Mesa 18.2-RC3 is now available.

  • DRM Updates Sent In For Linux 4.19 With New VKMS Driver, Intel Icelake Work

    David Airlie has submitted the Direct Rendering Manager (DRM) updates for the Linux 4.19 kernel merge window with these various open-source graphics/display driver updates.

  • NVIDIA are working towards better support for NVIDIA Optimus on Linux

    Thanks to a little Twitter tip, we've learned today that NVIDIA are indeed working to provide better support for NVIDIA Optimus on Linux.

    Currently, if you have a laptop with NVIDIA Optimus the official NVIDIA driver gives you the option between using the Intel GPU or switching over to the NVIDIA GPU. It doesn't handle it like you would expect it to on Windows, where it would offload the work to the more powerful NVIDIA GPU. Not an ideal situation, to switch between the two GPUs and from when I had a laptop with one (some time ago) it required logging out before it would take effect.

Syndicate content

More in Tux Machines

GNOME: NVMe Firmware and GSConnect

  • Richard Hughes: NVMe Firmware: I Need Your Data
    In a recent Google Plus post I asked what kind of hardware was most interesting to be focusing on next. UEFI updating is now working well with a large number of vendors, and the LVFS “onboarding” process is well established now. On that topic we’ll hopefully have some more announcements soon. Anyway, back to the topic in hand: The overwhelming result from the poll was that people wanted NVMe hardware supported, so that you can trivially update the firmware of your SSD. Firmware updates for SSDs are important, as most either address data consistency issues or provide nice performance fixes.
  • Gnome Shell Android Integration Extension GSConnect V12 Released
    GSConnect v12 was released yesterday with changes like more resilient sshfs connections (which should make browsing your Android device from the desktop more reliable), fixed extension icon alignment, along with other improvements. GSConnect is a Gnome Shell extension that integrates your Android device(s) with the desktop. The tool makes use of the KDE Connect protocol but without using any KDE dependencies, keeping your desktop clean of unwanted packages.
  • Linux Release Roundup: Communitheme, Cantata & VS Code
    GSconnect is a magical GNOME extension that lets your Android phone integrate with your Linux desktop. So good, in fact, that Ubuntu devs want to ship it as part of the upcoming Ubuntu 18.10 release (though last I heard it probably just end up in the repos instead). Anyway, a new version of GSconnect popped out this week. GSconnect v12 adds a nifty new features or two, as well as a few fixes here, and a few UI tweaks there.

Red Hat Leftovers

  • Red Hat Advances Container Storage
    Red Hat has moved to make storage a standard element of a container platform with the release of version 3.1 of Red Hat OpenShift Container Storage (OCS), previously known as Red Hat Container Native Storage. Irshad Raihan, senior manager for product marketing for Red Hat Storage, says Red Hat decided to rebrand its container storage offering to better reflect its tight integration with the Red Hat OpenShift platform. In addition, the term “container native” continues to lose relevance given all the different flavors of container storage that now exist, adds Raihan. The latest version of the container storage software from Red Hat adds arbiter volume support to enable high availability with efficient storage utilization and better performance, enhanced storage monitoring and configuration via the Red Hat implementation of the Prometheus container monitoring framework, and block-backed persistent volumes (PVs) that can be applied to both general application workloads and Red Hat OpenShift Container Platform (OCP) infrastructure workloads. Support for PVs is especially critical because to in the case of Red Hat OCS organizations can deploy more than 1,000 PVs per cluster, which helps to reduce cluster sprawl within the IT environment, says Raihan.
  • Is Red Hat Inc’s (NYSE:RHT) ROE Of 20.72% Sustainable?
  • FPgM report: 2018-33

OSS Leftovers

  • Infineon enables open source TSS ESAPI layer
    This is the first open source TPM middleware that complies with the Software Stack (TSS) Enhanced System API (ESAPI) specification of the Trusted Computing Group . “The ease of integration on Linux and other embedded platforms that comes with the release of the TPM 2.0 ESAPI stack speeds up the adoption of TPM 2.0 in embedded systems such as network equipment and industrial systems,” says Gordon Muehl, Global CTO Security at Huawei.
  • Open source RDBMS uses spurred by lower costs, cloud options
    As the volumes of data generated by organizations get larger and larger, data professionals face a dilemma: Must database bills get bigger in the process? And, increasingly, IT shops with an eye on costs are looking to open source RDBMS platforms as a potential alternative to proprietary relational database technologies.
  • Progress open sources ABL code in Spark Toolkit
    New England headquartered application development company Progress is flexing its programmer credentials this month. The Massachusetts-HQ’d firm has now come forward with its Progress Spark Toolkit… but what is it? The Progress Spark Toolkit is a set of open source ABL code combined with some recommended best-practices.
  • Mixing software development roles produces great results
    Most open source communities don’t have a lot of formal roles. There are certainly people who help with sysadmin tasks, testing, writing documentation, and translating or developing code. But people in open source communities typically move among different roles, often fulfilling several at once. In contrast, team members at most traditional companies have defined roles, working on documentation, support, QA, and in other areas. Why do open source communities take a shared-role approach, and more importantly, how does this way of collaborating affect products and customers? Nextcloud has adopted this community-style practice of mixing roles, and we see large benefits for our customers and our users.
  • FOSS Project Spotlight: SIT (Serverless Information Tracker)
    In the past decade or so, we've learned to equate the ability to collaborate with the need to be online. The advent of SaaS clearly marked the departure from a decentralized collaboration model to a heavily centralized one. While on the surface this is a very convenient delivery model, it simply doesn't fit a number of scenarios well. As somebody once said, "you can't FTP to Mars", but we don't need to go as far. There are plenty of use cases here on Earth that are less than perfectly suited for this "online world". Lower power chips and sensors, vessel/offshore collaboration, disaster recovery, remote areas, sporadically reshaping groups—all these make use of central online services a challenge. Another challenge with centralization is somewhat less thought of—building software that can handle a lot of concurrent users and that stores and processes a lot of information and never goes down is challenging and expensive, and we, as consumers, pay dearly for that effort. And not least important, software in the cloud removes our ability to adapt it perfectly for use cases beyond its owner's vision, scope and profitability considerations. Convenience isn't free, and this goes way beyond the price tag.
  • ProtonMail's open source encryption library, OpenPGPjs, passes independent audit
    ProtonMail, the secure email provider, has just had its credentials re-affirmed after its encryption library, OpenPGPjs, passed an independent security audit. The audit was carried out by the respected security firm, Cure53, after the developer community commissioned a review following the release of OpenPGPjs 3.0 back in March.
  • Uber Announces Open Source Fusion.js Framework
    Uber Announces Fusion.js, an open source "Plugin-based Universal Web Framework." In the announcement, Uber senior software engineer Leo Horie explains that Uber builds hundreds of web-based applications, and with web technologies changing quickly and best practices continually evolving, it is a challenge to have hundreds of web engineers leverage modern language features while staying current with the dynamic nature of the web platform. Fusion.js is Uber's solution to this problem.
  •  
  • ASAN And LSAN Work In rr
    AddressSanitizer has worked in rr for a while. I just found that LeakSanitizer wasn't working and landed a fix for that. This means you can record an ASAN build and if there's an ASAN error, or LSAN finds a leak, you can replay it in rr knowing the exact addresses of the data that leaked — along with the usual rr goodness of reverse execution, watchpoints, etc. Well, hopefully. Report an issue if you find more problems.
  • Oracle Open-Sources GraphPipe to Support ML Development
    Oracle on Wednesday announced that it has open-sourced GraphPipe to enhance machine learning applications. The project's goal is to improve deployment results for machine learning models, noted Project Leader Vish Abrams. That process includes creating an open standard. The company has a questionable relationship with open source developers, so its decision to open-source GraphPipe might not receive a flood of interest. Oracle hopes developers will rally behind the project to simplify and standardize the deployment of machine learning models. GraphPipe consists of a set of libraries and tools for following a deployment standard.
  • OERu makes a college education affordable
    Open, higher education courses are a boon to adults who don’t have the time, money, or confidence to enroll in traditional college courses but want to further their education for work or personal satisfaction. OERu is a great option for these learners. It allows people to take courses assembled by accredited colleges and universities for free, using open textbooks, and pay for assessment only when (and if) they want to apply for formal academic credit. I spoke with Dave Lane, open source technologist at the Open Education Resource Foundation, which is OERu’s parent organization, to learn more about the program. The OER Foundation is a nonprofit organization hosted by Otago Polytechnic in Dunedin, New Zealand. It partners with organizations around the globe to provide leadership, networking, and support to help advance open education principles.
  • Tomu Is A Tiny, Open Source Computer That Easily Fits In Your USB Port
    There are a number of USB stick computers available in the market at varying prices. One of them that really stands out is Tomu — a teeny weeny ARM processor that can entirely fit inside your computer’s USB port. Tomu is based on Silicon Labs Happy Gecko EFM32HG309 Arm Cortex-M0+ microcontroller that runs at 25 MHz. It sports 8 kb of RAM and 60 kb of flash onboard. In spite of the small size, it supports two LEDs and two capacitance touch buttons.
  • RcppArmadillo 0.9.100.5.0
    A new RcppArmadillo release 0.9.100.5.0, based on the new Armadillo release 9.100.5 from earlier today, is now on CRAN and in Debian. It once again follows our (and Conrad's) bi-monthly release schedule. Conrad started with a new 9.100.* series a few days ago. I ran reverse-depends checks and found an issue which he promptly addressed; CRAN found another which he also very promptly addressed. It remains a true pleasure to work with such experienced professionals as Conrad (with whom I finally had a beer around the recent useR! in his home town) and of course the CRAN team whose superb package repository truly is the bedrock of the R community.
  • PHP version 7.1.21 and 7.2.9
    RPM of PHP version 7.2.9 are available in remi repository for Fedora 28 and in remi-php72 repository for Fedora 25-27 and Enterprise Linux ≥ 6 (RHEL, CentOS). RPM of PHP version 7.1.21 are available in remi repository for Fedora 26-27 and in remi-php71 repository for Fedora 25 and Enterprise Linux (RHEL, CentOS).

GNU/Linux on Laptops and Desktops

  • Endless OS and Asus, Update on L1TF Exploit, Free Red Hat DevConf.US in Boston, Linux 4.19 Kernel Update
    Some of us may recall a time when ASUS used to ship a stripped down version of Xandros Linux with their line of Eee PC netbooks. Last week, the same company announced that Endless OS will be supporting non-OS offerings of their product. However it comes with a big disclaimer stating that ASUS will not officially support the operating system's compatibility issues.
  • The Chromebook Grows Up
    What started out as a project to provide a cheap, functional, secure and fast laptop experience has become so much more. Chromebooks in general have suffered from a lack of street-cred acceptance. Yes, they did a great job of doing the everyday basics—web browsing and...well, that was about it. Today, with the integration of Android apps, all new and recently built Chrome OS devices do much more offline—nearly as much as a conventional laptop or desktop, be it video editing, photo editing or a way to switch to a Linux desktop for developers or those who just like to do that sort of thing.
  • Windows 10 Linux Distribution Overload? We have just the thing [Ed: Microsoft is still striving to control and master GNU/Linux through malware, Vista 10]
  • What Dropbox dropping Linux support says
    You've probably already heard by now that Dropbox is nixing support for all Linux file systems but unencrypted ext4. When this was announced, much of the open source crowd was up in arms—and rightfully so. Dropbox has supported Linux for a long time, so this move came as a massive surprise.
  • Winds Beautifully Combines Feed Reader and Podcast Player in One Single App
    Billboard top 50 playlist is great for commuting. But I’m a nerd so I mostly prefer podcasts. Day after day, listening to podcasts on my phone has turned into a habit for the better and now, I crave my favorite podcasts even when I’m home, sitting in front of my computer. Thus began, my hunt for the perfect podcast app for Linux. Desktop Linux doesn’t have a huge selection of dedicated podcast applications. Of course, you can use Rhythmbox music player or VLC Media player to download podcasts (is there anything VLC can’t do?). There are even some great command line tools to download podcasts if you want to go down that road.
  • VirtualBox 5.2.18 Maintenance Update fixed VM process termination on RDP client disconnect
    Virtualbox developers released a maintenance update for virtualization solution on the 14th of August, 2018. The latest update raised the version of VirtualBox to 5.2.18. The improvements and additions have been welcomed by several users as it makes the virtualization product even more convenient to use.