Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 24 Feb 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Purism News Roy Schestowitz 23/02/2018 - 5:39pm
Story Mycroft AI on Plasma Roy Schestowitz 23/02/2018 - 5:27pm
Story Android Leftovers Rianne Schestowitz 23/02/2018 - 4:55pm
Story Radeon Linux OpenGL Driver Continues Giving Its Best Against Windows 10 Rianne Schestowitz 23/02/2018 - 4:49pm
Story Ubuntu 18.04 LTS (Bionic Beaver) Daily Builds Now Fuelled by Linux Kernel 4.15 Rianne Schestowitz 23/02/2018 - 4:45pm
Story Canonical Releases Major Kernel Security Update for Ubuntu 14.04 to Fix 26 Flaws Rianne Schestowitz 23/02/2018 - 4:43pm
Story Stable kernels 4.4.117, 4.9.83, 4.14.21 and 4.15.5 Rianne Schestowitz 23/02/2018 - 4:41pm
Story Plasma Mobile Could Give Life to a Mobile Linux Experience Rianne Schestowitz 23/02/2018 - 4:36pm
Story Red Hat Leftovers Roy Schestowitz 23/02/2018 - 10:11am
Story today's howtos Roy Schestowitz 23/02/2018 - 10:02am

Graphics: Mesa and More

Filed under
Graphics/Benchmarks

Red Hat Leftovers

Filed under
Red Hat

Kernel: CH341 and LWN Articles (Just Freed)

Filed under
Linux
  • Linux Adds CH341 GPIO

    There was a time when USB to serial hardware meant one company: FTDI. But today there are quite a few to choose from and one of the most common ones is the WCH CH341. There’s been support for these chips in Linux for a while, but only for use as a communication port. The device actually has RS232, I2C, SPI, and 8 general purpose I/O (GPIO) pins. [ZooBaB] took an out-of-tree driver that exposes the GPIO, and got it working with some frightening-looking CH341 boards.

  • Shrinking the kernel with an axe

    This is the third article of a series discussing various methods of reducing the size of the Linux kernel to make it suitable for small environments. The first article provided a short rationale for this topic, and covered link-time garbage collection. The second article covered link-time optimization (LTO) and compared its results to link-time garbage collection. In this article we'll explore ways to make LTO more effective at optimizing kernel code away, as well as more assertive strategies to achieve our goal.

  • The rest of the 4.16 merge window

    At the close of the 4.16 merge window, 11,746 non-merge changesets had been merged; that is 5,000 since last week's summary. This merge window is thus a busy one, though not out of line with its predecessors — 4.14 had 11,500 changesets during its merge window, while 4.15 had 12,599. Quite a bit of that work is of the boring internal variety; over 600 of those changesets were device-tree updates, for example. But there was still a fair amount of interesting work merged in the second half of the 4.16 merge window; read on for the highlights.

Wine-Staging and Games

Filed under
Gaming

Canonical Outs New Ubuntu Kernel Update with Compiler-Based Retpoline Mitigation

Filed under
Ubuntu

New Linux kernel security updates have been released for Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 ESM (Extended Security Maintenance), adding the compiler-based retpoline kernel mitigation for the Spectre Variant 2 vulnerability on amd64 and i386 architectures.

Canonical fixed the Spectre Variant 2 security vulnerability last month on January 22, but only for 64-bit Ubuntu installations. This update apparently mitigates the issue for 32-bit installations too. Spectre is a nasty hardware bug in microprocessors that use branch prediction and speculative execution and it could allow unauthorized memory reads via side-channel attacks.

Read more

Tutanota: Encrypted Open Source Email Service for Privacy Minded People

Filed under
Reviews

If you are a privacy concerned netizen, try Tutanota. It is an open source email service for encrypted email communication. Here are the pros and cons of using Tutanota.
Read more

NuTyX 10.1-rc1 Available

Filed under
GNU
Linux

I'm very please to propose you the first release candidate version of the next version 10.1 stable version of NuTyX

As they have been so many security issues, I took the chance to recompile all the collections (1701 packages) for this coming next stable NuTyX version.

Read more

Events: FOSDEM Samba Talks, USENIX Enigma, LCA (linux.conf.au) and FAST18

Filed under
OSS
  • Authentication and authorization in Samba 4

    Volker Lendecke is one of the first contributors to Samba, having submitted his first patches in 1994. In addition to developing other important file-sharing tools, he's heavily involved in development of the winbind service, which is implemented in winbindd. Although the core Active Directory (AD) domain controller (DC) code was written by his colleague Stefan Metzmacher, winbind is a crucial component of Samba's AD functionality. In his information-packed talk at FOSDEM 2018, Lendecke said he aimed to give a high-level overview of what AD and Samba authentication is, and in particular the communication pathways and trust relationships between the parts of Samba that authenticate a Samba user in an AD environment.

  • Two FOSDEM talks on Samba 4

    Much as some of us would love never to have to deal with Windows, it exists. It wants to authenticate its users and share resources like files and printers over the network. Although many enterprises use Microsoft tools to do this, there is a free alternative, in the form of Samba. While Samba 3 has been happily providing authentication along with file and print sharing to Windows clients for many years, the Microsoft world has been slowly moving toward Active Directory (AD). Meanwhile, Samba 4, which adds a free reimplementation of AD on Linux, has been increasingly ready for deployment. Three short talks at FOSDEM 2018 provided three different views of Samba 4, also known as Samba-AD, and left behind a pretty clear picture that Samba 4 is truly ready for use. I will cover the first two talks in this article, and the third in a later one.

  • A report from the Enigma conference

    The 2018 USENIX Enigma conference was held for the third time in January. Among many interesting talks, three presentations dealing with human security behaviors stood out. This article covers the key messages of these talks, namely the finding that humans are social in their security behaviors: their decision to adopt a good security practice is hardly ever an isolated decision.

    Security conferences tend to be dominated by security researchers demonstrating their latest exploits. The talks are attack-oriented, they keep a narrow focus, and usually they close with a dark outlook. The security industry has been doing security conferences like this for twenty years and seems to prefer this format. Yet, if you are tired of this style, the annual USENIX Enigma conference is a welcome change of pace. Most of the talks are defense-oriented, they have a horizon going far beyond technology alone, and they are generally focused on successful solutions.

  • DIY biology

    A scientist with a rather unusual name, Meow-Ludo Meow-Meow, gave a talk at linux.conf.au 2018 about the current trends in "do it yourself" (DIY) biology or "biohacking". He is perhaps most famous for being prosecuted for implanting an Opal card RFID chip into his hand; the Opal card is used for public transportation fares in Sydney. He gave more details about his implant as well as describing some other biohacking projects in an engaging presentation.

    Meow-Meow is a politician with the Australian Science Party, he said by way of introduction; he has run in the last two elections. He founded BioFoundry, which is "Australia's first open-access molecular biology lab"; there are now two such labs in the country. He is also speaks frequently as "an emerging technology evangelist" for biology as well as other topics.

  • Notes from FAST18

    I attended the technical sessions of Usenix's File And Storage Technology conference this week. Below the fold, notes on the papers that caught my attention.

Security: Vista10 and uTorrent Holes Found by Google

Filed under
Security
  • Google drops new Edge zero-day as Microsoft misses 90-day deadline

    Google originally shared details of the flaw with Microsoft on 17 November 2017, but Microsoft wasn’t able to come up with a patch within Google’s non-negotiable “you have 90 days to do this” period.

  • Google Goes Public with Another Major Windows 10 Bug

    After revealing an Edge browser vulnerability that Microsoft failed to fix, Google is now back with another disclosure, this time aimed at Windows 10 Fall Creators Update (version 1709), but potentially affecting other Windows versions as well.

    James Forshaw, a security researcher that’s part of Google’s Project Zero program, says the elevation of privilege vulnerability can be exploited because of the way the operating system handles calls to Advanced Local Procedure Call (ALPC).

    This means a standard user could obtain administrator privileges on a Windows 10 computer, which in the case of an attack, could eventually lead to full control over the impacted system.

    But as Neowin noted, this is the second bug discovered in the same function, and both of them, labeled as 1427 and 1428, were reported to Microsoft on November 10, 2017. Microsoft said it fixed them with the release of the February 2018 Patch Tuesday updates, yet as it turns out, only issue 1427 was addressed.

  • uTorrent bugs let websites control your computer and steal your downloads

    The vulnerabilities, according to Project Zero, make it possible for any website a user visits to control key functions in both the uTorrent desktop app for Windows and in uTorrent Web, an alternative to desktop BitTorrent apps that uses a web interface and is controlled by a browser. The biggest threat is posed by malicious sites that could exploit the flaw to download malicious code into the Windows startup folder, where it will be automatically run the next time the computer boots up. Any site a user visits can also access downloaded files and browse download histories.

  • BitTorrent Client uTorrent Suffers Security Vulnerability (Updated)

    BitTorrent client uTorrent is suffering from an as yet undisclosed vulnerability. The security flaw was discovered by Google security researcher Tavis Ormandy, who previously said he would reveal a series of "remote code execution flaws" in torrent clients. BitTorrent Inc. has rolled out a 'patch' in the latest Beta release and hopes to fix the stable uTorrent client later this week.

Red Hat introduces updated decision management platform

Filed under
Red Hat

Troubleshoot a network? No problem. Write a 3,000 word article on Kubernetes cloud container management? When do you want it. Talk to a few hundred people about Linux's history? Been there, done that. Manage a business's delivery routing and shift scheduling? I'll break out in a cold sweat.

If you too find the nuts and bolts of business processing management a nightmare, you'll want to check out Red Hat's latest program: Red Hat Decision Manager 7.

Read more

KDE Says Its Next Plasma Desktop Release Will Start a Full Second Faster

Filed under
KDE

According to the developer, the upcoming KDE Plasma 5.13 desktop environment release will start a full second faster than previous versions because of the removal of the QmlObjectIncubationController component, which apparently slowed down the entire desktop, and promises to let users pin apps on the panel that contain spaces in their desktop file names.

Goodies are also coming to the upcoming KDE Applications 18.04 software suite this spring, which makes creating of new files with the Dolphin file manager instantaneous, improves drag-and-drop support from Spectacle to Chromium, and lets users configure the Gwenview image viewer to no longer display the image action buttons on thumbnails when they hover with the mouse cursor over them.

Read more

Intel Coffee Lake OpenGL Performance On Windows 10 vs. Linux

Filed under
Graphics/Benchmarks

For those curious about the state of Intel's open-source Mesa OpenGL driver relative to the company's closed-source Windows OpenGL driver, here are some fresh benchmark results when making use of an Intel Core i7 8700K "Coffee Lake" processor with UHD Graphics 630 and testing from Windows 10 Pro x64 against Ubuntu 16.04.3 LTS, Ubuntu with the Linux 4.16 Git kernel and Mesa 18.1-dev, and then Intel's own Clear Linux distribution.

Read more

Why open source could be IBM's key to future success in the cloud

Filed under
Server
OSS

Do those same developers need IBM? Developers certainly benefit from IBM's investments in open source, but it's not as clear that those same developers have much to gain from IBM's cloud. Google, for example, has done a stellar job open sourcing code like TensorFlow and Kubernetes that feeds naturally into running related workloads on Google Cloud Platform. Aside from touting its Java bonafides, however, IBM has yet to demonstrate that developers get significant benefits for modern workloads on its cloud.

That's IBM's big challenge: Translating its open source expertise into real, differentiated value for developers on its cloud.

Read more

Top 8 Debian-Based Distros

Filed under
Debian

Most people tend to forget that despite Ubuntu's success over the years, it's still just a distro based on another distro - Debian. Debian on its own, however, isn't really well suited for newer users...hence the explosion of distros based on Debian over the recent years. There are lot of great choices for Linux users. Which one is best for you?

Read more

Compact, rugged IoT gateway offers dual GbE with PoE

Filed under
Linux

Inforce has launched a $250 “Inforce 6320” IoT gateway that runs Linux on a quad -A53 Snapdragon 410, and offers WiFi, BT, GPS, HDMI, USB, -30 to 85°C support, and dual GbE ports with PoE.

Inforce Computing’s $250 Inforce 6320 is a compact (170 x 95 x 42mm) IoT gateway that runs Ubuntu Core (Snappy) and Debian on Qualcomm’s Snapdragon 410E. Inforce promises “periodic upstream kernel based BSP releases [that] include in-depth documentation along with a host of royalty-free software.” The Debian BSP includes LXDE, drivers for all available interfaces, as and access to the Inforce TechWeb tech support services.

Read more

today's leftovers

Filed under
Misc

Debian and Ubuntu Leftovers

Filed under
Debian
Ubuntu
  • Listing and loading of Debian repositories: now live on Software Heritage

    Software Heritage is the project for which I’ve been working during the past two and a half years now. The grand vision of the project is to build the universal software archive, which will collect, preserve and share the Software Commons.

    Today, we’ve announced that Software Heritage is archiving the contents of Debian daily. I’m reposting this article on my blog as it will probably be of interest to readers of Planet Debian.

    TL;DR: Software Heritage now archives all source packages of Debian as well as its security archive daily. Everything is ready for archival of other Debian derivatives as well. Keep on reading to get details of the work that made this possible.

  • Canonical announces Ubuntu Core across Rigado’s IoT gateways
  • Collecting user data while protecting user privacy

    Lots of companies want to collect data about their users. This is a good thing, generally; being data-driven is important, and it’s jolly hard to know where best to focus your efforts if you don’t know what your people are like. However, this sort of data collection also gives people a sense of disquiet; what are you going to do with that data about me? How do I get you to stop using it? What conclusions are you drawing from it? I’ve spoken about this sense of disquiet in the past, and you can watch (or read) that talk for a lot more detail about how and why people don’t like it.

    So, what can we do about it? As I said, being data-driven is a good thing, and you can’t be data-driven if you haven’t got any data to be driven by. How do we enable people to collect data about you without compromising your privacy?

    Well, there are some ways. Before I dive into them, though, a couple of brief asides: there are some people who believe that you shouldn’t be allowed to collect any data on your users whatsoever; that the mere act of wanting to do so is in itself a compromise of privacy. This is not addressed to those people. What I want is a way that both sides can get what they want: companies and projects can be data-driven, and users don’t get their privacy compromised. If what you want is that companies are banned from collecting anything… this is not for you. Most people are basically OK with the idea of data collection, they just don’t want to be victimised by it, now or in the future, and it’s that property that we want to protect.

    Similarly, if you’re a company who wants to know everything about each individual one of your users so you can sell that data for money, or exploit it on a user-by-user basis, this isn’t for you either. Stop doing that.

OSS Leftovers

Filed under
OSS
  • QMO: Firefox 59 Beta 10 Testday Results

    As you may already know, last Friday – February 16nd – we held a new Testday event, for Firefox 59 Beta 10.

    Thank you Mohammed Adam, Abhishek Haridass,  Fahima Zulfath A. and  Surentharan.R.A. from  India QA Community team for helping us make Mozilla a better place.

  • Bugzilla Triage Helper

    There are an awful lot of bugs filed against Firefox and all it's components in the course of a release. Keeping on top of that is hard and some teams have adopted some policies to help with that (for example see: design-decision-needed).

    Having a consistent approach to bugs across the organisation makes it a little easier for everyone to get a feel for what's going.

  • Alfresco Founder: Commercial Open Source is more than Old Stuff for Free

    February sees Open Source turn 20 years old. Or the OSI definition at least. According to the OSI, the term was coined in Palo Alto by nanotechnologist Christine Peterson during a meeting on February 3rd, 1998 shortly after the announcement of the release of Netscape’s source code.

  • EOH and LSD Information Technology partner to lead open source in Africa

    By identifying global trends and local needs, EOH is able to proactively source and secure capabilities that will assist with the adoption of the digital revolution. LSD’s offerings across Linux, automation, devops and containers is a great technology fit for EOH to lead open source in the market.

  • Choosing a tool to track and mitigate open source security vulnerabilities

    Continuously tracking your application’s dependencies for vulnerabilities and efficiently addressing them is no simple feat. In addition, this is a problem shared by all, and is not an area most companies would consider their core competency. Therefore, it is a great opportunity for the right set of tools to help tackle this concern.

  • Open source software: to be celebrated or cursed?

    The use of Open Source Software (OSS) has become widespread. The latest statistics show that 78% of companies run OSS, and a number of mainstream software and hardware products are based on the OSS model – for example Android, Skype [sic], Firefox, Amazon Kindle, Tivo and BT Home Hub.

  • Marshall Students Use Open Source Data to Help Stop Sex Trafficking Cases

    The work involved sex trafficking cases in Latin America, the Caribbean and Southeast Asia. Select students in Marshall’s Open Source Intelligence Exchange program worked to provide open source intelligence collection and analysis for law enforcement and other clients. Open source refers to data collection from publicly available sources.

  • Stanford scholar celebrates Western culture’s open-access tradition

    The move toward “open access” to research and scholarship, far from being a modern digital-age creation, has roots in the West that date back to medieval times, writes a Stanford education scholar. John Willinsky’s new book explains how learning has long benefited from efforts to increase its circulation.

Syndicate content