Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 24 Oct 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Tried Elementary OS 0.4.1 Loki again - Negatory

Filed under
Reviews

The Linux desktop needs a reset. We're now in a post-Ubuntu world, with Unity gone, and we're back in sad and forlorn 2005. There isn't a single major project out there where you can look and say, wow, there's gonna be a fun and exciting year ahead of us. Well, maybe one or two. The rest? Just run-of-the-mill stuff. The forums are quiet, because there isn't anything to report, and rehashing kernel versions and desktop versions isn't really worth anyone's time.

I think elementary OS represents this crisis quite well. On its own, it's a badly cobbled release, with too many issues and inconsistencies and a dreadful approach to ergonomics, making it useless to most people, all other things notwithstanding. But it was too buggy for me to even attempt to install it. Not going well. Alas, unless something cardinal changes, I cannot recommend this one at all. The combo of visual glitches, mediocre performance and middling hardware support does not warrant a longer adventure. Perhaps one day this will change, but for now, you're better off with stock Ubuntu. And by that I mean up to Zesty, ad I haven't tried Aardvark yet. Take care, and stay golden.

Read more

Also: Newbie's Guide to Ubuntu 17.10 Part 3

10 Reasons Why I Switched To Telegram Messenger

Filed under
Reviews

Whatsapp may be the best player in the game when it comes to instant messaging apps, but Telegram Messenger is the entire game itself.

Read<br />
more

How To Install Wine And Run Windows Apps In Linux

Filed under
Linux

​All kinds of software are currently available on Linux but every now and then, there is that Windows software or Game which is not available or has no equivalent on Linux Wine makes it possible to run those Windows programs and Games on your Linux desktop. So let’s look at how to install Wine on Linux and run Windows apps on Linux desktop.

Read<br />
more

OSS Leftovers

Filed under
OSS

GNU/Linux on Desktop/Phone: System76, DeX, Librem

Filed under
GNU
Linux
  • Pop!_OS Is Finally Here — System76’s Ubuntu-based Operating System For Developers

    The first ever stable release of Pop!_OS is finally here. You can go ahead and download it from this link. Don’t forget to share your feedback. Earlier this year in June, we reported that System76 is creating its own Linux distro called Pop!_OS.

  • Samsung DeX Promises to Bring the Linux PC Experience to Your Mobile Device

    After unveiling its next-generation Bixby 2.0 intelligent assistant, Samsung today announced that it plans to bring the Linux PC experience to the Samsung DeX ecosystem.

  • Steps toward a privacy-preserving phone

    What kind of cell phone would emerge from a concerted effort to design privacy in from the beginning, using free software as much as possible? Some answers are provided by a crowdfunding campaign launched in August by Purism SPC, which has used two such campaigns successfully in the past to build a business around secure laptops. The Librem 5, with a five-inch screen and radio chip for communicating with cell phone companies, represents Purism's hope to bring the same privacy-enhancing vision to the mobile space, which is much more demanding in its threats, technology components, and user experience.

    The abuse of mobile phone data has become a matter of worldwide concern. The capture and sale of personal data by apps is so notorious that it has been covered in USA Today; concerns over snooping contribute to the appeal of WhatsApp (which has topped 1.3 billion users) and other encrypted and privacy-conscious apps. But apps are only one attack vector. I got in touch with Todd Weaver, founder and CEO of Purism, to find out what the company is doing to plug the leaks in mobile devices.

Servers: DockerCon Coverage, MongoDB IPO

Filed under
Server
  • DockerCon EU 17 Panel Debates Docker Container Security

    There are many different security capabilities that are part of the Docker container platform, and there are a number of vendors providing container security offerings. At the DockerCon EU 17 conference in Copenhagen, Denmark, eWEEK moderated a panel of leading vendors—Docker, Hewlett Packard Enterprise, Aqua Security, Twistlock and StackRox—to discuss the state of the market.

    To date, there have been no publicly disclosed data breaches attributed to container usage or flaws. However, that doesn't mean that organizations using containers have not been attacked. In fact, Wei Lien Dang, product manager at StackRox, said one of his firm's financial services customers did have a container-related security incident.

  • DockerCon EU: Tips and Tools for Running Container Workloads on AWS

    Amazon Web Services wants to be a welcome home for developers and organizations looking to deploy containers. At the DockerCon EU conference here, a pair of AWS technical evangelists shared their wisdom on the best ways to benefit from container deployments.

    The terms microservices and containers are often used interchangeably by people. Abby Fuller, technical evangelist at AWS, provided the definition of microservices coined by Adrian Crockford, VP of Cloud Architecture at AWS and formerly the cloud architect at Netflix.

  • Docker CEO: Embracing Kubernetes Removes Conflict

    Steve Singh has ambitious plans for Docker Inc. that are nothing less than transforming the world of legacy applications into a modern cloud-native approach.

    Singh was named CEO of Docker on May 2 and hosted his first DockerCon event here Oct. 16-19. The highlight of DockerCon EU was the surprise announcement that Docker is going to support the rival open-source Kubernetes container orchestration system.

    In a video interview with eWEEK, Singh explained the rationale behind the Kubernetes support and provided insight into his vision for the company he now leads.

  • MongoDB's IPO Beats the Market Out of the Gate

    The folks at MongoDB raised a whole lot of money today in their debut on NASDAQ.

    Yesterday the open source company announced it was going to be asking $24 a share for the 8 million Class A shares it was letting loose in its IPO, which had some Wall Street investors scratching their heads and wondering if the brains at Mongo were suffering from some kind of undiagnosed damage. Analysts had been estimating an opening price of between $20-22 per share, and on October 6 the company had estimated an opening price in the range of $18-20.

LWN on Linux: LTS, API, Pointer Leaks and Linux Plumbers Conference (LPC)

Filed under
Linux
  • Cramming features into LTS kernel releases

    While the 4.14 development cycle has not been the busiest ever (12,500 changesets merged as of this writing, slightly more than 4.13 at this stage of the cycle), it has been seen as a rougher experience than its predecessors. There are all kinds of reasons why one cycle might be smoother than another, but it is not unreasonable to wonder whether the fact that 4.14 is a long-term support (LTS) release has affected how this cycle has gone. Indeed, when he released 4.14-rc3, Linus Torvalds complained that this cycle was more painful than most, and suggested that the long-term support status may be a part of the problem. A couple of recent pulls into the mainline highlight the pressures that, increasingly, apply to LTS releases.

    As was discussed in this article, the 4.14 kernel will include some changes to the kernel timer API aimed at making it more efficient, more like contemporary in-kernel APIs, and easier to harden. While API changes are normally confined to the merge window, this change was pulled into the mainline for the 4.14-rc3 release. The late merge has led to a small amount of grumbling in the community.

  • Improving the kernel timers API

    The kernel's timer interface has been around for a long time, and its API shows it. Beyond a lack of conformance with current in-kernel interface patterns, the timer API is not as efficient as it could be and stands in the way of ongoing kernel-hardening efforts. A late addition to the 4.14 kernel paves the way toward a wholesale change of this API to address these problems.

  • What's the best way to prevent kernel pointer leaks?

    An attacker who seeks to compromise a running kernel by overwriting kernel data structures or forcing a jump to specific kernel code must, in either case, have some idea of where the target objects are in memory. Techniques like kernel address-space layout randomization have been created in the hope of denying that knowledge, but that effort is wasted if the kernel leaks information about where it has been placed in memory. Developers have been plugging pointer leaks for years but, as a recent discussion shows, there is still some disagreement over the best way to prevent attackers from learning about the kernel's address-space layout.

    There are a number of ways for a kernel pointer value to find its way out to user space, but the most common path by far is the printk() function. There are on the order of 50,000 printk() calls in the kernel, any of which might include the value of a kernel pointer. Other places in the kernel use the underlying vsprintf() mechanism to format data for virtual files; they, too, often leak pointer values. A blanket ban on printing pointer values could solve this problem — if it could be properly enforced — but it would also prevent printing such values when they are really needed. Debugging kernel problems is one obvious use case for printing pointers, but there are others.

  • Continuous-integration testing for Intel graphics

    Two separate talks, at two different venues, give us a look into the kinds of testing that the Intel graphics team is doing. Daniel Vetter had a short presentation as part of the Testing and Fuzzing microconference at the Linux Plumbers Conference (LPC). His colleague, Martin Peres, gave a somewhat longer talk, complete with demos, at the X.Org Developers Conference (XDC). The picture they paint is a pleasing one: there is lots of testing going on there. But there are problems as well; that amount of testing runs afoul of bugs elsewhere in the kernel, which makes the job harder.

    Developing for upstream requires good testing, Peres said. If the development team is not doing that, features that land in the upstream kernel will be broken, which is not desirable. Using continuous-integration (CI) along with pre-merge testing allows the person making a change to make sure they did not break anything else in the process of landing their feature. That scales better as the number of developers grows and it allows developers to concentrate on feature development, rather than bug fixing when someone else finds the problem. It also promotes a better understanding of the code base; developers learn more "by breaking stuff", which lets them see the connections and dependencies between different parts of the code.

An update on GnuPG

Filed under
GNU
Security

The GNU Privacy Guard (GnuPG) is one of the fundamental tools that allows a distributed group to have trust in its communications. Werner Koch, lead developer of GnuPG, spoke about it at Kernel Recipes: what's in the new 2.2 version, when older versions will reach their end of life, and how development will proceed going forward. He also spoke at some length on the issue of best-practice key management and how GnuPG is evolving to assist.

It is less than three years since attention was focused on the perilous position of GnuPG; because of systematic failure of the community to fund its development, Koch was considering packing it all in. The Snowden revelations persuaded him to keep going a little longer, then in the wake of Heartbleed there was a resurgent interest in funding the things we all rely on. Heartbleed led to the founding of the Core Infrastructure Initiative (CII). A grant from CII joined commitments from several companies and other organizations and an upsurge in community funding has put GnuPG on a more secure footing going forward.

Read more

Ubuntu: GNOME, New Video, Ubuntu Podcast, Refreshing the Xubuntu Logo

Filed under
Ubuntu
  • Ubuntu 17.10: We're coming GNOME! Plenty that's Artful in Aardvark, with a few Wayland wails

    Ubuntu has done a good job of integrating a few plugins that improve GNOME's user experience compared to stock GNOME – most notably a modified version of the Dash-to-Dock and the App Indicator extensions, which go a long way toward making GNOME a bit more like Unity. It's worth noting that Ubuntu's fork of Dash-to-Dock lacks some features of the original, but you can uninstall the Ubuntu version in favour of the original if you prefer. In fact you can really revert to a pretty stock GNOME desktop with just a few tweaks. Canonical said it wasn't going to heavily modify GNOME and indeed it hasn't.

  • What’s New in Ubuntu 17.10 Artful Aardvark
  • Ubuntu Podcast: S10E33 – Aggressive Judicious Frame

    This week we’ve been protecting our privacy with LineageOS and playing Rust. Telegram get fined, your cloud is being used to mine BitCoin, Google announces a new privacy focused product tier, North Korea hacks a UK TV studio, a new fully branded attack vector is unveiled and Purism reach their funding goal for the Librem 5.

  • Refreshing the Xubuntu logo

    Earlier this year I worked a bit with our logo to propose a small change to it – first change to the logo in 5 years. The team approved, but for various reasons the new logo did not make it to 17.10. Now we’re ready to push it out to the world.

Intel Linux and GCC Work

Filed under
Development
GNU
Linux
  • Intel Begins Landing GFNI Support In GCC 8

    Intel compiler engineers have begun landing "GFNI" support within the GNU Compiler Collection as one of the new ISA extensions not expected until the Icelake processor debut.

  • Control-Flow Enforcement Technology Begins To Land In GCC 8

    Intel Control-flow Enforcement Technology (CET) support has begun landing within the GNU Compiler Collection (GCC) for this code safety feature.

    Patches have been in the works for several months while now the start of the patches are being merged to mainline. Coincidentally, at the same time Intel is also landing their GFNI instruction patches in GCC as well.

  • Intel Continues Landing New i915 DRM Features For Linux 4.15

    Jani Nikula has sent in another drm-intel-next update for David Airlie's DRM-Next tree. They continue prepping more updates to their Direct Rendering Manager (DRM) for targeting the upcoming Linux 4.15 cycle.

    There have already been several Intel "i915" DRM driver updates queued in DRM-Next for this new kernel version. Past pulls have included marking Coffeelake graphics as stable, continued Cannonlake "Gen 10" graphics enablement, various display improvements, and quite a lot of other low-level code improvements.

Mesa Development Updates

Filed under
Graphics/Benchmarks

Firefox 57 coming soon: a Quantum leap

Filed under
Red Hat
Moz/FF

Over the past year, Mozilla has been working on a series of major changes to the Firefox browser, mainly for performance and security. These changes are referred to as Project Quantum. Some improvements arrived already with no major differences for its users.

Last month the major changes landed in the developer channel. These changes mark a major deadline for how extensions work. This deadline gave third party developers a chance to look at their extensions and make changes to remain compatible. It was an important milestone date for the various Firefox add-ons. Firefox 57 marks an end to the legacy XUL based extensions. Starting with version 57, Firefox supports only a new type of extension, named WebExtension.

Read more

3 Tools to Help You Remember Linux Commands

Filed under
Software

The Linux desktop has come a very long way from its humble beginnings. Back in my early days of using Linux, knowledge of the command line was essential—even for the desktop. That’s no longer true. Many users might never touch the command line. For Linux system administrators, however, that’s not the case. In fact, for any Linux admin (be it server or desktop), the command line is a requirement. From managing networks, to security, to application and server settings—there’s nothing like the power of the good ol’ command line.

But, the thing is… there are a lot of commands to be found on a Linux system. Consider /usr/bin alone and you’ll find quite a lot of commands (you can issue ls /usr/bin/ | wc -l to find out exactly how many you have). Of course, these aren’t all user-facing executables, but it gives you a good idea of the scope of Linux commands. On my Elementary OS system, there are 2029 executables within /usr/bin. Even though I will use only a fraction of those commands, how am I supposed to remember even that amount?

Read more

How Eclipse is advancing IoT development

Filed under
Development

Eclipse may not be the first open source organization that pops to mind when thinking about Internet of Things (IoT) projects. After all, the foundation has been around since 2001, long before IoT was a household word, supporting a community for commercially viable open source software development.

September's Eclipse IoT Day, held in conjunction with RedMonk's ThingMonk 2017 event, emphasized the big role Eclipse is taking in IoT development. It currently hosts 28 projects that touch a wide range of IoT needs and projects. While at the conference, I talked with Ian Skerritt, who heads marketing for Eclipse, about Eclipse's IoT projects and how Eclipse thinks about IoT more broadly.

Read more

Effective Strategies for Recruiting Open Source Developers

Filed under
OSS

Experienced open source developers are in short supply. To attract top talent, companies often have to do more than hire a recruiter or place an ad on a popular job site. However, if you are running an open source program at your organization, the program itself can be leveraged as a very effective recruiting tool. That is precisely where the new, free online guide Recruiting Open Source Developers comes in. It can help any organization in recruiting developers, or building internal talent, through nurturing an open source culture, contributing to open source communities, and showcasing the utility of new open source projects.

Why does your organization need a recruiting strategy? One reason is that the growing shortage of skilled developers is well documented. According to a recent Cloud Foundry report, there are a quarter-million job openings for software developers in the U.S. alone and half a million unfilled jobs that require tech skills. They’re also forecasting the number of unfillable developer jobs to reach one million within the next decade.

Read more

Fedora meets RHEL

Filed under
Red Hat
  • Fedora meets RHEL
  • Fedora 27 Making It Easy To Deploy Free RHEL7 VMs

    For those wanting to use Red Hat Enterprise Linux 7 within a GNOME Boxes driven virtual machine, you can do so for free now with Fedora Workstation 27.

    Red Hat has made it possible to easily deploy RHEL7 from within the GNOME Boxes virtualization software even if you are not a paying Red Hat customer. All that's required is a free Red Hat developer account.

Servers: Containers, 'Cloud', Microservices, and Hyperledger

Filed under
Server
  • How to Choose a Linux Container Image

    A comparison of Linux container images talks about the best-practices in choosing an image. Architecture, security and performance are among the factors, while commercial users would also look for support options.

    A Linux container allows separate management of kernel space and user space components by utilizing cgroups and namespaces, which are resource and process isolation mechanisms. Solaris and BSD also have abstractions similar to Linux containers but the article's focus is on the latter only. The host running the container has the operating system kernel and a set of libraries and tools required to run containers. The container image, on the other hand, has the libraries, interpreters and application code required to run the application that is being distributed in the container. These depend on underlying system libraries. This is true for interpreted languages too as the interpreters themselves are written in low level languages.

  • The Four Pillars of Cloud-Native Operations

    As organizations shift their application strategies to embrace the cloud-native world, the purpose of the cloud transitions from saving money to delivering and managing applications. Platforms such as Cloud Foundry, Kubernetes, and Docker redefine the possibilities for application environments that utilize the cloud. It’s time for us as operations professionals to rethink how we approach our jobs in this new world. We should be asking, how do our organizations take advantage of cloud-native as a new mode of application delivery?

  • How to align your team around microservices

    Microservices have been a focus across the open source world for several years now. Although open source technologies such as Docker, Kubernetes, Prometheus, and Swarm make it easier than ever for organizations to adopt microservice architectures, getting your team on the same page about microservices remains a difficult challenge.

    For a profession that stresses the importance of naming things well, we've done ourselves a disservice with microservices. The problem is that that there is nothing inherently "micro" about microservices. Some can be small, but size is relative and there's no standard measurement unit across organizations. A "small" service at one company might be 1 million lines of code, but far fewer at another organization.

  • Hyperledger Stitches in Another Blockchain Project

    The Linux Foundation’s open source Hyperledger Project, which works on blockchain technologies, added a sixth sub project — this one dubbed Quilt.

    Hyperledger Quilt started around 18 months ago and is an implementation of the Interledger Protocol (ILP), which helps facilitate transactions across ledgers.

  • Chinese Search Giant Baidu Joins Hyperledger Blockchain Consortium

    Chinese search engine giant Baidu has become the latest member of the Linux Foundation-led Hyperledger blockchain consortium.

    In joining the group – which focuses on developing blockchain technologies for enterprises – Baidu will assist the project's efforts alongside other member companies including Accenture, IBM, JP Morgan, R3, Cisco and SAP, among others.

Syndicate content

More in Tux Machines

GTK+ 3.92

  • GTK4's Vulkan Renderer Is Close To Complete
    Red Hat's Matthias Clasen has written a blog post concerning the changes found in the big GTK+ 3.92 development release that is pushing towards the GTK4 tool-kit release.
  • GTK+ 3.92
    Yesterday, we released GTK+ 3.92.1, 重庆市. Since it has been a while since the last 3.91 release, here is a brief look at the major changes. This release is another milestone on our way towards GTK+ 4. And while a lot still needs to be done, this release allows a first glimpse at some of the things we hope to achieve in GTK+ 4.

Servers: Kubernetes in plain English, Serverless, Staging

  • How to explain Kubernetes in plain English
    Talk containers with an IT pro for more than a minute and the conversation will inevitably turn to container management and orchestration. It might be easy to deploy a container, but operationalizing containers at scale — especially in concert with microservices — is not for weekend enthusiasts. It requires planning, and most experts say an orchestration tool is a must.
  • The Trouble With Promises: Patrick Debois Explains Serverless And 'Service-Full' Culture
  • Center stage: Best practices for staging environments
    We’re talking about staging because no one talks about it. It’s mentioned in passing as the annoying sidekick to production. It’s the expected and completely necessary part of the deployment cycle barely touched by schools or internships. It’s considered such an obvious part of architecture that no one mentions it, no one details it, many people do it wrong—and some don’t do it at all.

Linux Foundation: Civil Infrastructure Platform, Community Data License Agreement (CDLA)

  • Civil Infrastructure Platform releases Linux system for management of critical systems
    The Civil Infrastructure Platform project has released CIP Core, a reference minimal file system that offers a customizable environment that developers can use to test the CIP kernel and core packages. CIP aims to provide a base layer of industrial grade open source software components, tools and methods to enable long-term management of critical systems.
  • Open-sourcing data will make big data bigger than ever
    Free software has been with computing since day one, but proprietary software ruled businesses. It took open source and its licenses to transform how we coded our programs. Today, even Microsoft has embraced open source. Now, The Linux Foundation has created a new open license framework, Community Data License Agreement (CDLA), which may do for data what open source did for programming. In Prague, at Open Source Summit Europe, The Linux Foundation announced a new family of open-data licenses. The CDLA licenses are an effort to define a licensing framework to support collaborative communities built around curating and sharing "open" data.
  • Linux Foundation Launches Open Data Licensing Agreements

OSS: PC-MOS, Open Source Initiative, ErosCoin, Rackspace

  • PC-MOS operating system goes open source (30 years after release)
    These days if you’re using a desktop computer you’re probably running Windows, although there’s also a good chance you’re using OS X or maybe Chrome OS or one of a number of GNU/Linux distributions. But back in the 80s, it’s wasn’t really clear who the dominant players of the future would be.
  • MS-DOS variant PC-MOS/386 reborn as open source
    Do you still long to run WordPerfect 5.1, Lotus 1-2-3 4, or Doom on DOS? Well, if you do, there's a new way to revisit the PC world of the 1980s: The newly open-sourced PC-MOS/386 v501. PC-MOS, for those who weren't around in 1987, was a multi-user MS-DOS clone by Norcross, GA's The Software Link. It ran most standard DOS and 386's protected mode applications. I reviewed it back in the day -- although I can't find my article from Computer Digest, a Washington DC regional general interest computer newspaper, I recall it worked well.
  • Open Source Initiative, and Open Source Software Movement Celebrate Twenty Years
    The Open Source Initiative® (OSI), the global non-profit dedicated to raising awareness and adoption of open source software, announced today plans for the “Open Source 20th Anniversary World Tour” to run through 2018. Open source software is now ubiquitous, recognized across industries as a fundamental component to infrastructure, as well as a critical factor for driving innovation. Over the past twenty years, the OSI has worked to promote and protect open source software, development, and communities, championing software freedom in society through education, collaboration, and infrastructure, stewarding the Open Source Definition (OSD), and preventing abuse of the ideals and ethos inherent to the open source movement.
  • ErosCoin – An open source solution for blockchain payment industries
    Possibly the largest single factor currently holding cryptocurrencies back from mass adoption is their difficulty of use for the average person. While Bitcoin and Ethereum both provide the ability to transfer value quickly and securely without borders, they both suffer from a steep learning curve, which limits interest from merchants, consumers and payment providers, and restricts growth of their platforms. EROSCOIN is setting out to create a new blockchain that is very significantly differentiated from other existing cryptocurrencies, giving the industry a payment solution that can help to expand the ecosystem and expand user adoption.
  • 7 years of open source: Cloud Foundry, DiffBlue & Quest
  • Rackspace kills discount cloud hosting for open source projects
    Rackspace has announced it will no longer be offering discounts on hosting for open source projects, although it will only apply to new customers rather than those with projects already up and running on the platform.