Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 20 Jan 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Torvalds: Fed up with the 'security circus'

Filed under
Linux

networkworld.com: Linus Torvalds, creator of the Linux kernel, says he's fed up with what he sees as a "security circus" surrounding software vulnerabilities and how they're hyped by security people.

FYI: Linux is Here to Stay, and Rule!

Filed under
Linux

junauza.com: I'm sometimes annoyed when I read some ignorant people's comment that Linux doesn't matter anymore and that it is slowly dying. A comment from a blog said, "Linux? Do people still use it?"

Does This Distro Make Me Look Fat?

Filed under
Linux

linuxhaxor.net: If the wine you drink, car you drive, food you eat, clothes you wear and even pets you have defines you as a person; does your choice of Linux Distro defines you too?

Whatever you do, don’t fix the kernel!

Filed under
Linux

netsplit.com: As you may have read in LWN (subscription required, and strongly recommended anyway), there’s been some argument on the linux-hotplug mailing list, the historically named home of udev development, about device naming.

SVN version of OpenOffice.org 3 in Cooker

Filed under
MDV
OOo

linux-wizard.net: A SVN version of OpenOffice.org 3 have just been released in Cooker. OpenOffice.org 3 brings many new features.

Gaming on Ubuntu Linux

Filed under
Gaming

itwire.com: After my last few articles on how to connect Ubuntu Linux to network shares and a network printer, I want to have a look at some of the more fun aspects of Ubuntu Linux. I thought this was appropriate at the moment, so...let the games begin!

Control Another Computer Over A Network In Linux

Filed under
HowTos

geekishblog.com: Ever wanted to get help from your friends or wanted to help some friend in doing some specific task, and you wished you could do that using a remote desktop connection but you don’t know how to remotely control a PC, doing so is very easy in Linux I will show you how to do that in this tutorial.

Ubuntu 8.10 Alpha 4 Screenshot Tour

Filed under
Ubuntu

softpedia: The fourth alpha version of the upcoming Ubuntu 8.10 (codename Intrepid Ibex), which is scheduled for release in late October this year, was made available a few minutes ago and, as usual, we intend to keep you up-to-date with the latest changes in the Ubuntu 8.10 development.

Development environments: Microsoft vs. Open Source

Filed under
OS

Paul Murphy: As we saw yesterday the much vaunted Unix skills premium over Windows is pretty small - 15% or so in an overheated market and less than that elsewhere. Notice, however, that this information pertains only to larger organizations.

Linux Desktops Dressed Up as Macs

Filed under
Linux

lifehacker.com: Several Linux users in the Lifehacker Desktop Show and Tell Flickr group are showing off their Ubuntu Hardy Heron desktop—dressed up as a Mac. Let's take a look at a few Ubuntu desktops passing as Macs with the help of a few add-ons like Compiz Fusion.

gOS 3 Beta, Netbooks, and Linux: An Interview with David Liu, Founder of Good OS

Filed under
Linux
Interviews

laptopmag.com: With the recent release of gOS 3 Beta, we thought it was prime time to take a closer look at the company responsible for creating the OS that powered the ill-fated Everex Cloudbook, and the gorgeous (and Mac OS X Leopard-inspired) gOS Space.

Windows apps on Linux the CrossOver way

Filed under
Software

linux.com: Who says you have to give up your must-have Windows applications when you migrate to Linux? If you can't leave some crucial Windows program behind, you can run it using CodeWeavers' latest version of CrossOver Linux.

Gallium3D: a short explanation where it fits in

Filed under
Software

liquidat.wordpress: In a comment I was recently asked where Gallium3D does fit in in regards to Mesa and OpenGL. Given that I’m not an expert the answer was short and simple but might interest others as well.

My first taste of KDE…

Filed under
KDE

meandubuntu.wordpress: I am seriously concerned with GNOME’s infatuation with Microsoft technologies. Having recently heard about the new KDE4 - I thought I might give KDE a shot!

What Linux Will Look Like In 2012

Filed under
Linux

informationweek.com: What will desktop Linux be like four years from now? The single biggest change you'll see is the way Linux evolves to meet the growing market of users who are not themselves Linux-savvy, but are looking for a low-cost alternative to Microsoft.

How To Install Django On Mandriva 2008.1 (Apache2/mod_python)

Filed under
MDV
HowTos

This tutorial explains how to install Django on a Mandriva 2008.1 server. Django is a web framework that allows to develop Python web applications quickly with as much automation as possible. I will use it with Apache2 and mod_python in this guide.

today's leftovers

Filed under
News
  • Red Hat: Disrupting Symantec Veritas?

  • Firefox 3 is still a memory hog that slows other programs
  • plasmoids in firefox
  • 10 Essential Linux Applications for Daily Use
  • Editra — A multi-platform text editor
  • Hidden Linux : Compiz con-Fusion
  • The Great God Linux Won't Save Wireless Internet
  • CIO Reality Check: Linux Security
  • Open source will win quietly, not through public displays of affection
  • Open source at school 'could help businesses'
  • A hands-on look at Vyatta Community Edition 4 networking software
  • 2.6.27-rc3, "Things Really _Have_ Calmed Down"
  • Debian on the Old Laptop
  • Foundation donates open source HIE code
  • Hans Reiser Case: Aug. 13, 2008
  • ISO Master - GUI Tool to edit ISO Images in openSUSE
  • Linux Foundation Publishes Guide to Participating in the Linux Kernel Community
  • Would-Be Linux Contributors May Get a Leg Up
  • The Next Linux You Use Could Be Virtual
  • Flickr taps into open source for better maps. Yahoo Maps to follow?
  • Organizational Battle Ubuntu vs Gentoo vs RHEL & Fedora
  • New wiki measures open source license use

Integration at Akademy

Filed under
KDE

dot.kde.org: An important topic at Akademy is modularisation and integration. It has been the main topic of one talk but you will find it comes up in many others. It is clearly on the minds of many hackers here.

The entire State of Pahang moves to OpenOffice.org

Filed under
OOo

openmalaysiablog.com: Its just been made official that the State of Pahang is migrating all its productivity suites to OpenOffice.org. OpenOffice.org is distributed for free and represents a suite which is on par with other office suite software applications.

Lessons From PHP 4.4 End-of-Life Announcement

Filed under
Software

ostatic.com: The developers of PHP announced last week that PHP version 4.4.9 is now available. This would not be remarkable in and of itself, except that the developers also indicated that this would be the last release of PHP 4.4. If PHP were commercial software, its "end of life" would be cause for panic.

Syndicate content

More in Tux Machines

KDE: Linux and Qt in Automotive, KDE Discover, Plasma5 18.01 in Slackware

  • Linux and Qt in Automotive? Let’s meet up!
    For anyone around the Gothenburg area on Feb 1st, you are most welcome to the Automotive MeetUp held at the Pelagicore and Luxoft offices. There will be talks about Qt/QML, our embedded Linux platform PELUX and some ramblings about open source in automotive by yours truly ;-)
  • What about AppImage?
    I see a lot of people asking about state of AppImage support in Discover. It’s non-existent, because AppImage does not require centralized software management interfaces like Discover and GNOME Software (or a command-line package manager). AppImage bundles are totally self-contained, and come straight from the developer with zero middlemen, and can be managed on the filesystem using your file manager This should sound awfully familiar to former Mac users (like myself), because Mac App bundles are totally self-contained, come straight from the developer with zero middlemen, and are managed using the Finder file manager.
  • What’s new for January? Plasma5 18.01, and more
    When I sat down to write a new post I noticed that I had not written a single post since the previous Plasma 5 announcement. Well, I guess the past month was a busy one. Also I bought a new e-reader (the Kobo Aura H2O 2nd edition) to replace my ageing Sony PRS-T1. That made me spend a lot of time just reading books and enjoying a proper back-lit E-ink screen. What I read? The War of the Flowers by Tad Williams, A Shadow all of Light by Fred Chappell, Persepolis Rising and several of the short stories (Drive, The Butcher of Anderson Station, The Churn and Strange Dogs) by James SA Corey and finally Red Sister by Mark Lawrence. All very much worth your time.

GNU/Linux: Live Patching, Gravity of Kubernetes, Welcome to 2018

  • How Live Patching Has Improved Xen Virtualization
    The open-source Xen virtualization hypervisor is widely deployed by enterprises and cloud providers alike, which benefit from the continuous innovation that the project delivers. In a video interview with ServerWatch, Lars Kurth, Chairman of the Xen Project Advisory Board and Director, Open Source Solutions at Citrix, details some of the recent additions to Xen and how they are helping move the project forward.
  • The Gravity of Kubernetes
    Most new internet businesses started in the foreseeable future will leverage Kubernetes (whether they realize it or not). Many old applications are migrating to Kubernetes too. Before Kubernetes, there was no standardization around a specific distributed systems platform. Just like Linux became the standard server-side operating system for a single node, Kubernetes has become the standard way to orchestrate all of the nodes in your application. With Kubernetes, distributed systems tools can have network effects. Every time someone builds a new tool for Kubernetes, it makes all the other tools better. And it further cements Kubernetes as the standard.
  • Welcome to 2018
    The image of the technology industry as a whole suffered in 2017, and that process is likely to continue this year as well. That should lead to an increased level of introspection that will certainly affect the free-software community. Many of us got into free software to, among other things, make the world a better place. It is not at all clear that all of our activities are doing that, or what we should do to change that situation. Expect a lively conversation on how our projects should be run and what they should be trying to achieve. Some of that introspection will certainly carry into projects related to machine learning and similar topics. There will be more interesting AI-related free software in 2018, but it may not all be beneficial. How well will the world be served, for example, by a highly capable, free facial-recognition system and associated global database? Our community will be no more effective than anybody else at limiting progress of potentially freedom-reducing technologies, but we should try harder to ensure that our technologies promote and support freedom to the greatest extent possible. Our 2017 predictions missed the fact that an increasing number of security problems are being found at the hardware level. We'll not make the same mistake in 2018. Much of what we think of as "hardware" has a great deal of software built into it — highly proprietary software that runs at the highest privilege levels and which is not subject to third-party review. Of course that software has bugs and security issues of its own; it couldn't really be any other way. We will see more of those issues in 2018, and many of them are likely to prove difficult to fix.

Linux Kernel Development

  • New Sound Drivers Coming In Linux 4.16 Kernel
    Due to longtime SUSE developer Takashi Iwai going on holiday the next few weeks, he has already sent in the sound driver feature updates targeting the upcoming Linux 4.16 kernel cycle. The sound subsystem in Linux 4.16 sees continued changes to the ASoC code, clean-ups to the existing drivers, and a number of new drivers.
  • Varlink: a protocol for IPC
    One of the motivations behind projects like kdbus and bus1, both of which have fallen short of mainline inclusion, is to have an interprocess communication (IPC) mechanism available early in the boot process. The D-Bus IPC mechanism has a daemon that cannot be started until filesystems are mounted and the like, but what if the early boot process wants to perform IPC? A new project, varlink, was recently announced; it aims to provide IPC from early boot onward, though it does not really address the longtime D-Bus performance complaints that also served as motivation for kdbus and bus1. The announcement came from Harald Hoyer, but he credited Kay Sievers and Lars Karlitski with much of the work. At its core, varlink is simply a JSON-based protocol that can be used to exchange messages over any connection-oriented transport. No kernel "special sauce" (such as kdbus or bus1) is needed to support it as TCP or Unix-domain sockets will provide the necessary functionality. The messages can be used as a kind of remote procedure call (RPC) using an API defined in an interface file.
  • Statistics for the 4.15 kernel
    The 4.15 kernel is likely to require a relatively long development cycle as a result of the post-rc5 merge of the kernel page-table isolation patches. That said, it should be in something close to its final form, modulo some inevitable bug fixes. The development statistics for this kernel release look fairly normal, but they do reveal an unexpectedly busy cycle overall. This development cycle was supposed to be relatively calm after the anticipated rush to get work into the 4.14 long-term-support release. But, while 4.14 ended up with 13,452 non-merge changesets at release, 4.15-rc6 already has 14,226, making it one of the busiest releases in the kernel project's history. Only 4.9 (16,214 changesets) and 4.12 (14,570) brought in more work, and 4.15 may exceed 4.12 by the time it is finished. So far, 1,707 developers have contributed to this kernel; they added 725,000 lines of code while removing 407,000, for a net growth of 318,000 lines of code.
  • A new kernel polling interface
    Polling a set of file descriptors to see which ones can perform I/O without blocking is a useful thing to do — so useful that the kernel provides three different system calls (select(), poll(), and epoll_wait() — plus some variants) to perform it. But sometimes three is not enough; there is now a proposal circulating for a fourth kernel polling interface. As is usually the case, the motivation for this change is performance. On January 4, Christoph Hellwig posted a new polling API based on the asynchronous I/O (AIO) mechanism. This may come as a surprise to some, since AIO is not the most loved of kernel interfaces and it tends not to get a lot of attention. AIO allows for the submission of I/O operations without waiting for their completion; that waiting can be done at some other time if need be. The kernel has had AIO support since the 2.5 days, but it has always been somewhat incomplete. Direct file I/O (the original use case) works well, as does network I/O. Many other types of I/O are not supported for asynchronous use, though; attempts to use the AIO interface with them will yield synchronous behavior. In a sense, polling is a natural addition to AIO; the whole point of polling is usually to avoid waiting for operations to complete.

Security: OpenSSL, IoT, and LWN Coverage of 'Intelpocalypse'

  • Another Face to Face: Email Changes and Crypto Policy
    The OpenSSL OMC met last month for a two-day face-to-face meeting in London, and like previous F2F meetings, most of the team was present and we addressed a great many issues. This blog posts talks about some of them, and most of the others will get their own blog posts, or notices, later. Red Hat graciously hosted us for the two days, and both Red Hat and Cryptsoft covered the costs of their employees who attended. One of the overall threads of the meeting was about increasing the transparency of the project. By default, everything should be done in public. We decided to try some major changes to email and such.
  • Some Basic Rules for Securing Your IoT Stuff

    Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked [sic] IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large.

  • A look at the handling of Meltdown and Spectre
    The Meltdown/Spectre debacle has, deservedly, reached the mainstream press and, likely, most of the public that has even a remote interest in computers and security. It only took a day or so from the accelerated disclosure date of January 3—it was originally scheduled for January 9—before the bugs were making big headlines. But Spectre has been known for at least six months and Meltdown for nearly as long—at least to some in the industry. Others that were affected were completely blindsided by the announcements and have joined the scramble to mitigate these hardware bugs before they bite users. Whatever else can be said about Meltdown and Spectre, the handling (or, in truth, mishandling) of this whole incident has been a horrific failure. For those just tuning in, Meltdown and Spectre are two types of hardware bugs that affect most modern CPUs. They allow attackers to cause the CPU to do speculative execution of code, while timing memory accesses to deduce what has or has not been cached, to disclose the contents of memory. These disclosures can span various security boundaries such as between user space and the kernel or between guest operating systems running in virtual machines. For more information, see the LWN article on the flaws and the blog post by Raspberry Pi founder Eben Upton that well describes modern CPU architectures and speculative execution to explain why the Raspberry Pi is not affected.
  • Addressing Meltdown and Spectre in the kernel
    When the Meltdown and Spectre vulnerabilities were disclosed on January 3, attention quickly turned to mitigations. There was already a clear defense against Meltdown in the form of kernel page-table isolation (KPTI), but the defenses against the two Spectre variants had not been developed in public and still do not exist in the mainline kernel. Initial versions of proposed defenses have now been disclosed. The resulting picture shows what has been done to fend off Spectre-based attacks in the near future, but the situation remains chaotic, to put it lightly. First, a couple of notes with regard to Meltdown. KPTI has been merged for the 4.15 release, followed by a steady trickle of fixes that is undoubtedly not yet finished. The X86_BUG_CPU_INSECURE processor bit is being renamed to X86_BUG_CPU_MELTDOWN now that the details are public; there will be bug flags for the other two variants added in the near future. 4.9.75 and 4.4.110 have been released with their own KPTI variants. The older kernels do not have mainline KPTI, though; instead, they have a backport of the older KAISER patches that more closely matches what distributors shipped. Those backports have not fully stabilized yet either. KPTI patches for ARM are circulating, but have not yet been merged.
  • Is it time for open processors?
    The disclosure of the Meltdown and Spectre vulnerabilities has brought a new level of attention to the security bugs that can lurk at the hardware level. Massive amounts of work have gone into improving the (still poor) security of our software, but all of that is in vain if the hardware gives away the game. The CPUs that we run in our systems are highly proprietary and have been shown to contain unpleasant surprises (the Intel management engine, for example). It is thus natural to wonder whether it is time to make a move to open-source hardware, much like we have done with our software. Such a move may well be possible, and it would certainly offer some benefits, but it would be no panacea. Given the complexity of modern CPUs and the fierceness of the market in which they are sold, it might be surprising to think that they could be developed in an open manner. But there are serious initiatives working in this area; the idea of an open CPU design is not pure fantasy. A quick look around turns up several efforts; the following list is necessarily incomplete.
  • Notes from the Intelpocalypse
    Rumors of an undisclosed CPU security issue have been circulating since before LWN first covered the kernel page-table isolation patch set in November 2017. Now, finally, the information is out — and the problem is even worse than had been expected. Read on for a summary of these issues and what has to be done to respond to them in the kernel. All three disclosed vulnerabilities take advantage of the CPU's speculative execution mechanism. In a simple view, a CPU is a deterministic machine executing a set of instructions in sequence in a predictable manner. Real-world CPUs are more complex, and that complexity has opened the door to some unpleasant attacks. A CPU is typically working on the execution of multiple instructions at once, for performance reasons. Executing instructions in parallel allows the processor to keep more of its subunits busy at once, which speeds things up. But parallel execution is also driven by the slowness of access to main memory. A cache miss requiring a fetch from RAM can stall the execution of an instruction for hundreds of processor cycles, with a clear impact on performance. To minimize the amount of time it spends waiting for data, the CPU will, to the extent it can, execute instructions after the stalled one, essentially reordering the code in the program. That reordering is often invisible, but it occasionally leads to the sort of fun that caused Documentation/memory-barriers.txt to be written.