Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 26 Oct 20 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Programming Leftovers Roy Schestowitz 26/10/2020 - 11:42am
Story Corsair Power Supplies May Soon See Sensor Support Exposed Under Linux Roy Schestowitz 26/10/2020 - 11:36am
Story today's howtos Roy Schestowitz 26/10/2020 - 11:17am
Story Linux Patches Aim To Provide Fork'ing Brute Force Attack Mitigation Roy Schestowitz 26/10/2020 - 10:34am
Story Android Leftovers Rianne Schestowitz 26/10/2020 - 10:17am
Story Manage content using Pulp Debian Rianne Schestowitz 26/10/2020 - 9:56am
Story Wikiman: An Offline Search Engine For Arch Linux, Gentoo Wiki, And More Rianne Schestowitz 26/10/2020 - 9:49am
Story Audiocasts/Shows: Open Source Security Podcast, GNU World Order, Linux in the Ham Shack and Linux Action News Rianne Schestowitz 26/10/2020 - 7:37am
Story today's howtos Rianne Schestowitz 26/10/2020 - 7:32am
Story Chinese Laptop Featuring New 14nm Loongsoon 3A4000 CPU Appears Rianne Schestowitz 26/10/2020 - 7:28am

'This was bigger than GNOME and bigger than just this case.' GNOME Foundation exec director talks patent trolls and much, much more

Filed under
Interviews
GNOME
Legal

Patent assertion entities: do not pick a fight with open source. It won't end well for you. This is the message from GNOME Foundation executive director Neil McGovern, who will speak on the subject at the Open Source Summit Europe next week.

McGovern talked to The Register ahead of the event on patents, Microsoft, and more.

The open-source outfit develops the default desktop environment on major Linux distributions including Ubuntu and Red Hat. In late August 2019, Rothschild Patent Imaging filed a lawsuit against the GNOME foundation claiming that GNOME Shotwell, a photo manager, infringed one of its patents.

“We didn't receive a letter before the court documents were filed or any sort of warning, it was just filed and then within a week there was a settlement request for $75,000,” McGovern told us.

Read more

Debian Janitor: Hosters used by Debian packages

Filed under
Debian

The Debian Janitor is an automated system that commits fixes for (minor) issues in Debian packages that can be fixed by software. It gradually started proposing merges in early December. The first set of changes sent out ran lintian-brush on sid packages maintained in Git. This post is part of a series about the progress of the Janitor.

The Janitor knows how to talk to different hosting platforms. For each hosting platform, it needs to support the platform- specific API for creating and managing merge proposals. For each hoster it also needs to have credentials.

At the moment, it supports the GitHub API, Launchpad API and GitLab API. Both GitHub and Launchpad have only a single instance; the GitLab instances it supports are gitlab.com and salsa.debian.org.

This provides coverage for the vast majority of Debian packages that can be accessed using Git. More than 75% of all packages are available on salsa - although in some cases, the Vcs-Git header has not yet been updated.

Of the other 25%, the majority either does not declare where it is hosted using a Vcs-* header (10.5%), or have not yet migrated from alioth to another hosting platform (9.7%). A further 2.3% are hosted somewhere on GitHub (2%), Launchpad (0.18%) or GitLab.com (0.15%), in many cases in the same repository as the upstream code.

Read more

Also: Multiple git configurations depending on the repository path

Benchmarks and Graphics Leftovers: x86, Zink, and Navi

Filed under
Graphics/Benchmarks
  • Intel Core i7 1165G7 Tiger Lake vs. AMD Ryzen 7 PRO 4750U Linux Performance

    For the Intel Tiger Lake Linux benchmarking thus far with the Core i7 1165G7 on the Dell XPS 13 9310 it's primarily been compared against the Ryzen 5 4500U and Ryzen 7 4700U on the AMD side since those are the only Renoir units within my possession. But a Phoronix reader recently provided me with remote access to his Lenovo ThinkPad X13 with Ryzen 7 PRO 4750U (8 cores / 16 threads) for seeing how the Tiger Lake performance compares against that higher-end SKU.

    Phoronix reader Tomas kindly provided SSH access to his ThinkPad X13 with Ryzen 7 PRO 4750U and 16GB of RAM. The Ryzen 7 PRO 4750U is quite close to the Ryzen 7 4800U with 8 cores / 16 threads but graphics capabilities in line with the 4700U. He's been quite happy with the ThinkPad X13 as a replacement to the Dell XPS 13 for business usage and has been running it with Ubuntu 18.04 LTS on the Linux 5.8 kernel.

  • Mike Blumenkrantz: Catching Up

    A rare Saturday post because I spent so much time this week intending to blog and then somehow not getting around to it. Let’s get to the status updates, and then I’m going to dive into the more interesting of the things I worked on over the past few days.

    Zink has just hit another big milestone that I’ve just invented: as of now, my branch is passing 97% of piglit tests up through GL 4.6 and ES 3.2, and it’s a huge improvement from earlier in the week when I was only at around 92%. That’s just over 1000 failure cases remaining out of ~41,000 tests. For perspective, a table.

  • AMD 'Big Navi' 3DMark Firestrike results shared by HW testing firm

    The Linux specialists over at Phoronix have noticed that the AMD Linux driver has been tweaked to add support for a new graphics card dubbed the "navi10 blockchain SKU". It comments that the only visible difference in support for this card vs existing Navi 1X support, from the driver perspective, is that the patches disable the Display Core Next (DCN) and Video Core Next (VCN) support - basically creating a 'headless' Navi 1X graphics card.

    Cryprocurrency is showing signs of a resurgence in popularity and values, and some are worried that the latest and greatest GPUs from both Nvidia and AMD will be plucked from retailers even faster if they are viable mining platforms. It has been reported that AMD is trying to make sure retailers follow certain distribution practices with its upcoming Radeon RX 6000 series products, to make sure they are distributed to gamers and enthusiasts rather than scalpers and such like. An initiative like creating appealing crypto-specific Navi 1X products might help everyday consumers get their hands on a new Navi 2X graphics card too.

Does the Snap Store Use Too Much Memory?

Filed under
Ubuntu

This week I noticed that the Snap Store app on my Ubuntu 20.10 laptop uses a tonne of memory, even when it’s not running — we’re talking more memory than the main GNOME Shell process uses, and that is always running!

Naturally I assumed something in my config was to blame. I do make heavy use of Snap apps — don’t worry I use plenty of Flatpak and PPAs too. I’m pretty polyamorous when it comes to packaging formats and I did install using an Ubuntu 20.10 daily build.

Therein lay bugs. I know the caveats. All good. Don’t mind. Whatever.

Read more

IBM/Red Hat/Oracle/Fedora Leftovers

Filed under
Red Hat
  • [IBM Emeritus IWB on] America’s Obsession with Economic Efficiency

    The belief that efficiency is fundamental to competitive advantage has turned management into a science, whose objective is the elimination of waste, - whether of time, materials, or capital, - wrote Roger Martin in “The High Price of Efficiency,” a January 2019 article in the Harvard Business Review. Martin is professor and former dean of the Rotman School of Management at the University of Toronto, as well as a prolific writer.

    “Why would we not want managers to strive for an ever-more-efficient use of resources?,” asked Martin. Of course we do. But, an excessive focus on efficiency can produce startlingly negative effects. To counterbalance such potential negative effects, companies should pay just as much attention to a less appreciated source of competitive advantage: resilience, - “the ability to recover from difficulties - to spring back into shape after a shock,” he presciently added a year before the advent of Covid-19.

    In his recently published book, When More Is Not Better: Overcoming America's Obsession with Economic Efficiency, Martin expanded on his HBR article, arguing that an excessive focus on efficiency is not only detrimental to business but constitutes a serious threat to America’s democratic capitalism. “Throughout the first nearly two and a half centuries of America’s existence as a sovereign state, most citizens experienced an advance in their economic status in the overwhelming majority of those years. Based on that trend, Americans have, unsurprisingly, used their votes throughout the years to support and perpetuate capitalism as America’s economic system. But that consistent economic advance has stalled, and has been for a longer period than ever before in American history.”

    The book is based on a six-year project on the future of America’s democratic capitalism by the Martin Prosperity Institute. The project conducted in-depth interviews with a wide variety of Americans to understand what they thought about the directions of the country. It excluded people in the top 10% of the income distributions, focusing instead on the vast majority of the populations, which includes people with household incomes ranging from $25,000 to $110,000 with a median of $75,000.

  • Call for Code Daily: Fighting racial justice and climate change with tech

    The power of Call for Code® is in the global community that we have built around this major #TechforGood initiative. Whether it is the deployments that are underway across pivotal projects, developers leveraging the starter kits in the cloud, or ecosystem partners joining the fight, everyone has a story to tell. Call for Code Daily highlights all the amazing #TechforGood stories taking place around the world. Every day, you can count on us to share these stories with you. Check out the stories from the week of October 19th:

  • IRI Certifies Voracity with Oracle Linux

    The Oracle Linux and Virtualization Alliance team welcomes IRI, The CoSort Company, and its Voracity data management platform to our ISV ecosystem. Voracity enables customers to marshal data without the cost or complexity of multiple tools.

    IRI has certified and supports Voracity on Oracle Linux 7 and 8. This can provide a rich set of performance and security features for Oracle DBAs, big data architects, and data privacy teams.

  • Release Osbuild 23

    We are happy to announce version 23 of osbuild. This release makes it possible to build Fedora on RHEL systems.

    Below you can find the official changelog from the osbuild-23 sources. All users are recommended to upgrade!

Kernel: Fedora Test Week for Kernel 5.9, Important Fix and Linux 5.10 Work

Filed under
Linux

  • Contribute at the Fedora Test Week for Kernel 5.9 - Fedora Magazine

    The kernel team is working on final integration for kernel 5.9. This version was just recently released, and will arrive soon in Fedora. As a result, the Fedora kernel and QA teams have organized a test week from Monday, October 26, 2020 through Monday, November 02, 2020. Refer to the wiki page for links to the test images you’ll need to participate. Read below for details.

  •   

  • Linux Gets Fix For AMD Zen 3 CPU Frequency Handling Stemming From 8 Year Old Workaround - Phoronix

    Since 2012 there has been a quirk in the Linux kernel to disable/override using ACPI _PSD data on all AMD processors as a workaround in turn for Windows-specific behavior that clashes with the semantics of the Linux ACPI CPUFreq driver for CPU frequency scaling. With AMD Zen 3 this quirk is no longer needed to behave correctly and thus Linux 5.10 is going to drop this eight year old quirk on Zen 3 and newer. 

    The change since 2012 in the Linux kernel for AMD CPUs has overrode the ACPI _PSD table supplied by the BIOS. But now for Family 19h / Zen 3, the table accurately reports the P-state dependency of CPU cores. That correct table is needed for proper CPU frequency control with the new processors and thus the new kernel will stop overriding it so it can be used by ACPI CPUfreq for its frequency handling on the shiny new CPUs. 

  •   

  • EXT4 Changes Land In Linux 5.10 With Fast Commits, Big Boost For Parallel Writes - Phoronix

    The EXT4 file-system updates have landed in Linux 5.10 with some notable additions for this mature file-system.

    [...]

    Another big change is the new EXT4 "fast commits" mode by Harshad Shirwadkar of Google. This fast commit mode is relevant for EXT4 users operated in ordered mode (the mount option data=ordered) and maintains a minimal delta for recreating the affected metadata in the fast commit space shared with the JBD2 journal. That can yield up to a ~103% write performance improvement in the ordered mode with fast commits enabled. 

    The EXT4 changes also include other fixes and low-level code improvements.

  •   

  • Linux 5.10 Has Initial Support For NVIDIA Orin, DeviceTree For Purism's Librem 5 - Phoronix

    Complementing the ARM(64) architecture changes for Linux 5.10 are now the SoC and board updates that are quite interesting this round. 

    The ARM platform/SoC support with Linux 5.10 ranges from initial bring-up of the NVIDIA Tegra Orin SoC to finally mainlining the DeviceTree support for the Purism Librem 5 smartphone revisions thus far to Raspberry Pi 4 display setup. 

Games: Hive Time, Stadia and Retroarch

Filed under
Gaming

  • Developer of Hive Time reflects on the release and their pay what you want model

    Hive Time from developer 'Cheeseness' released nearly a year ago, and so the developer has written up a lengthy blog post on the development and the finances. A good read if you like behind the scenes dev info, here I will sum up a few interesting bits from it but the full article is definitely worth reading.

    It's a thoroughly interesting read because Hive Time is in quite a unique position. Not only because it's made with open source tools like Godot Engine, Blender, the GNU Image Manipulation Program, Inkscape, and Audacity it also released where you could download it for nothing. Technically, it's a $10 game but they made it pay what you want for people who can't afford to pay. The pay what you want model was made pretty popular years ago thanks to the likes of Humble Indie Bundle and others, but for selling a single game how does it turn out? That's what Cheese talks about and it seems to have been a tough sell overall.

  •      

  • Creative Director At Google Stadia Advocates Streamers Paying Game Devs And Publishers

           

             

    Way back in 2013, we discussed an interesting study conducted by Google looking at the effect of let's play and video game reviews has on the gaming industry. That study's conclusion was that viewers watched let's plays at a far higher clip than, say, video game trailers. Two-thirds of those views appeared to be watchers focusing on the video itself, whereas the other third were watching on secondary devices/screens in order to find tips and tricks for completing the game in question. Both were conducive to promoting the gaming industry, being a method for finding out if a game is worth buying and because gamers know they have a resource to help complete a game.

  •   

  • Retroarch for Android – The Complete Guide

    For years, Retroarch has been the indomitable platform of choice for discerning emulation connoisseurs on PC. The all-in-one package designed to load up all your favorite consoles and games from one place is available for Android, too, though the intricacies of setting it up are much less talked about.

    If you’ve downloaded Retroarch and don’t know your core from your content or just want to know which cores are best for running your favorite console games, read this Retroarch for Android guide for the instructions.

Python Programming

Filed under
Development

  • 4 Best Free Python-Based Content Management Systems - LinuxLinks

    A web content management system (WCMS) is software designed to simplify the publication of Web content. In particular, it enables content creators to submit content without requiring technical knowledge of HTML or the uploading of files. A CMS is most commonly used in creating an intranet or in establishing a presence on the Web.

    This type of software that keeps track of every piece of content on a Web site. Content can be simple text, photos, music, video, documents, or just about anything you can think of. A major advantage of using a CMS is that it requires almost no technical skill or knowledge to manage.

    Not only do content management systems help website users with content editing, they also take care of a lot of “behind the scenes” work such as automatically generating navigation elements, making content searchable and indexable, keeping track of users, their permissions and security setting, and much more.

    To provide an insight into the quality of software that is available, we have compiled a list of the best Python-based WCMS. They are all free and open source software. Here’s our recommendations.

  • 3 Open Source Python Shells - LinuxLinks

    Python is a high-level, general-purpose, structured, powerful, open source programming language that is used for a wide variety of programming tasks. It features a fully dynamic type system and automatic memory management, similar to that of Scheme, Ruby, Perl, and Tcl, avoiding many of the complexities and overheads of compiled languages. The language was created by Guido van Rossum in 1991, and continues to grow in popularity.

    Python is a very useful and popular computer language. One of the benefits of using an interpreted language such as Python is exploratory programming with its interactive shell. You can try out code without having to write a script. But there are limitations with the Python shell.

    Fortunately, there are some excellent alternative Python shells that extend on the basic shell. They each offer a good interactive Python experience.

  •  

  • NumFOCUS Earns Transparency Recognition from GuideStar - NumFOCUS

    NumFOCUS recently earned a Silver Seal of Transparency from GuideStar in recognition of our accountability and transparency efforts.

  • Translating Web Page while Scraping

    Suppose you need to translate web page while scraping data from the website in R and Python. In google chrome, there is an option (or functionality) to translate any foreign language. If you are an english speaker and don't know any other foreign language and you want to extract data from the website which does not have option to convert language to English, this article would help you how to perform translation of a webpage.

  • Getting Started With Python Package Managers
  • Weekly Python StackOverflow Report: (ccxlvii) stackoverflow python report
  •   

Kodachi 7.4 The Secure OS

Filed under
GNU
Linux
Security

Linux Kodachi operating system is based on Xubuntu 18.04.5 it will provide you with a secure, anti-forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure.

Kodachi is very easy to use all you have to do is boot it up on your PC via USB drive then you should have a fully running operating system with established VPN connection + Connection established + service running. No setup or knowledge is required from your side its all been automated for you. The entire OS is functional from your temporary memory RAM so once you shut it down no trace is left behind all your activities are wiped out.

Read more

3 Open Source Python Shells

Filed under
OSS

Python is a high-level, general-purpose, structured, powerful, open source programming language that is used for a wide variety of programming tasks. It features a fully dynamic type system and automatic memory management, similar to that of Scheme, Ruby, Perl, and Tcl, avoiding many of the complexities and overheads of compiled languages. The language was created by Guido van Rossum in 1991, and continues to grow in popularity.

Python is a very useful and popular computer language. One of the benefits of using an interpreted language such as Python is exploratory programming with its interactive shell. You can try out code without having to write a script. But there are limitations with the Python shell.

Read more

today's howtos

Filed under
HowTos

  • Enable ‘Drag & Drop’ Between Desktop and File Browser in Ubuntu 20.04 | UbuntuHandbook

    Since the desktop icons are handled by an extension instead of Nautilus file browser, drag’n’drop action between desktop and file browser does no longer work.

    Fortunately, a fork of the original Desktop Icons extension now is available with several enhancements, including Drag’n’Drop.

  • How to install (and uninstall) XFCE on Ubuntu | FOSS Linux

    Are you wondering about trying the XFCE desktop on a Ubuntu PC? Here's a tutorial on how to install XFCE on Ubuntu. You will get multiple options at the login.

  • How To Install InfluxDB on Ubuntu 20.04 LTS - idroot

    In this tutorial we will show you how to install InfluxDB on Ubuntu 20.04 LTS, as well as some extra required package by InfluxDB

  • How To Install Squid Proxy on Ubuntu 20.04 LTS - idroot

    In this tutorial we will show you how to install Squid Proxy on Ubuntu 20.04 LTS, as well as some extra required package by Squid

  • Openstack RDO && KVM Hypervisor: Setting up KVM Hypervisor on Ubuntu Groovy Gorilla (20.10)

    Due to version LIBVIRT&&QEMU you are forced to deploy Ubuntu 20.10 on Btrfs file system . In particular case, Virtual Environment is a fair enough . See also Install KVM&Libvirt on SparkyLinux2020.08

  •   

  • AppImage vs Snaps vs Flatpak: What Should I Use? - YouTube

    AppImages, Snaps and Flatpaks are the 3 biggest universal package management systems available on Linux and whilst sharing some similarities they all have very noticiable and very important differences that you should take into consideration before deciding which one you want to use. 

  • Use Tilt Ball Switch with Raspberry PI and Python - peppe8o

    Tilt sensor are small and cheap electronic able to detect inclination. While being not as accurate like accelerometers, they are small, inexpensive and easy to use. For this reason tilt ball switches are popular for toys and gadgets.

    Tilt ball switch are usually made of an internal cavity with a free conductive mass inside. When this switch is in vertical position, conductive mass goes down and connects terminals. When it is in horizontal position, conductive mass moves from terminals, so resulting in current not passing:

    In this tutorial I’ll show you how to use a simple Tilt Ball Switch with your Raspberry PI with a LED detecting sensor position. I’ll use a Raspberry PI Zero W, but this guide applies also to newer Raspberry PI boards. Small resistors (330 Ohm) will be also used to protect from power outage that can damage your Raspberry PI board.

  • How to Download a File From a Server to Your Desktop Using SSH - RoseHosting

    Easily download files from your server to your desktop computer using SSH by following this easy guide. We'll show you how, step-by-step.

  • Slack installation on CentOS 8.0

    Slack is a collaborative software that is used for the communication between various team members of a company. It has various workspaces where the teams are connected and can take decisions in a common shared environment. It allows users to organize conversations by using various channels. A channel is used for group discussions, and team members can share files, images, and videos. In slack, teammates can also communicate through video and audio calls to each other. If the user wants to join a community or team, then using a specific team workspace, users can request to join a team.

    This article is about the installation of slack, this guide will provide the step by step installation of slack on your CentOS 8.0.
    Please note: The commands in this tutorial get updated for newer Slack versions, this means that the commands might show a newer software version number than the screenshots. Just execute the commands as shown in the guide to install Slack.

This week in KDE: so many bugfixes

Filed under
KDE

Though Plasma 5.20 was overall a very smooth release, we spent a lot of time fixing some of the bugs we missed, as well as some older ones in Frameworks and apps too. It may not be very sexy, but bugs are what drive users crazy, and we want them fixed! So, fix them we did.

Read more

Also: KDE Seeing More Bug Fixes Following Plasma 5.20

GDB 10.1 released

Filed under
Development
GNU

            GDB 10.1 released!

Release 10.1 of GDB, the GNU Debugger, is now available.  GDB is
a source-level debugger for Ada, C, C++, Fortran, Go, Rust, and many
other languages.  GDB can target (i.e., debug programs running on)
more than a dozen different processor architectures, and GDB itself
can run on most popular GNU/Linux, Unix and Microsoft Windows variants.
GDB is free (libre) software.

You can download GDB from the GNU FTP server in the directory:

        ftp://ftp.gnu.org/gnu/gdb

The vital stats:

  Size   md5sum                            Name
  21MiB  1822a7dd45e7813f4408407eec1a6af1  gdb-10.1.tar.xz
  39MiB  67b01c95c88ab8e05a08680904bd6c92  gdb-10.1.tar.gz

There is a web page for GDB at:

        http://www.gnu.org/software/gdb/

That page includes information about GDB mailing lists (an announcement
mailing list, developers discussion lists, etc.), details on how to
access GDB's source repository, locations for development snapshots,
preformatted documentation, and links to related information around
the net.  We will put errata notes and host-specific tips for this release
on-line as any problems come up.  All mailing lists archives are also
browsable via the web.

GDB 10.1 includes the following changes and enhancements:

* Support for debugging new targets:

  - BPF  (bpf-unknown-none)

* GDBserver support for the following targets:

  - ARC GNU/Linux
  - RISC-V GNU/Linux

* Multi-target debugging support (experimental)

* Support for debuginfod, an HTTP server for distributing ELF/DWARF
  debugging information as well as source code.

* Support for debugging a 32-bit Windows program using a 64-bit Windows GDB.

* Support for building GDB with GNU Guile 3.0 and 2.2 (in addition to 2.0)

* Improved performance during startup through the use of threading
  during symbol table loading (an optional feature in GDB 9, now
  enabled by default in GDB 10).

* Various enhancements to the Python and Guile APIs

* Various TUI Mode fixes and enhancements.

* Other miscellaneous enhancements:

  - Detection when attaching to a process of a mismatch between
    this process and the executable previously loaded into GDB.

  - Support for default arguments for "alias" commands.

* GDBserver support for the following host triplets has been removed:

    i[34567]86-*-lynxos*
    powerpc-*-lynxos*
    i[34567]86-*-nto*
    bfin-*-*linux*
    crisv32-*-linux*
    cris-*-linux*
    m32r*-*-linux*
    tilegx-*-linux*
    arm*-*-mingw32ce*
    i[34567]86-*-mingw32ce*

For a complete list and more details on each item, please see the gdb/NEWS
file, available at:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;...

-- 
Joel Brobecker

Read more

Hands on With Upcoming Xfce 4.16 release

Filed under
Linux

I managed to install and did hands-on with the upcoming Xfce 4.16 pre-release (pre1)using the development build. It's super exciting with new features and updates. Have a look.
Read more

What Was BeOS, and Why Did People Love It?

Filed under
OS

In the mid-1990s, Be Inc. had the audacity to create a brand-new personal computer operating system from scratch. It gained critical acclaim for its ahead-of-its-time features, but failed to capture significant market share. It’s still a cult favorite 25 years later, and here’s why.

BeOS is a now-defunct multimedia operating system that was first introduced in October 1995 for Be Inc.’s BeBox computer. The driving forces behind Be were Jean-Louis Gassée, Apple’s former vice president of product development, and Steve Sakoman, creator of the Apple Newton. With these tech credentials, Be had the industry’s ear right from the start.

Read more

Security Leftovers

Filed under
Security
  • Security updates for Friday [LWN.net]

    Security updates have been issued by Gentoo (freetype), openSUSE (mailman), Red Hat (firefox, java-11-openjdk, OpenShift Container Platform 3.11.306 jenkins, and rh-maven35-jackson-databind), SUSE (kernel, mercurial, openldap2, python-pip, and xen), and Ubuntu (firefox, netty-3.9, and python-pip).

  • An Analysis of 5 Million OpenPGP Keys

    In July I finished my Bachelor’s Degree in IT Security at the University of Applied Sciences in St. Poelten. During the studies I did some elective courses, one of which was about Data Analysis using Python, Pandas and Jupyter Notebooks. I found it very interesting to do calculations on different data sets and to visualize them. Towards the end of the Bachelor I had to find a topic for my Bachelor Thesis and as a long time user of OpenPGP I thought it would be interesting to do an analysis of the collection of OpenPGP keys that are available on the keyservers of the SKS keyserver network.

    So in June 2019 I fetched a copy of one of the key dumps of the one of the keyservers (some keyserver publish these copies of their key database so people who want to join the SKS keyserver network can do an initial import). At that time the copy of the key database contained 5,499,675 keys and was around 12GB. Using the hockeypuck keyserver software I imported the keys into an PostgreSQL database. Hockeypuck uses a table called keys to store the keys and in there the column doc stores the OpenPGP keys in JSON format (always with a data field containing the original unparsed data).

    For the thesis I split the analysis in three parts, first looking at the Public Key packets, then analysing the User ID packets and finally studying the Signature Packets. To analyse the respective packets I used SQL to export the data to CSV files and then used the pandas read_csv method to create a dataframe of the values. In a couple of cases I did some parsing before converting to a DataFrame to make the analysis step faster. The parsing was done using the pgpdump python library.

    Together with my advisor I decided to submit the thesis for a journal, so we revised and compressed the whole paper and the outcome was now

  • Exploring 8chan's hosting infrastructure | Netcraft News

    In a recent post, Brian Krebs discussed a technique for disrupting 8chan, a controversial message board. Ron Guilmette, a security researcher, spotted that N.T. Technology, the hosting company owned by 8chan’s current operator, no longer has the right to transact business as it is in the “administrative hold” state. ARIN, the Internet registry N.T. Technology obtained its IP address allocation from, would be within its rights to reclaim the IP address space.

    Ron Guilmette is an expert in this type of analysis - last year he discovered the theft of $50 million worth of IP addresses in AFRINIC’s service region.

    However, taking down 8chan is unlikely to be as simple as requesting that ARIN deallocates its IP adddress space. After deallocation, the IP addresses may continue to be advertised as fullbogons - netblocks that are used on the Internet despite not being assigned to an end user. While some Internet service providers do block fullbogons, this is by no means universal.

  • 23 Extensions to Enhance your Security and Privacy on Google Chrome and Chromium-based Browser

    According to a statistical report published by Statista in July 2020, Google Chrome accounted for 69% of the global desktop web-browser market share by June 2020, with 11% increase from the last year.

    Google Chrome is mostly based on Chromium which is an open-source web-browser released and maintained by Google. Chromium itself is the base for a dozen other browsers that are compatible with Google Chrome Web store.

    In this article we will guide you through the best privacy and security browser extensions for Google Chrome and Chromium-based web browsers that support Google Chrome Web store.

Single Points of Failure and Proprietary Entrapment (Microsoft GitHub)

Filed under
Development
Microsoft
  • Ahmad Haghighi: GitLab blocked Iranians’ access.

    On 3rd Oct. 2020 GitLab blocked Iranians’ access (based on IP) without any prior notice! and five days later (8th Oct.) my friend’s account blocked and still he doesn’t have any access to his projects! even after creating a ticket and asks for a temporary access to only export his projects! GitLab refused to unblock him! (screenshot in appendix). My friend is not the only one who blocked by GitLab, with a simple search on the web you can find a growing list of blocked accounts.
    So I decided to move from GtiLab and EVERY Free Software based/hosted/managed on/in USA.

    When it comes to USA policies, Free Software is a Joke Smile

    GitLab is not the only actor in this discrimination against Persian/Iranian people, we also blocked by GitHub, Docker, NPM, Google Developer, Android, AWS, Go, Kubernetes and etc.

  • ‘youtube-dl’ downloading software removed from GitHub by RIAA takedown notice

    This takedown notice does not necessarily spell the permanent end of youtube-dl. GitHub always immediately takes down any source code project that receives a DMCA notice like this, but the project’s creators will have an opportunity to file a counterclaim in the hopes of restoring youtube-dl’s status on GitHub. We’ll be keeping an eye on the situation as it develops.

  • RIAA DMCAs GitHub into nuking popular YouTube video download tool, says it can be used to slurp music

    YouTube-DL is pretty simple to use: you give the command-line program the URL of any YouTube video, and it will fetch the material and save it to your computer for future playback.

  • Recording Industry Association of America Gets Youtube-dl Kicked Off GitHub

    Microsoft GitHub has removed all traces of the very useful youtube-dl utility for downloading videos from YouTube and other websites, including this one, following a questionable DMCA request from the Recording Industry Association of America.

    youtube-dl is a simple command-line utility that lets you easily download audio adn videos from just about any website with a file file embedded in it. It works on sites like this one. A lot of software, including the popular video player mpv, can use it to download video fragments on the fly so videos embedded in web pages can be opened and played as if they were local files.

    The Recording Industry Association of America submitted a DMCA request to Microsoft GitHub demanding that youtube-dl gets removed from the Internet on October 23rd, 2020. The complaint contains this rather misleading claim: [...]

today's howtos

Filed under
HowTos
  • How to install NotepadQQ on Linux

    NotepadQQ is an exciting application that attempts to bring Linux users what Notepad++ does on Windows: an impressive, Microsoft Notepad-like text editor that supports various programming languages and other useful features. Here’s how to get it installed on your Linux system.

  • How to Install and Configure Squid Proxy on Ubuntu 20.04 | Linuxize

    Squid is a full-featured caching proxy supporting popular network protocols like HTTP, HTTPS, FTP, and more. It can be used to improve the web server’s performance by caching repeated requests, filter web traffic, and access geo-restricted content.

    This tutorial explains how to set up a Squid Proxy on Ubuntu 20.04 and configure Firefox and Google Chrome web browsers to use it.

  • How to set up the Jellyfin media server on Linux

    The Jellyfin developers offer up a myriad of ways to install the media server on the Linux platform. From Docker to downloadable DEBs and custom packages in the Arch Linux AUR.

    In this guide, we’ll focus on downloadable packages. However, if you are an advanced Linux user and know how to use Docker, click here to get your hands on it.

    To start installing Jellyfin on your Linux server, open up a terminal window via SSH or by physically sitting in front of it. After that, follow the command-line installation instructions outlined below.

  • libtraceevent>=5.9-1 update requires manual intervention

    The libtraceevent package prior to version 5.9-1 was missing a soname link. This has been fixed in 5.9-1, so the upgrade will need to overwrite the untracked files created by ldconfig.

  • Parabola GNU/Linux-libre: [From Arch] libtraceevent>=5.9-1 update requires manual intervention
  • How to Install and Configure FreeNAS 11.3 U5 Storage on VMware Workstation - SysAdmin

    This video tutorial shows how to install and configure FreeNAS 11.3 U5 Storage on VMware Workstation step by step.

  • How to check the sshd Logs on Linux? – Linux Hint

    sshd stands for Secure SHell Daemon. It is a hidden process that silently listens to all the authentication and login attempts of the Linux operating system. It is especially helpful if you are trying to figure out any unauthorized login attempts to your system. In this article, how to check the sshd Logs on Linux is explained.

  • How to Check If a Port Is in Use in Linux – Linux Hint

    At any single instance, multiple ports can be open in your system, so it can be useful to determine which ports are open. This article shows you four possible methods to use to check whether a port is in use in Linux.

  • Best Books for Learning Linux – Linux Hint [Ed: Caution for spammy links in the referrer spam sense]

    Books are important learning resources for both beginners and experts, but with all the books available on the market, it may be difficult to choose just one. Here, we review five books on Linux to help you choose.

  • How to change Chrome profile name

    Chrome has support for multiple profiles. What differentiates one profile from the other is the Google account that is (or isn’t) connected to a profile.

    Users can create a new Chrome profile and sync it with their Google account, or they can skip adding an account and keep everything local. What a user cannot do is create a profile that has no name.

Syndicate content

More in Tux Machines

Leaving Mozilla and Recalling One's Job in Mozilla

  • yoric.steps.next()

    The web is getting darker. It is being weaponized by trolls, bullies and bad actors and, as we’ve witnessed, this can have extremely grave consequences for individuals, groups, sometimes entire countries. So far, most of the counter-measures proposed by either governments or private actors are even scarier. The creators of the Matrix protocol have recently published the most promising plan I have seen. One that I believe stands a chance of making real headway in this fight, while respecting openness, decentralization, open-source and privacy. I have been offered the opportunity to work on this plan. For this reason, after 9 years as an employee at Mozilla, I’ll be moving to Element, where I’ll try and contribute to making the web a better place. My last day at Mozilla will be October 30th.

  • Working open source | daniel.haxx.se

    I work full time on open source and this is how. Background I started learning how to program in my teens, well over thirty years ago and I’ve worked as a software engineer and developer since the early 1990s. My first employment as a developer was in 1993. I’ve since worked for and with lots of companies and I’ve worked on a huge amount of (proprietary) software products and devices over many years. Meaning: I certainly didn’t start my life open source. I had to earn it. When I was 20 years old I did my (then mandatory) military service in Sweden. After having endured that, I applied to the university while at the same time I was offered a job at IBM. I hesitated, but took the job. I figured I could always go to university later – but life took other turns and I never did. I didn’t do a single day of university. I haven’t regretted it. [...]    I’d like to emphasize that I worked as a contract and consultant developer for many years (over 20!), primarily on proprietary software and custom solutions, before I managed to land myself a position where I could primarily write open source as part of my job. [...] My work setup with Mozilla made it possible for me to spend even more time on curl, apart from the (still going) two daily spare time hours. Nobody at Mozilla cared much about (my work with) curl and no one there even asked me about it. I worked on Firefox for a living. For anyone wanting to do open source as part of their work, getting a job at a company that already does a lot of open source is probably the best path forward. Even if that might not be easy either, and it might also mean that you would have to accept working on some open source projects that you might not yourself be completely sold on. In late 2018 I quit Mozilla, in part because I wanted to try to work with curl “for real” (and part other reasons that I’ll leave out here). curl was then already over twenty years old and was used more than ever before.

Programming: Buzzwords, Meson, Tracealyzer, LLVM, Python and Rust

  • What is DevSecOps? Everything You Need To Know About DevSecOps

    Most people are familiar with the term “DevOps,” but they don’t know how to really utilize it. There’s more to DevOps than just development and operational teams. There’s an essential element of DevOps that is often missing from the equation; IT security. Security should be included in the lifecycle of apps.  The reason you need to include security is that security was once assigned to one team that integrated security near the end-stages of development. Taking such a lax approach to security wasn’t such a problem when apps were developed in months or years. The average development cycle has changed quite a bit, though, and apps can be developed in a matter of days or weeks. Outdated security practices like leaving security too late can bring DevOps initiatives to their knees. 

  •   
  • Nibble Stew: The Meson Manual: Good News, Bad News and Good News

    Starting with good news, the Meson Manual has been updated to a third edition. In addition to the usual set of typo fixes, there is an entirely new chapter on converting projects from an existing build system to Meson. Not only are there tips and tricks on each part of the conversion, there is even guidance on how to get it done on projects that are too big to be converted in one go.

  • Percepio Releases Tracealyzer Visual Trace Diagnostics Solution Version 4.4 with Support for Embedded Linux

    Percepio announced the availability of Tracealyzer version 4.4 with support for embedded Linux. Tracealyzer gives developers insight during software debugging and verification at the system level by enabling visual exploratory analysis from the top down. This makes the software suitable for spotting issues during full system testing and drill down into the details to find the cause. Version 4.4 adds several views optimized for Linux tracing, in addition to a set of visualizations already in Tracealyzer, and leverages Common Trace Format (CTF) and the widely supported LTTng, an open source tracing framework.

  •   
  • LLVM Adds A SPIR-V CPU Runner For Handling GPU Kernels On The CPU - Phoronix

    LLVM has merged an experimental MLIR-based SPIR-V CPU runner that the developers are working towards being able to handle CPU-based execution of GPU kernels.  This new SPIR-V runner is built around the MLIR intermediate representation (Multi-Level Intermediate Representation) with a focus of going from GPU-focused code translated through SPIR-V and to LLVM and then executed on the CPU. The runner focus is similar to that of the MLIR-based runners for NVIDIA CUDA, AMD ROCm, and Vulkan, but just executing on the CPU itself. It was earlier this year LLVM added the MLIR-Vulkan-Runner for handling MLIR on Vulkan hardware. 

  • Python Modulo in Practice: How to Use the % Operator – Real Python

    Python supports a wide range of arithmetic operators that you can use when working with numbers in your code. One of these operators is the modulo operator (%), which returns the remainder of dividing two numbers.

  • Test & Code : Python Testing for Software Engineering 136: Wearable Technology - Sophy Wong

    Wearable technology is not just smart consumer devices like watches and activity trackers. Wearable tech also includes one off projects by designers, makers, and hackers and there are more and more people producing tutorials on how to get started. Wearable tech is also a great way to get both kids and adults excited about coding, electronics, and in general, engineering skills. Sophy Wong is a designer who makes really cool stuff using code, technology, costuming, soldering, and even jewelry techniques to get tech onto the human body.

  • Librsvg's test suite is now in Rust

    Some days ago, Dunja Lalic rewrote the continuous integration scripts to be much faster. A complete pipeline used to take about 90 minutes to run, now it takes about 15 minutes on average. [...] The most complicated thing to port was the reference tests. These are the most important ones; each test loads an SVG document, renders it, and compares the result to a reference PNG image. There are some complications in the tests; they have to create a special configuration for Fontconfig and Pango, so as to have reproducible font rendering. The pango-rs bindings do not cover this part of Pango, so we had to do some things by hand.

ARM32 in Linux and Open Source Hardware Certification

  • ARM32 Page Tables

    As I continue to describe in different postings how the ARM32 start-up sequence works, it becomes necessary to explain in-depth the basic kernel concepts around page tables and how it is implemented on ARM32 platforms. To understand the paging setup, we need to repeat and extend some Linux paging lingo. Some good background is to read Mel Gormans description of the Linux page tables from his book “Understanding the Linux Virtual Memory Manager”. This book was published in 2007 and is based on Mel’s PhD thesis from 2003. Some stuff has happened in the 13 years since then, but the basics still hold. It is necessary to also understand the new layers in the page tables such as the five layers of page tables currently used in the Linux kernel. First a primer: the ARM32 architecture with a classic MMU has 2 levels of page tables and the more recent LPAE (Large Physical Address Extension) MMU has 3 levels of page tables. Only some of the ARMv7 architectures have LPAE, and it is only conditionally enabled, i.e. the machines can also use the classic MMU if they want, they have both. It is not enabled by default on the multi_v7 configuration: your machine has to explicitly turn it on during compilation. The layout is so different that the same binary image can never support both classic and LPAE MMU in the same kernel image.

  • Announcing the Open Source Hardware Certification API – Open Source Hardware Association

    Today we are excited to announce the launch of a read/write API for our Open Source Hardware Certification program. This API will make it easier to apply for certification directly from where you already document your hardware, as well as empower research, visualizations, and explorations of currently certified hardware. OSHWA’s Open Source Hardware Certification program has long been an easy way for creators and users alike to identify hardware that complies with the community definition of open source hardware. Since its creation in 2016, this free program has certified hardware from over 45 countries on every continent except Antarctica. Whenever you see the certification logo on hardware:

LibreOffice: Presentation Size Decreasing and New Presentations About LibreOffice