Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 21 Oct 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Linux Kernel 3.12.6 Is Now Available for Download Rianne Schestowitz 21/12/2013 - 8:54am
Story State of the Red Hat Union Rianne Schestowitz 21/12/2013 - 8:32am
Story Will Ubuntu dominate tablets in 2014? Rianne Schestowitz 21/12/2013 - 7:56am
Story GNOME Boxes 3.11.3 Improves Detection of GNOME-Continuous Images Rianne Schestowitz 21/12/2013 - 3:19am
Story Calibre 1.16 Greatly Improves the EPUB and AZW3 Book Editing Function Rianne Schestowitz 21/12/2013 - 2:07am
Story OPPO N1: The first CyanogenMod Android smartphone is on its way Rianne Schestowitz 21/12/2013 - 1:35am
Story Plasma 2 Technology Preview Rianne Schestowitz 20/12/2013 - 8:53pm
Story xorg-server Rianne Schestowitz 20/12/2013 - 8:42pm
Story Mozilla: Native code? No, it's JavaScript, only it's BLAZING FAST Rianne Schestowitz 20/12/2013 - 8:18pm
Story Honey Badger Hedge Fund: Hackers Predict Stock Market With Open Source Mojo Rianne Schestowitz 20/12/2013 - 6:10pm

Microsoft gags UK schools

Filed under
Microsoft THE THREAT OF REPRISALS from Microsoft lawyers has stopped Becta, the UK's technology quango for schools, from publishing the details of the three-year megadeal it agreed with Microsoft in April.

Also: Microsoft asks EU Commission to let it off the hook

Reiser tells authorities he strangled his wife during argument

Filed under
Reiser Convicted killer Hans Reiser has admitted that he strangled his estranged wife Nina Reiser during a argument while his children played unaware in another part of the house in the Oakland hills.

Also: Reiser: Guilty. Reiser4 Lives On

some howtos:

Filed under
  • Installing applications in Linux (part II)

  • Partitions
  • Printing CD Labels with GIMP and Canon Pixma iP3000
  • How to remove the ‘ghost’ files from the USB drive
  • Howto install latest ayttm for yahoo messanger in Ubuntu
  • Double Spacing In Awk, Perl and Shell on Linux and Unix
  • Default kdesu to use sudo and not su
  • Creative VF0330 Webcam on Linux - Fedora 9
  • Designing Graphics With Gimp

The Most Puerile of the FOSS Aficionados

Filed under

blogbeebe.blogspot: The website Planete Beranger recently published an interesting post "Wrong ways to promote the FOSS", from which the title of this post was taken. The core observation is no such thing as a "troll". This is a word invented by the most puerile of the FOSS aficionados.

Pardus 2008 review

Filed under

bulletspawn.wordpress: I’ve tried many user friendly distributions such as Ubuntu, Mandriva, Mint, Pclinuxos… but there’s always been a reason for me to switch. In absence of Pclinusos 2008 I decided to try Pardus 2008 exactly one week ago…

Browser Security: IE vs. Safari vs. Firefox

Filed under
Software When browsing the net, I’m safest when I’m using Mozilla’s Firefox 3.0 browser—at least after I’ve tweaked it just a bit. Yup, I have absolutely no doubt about it. But instead of just taking my word for it, let’s take a closer look at why I believe this to be true. First, let me describe the contestants.

Debian Project News - July 7th, 2008

Filed under
Linux Welcome to this year's 6th issue of DPN, the newsletter for the Debian community. Some of the topics covered in this issue: DebianDay 2008, DPL-initiated teams survey finished, and Bits from the testing security team.

School switches to Linux, hopes to keep MS funds

Filed under
Linux Warrington School, in Otago, has decided to jump ship and deploy the GNU/Linux operating system with free software across the board by a target date of 2010, says the school’s principal, Nathan Parker.

TokBox - A Nice, Simple VideoChat Alternative (also for Linux!)

Filed under
Software TokBox looks very nice. It is a simple browser/flash-based video chat application, which appears to work quite well. The fact that it is flash-based accounts for most of its strengths and weaknesses.

Don't compare GNU/Linux with Windows or MacOS

Filed under
Linux Recently a blog post entitled “Why Desktop Linux is its own worst enemy has come across my feed-radar a few times. It’s yet another in the long line of “Linux ain’t ready yet” jeremiads and it doesn’t really say anything new yet it got on my nerves. Why?

Checking In with An Ubuntu “Switcher”

Filed under
Ubuntu About a year ago, I installed Ubuntu on the laptop owned by a friend of mine who lives back east. Here’s her Ubuntu story … back in 2007, and today.

Is it time for Open Source to grow up?

Filed under

ittoolbox/blog: In the past ten years Open Source software and its poster child, Linux, has expanded quite remarkably. It has changed from a rebel without a cause to an entity that even the tried and true establishments have sat up and taken notice. Yet Linux and open source seems to have hit a glass ceiling.

Shape of things to come

Filed under
Hardware ACER will be rolling out the Aspire One mini-notebook this week in Manila, its answer to the ground-breaking Asus Eee-PC. When it was introduced at the Taipei Computex last month, Aspire One seemed to be the most credible challenger to the Eee PC. But in a rapidly growing market, what’s hot is a fast-moving target.

FORK PROPOSAL: Rebuild KDE 3 with QT4

Filed under

blogbeebe.blogspot: Here's a proposal I throw out to the world: Who would work with me to 'fork' KDE 3 and rebuild it with QT 4.x (4.4 at this point)? This would be the entire KDE 3 environment. I'm curious to see if anyone would step up and work with me to establish a new branch, porting KDE 3 to QT 4.4.

Ubuntu At Best Buy?

Filed under

Matt Hartley: Wow, this certainly surprised me. Today I found out that Ubuntu Linux is now being sold at Best Buy online and even at some stores. And normally I would say this is great, except there is a problem - what the heck is Ubuntu “complete” edition?

Gentoo 2008.0-r1 may help if you've had LiveCD problems

Filed under

For those unfortunate souls who couldn't boot, install, or burn the LiveCD, we've provided the 2008.0-r1 revision bump. It fixes these specific problems:

How To Block Spammers/Hackers With mod_defensible On Apache2 (Debian Etch)

Filed under

mod_defensible is an Apache 2.x module intended to block spammers/hackers/script kiddies using DNSBL servers. It will look at the client IP and check it in one or several DNSBL servers and return a 403 Forbidden page to the client. This guide shows how to install and use it with Apache 2 on a Debian Etch server.

today's leftovers

Filed under
  • An earthshaking use of open source

  • Book review: Blender 3D: Architecture, Buildings, and Scenery
  • GScrot -a good screenshot tool
  • Open Source is taking new turns in Africa
  • An Introduction to IRC on Linux for Beginners
  • Linux - Still chasing that elusive 1% market share
  • Abit Offers Broadcasters New Linux Based Automation System At IBC
  • Linux in the Stores
  • Easy Debian For Everyone! OpenOffice, Firefox 3, Java, AbiWord, IceWM, etc
  • Will Alienware Ship Linux-Based PCs?
  • GNOME hires Stormy Peters as Executive Director
  • Using the Desktop…why?

Review: GoblinX 2.7 Micro Edition

Filed under

reddevil62-techhead.blogspot: GoblinX is a Slackware-based Linux distribution which comes in live CD format. The Micro Edition is GoblinX's smallest version - the ISO only measures around 100MB – and it comes with only Fluxbox and several GTK/GTK2-based applications.

Hans Reiser leads police to wife's remains

Filed under
Reiser ABC News has confirmed that authorities are in the process of recovering Nina Reiser's remains from Redwood Regional Park, east of Skyline Boulevard. ABC News reports Reiser led them to his wife's remains.

Syndicate content

More in Tux Machines

Red Hat and Fedora

  • Red Hat – the open source conglomerate
    As successful companies grow, they accumulate products; new ones are developed and additional ones are acquired. Managing diverse portfolios is a challenge, not least when it comes to putting it all together on a single presentation slide to make it appear there is an overall coherent product strategy.
  • Ericsson Embraces Red Hat OpenStack Platform
    Ericsson and Red Hat today announced a broad alliance to work together on network functions virtualization (NFV) products. And the telco infrastructure provider will now support the Red Hat OpenStack Platform. Ericsson already has a longstanding distribution partnership with Red Hat that includes Red Hat Enterprise Linux and Red Hat JBoss Middleware. The existing distribution partnerships define not only commercial terms, but also joint support models, co-engineering and certification testing, and joint go-to-market collaboration.
  • Raleigh's Red Hat teams up with Ericsson
    Open-source software firm Red Hat (NYSE: RHT) has teamed up with Ericsson (Nasdaq: ERIC) on what the companies are calling a “broad alliance” aimed at transforming the information and communications technology market. Red Hat, headquartered at downtown Raleigh’s Red Hat Tower, announced that its new partnership with Ericsson would allow the duo to deliver fully open-source and production-ready cloud infrastructure, spanning OpenStack, software-defined networking and software-defined infrastructure.
  • FCAIC in the House
    The job is like many other roles called “Community Manager” or “Community Lead.” That means there is a focus on metrics and experiences. One role is to try ensure smooth forward movement of the project towards its goals. Another role is to serve as a source of information and motivation. Another role is as a liaison between the project and significant downstream and sponsoring organizations. In Fedora, this means I help the Fedora Project Leader. I try to be the yen to his yang, the zig to his zag, or the right hand to his right elbow. In all seriousness, it means that I work on a lot of the non-engineering focused areas of the Fedora Project. While Matthew has responsibility for the project as a whole I try to think about users and contributors and be mechanics of keeping the project running smoothly.
  • keepalived: Simple HA
    We have been using keepalived in Fedora Infrastructure for a while now. It’s a pretty easy to use and simple way to do some basic HA. Keepalived can keep track of which machine is “master” for a IP address and quickly fail over and back when moving that IP address around. You can also run scripts on state change. Keepalived uses VRRP and handles updating arp tables when IP addresses move around. It also supports weighting so you can prefer one or another server to “normally” have the master IP/scripts.
  • What does Factory 2.0 mean for Modularity?
    This blog now has a drop-down category called Modularity. But, many arteries of Modularity lead into a project called Factory 2.0. These two are, in fact, pretty much inseparable. In this post, we’ll talk about the 5 problems that need to be solved before Modularity can really live. The origins of Factory 2.0 go back a few years, when Matthew Miller started the conversation at Flock. The first suggested names were “Fedora Rings”, “Envs and Stacks”, and Alephs.
  • varnish-5.0, varnish-modules-0.9.2 and hitch-1.4.1, packages for Fedora and EPEL
    The Varnish Cache project recently released varnish-5.0, and Varnish Software released hitch-1.4.1. I have wrapped packages for Fedora and EPEL. varnish-5.0 has configuration changes, so the updated package has been pushed to rawhide, but will not replace the ones currently in EPEL nor in Fedora stable. Those who need varnish-5.0 for EPEL may use my COPR repos at They include the varnish-5.0 and matching varnish-modules packages, and are compatible with EPEL 5, 6, and 7.
  • Installroot in DNF-2.0

Security News

  • Security advisories for Thursday
  • More information about Dirty COW (aka CVE-2016-5195)
    The security hole fixed in the stable kernels released today has been dubbed Dirty COW (CVE-2016-5195) by a site devoted to the kernel privilege escalation vulnerability. There is some indication that it is being exploited in the wild. Ars Technica has some additional information. The Red Hat bugzilla entry and advisory are worth looking at as well.
  • CVE-2016-5195
    My prior post showed my research from earlier in the year at the 2016 Linux Security Summit on kernel security flaw lifetimes. Now that CVE-2016-5195 is public, here are updated graphs and statistics. Due to their rarity, the Critical bug average has now jumped from 3.3 years to 5.2 years. There aren’t many, but, as I mentioned, they still exist, whether you know about them or not. CVE-2016-5195 was sitting on everyone’s machine when I gave my LSS talk, and there are still other flaws on all our Linux machines right now. (And, I should note, this problem is not unique to Linux.) Dealing with knowing that there are always going to be bugs present requires proactive kernel self-protection (to minimize the effects of possible flaws) and vendors dedicated to updating their devices regularly and quickly (to keep the exposure window minimized once a flaw is widely known).
  • “Most serious” Linux privilege-escalation bug ever is under active exploit (updated)
    While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.
  • Linux users urged to protect against 'Dirty COW' security flaw
    Organisations and individuals have been urged to patch Linux servers immediately or risk falling victim to exploits for a Linux kernel security flaw dubbed ‘Dirty COW'. This follows a warning from open source software vendor Red Hat that the flaw is being exploited in the wild. Phil Oester, the Linux security researcher who uncovered the flaw, explained to V3 that the exploit is easy to execute and will almost certainly become more widely used. "The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8," he said.
  • Hackers Hit U.S. Senate GOP Committee
    The national news media has been consumed of late with reports of Russian hackers breaking into networks of the Democratic National Committee. Lest the Republicans feel left out of all the excitement, a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the Web storefront of the National Republican Senatorial Committee (NRSC). [...] Dataflow markets itself as an “offshore” hosting provider with presences in Belize and The Seychelles. Dataflow has long been advertised on Russian-language cybercrime forums as an offshore haven that offers so-called “bulletproof hosting,” a phrase used to describe hosting firms that court all manner of sites that most legitimate hosting firms shun, including those that knowingly host spam and phishing sites as well as malicious software. De Groot published a list of the sites currently present at Dataflow. The list speaks for itself as a collection of badness, including quite a number of Russian-language sites selling synthetic drugs and stolen credit card data. According to De Groot, other sites that were retrofitted with the malware included e-commerce sites for the shoe maker Converse as well as the automaker Audi, although he says those sites and the NRSC’s have been scrubbed of the malicious software since his report was published. But De Groot said the hackers behind this scheme are continuing to find new sites to compromise. “Last Monday my scans found about 5,900 hacked sites,” he said. “When I did another scan two days later, I found about 340 of those had been fixed, but that another 170 were newly compromised.”
  • Thoughts on the BTB Paper
    The Branch Target Buffer (BTB) whitepaper presents some interesting information. It details potential side-channel attacks by utilizing timing attacks against the branch prediction hardware present in Intel Haswell processors. The article does not mention Intel processors later than Haswell, such as Broadwell or Skylake. Side-channel attacks are always interesting and fun. Indeed, the authors have stumbled into areas that need more research. Their research can be applicable in certain circumstances. As a side-note, KASLR in general is rather weak and can be considered a waste of time[1]. The discussion why is outside the scope of this article.

Android Leftovers

Debian-Based Parsix GNU/Linux 8.15 "Nev" Gets First Test Build, Ships GNOME 3.22

Today, October 21, 2016, the developers of the Debian-based Parsix GNU/Linux operating system proudly announced the availability for download of the first test build of the upcoming Parsix GNU/Linux 8.15 "Nev" release. Read more