Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 25 Oct 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Android Leftovers Roy Schestowitz 24/10/2016 - 9:18am
Story Security News Roy Schestowitz 24/10/2016 - 9:17am
Story Microsoft Corruption, Rejections, and Struggles Roy Schestowitz 24/10/2016 - 9:02am
Story Parsix GNU/Linux 8.10 "Erik" & 8.15 "Nev" Receive Latest Debian Security Updates Roy Schestowitz 24/10/2016 - 7:55am
Story Chakra GNU/Linux Users Receive KDE Plasma 5.8.2 and KDE Apps 16.08.2, Lots More Roy Schestowitz 24/10/2016 - 7:49am
Story Linux 4.9-rc2 Roy Schestowitz 24/10/2016 - 2:00am
Story GParted Live 0.27.0-1 Disk Partitioning Live CD Out Now, Based on GParted 0.27.0 Rianne Schestowitz 23/10/2016 - 9:55pm
Story Netrunner Core 16.09 "Avalon" Is Based on Debian GNU/Linux 8, KDE Plasma 5.7.5 Rianne Schestowitz 23/10/2016 - 9:53pm
Story today's leftovers Roy Schestowitz 23/10/2016 - 4:02pm
Story Key financial blockchain technology is open sourced Roy Schestowitz 23/10/2016 - 4:01pm

today's howtos

Filed under

Leftovers: OSS and Sharing

Filed under
  • Google’s Open Source Report Card Highlights Game-Changing Contributions

    Ask people about Google’s relationship to open source, and many of them will point to Android and Chrome OS — both very successful operating systems and both based on Linux. Android, in particular, remains one of the biggest home runs in open source history. But, as Josh Simmons from Google’s Open Source Programs Office will tell you, Google also contributes a slew of useful open source tools and programs to the community each year. Now, Google has issued its very first “Open Source Report Card,” as announced by Simmons on the Google Open Source Blog.

    "We're sharing our first Open Source Report Card, highlighting our most popular projects, sharing a few statistics and detailing some of the projects we've released in 2016. We've open sourced over 20 million lines of code to date and you can find a listing of some of our best known project releases on our website," said Simmons.

  • Nino Vranešič: Open Source Advocate and Mozilla Rep in Slovenia

    “My name is Nino Vranešič and I am connecting IT and Society,” is what Nino says about himself on LinkedIn. The video is a little hard to understand in places due to language differences and (we think) a slow or low-bandwidth connection between the U.S.-based Zoom servers and Eastern Europe, a problem that crops up now and then in video conversation and VOIP phone calls with people in that part of the world, no matter what service you choose. But Vranešič is worth a little extra effort to hear, because it’s great to learn that open source is being used in lots of government agencies, not only in Slovenia but all over Europe. And aside from this, Vranešič himself is a tres cool dude who is an ardent open source volunteer (“Mozilla Rep” is an unpaid volunteer position), and I hope I have a chance to meet him F2F next time he comes to a conference in Florida — and maybe you’ll have a chance to meet him if he comes to a conference near you.

  • MySQL and database programming for beginners

    Dave Stokes has been using MySQL for more than 15 years and has served as its community manager since 2010. At All Things Open this year, he'll give a talk about database programming for newbies with MySQL.

    In this interview, he previews his talk and shares a few helpful resources, required skills, and common problems MySQL beginners run into.

  • Nadella's trust talk is just so much hot air

    Microsoft chief executive Satya Nadella appears to have an incredibly short memory. Else he would be the last person who talks about trust being the most pressing issue in tech in our times.

    Over the last year, we have been treated to a variety of cheap tricks by Microsoft, attempting to hoodwink Windows users left, right and centre in order to get them to upgrade to Windows 10. After that, talking about trust sounds odd. Very odd.

    Microsoft does not have the best reputation among tech companies. It is known for predatory practices, for being convicted as a monopolist, and in recent times has been trying to cultivate a softer image as a company that is not as rapacious as it once was.

    That has, in large measure, come about as its influence and rank in the world of computing have both slipped, with other companies like Apple, Facebook and Google coming to dominate.

  • If you wish, you may rebuild all dports to use non-base SSL library of your choice
  • DragonFlyBSD Continues LibreSSL Push, OpenSSL To Be Dropped

    DragonFlyBSD is now defaulting to LibreSSL throughout its operating system stack and is planning to completely remove OpenSSL in the near future.

    Last month DragonFlyBSD began using LibreSSL by default while that effort has continued. OpenSSL is no longer being built by default and in about one month's time the OpenSSL support will be completely stripped from the DragonFly tree.

  • Ranking the Web With Radical Transparency

    Ranking every URL on the web in a transparent and reproducible way is a core concept of the Common Search project, says Sylvain Zimmer, who will be speaking at the upcoming Apache: Big Data Europe conference in Seville, Spain.

    The web has become a critical resource for humanity, and search engines are its arbiters, Zimmer says. However, the only search engines currently available are for-profit entities, so the Common Search project is creating a nonprofit engine that is open, transparent, and independent.

    We spoke with Zimmer, who founded Jamendo, dotConferences, and Common Search, to learn more about why nonprofit search engines are important, why Apache Spark is such a great match for the job, and some of the challenges the project faces.

  • A look inside the 'blinky flashy' world of wearables and open hardware

    While looking at the this year's All Things Open event schedule, a talk on wearables and open hardware caught my eye: The world of the blinky flashy. Naturally, I dug deeper to learn what it was all about.

  • Why Perl is not use for new development , most of time use for maintenance and support projects ?

    There has been a tendency amongst some companies to play a “wait and see” attitude towards Perl, but the Perl market appears to have stabilized in the past couple of years and more companies appear to be returning to Perl. As one of our clients explained to me when I asked why they chose Perl “We’re tired of being bitten by hype.”

And More Security Leftovers

Filed under
  • The NyaDrop Trojan for Linux-running IoT Devices
  • Flaw resides in BTB helps bypass ASLR
  • Thoughts on the BTB Paper

    Though the attack might have some merits with regards to KASLR, the attack on ASLR is completely debunked. The authors of the paper didn't release any supporting code or steps for independent analysis and verification. The results, therefore, cannot be trusted until the authors fully open source their work and the work is validated by trusted and independent third parties.

  • Spreading the DDoS Disease and Selling the Cure

    Earlier this month a hacker released the source code for Mirai, a malware strain that was used to launch a historically large 620 Gbps denial-of-service attack against this site in September. That attack came in apparent retribution for a story here which directly preceded the arrest of two Israeli men for allegedly running an online attack for hire service called vDOS. Turns out, the site where the Mirai source code was leaked had some very interesting things in common with the place vDOS called home.

Blockchain and FOSS

Filed under

Ubuntu Leftovers

Filed under
  • Celebrating 12 years of Ubuntu

    Founder Mark Shuttleworth announced the first public release of Ubuntu – version 4.10, or “Warty Warthog” – on Oct. 20, 2004. The idea behind what would become the most recognizable and widely used Linux distributions ever was simple – create a Linux operating system that anybody could use. Here’s a look back at Ubuntu’s history.

  • Happy 12th Birthday, Ubuntu!

    Yup, it’s twelve years to the day since Mark Shuttleworth sat down to tap out the first Ubuntu release announcement and herald in an era of “Linux for human beings”.

  • A Slice of Ubuntu

    The de facto standard for Raspberry Pi operating systems is Raspbian–a Debian based distribution specifically for the diminutive computer. Of course, you have multiple choices and there might not be one best choice for every situation. It did catch our eye, however, that the RaspEX project released a workable Ubunutu 16.10 release for the Raspberry Pi 2 and 3.

    RaspEX is a full Linux Desktop system with LXDE (a lightweight desktop environment) and many other useful programs. Firefox, Samba, and VNC4Server are present. You can use the Ubuntu repositories to install anything else you want. The system uses kernel 4.4.21. You can see a review of a much older version of RaspEX in the video below.

  • Download Ubuntu Yakkety Yak 16.10 wallpaper

    The Yakkety Yak 16.10 is released and now you can download the new wallpaper by clicking here. It’s the latest part of the set for the Ubuntu 2016 releases following Xenial Xerus. You can read about our wallpaper visual design process here.

  • Live kernel patching from Canonical now available for Ubuntu 16.04 LTS

    We are delighted to announce the availability of a new service for Ubuntu which any user can enable on their current installations – the Canonical Livepatch Service.

    This new live kernel patching service can be used on any Ubuntu 16.04 LTS system (using the generic Linux 4.4 kernel) to minimise unplanned downtime and maintain the highest levels of security.

  • How to enable free 'Canonical Livepatch Service' for Linux kernel live-patching on Ubuntu

    Linux 4.0 introduced a wonderful feature for those that need insane up-time -- the ability to patch the kernel without rebooting the machine. While this is vital for servers, it can be beneficial to workstation users too. Believe it or not, some home users covet long up-time simply for fun -- bragging rights, and such.

    If you are an Ubuntu 16.04 LTS user (with generic Linux kernel 4.4) and you want to take advantage of this exciting feature, I have good news -- it is now conveniently available for free! Unfortunately, this all-new Canonical Livepatch Service does have a catch -- it is limited to three machines per user. Of course, home users can register as many email addresses as they want, so it is easy to get more if needed. Businesses can pay for additional machines through Ubuntu Advantage. Want to give it a go? Read on.

    "Since the release of the Linux 4.0 kernel about 18 months ago, users have been able to patch and update their kernel packages without rebooting. However, until now, no other Linux distribution has offered this feature for free to their users. That changes today with the release of the Canonical Livepatch Service", says Tom Callway, Director of Cloud Marketing, Canonical.

  • KernelCare Is Another Alternative To Canonical's Ubuntu Live Kernel Patching

    Earlier this week Canonical announced their Kernel Livepatching Service for Ubuntu 16.04 LTS users. Canonical's service is free for under three systems while another alternative for Ubuntu Linux users interested in a commercial service is CloudLinux's KernelCare.

    The folks from CloudLinux wrote in to remind us of their kernel patching solution, which they've been offering since 2014 and believe is a superior solution to Canonical's service. KernelCare isn't limited to just Ubuntu 16.04 but also works with Ubuntu 14.04 and other distributions such as CentOS/RHEL, Debian, and other enterprise Linux distributions.

More Security News (and FUD)

Filed under

Leftovers: Software

Filed under
  • Easy, Automated Benchmarking On Linux With PTS

    It's easy to run benchmarks on Linux as well as Solaris, BSD, and other operating systems, using our own Phoronix Test Suite open-source benchmarking software.

    For those that haven't had the opportunity to play with the Phoronix Test Suite for Linux benchmarking, it's really easy to get started. Aside from the official documentation, which is admittedly limited due to time/resource constraints, there are a few independent guides, Wiki pages, and other resources out there to get started.

  • LibreOffice 5.3 Alpha Tagged, New Features Inbound

    The first alpha release of the upcoming LibreOffice 5.3 open-source office suite was tagged a short time ago in Git.

    LibreOffice 5.3 is a major update to this distant fork of LibreOffice 5.3.0 is planned to be officially released in late January or early February while this week's alpha one is just the first step of the process. The hard feature freeze on 5.3 is at the end of November followed by a series of betas and release candidates. Those interested in more details on the release schedule can see this Wiki page.

  • MPV 0.21 Player Adds CUDA, Better Raspberry Pi Support

    MPV Player 0.21 is now available as the latest version of this popular fork of MPlayer/MPlayer2.

    MPV 0.21 adds support for CUDA and NVDEC (NVIDIA Decode) as an alternative to VDPAU. The NVIDIA decode support using CUDA was added to make up for VDPAU's current lack of HEVC Main 10 profile support. Those unfamiliar with NVDEC can see NVIDIA's documentation.

  • MPV 0.21.0 Media Player Adds Nvidia CUDA Support, Raspberry Pi Hardware Decoding

    Today, October 20, 2016, MPV developer Martin Herkt proudly announced the release of another maintenance update of the very popular MPV open-source and cross-platform media player software based on MPlayer.

    Looking at the release notes, which we've also attached at the end of the story for your reading pleasure, MPV 0.21.0 is a major update that adds a large amount of new features, options and commands, but also addresses dozens of bugs reported by users since the MPV 0.20.0 release, and introduces other minor enhancements.

    Among the most important new features, we can mention the ability to allow profile forward-references in the default profile, as well as support for Nvidia CUDA and cuvid/NvDecode, which appears to be a welcome addition to GNU/Linux distributions where HEVC Main 10 support is missing.

  • anytime 0.0.4: New features and fixes

    A brand-new release of anytime is now on CRAN following the three earlier releases since mid-September. anytime aims to convert anything in integer, numeric, character, factor, ordered, ... format to POSIXct (or Date) objects -- and does so without requiring a format string. See the anytime page for a few examples.

KDE Leftovers

Filed under
  • Choose Your Own Experience in Plasma 5.8 and beyond

    One of the key points of Plasma is while giving a simple default desktop experience, not limiting the user to that single, pre-packed one size fits all UI.

  • KDevelop 5.0.2 released for Windows and Linux

    Four weeks after the release of KDevelop 5.0.1, we are happy to announce the availability of KDevelop 5.0.2, a second stabilization release in the 5.0 series. We highly recommend to update to version 5.0.2 if you are currently using version 5.0.1 or 5.0.0.

  • Wayland improvements since Plasma 5.8 release

    Two weeks have passed since the Plasma 5.8 release and our Wayland efforts have seen quite some improvements. Some changes went into Plasma 5.8 as bug fixes, some changes are only available in master for the next release. With this blog post I want to highlight what we have improved since Plasma 5.8.

  • Wayland For KDE Plasma 5.9 Should Shape Up Quite Nicely

    Plasma 5.8 was only released at the beginning of October but already there has been a number of Wayland improvements queuing up for the next milestone, Plasma 5.9.

    KWin maintainer Martin Gräßlin wrote a blog post yesterday about some of the early Wayland changes coming for Plasma 5.9. Some of this early work for the next KDE Plasma 5 release includes resize-only borders, global shortcut handling, support for keyboard LEDs via libinput, relative pointer support, the color scheme syncing to the window decoration, window icon improvements, multi-screen improvements, panel imporvements, and more.

  • Autumn Sale in the Krita Shop
  • .

Linux/FOSS Events

Filed under
  • FOSDEM Desktops DevRoom 2016 all for Participation

    FOSDEM is one of the largest (5,000+ hackers!) gatherings of Free Software contributors in the world and happens each February in Brussels (Belgium, Europe).

    Once again, one of the tracks will be the Desktops DevRoom (formerly known as “CrossDesktop DevRoom”), which will host Desktop-related talks.

    We are now inviting proposals for talks about Free/Libre/Open-source Software on the topics of Desktop development, Desktop applications and interoperability amongst Desktop Environments. This is a unique opportunity to show novel ideas and developments to a wide technical audience.

  • LatinoWare

    Yesterday, Wednesday 19 oct, was the first day of LatinoWare thirteen edition hosted in the city of Foz do Iguaçu in Parana state with presence of 5155 participants and temperature of 36ºC. Currently this is the biggest event of free software in Brazil.

  • Attending a FUDcon LATAM 2016

    From my experience I will share my days at FUDcon 2016 held on Puno last week. There were 3 core days, and 2 more days to visit around.

Games for GNU/Linux

Filed under

Linux Foundation and Linux

Filed under
  • Intel Turbo Boost Max 3.0 Patches Updated For Linux 4.9

    Intel has updated its currently out-of-tree Turbo Boost Max Technology 3.0 patches for compatibility against the Linux 4.9-rc1 kernel plus made other improvements to the code.

    These patches have been worked on the past few months after Intel PR initially claimed no TBM 3.0 Linux support. The patches have gone through several public revisions but sadly didn't make it for integration into the mainline Linux 4.9 kernel.

  • Linux 4.9 Is Showing A Performance Boost On More Systems

    Earlier this week I posted some benchmarks of a Core i7 6800K Broadwell-E system seeing performance boosts under Linux 4.9 and it turns out it's looking more widespread than just affecting a niche system or two. When testing a more traditional Intel Haswell desktop, Linux 4.9 Git is seeing more wins over Linux 4.8 and 4.7 kernels.

    Following that earlier 4.9 Git benchmarking I set out to do a fairly large Linux kernel comparison on a Haswell system to go back three or so years worth of kernel releases. That big kernel comparison will be finished up and posted in the days ahead, but already from this Core i7 4790K Devil's Canyon system I am seeing some performance improvements with 4.9 Git to share over 4.7.0 and 4.8.0 stock kernels...

  • Linux Foundation Welcomes JavaScript Community

    Kris Borchers, executive director of the foundation, announced the news, saying that the JavaScript Foundation aims "to support a vast array of technologies that complement projects throughout the entire JavaScript ecosystem."

    This includes both client and server side application libraries, mobile application testing frameworks, and JavaScript engines.

    All jQuery Foundation projects will also be united within the JS Foundation including jQuery, Lodash, ESLint, Esprima, Grunt, RequireJS, jQuery UI, Globalize, Sizzle, Jed, and Dojo.

OpenStack in the Headlines

Filed under
  • Mirantis and NTT Com Double Down on OpenStack

    Mirantis continues to drive forward with new partnerships focused on the OpenStack cloud computing platform. The company and NTT Communications Corporation (NTT Com) have announced that they will partner to offer fully managed Private OpenStack as a service in NTT Com Enterprise Cloud and its data center services across the globe. NTT Com, in becoming Mirantis’ first data center services partner, says it will offer Mirantis Managed OpenStack on NTT Com Enterprise Cloud’s Metal-as-a-Service.

  • Using metrics effectively in OpenStack development

    At the OpenStack summit taking place this month in Barcelona, Ildikó Váncsa will be speaking on metrics in her talk Metrics: Friends or Enemies? She will discuss OpenStack metrics and how they can be used in software development processes, both for the individual developer and manager.

    I caught up with Ildikó before her talk to learn more about how metrics in OpenStack help guide developers and companies, and how they also drive evolution of the OpenStack community itself.

Patten: How to exorcise Windows from your old computer

Filed under

You may have heard of Linux (also known as GNU/Linux), but only as something that hackers use. It has a reputation for being unwieldy and hard. That reputation is deserved … sometimes.

But anyone can learn it. And if it’s good enough for Barbie, it should be good enough for you.

The best part: It’s free, free, free.

Linux is actually a kind of operating system, just as a mammal is a kind of animal. Linux systems are all similar or identical at the core (also known as the kernel). But they come in a lot of varieties, or distros. (Fun fact: Much of the Android operating system is based on Linux.)

The hard part about Linux isn’t learning. It’s choosing.

Read more

Also: Kodi-fying an old computer

Dirty Cow, Ubuntu @ 12, Save a Penguin

Filed under

Dirty Cow is a local privilege vulnerability that can allow one to gain root access. Specifically, "race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system." Linus signed off and pushed the patch to git a few days ago and distributions are currently updating their products. This is considered a critical bug and users are encouraged to update as soon as possible because researchers have found code in the wild to exploit it. Worse still, the exploit leaves little or no trace of being compromised. So, keep an eye on your update applets or security advisories over the next few days. Since this bug has been in existence for so long, Kees Cook had to revise his critical bug lifetime average from 3.3 to 5.2 years, while the overall average for all bugs increased only slightly.

Read more

CVE-2016-5195 Patched

Filed under
  • Linux Kernels 4.8.3, 4.7.9 & 4.4.26 LTS Out to Patch "Dirty COW" Security Flaw

    Today, October 20, 2016, Linux kernel maintainer Greg Kroah-Hartman announced three new maintenance updates for the Linux 4.8, 4.7, and 4.4 LTS kernel series, patching a major security vulnerability.

    Known as "Dirty COW," the Linux kernel vulnerability documented at CVE-2016-5195 is, in fact, a nasty bug that could have allowed local users to write to any file they can read. The worst part is that the security flaw was present in various Linux kernel builds since at least the Linux 2.6.x series, which reached end of life in February this year.

  • Canonical Patches Ancient "Dirty COW" Kernel Bug in All Supported Ubuntu OSes

    As reported earlier, three new Linux kernel maintenance releases arrived for various Linux-based operating systems, patching a critical and ancient bug popularly known as "Dirty COW."

    We already told you that the kernel vulnerability could be used by a local attacker to run programs as an administrator, and it looks like it also affects all supported Ubuntu releases, including Ubuntu 16.10 (Yakkety Yak), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), as well as all of their official or unofficial derivatives running the same kernel builds.

Mad Max Now on GNU/Linux

Filed under
  • Mad Max Open World Action-Adventure Video Game Released for Linux, SteamOS & Mac

    After teasing us earlier this month, today, October 20, 2016, Feral Interactive had the great pleasure of announcing the release of the Mad Max open world action-adventure video game for the SteamOS, Linux, and Mac platforms.

    Feral Interactive is well known for bringing AAA titles to the Linux and Mac gaming world, and after porting the Tomb Raider 2013 reboot last year to our beloved platforms, which continue to get more fans by the day, now the UK-based video games publisher delights us with the superb Mad Max title developed by Avalanche Studios and published by Warner Bros.

  • Mad Max Launches For Linux

    Feral Interactive's port of Mad Max to Linux (and macOS) is now officially out and can be found on Steam.

    Feral announced their Mad Max port at the beginning of October while today it's ready to ship. As mentioned in that original article, the Linux system requirements are fairly stiff with only listing NVIDIA hardware under Linux and the minimum being a GTX 660 while the recommendation is at least a GTX 970.

  • Mad Max Appears To Work Fine With RadeonSI Gallium3D

    This morning's release of the Mad Max game for Linux lists only NVIDIA graphics as supported, but it does turn out at least for newer AMD GPUs using the RadeonSI Gallium3D driver things should work -- well, assuming you are using the latest open-source driver code.

  • Mad Max released for Linux, port report and review available

    Mad Max is the latest Linux port from Feral Interactive, probably one of the titles I have been most excited about so hopefully it lives up to the promise.

    It has only been a few weeks since Feral Interactive released Dawn of War II, Chaos Rising and Retribution on Linux, and now we have a real whopper with Mad Max.

    Something Linux lacks is a reasonable amount of high quality open-world story-based games. We started getting a few with Borderlands 2 and Shadow of Mordor, but another top quality game like this is a must for us to keep the interest up.

Red Hat and Fedora

Filed under
Red Hat
  • Red Hat – the open source conglomerate

    As successful companies grow, they accumulate products; new ones are developed and additional ones are acquired. Managing diverse portfolios is a challenge, not least when it comes to putting it all together on a single presentation slide to make it appear there is an overall coherent product strategy.

  • Ericsson Embraces Red Hat OpenStack Platform

    Ericsson and Red Hat today announced a broad alliance to work together on network functions virtualization (NFV) products. And the telco infrastructure provider will now support the Red Hat OpenStack Platform.

    Ericsson already has a longstanding distribution partnership with Red Hat that includes Red Hat Enterprise Linux and Red Hat JBoss Middleware. The existing distribution partnerships define not only commercial terms, but also joint support models, co-engineering and certification testing, and joint go-to-market collaboration.

  • Raleigh's Red Hat teams up with Ericsson

    Open-source software firm Red Hat (NYSE: RHT) has teamed up with Ericsson (Nasdaq: ERIC) on what the companies are calling a “broad alliance” aimed at transforming the information and communications technology market.

    Red Hat, headquartered at downtown Raleigh’s Red Hat Tower, announced that its new partnership with Ericsson would allow the duo to deliver fully open-source and production-ready cloud infrastructure, spanning OpenStack, software-defined networking and software-defined infrastructure.

  • FCAIC in the House

    The job is like many other roles called “Community Manager” or “Community Lead.” That means there is a focus on metrics and experiences. One role is to try ensure smooth forward movement of the project towards its goals. Another role is to serve as a source of information and motivation. Another role is as a liaison between the project and significant downstream and sponsoring organizations.

    In Fedora, this means I help the Fedora Project Leader. I try to be the yen to his yang, the zig to his zag, or the right hand to his right elbow. In all seriousness, it means that I work on a lot of the non-engineering focused areas of the Fedora Project. While Matthew has responsibility for the project as a whole I try to think about users and contributors and be mechanics of keeping the project running smoothly.

  • keepalived: Simple HA

    We have been using keepalived in Fedora Infrastructure for a while now. It’s a pretty easy to use and simple way to do some basic HA. Keepalived can keep track of which machine is “master” for a IP address and quickly fail over and back when moving that IP address around. You can also run scripts on state change. Keepalived uses VRRP and handles updating arp tables when IP addresses move around. It also supports weighting so you can prefer one or another server to “normally” have the master IP/scripts.

  • What does Factory 2.0 mean for Modularity?

    This blog now has a drop-down category called Modularity. But, many arteries of Modularity lead into a project called Factory 2.0. These two are, in fact, pretty much inseparable. In this post, we’ll talk about the 5 problems that need to be solved before Modularity can really live.

    The origins of Factory 2.0 go back a few years, when Matthew Miller started the conversation at Flock. The first suggested names were “Fedora Rings”, “Envs and Stacks”, and Alephs.

  • varnish-5.0, varnish-modules-0.9.2 and hitch-1.4.1, packages for Fedora and EPEL

    The Varnish Cache project recently released varnish-5.0, and Varnish Software released hitch-1.4.1. I have wrapped packages for Fedora and EPEL.

    varnish-5.0 has configuration changes, so the updated package has been pushed to rawhide, but will not replace the ones currently in EPEL nor in Fedora stable. Those who need varnish-5.0 for EPEL may use my COPR repos at They include the varnish-5.0 and matching varnish-modules packages, and are compatible with EPEL 5, 6, and 7.

  • Installroot in DNF-2.0

Security News

Filed under
  • Security advisories for Thursday
  • More information about Dirty COW (aka CVE-2016-5195)

    The security hole fixed in the stable kernels released today has been dubbed Dirty COW (CVE-2016-5195) by a site devoted to the kernel privilege escalation vulnerability. There is some indication that it is being exploited in the wild. Ars Technica has some additional information. The Red Hat bugzilla entry and advisory are worth looking at as well.

  • CVE-2016-5195

    My prior post showed my research from earlier in the year at the 2016 Linux Security Summit on kernel security flaw lifetimes. Now that CVE-2016-5195 is public, here are updated graphs and statistics. Due to their rarity, the Critical bug average has now jumped from 3.3 years to 5.2 years. There aren’t many, but, as I mentioned, they still exist, whether you know about them or not. CVE-2016-5195 was sitting on everyone’s machine when I gave my LSS talk, and there are still other flaws on all our Linux machines right now. (And, I should note, this problem is not unique to Linux.) Dealing with knowing that there are always going to be bugs present requires proactive kernel self-protection (to minimize the effects of possible flaws) and vendors dedicated to updating their devices regularly and quickly (to keep the exposure window minimized once a flaw is widely known).

  • “Most serious” Linux privilege-escalation bug ever is under active exploit (updated)

    While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.

  • Linux users urged to protect against 'Dirty COW' security flaw

    Organisations and individuals have been urged to patch Linux servers immediately or risk falling victim to exploits for a Linux kernel security flaw dubbed ‘Dirty COW'.

    This follows a warning from open source software vendor Red Hat that the flaw is being exploited in the wild.

    Phil Oester, the Linux security researcher who uncovered the flaw, explained to V3 that the exploit is easy to execute and will almost certainly become more widely used.

    "The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8," he said.

  • Hackers Hit U.S. Senate GOP Committee

    The national news media has been consumed of late with reports of Russian hackers breaking into networks of the Democratic National Committee. Lest the Republicans feel left out of all the excitement, a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the Web storefront of the National Republican Senatorial Committee (NRSC).


    Dataflow markets itself as an “offshore” hosting provider with presences in Belize and The Seychelles. Dataflow has long been advertised on Russian-language cybercrime forums as an offshore haven that offers so-called “bulletproof hosting,” a phrase used to describe hosting firms that court all manner of sites that most legitimate hosting firms shun, including those that knowingly host spam and phishing sites as well as malicious software.

    De Groot published a list of the sites currently present at Dataflow. The list speaks for itself as a collection of badness, including quite a number of Russian-language sites selling synthetic drugs and stolen credit card data.

    According to De Groot, other sites that were retrofitted with the malware included e-commerce sites for the shoe maker Converse as well as the automaker Audi, although he says those sites and the NRSC’s have been scrubbed of the malicious software since his report was published.

    But De Groot said the hackers behind this scheme are continuing to find new sites to compromise.

    “Last Monday my scans found about 5,900 hacked sites,” he said. “When I did another scan two days later, I found about 340 of those had been fixed, but that another 170 were newly compromised.”

  • Thoughts on the BTB Paper

    The Branch Target Buffer (BTB) whitepaper presents some interesting information. It details potential side-channel attacks by utilizing timing attacks against the branch prediction hardware present in Intel Haswell processors. The article does not mention Intel processors later than Haswell, such as Broadwell or Skylake.

    Side-channel attacks are always interesting and fun. Indeed, the authors have stumbled into areas that need more research. Their research can be applicable in certain circumstances.

    As a side-note, KASLR in general is rather weak and can be considered a waste of time[1]. The discussion why is outside the scope of this article.

Syndicate content

More in Tux Machines

This Linux computer may be smaller than a coin, but it packs some big computing power

Whether you think they’re a novelty, sneaky powerful, or just seriously cute, microcomputers are here to stay. Find out what all the fuss is about with the versatile, ultra-adaptable VoCore 2 Linux mini computer, paired with an Ultimate Dock for just $42.99. If you’ve never experimented with a microcomputer like the VoCore 2, you may be surprised by how much you can do with this tiny open source computer and wireless router. The VoCore 2’s 580 MHz processor is ready to handle almost any coding plan, including Java, JavaScript, Python, and Ruby projects. Read more Also: Daily Deal: VoCore2 Mini Linux Computer And Ultimate Dock

Nantes: Open source cuts off recurring charges

Switching to open source means the end of the periodic recurring charges from proprietary software vendors, says Eric Ficheux, change management specialist at Nantes Métropole, France’s 6th largest city. “The total cost of ownership of LibreOffice is far lower than of its proprietary predecessor”, he says. Read more

LinuxAndUbuntu Review Of Gentoo Linux - A Linux Distro For Advanced Users

Many people think that Gentoo is just another Linux distro, but it is wrong. Gentoo Linux is a special, different and powerful Linux distribution, because it isn’t like other systems that have pre-compiled software and tools for easy management, in Gentoo the user must configure everything. Read

today's leftovers

  • Windows Btrfs Driver Updated With New Capabilities (WinBtrfs)
  • Install Laravel on Ubuntu 16.04
  • 'Tether' a very promising UE4 first-person adventure game will be coming to Linux
    It's not often a trailer leaves me begging for more, but 'Tether' [Steam Greenlight, Official Site] ticked all my boxes. The developer is using UE4 and claims the Linux builds are working as expected.
  • If you're in the mood for a decent Zombie survival game, don't pass up on Project Zomboid
    Project Zomboid [Steam, GOG, Official Site] is the rather good sandbox Zombie survival game from The Indie Stone, and it has come a long way! It doesn't have a SteamOS icon on Steam, as Valve removed it a long time ago as it (and a bunch of other games) wouldn't launch correctly on SteamOS. It works perfectly fine on a normal Linux distribution and I assure you the Linux version is still on Steam and perfectly up to date.
  • GTK+ 3.22.2 Deprecates APIs That Will Be Removed in GTK+ 4, Improves Win32 Theme
    Today, October 24, 2016, the GTK+ development team released the second stable maintenance update to the GTK+ 3.22 GUI (Graphical User Interface) toolkit for GNOME-based desktop environments. GTK+ 3.22.2 comes just two weeks after the release of GNOME 3.22.1 and in time for the upcoming GNOME 3.22.2 milestone, which will also be the last one pushed for the GNOME 3.22 series. GTK+ 3.22.2 is mostly a bugfix release, but also adds various improvements to the win32 theme and deprecates APIs (Application Programming Interface) that'll be removed in the next major branch, GTK+ 4.
  • No One Is Buying Smartwatches Anymore
    Remember how smartwatches were supposed to be the next big thing? About that... The market intelligence firm IDC reported on Monday that smartwatch shipments are down 51.6 percent year-over-year for the third quarter of 2016. This is bad news for all smartwatch vendors (except maybe Garmin), but it’s especially bad for Apple, which saw shipments drop 71.6 percent, according to the IDC report Apple is still the overall smartwatch market leader, with an estimated 41.3-percent of the market, but IDC estimates it shipped only 1.1 million Apple Watches in Q3 2016, compared with 3.9 million in 2015. To a degree, that’s to be expected, since the new Apple Watch Series 2 came out at the tail-end of the quarter. But the news is still a blow, when you consider how huge the Apple Watch hype was just 18 months ago.
  • 10 must-have Android apps for Halloween
  • What’s wrong with Git? A conceptual design analysis
    We finished up last week talking about the how to find good concepts / abstractions in a software design and what good modularization looks like. Today’s paper jumps 40+ years to look at some of those issues in a modern context and a tool that many readers of this blog will be very familiar with: Git. With many thanks to Glyn Normington for the recommendation. [...] The results of the reworking are made available in a tool called gitless, which I’ve installed on my system to try out for a few days. (Note: if you use oh-my-zsh with the git plugin then this defines an alias for gl which you’ll need to unalias). As of this paper (2013), Gitless was only just beginning as a project, but it continues to this day and tomorrow we’ll look at the 2016 paper that brings the story up to date. The kinds of concepts the authors are interested in are those which are essential to the design, to an understanding of the workings of the system, and hence will be apparent in the external interface of the system, as well as in the implementation.