Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 21 Sep 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

  • 07/07/2019 - 5:40pm
    JamieCull
  • 04/07/2019 - 7:09pm
    ksanaj
  • 18/07/2018 - 6:58am
    arindam1989
  • 14/08/2017 - 5:04pm
    2daygeek
  • 11/07/2017 - 9:36am
    itsfoss
  • 04/05/2017 - 11:58am
    Variscite
  • 09/04/2017 - 4:47pm
    mwilmoth
  • 11/01/2017 - 12:02am
    tishacrayt
  • 11/01/2017 - 12:01am
    lashayduva
  • 10/01/2017 - 11:56pm
    neilheaney

today's leftovers: startx, podcasts. games, Debian, events, Mozilla and more

Filed under
Misc
  • The return of startx(1) for non-root users [with some caveats]

    Mark Kettenis (kettenis@) has recently committed changes which restore a certain amount of startx(1)/xinit(1) functionality for non-root users.

  • Talking to machines: Lisp and the origins of AI

    The Command Line Heroes podcast explores the invention of Lisp and the rise of thinking computers powered by open source software.

  • 09/17/2019 | Linux Headlines

    Richard Stallman resigns from the board of the Free Software Foundation and his position at MIT.

    Plus Microsoft's latest open source project, Oracle's new Linux distribution, and a release date for CentOS 8.

  • The new Steam Library Beta is officially out for you to try

    The day has finally arrived, Valve have now put out a Beta for the massive overhaul to the Steam Library so you can try it yourself. A huge amount has changed but likely some rough edges to be found since it's not quite finished. Promising though, a lot better in many ways than the old and stale interface that Steam has currently.

  • No hammer or nails needed for the Humble Builder Bundle now live

    The Humble Builder Bundle just went live with a couple of nice Linux games included, another chance to get a good deal.

  • New Debian Developers and Maintainers (July and August 2019)

    The following contributors got their Debian Developer accounts in the last two months:

    Keng-Yu Lin (kengyu)
    Judit Foglszinger (urbec)

    The following contributors were added as Debian Maintainers in the last two months:

    Hans van Kranenburg
    Scarlett Moore

    Congratulations!

  • A recap of the Linux Plumbers Conference 2019

    This year’s Linux Plumbers Conference concluded on the 11th of September 2019. This invitation-only conference for Linux top kernel developers was held in Lisbon, Portugal this year. The conference brings developers working on the plumbing of Linux – kernel subsystems, core libraries, windowing systems, etc. to think about core design problems.

    Unlike most tech conferences that generally discuss the future of the Linux operating system, the Linux Plumbers Conference has a distinct motive behind it. In an interview with ZDNet, Linus Torvalds, the Linux creator said, “The maintainer summit is really different because it doesn’t even talk about technical issues. It’s all about the process of creating and maintaining the Linux kernel.” In short, the developers attending the conference know confidential and intimate details about some of the Linux kernel subsystems, and maybe this is why the conference has the word ‘Plumbers’ in it.

  • OpenForum Academy Workshop - Exploring Modern Dimensions of Openness

    The OpenForum Academy held its second 2019 workshop in Brussels this week. OpenForum Academy is a European-based independent think tank which explains the merits of openness in computing to policy makers, industry and communities across Europe. This workshop series aims at being a forum for practitioners, academics and policy makers to collaborate on various topics of openness and freedom. It is organized by OpenForum Europe, enabling it to bridge between the abstract academic world and policy discussions at the European Commissions. We set out to explore focus topics to answer current challenges to openness that the academy will develop insights and recommendations for. These topics will shape the work of OpenForum Academy for the near future.

    The workshop was opened by a series of input presentations. One of those was on “Addressing lock-in challenges through the use of open source software projects” by Björn Lundell, a fellow of the academy and professor at the University of Skövde in Sweden. He explained for example the need for open source solutions to read and write data formats of digital assets of long-term importance.

  • Mozilla first reveals, then conceals, paid support plan for Firefox

    In return for the fee, Mozilla said on the now-absent Firefox enterprise site - still visible through the Internet Archive's Wayback Machine - customers would be able to privately report bugs via a new web portal and receive fixes on a timeline dependent on the impact and urgency of the problem. Customers would also be able to file requests for help with Firefox's installation and deployment, management policies, functionality and customization.

  • Trabant Calculator - a Data Visualization of TreeHerder Jobs Durations

    Its goal is to give a better sense on how much computations are going on in Mozilla automation. Current TreeHerder UI surfaces job durations, but only per job. To get a sense on how much we stress our automation, we have to click on each individual job and do the sum manually. This tool is doing this sum for you. Well, it also tries to rank the jobs by their durations. I would like to open minds about the possible impact on the environment we may have here. For that, I am translating these durations into something fun that doesn’t necessarily make any sense.

  • FOSSA scores $8.5 million Series A to help enterprise manage open-source licenses
  • First Digital-Only Bank in China Joins Linux Foundation

    The Linux Foundation today announced that WeBank is joining at the Gold level. It joins Alibaba, Dell, Facebook, Toyota, Uber and Verizon among other Linux Foundation members at this level.

  • First Digital-Only Bank in China Joins Linux Foundation

    WeBank is both the first privately-owned bank and the first digital-only bank in China. It was built with technology at its core and is committed to promoting innovative technologies. It recently led the transfer of the FATE (Federated AI Technology Enabler) to the Linux Foundation. FATE is a federated learning framework that fosters collaboration across companies and institutes to perform AI model training and inference in accordance with user privacy, data confidentiality and government regulations.

SUSE: Containers, IBM, Predictions and Openwashing SAP

Filed under
SUSE
  • Demystifying Containers – Part III: Container Images

    This series of blog posts and corresponding talks aims to provide you with a pragmatic view on containers from a historic perspective. Together we will discover modern cloud architectures layer by layer, which means we will start at the Linux Kernel level and end up at writing our own secure cloud native applications.

    Simple examples paired with the historic background will guide you from the beginning with a minimal Linux environment up to crafting secure containers, which fit perfectly into todays’ and futures’ orchestration world. In the end it should be much easier to understand how features within the Linux kernel, container tools, runtimes, software defined networks and orchestration software like Kubernetes are designed and how they work under the hood.

  • Announcing the new IBM LinuxONE III – Combined with SUSE for One of the Most Secure Platforms on the Planet

    Our guest blog writer is Kara Todd, Director of Linux at IBM with an exciting announcement from IBM – with SUSE Linux Enterprise playing an integral role!
    Announcing the new IBM LinuxONE III – the system you need for the most secure, flexible system to support your initiatives today, and you need that system to grow and evolve with you for tomorrow. The latest LinuxONE system was designed to support your mission-critical initiatives and allow you to be innovative as you design and scale your environment. LinuxONE III provides features for advanced data protection and privacy, enterprise resiliency and scalability, and cloud enablement and integration. These tools set the foundation to enable you to build with flexibility, deliver with confidence, and protect the future.

  • Top 10 Technology Predictions for 2019 Revisited – Here’s my Personal Performance Appraisal

    Open source continues to play a key role in all these other dominant technology trends. That’s why 82% of large organizations are more receptive to open source than they were 5 years ago, and 83% of hiring managers are looking for open source talent as a priority.

    So, how did I do overall with my predictions?

    Based on my own appraisal, I scored a creditable 9/10, and I’m feeling pretty good about that. However, I guess I wasn’t taking a huge risk. By way of full disclosure, I track all of these trends as part of my role at SUSE, and as a leading technology partner, SUSE works very closely with all its customers.

  • Introduction to SUSE Linux Enterprise is now available on openSAP

The community-led renaissance of open source

Filed under
OSS

With few commercial participants, early free software and open source communities were, by definition, community-led. Software was designed and created organically by communities of users in response to their needs and inspiration. The results, to a degree nobody predicted, were often magical.

First-generation open source businesses like Red Hat emerged to respond to these needs. They combined the best of both worlds: the flexibility and control of raw open source with the commercial support that enterprises depend on. These new open source businesses found their opportunity by adding the missing—but necessary—commercial services to community-led open source projects. These services would be costly for organizations to provide on their own and potentially even more costly to do without. One early leader of that era, Cygnus Solutions, even adopted the counter-intuitive tagline "Making free software affordable."

But back then, it was always overwhelmingly clear: The commercial vendors were in service of the community, filling in around the edges to enable commercial applications. The community was the star, and the companies were the supporting cast.

Read more

Election fraud: Is there an open source solution?

Filed under
OSS

Can open source technology help keep our elections honest? With its Trust The Vote Project, the Open Source Election Technology (OSET) Institute is working on making that a reality for elections in the United States and around the world.

The project is developing an open, adaptable, flexible, full-featured, and innovative elections technology platform called ElectOS. It will support all aspects of elections administration and voting, including creating, marking, casting, and counting ballots and managing all back-office functions. The software is freely available under an Open Source Initiative (OSI)-recognized public license for adoption, adaptation, and deployment by anyone, including elections jurisdictions directly or, more commonly, commercial vendors or systems integrators.

Read more

Meld is an excellent file and folder comparison tool for Windows and Linux

Filed under
Linux
OSS

Ever had two sets of the same files and folders and couldn't decide which one to retain? It may take a long time to actually open each to verify the one that's recent or the one you need; while dates associated with the files may help, they won't all the time as they don't tell you anything about the actual content.

This is where file comparison tools can be time-savers. Meld is an open source file comparison tool for Windows and Linux for exactly that purpose.

Read more

Did Lilu Ransomware Really Infect Linux Servers

Filed under
Linux
Server
Security

Note that the domain name of this folder has been hidden from view making it impossible for us to verify if these files were actually on a Linux server. The article goes on to note that “Lilocked doesn't encrypt system files, but only a small subset of file extensions, such as HTML, JS, CSS, PHP, INI, and various image file formats. This means infected servers continue to run normally.”

This limitation raises the obvious question of whether the core of the Linux server itself has been compromised or whether merely applications connected to the core have been hacked. There are many very insecure website building applications such as Wordpress and many insecure web mail applications such as Exim that have been repeatedly hacked over the years. Both Wordpress and Exim have suffered from dozens of major security problems that have nothing to do with the security of the Linux operating system which is at the core of all Linux servers. All of the file formats mentioned in the article are files used on Wordpress websites and files that can be transmitted via Exim email programs.

[...]

So instead of 6000 websites on 6000 servers being infected, it looks more like 6000 files on less than 1000 websites were infected. And many of these websites could have been on the same server – meaning that perhaps only a couple dozen out of the worlds 10 million Linux servers had infected files – and none of the files were actually in the core of any Linux servers.

[...]

Many of these articles were exact copies of the Zdnet article. Thus far, not a single so-called “security expert” has bothered either to look into the evidence provided much less challenge or disagree with this silly claim.

Instead, make even more extreme claims, noting that there are millions of Linux servers running outdated, un-patched and insecure versions of Exim software. This is a fact. But given how many holes have been found in the Exim software, the problem is not with the Linux servers, it is with the Exim software. In my humble opinion, the design of Exim is not secure and the design of Postfix is more secure.

The solution to this Exim problem is to demand that Cpanel support support Postfix and to ask Debian to also switch from Exim to Postfix (something Ubuntu has already done for very obvious reasons). This is the benefit of the diversity of free open source software. If one program has problems, there is quite often a more secure alternative that can be installed with just the click of a button. This is a problem that has been going on for years. But it can be fixed in a matter of minutes.

Read more

FOSS – A boon for e-governance and educational institutions

Filed under
OSS

Free and Open Source Software (FOSS) Community is By the Community, For the Community, of the Community, To the Community on No Profit No Loss Basis. Open Source Software, is and will always remain free. There is no license to pay to anybody.The central government mooted out a policy on adoption of open source software, which makes it mandatory for all software applications and services of the government be built using open source software, so that projects under Digital India “ensure efficiency, transparency and reliability of such services at affordable costs”. “Government of India shall endeavour to adopt Open Source Software in all e-Governance systems implemented by various Government organizations, as a preferred option in comparison to Closed Source Software,” said the policy statement, put on the website of the Department of Electronics and Information Technology.The Open Source Software shall have the following characteristics:- A) The source code shall be available for the community / adopter / end user to study and modify the software and to redistribute copies of either the original or modified software. Cool Source code shall be free from any royalty.

Read more

Programming: GitLab, JDK, Eclipse, pdb, Julia and More

Filed under
Development
  • GitLab Adopted by KDE to Foster Open Source Contributions

    Today GitLab, the DevOps platform delivered as a single application, announced that KDE, an international technology community that creates free and open source software for desktop and portable computing, is adopting GitLab for use by its developers to further enhance infrastructure accessibility and encourage contributions.

    KDE is a free and open source software community dedicated to creating a user-friendly computing experience. It offers an advanced graphical desktop, a wide variety of applications for communication, work, education and entertainment, and a platform for easily building new applications. Adding access to GitLab will provide the KDE community with additional options for accessible infrastructure for contributors, code review integration with git, streamlined infrastructure and tooling, and an open communication channel with the upstream GitLab community.

  • Oracle releases JDK 13 with switch expressions and text blocks preview features, and more!

    Yesterday, Oracle announced the general availability of Java SE 13 (JDK 13) and that its binaries are expected to be available for download today. In addition to improved performance, stability, and security, this release comes with two preview features, switch expressions and text blocks. This announcement coincides with the commencement of Oracle’s co-located OpenWorld and Code One conferences happening from September 16-17 2019 at San Francisco.

    Oracle’s director of Java SE Product Management, Sharat Chander, wrote in the announcement, “Oracle offers Java 13 for enterprises and developers. JDK 13 will receive a minimum of two updates, per the Oracle CPU schedule, before being followed by Oracle JDK 14, which is due out in March 2020, with early access builds already available.”

    This release is licensed under the GNU General Public License v2 with the Classpath Exception (GPLv2+CPE). For those who are using Oracle JDK release as part of an Oracle product or service, it is available under a commercial license.

  • Eclipse Che, Kubernetes-native IDE, version 7 now available

    Today, the Eclipse Foundation announced the release of Eclipse Che 7, the Kubernetes-native IDE, enabling developer teams to code, build, test, and run cloud-native applications. We are excited by this announcement and the new capabilities that this version offers the community and developers building containerized applications.

  • Python Debugging With pdb

    Nowadays, we often take for granted the excellent debuggers built into our favorite IDEs. But how do you debug your Python code when you don’t have the luxury of using an IDE?

    pdb, short for Python DeBugger, is a module for interactive source code debugging. It’s built into the Python Standard Library, so it’s always accessible to you. Because it runs in the command line, it’s especially helpful when you’re developing on remote systems.

    In this course, you’ll learn how to perform the most common debugging tasks using pdb, including setting breakpoints, stepping through code, viewing stack traces, creating watch lists, and more.

  • Happy Birthday Practical Business Python!

    On September 17th, 2014, I published my first article which means that today is the 5th birthday of Practical Business Python. Thank you to all my readers and all those that have supported me through this process! It has been a great journey and I look forward to seeing what the future holds.

    This 5 year anniversary gives me the opportunity to reflect on the blog and what will be coming next. I figured I would use this milestone to walk through a few of the stats and costs associated with running this blog for the past 5 years. This post will not be technical but I am hopeful that my readers as well as current and aspiring bloggers going down this path will find it helpful. Finally, please use the comments to let me know what content you would like to see in the future.

  • 6 Excellent Free Books to Learn Julia

    Julia is a high-level, high-performance dynamic programming language for technical computing by Alan Edelman, Stefan Karpinski, Jeff Bezanson, and Viral Shah. Julia aims to create an unprecedented combination of ease-of-use, power, and efficiency in a single language.

    It’s a homoiconic functional language focused on technical computing. While having the full power of homoiconic macros, first-class functions, and low-level control, Julia is as easy to learn and use as Python.

    Although Julia is a new language, first appearing in 2012, its roots are in Lisp, so it comes with mature features like macros and support for other metaprogramming techniques like code generation. Julia’s expressive grammar lets you write easy-to-read and easier-to-debug code, and its speed gets you through more work in less time. It’s a great choice whether you’re designing a machine learning system, crunching statistical data, or writing system utilities.

    Distinctive aspects of Julia’s design include a type system with parametric polymorphism and types in a fully dynamic programming language and multiple dispatch as its core programming paradigm. It allows concurrent, parallel and distributed computing, and direct calling of C and Fortran libraries without glue code.

  • A slack hack

Security: TrendMicro, Mozilla's Firefox Monitor and Capsule8

Filed under
Security
  • New Linux malware mines crypto after installing backdoor with secret master password [Ed: Skips the part about it having to be installed in the first place (not the fault of Linux)]

    Cybersecurity researchers have identified a new strain of Linux malware that not only mines cryptocurrency illicitly, but provides the attackers with universal access to an infected system via a “secret master password.”

    TrendMicro’s latest blog also reveals that Skidmap attempts to mask its cryptocurrency mining by faking network traffic and CPU-related statistics.

  • Linux malware masks illicit crypto mining with fake network traffic

    A new cryptocurrency mining malware targeting Linux systems has demonstrated how complex this type of malware has become. Known as Skidmap, the malware is not only harder to detect, it also gives the attackers unfiltered access to the affected system.

  • What to do after a data breach

    You saw the news alert. You got an email, either from Firefox Monitor or a company where you have an account. There’s been a security incident — a data breach. And your account has been compromised.

    Getting notified that you’ve been a victim of a data breach can be alarming. You have valid cause for concern, but there are a few steps you can take immediately to protect your account and limit the damage.

  • Capsule8 Protect Earns HIPAA Compliance Certification

Graphics: CUDA, Radeon and Vulkan

Filed under
Graphics/Benchmarks
  • HIPCL Lets CUDA Run On OpenCL+SPIR-V

    Based off AMD's GPUOpen HIP as part of their ROCm stack, researchers at Tampere University in Finland have created HIPCL as leveraging HIP as well as POCL for routing CUDA codes to run on any hardware supporting OpenCL+SPIR-V.

    HIPCL provides a path of running CUDA on top of OpenCL, permitting the OpenCL driver also supports the SPIR-V intermediate representation. The OpenCL implementation also needs to support Shared Virtual Memory (SVM) so that actually rules out using NVIDIA's own driver for taking this route in place of their actual CUDA driver. HIPCL also relies upon a patched version of the LLVM Clang compiler.

  • Radeon RADV Vulkan Driver Tackling NGG Stream-Out

    One of the areas the RadeonSI OpenGL and RADV/AMDVLK Vulkan drivers have had a challenging time promptly support with AMD Navi GPUs has been the NGG (Next-Gen Geometry) functionality but it's slowly getting worked out.

    The NGG engine support has required various fixes to the graphics drivers, Navi 14 NGG support is borked, and various other Next-Gen Geometry support issues in the Navi driver code. At least on the software side the open-source developers have continued to improve the support and today the latest improvements arrived for the Mesa RADV Vulkan driver.

  • Radeon Navi 12/14 Open-Source Driver Support Now Being Marked As "Experimental"

    In an interesting change of course, the open-source driver support for AMD Radeon Navi 12 and Navi 14 GPUs is being flagged as experimental and hidden behind a feature flag.

    Back at the start of August AMD sent out their AMDGPU Linux kernel driver support for Navi 12 along with Navi 14. That Navi 12/14 support has since been queued up for introduction in the Linux 5.4 kernel along with the new Vega-based Arcturus GPU.

  • Vulkan 1.1.123 Released With Two New Extensions

    Vulkan 1.1.123 is the latest weekly update to this high performance graphics API and it's formally introducing two more extensions.

    Besides the usual variety of documentation clarifications and corrections, there are two new Vulkan extensions with version 1.1.123.

Purism: A Privacy Based Computer Company

Filed under
GNU
Linux
Gadgets

It all started when Todd Weaver, Founder and CEO of Purism, realized Big Tech could not be trusted as moral guardians of his and his children’s data. The current paradigm of corporations data hoarding is, as Todd describes it, built on “a tech-stack of exploitation”–and not by accident, but by design. Companies such as Google and Microsoft–and especially Facebook–intentionally collect, store and share user data to whomever they see fit. In recent events, the California Consumer Privacy Act, which becomes effective on January 1, 2020, will make residents of California able to know what personal data is being collected about them, know whether their personal data is sold or disclosed and to whom, say no to the sale of personal data, access their personal data, request a business delete any personal data information about a consumer collected from that consumer and not be discriminated against for exercising their privacy rights. This sounds good, and it is, but not according to Big Tech. Big Tech such as Facebook hired a firm to run ads that said things like “Your next click could cost you $5! Say no to the California Consumer Privacy Act”. Big Tech does not care about privacy, they care about their bottom line. This is where Purism comes in.

Purism is a privacy focused company. Their devices, the Librem5, Librem13 and Librem15 run PureOS–a GNU/Linux distribution that puts privacy, security and freedom first, by design. It includes popular privacy-respecting software such as PureBrowser. The OS helps you “Surf the web safely without being tracked by advertisers or marketers” and allows you to easily encrypt your entire OS and data with your own encryption keys. This is huge, especially if you understand how much of your “private” data is actually being shared.

Read more

Benchmarks: Linux Boot Times, 16-Core HoneyComb LX2K ARM Workstation and New PTS Release

Filed under
Graphics/Benchmarks
  • A Look At The Speedy Clear Linux Boot Time Versus Ubuntu 19.10

    Given the interest last week in how Clear Linux dropped their kernel boot time from 3 seconds to 300 ms, here are some fresh boot time benchmarks of Clear Linux compared to Ubuntu 19.10 on both Intel and AMD hardware.

    The systemd-reported boot time was compared between the latest Clear Linux and Ubuntu 19.10 daily images. Ubuntu 19.10 was used for offering the bleeding-edge packages and being more in line to what is offered by the rolling-release Clear Linux. As well, Canonical has been working on some boot time improvements for Ubuntu 19.10.

  • 16-Core HoneyComb LX2K ARM Workstation Looks To Offer A Decent Performance Oomph

    When it comes to ARM-powered workstation boards there hasn't been a whole lot to get excited about with the likes of the Socionext 96Boards Developerbox being quite expensive and not yielding good performance or featureful boards compared to alternative Intel/AMD/POWER workstation/enthusiast boards. One of the more promising ARM workstation boards we have been following is the HoneyComb LX2K (formerly the "ClearFog" board) and it's looking like it could end up being a decent offering in this space.

    The HoneyComb LX2K / ClearFog is the 16-core mini-ITX workstation board we have been following since earlier this year. They have been aiming for this 16-core ARM workstation board for $500~750 USD and it looks like they will actually strike on the lower-end of that price-range.

  • Phoronix Test Suite 9.0 Released With New Result Viewer, Offline/Enterprise Benchmarking Enhancements

    Phoronix Test Suite 9.0 is now available as the latest quarterly feature release to our cross-platform, open-source automated benchmarking framework. With Phoronix Test Suite 9.0 comes a rewritten result viewer to offer more result viewing functionality previously only exposed locally via the command-line or through a Phoromatic Server (or OpenBenchmarking.org when results are uploaded), new offline/enterprise usage improvements, various hardware/software detection enhancements on different platforms, and a variety of other additions.

SDR dev kit builds on Zynq UltraScale+ RFSoC

Filed under
Linux
Hardware

Avnet has launched an “RFSoC Development Kit” that extends Xilinx’s eval kit for its Linux-powered, Zynq UltraScale+ RFSoC. The kit adds a Qorvo 2×2 Small Cell RF front-end for SDR prototyping and integrates MATLAB and Simulink.

Xilinx launched its 5G-focused Zynq UltraScale+ RFSoC variant of its Arm/FPGA hybrid Zynq UltraScale+ MPSoc last year and then announced a Gen3 update in early February. Avnet has now launched an extended version of the Linux-driven Xilinx Zynq UltraScale+ RFSoC ZCU111 Evaluation Kit that adds a Qorvo 2×2 Small Cell RF Front-end 1.8GHz Card and MATLAB support for software-defined radio (SDR) prototyping,

Read more

Also: SMARC 2.0 module runs Linux on i.MX8M Mini

PCLinuxOS 2019.09 updated installation media release

Filed under
GNU
Linux
PCLOS

The KDE versions both full and the minimalistic Darkstar contain kernel 5.2.15 plus a fully updated KDE Plasma desktop. Plasma desktop 5.16.5, Plasma Applications 19.08.1 and Plasma Frameworks 5.62.

The Mate Desktop was refreshed with kernel 5.2.15 and the applications and libraries were updated to their most recent stable versions from the previous release.

The Xfce Desktop was tweaked and now uses the Whisker menu by default. A login sound was added and the applications were updated along with some minor bug fixes.

In addition all ISOs now include the Nvidia 430.50 driver and will be used instead of the nouveau driver if your video card supports it. Hardware detection scripts were updated to provide better support for video cards that can use the Nvidia 430.50 driver. Pulseaudio has been updated to the stable 13.0 release. The Simple Update Notifier was reworked and now works for keeping you notified of system updates and the ability to update from the applet using apt-get. Small improvements were made to the Live media boot scripts. Vbox test media is also included on the installation media. This program allows you to quickly test an ISO on the fly or usbstick with various options without having to create a permanent VM in Virtualbox. Requires a valid Virtualbox installation. Thanks to the people involved for their contributions to this program.

Read more

OSGeoLive 13.0 Released, which Brings Some New Applications

Filed under
OS
GNU
Linux

Astrid Emde has announced the new release of OSGeoLive 13.0 on Sep 12, 2019.

This release has improved the Python experience a lot by adding an additional Python modules like Fiona, rasterio, cartopy, pandas, geopandas, mappyfile.

Also, added the following new applications MapCache, GeoExt, t-rex, actinia.

Many packages have been updated to the latest version.

[...]

It is featuring a large collection of open-source geospatial software and free world maps.

It provides bootable ISO-Images and Virtual Machines which allow users to try out fully-operational versions of popular Free Geospatial Software without the need to install a thing.

Read more

Security: Updates, Drama and FUD

Filed under
Security
  • Security updates for Tuesday

    Security updates have been issued by Debian (dino-im, python2.7, python3.4, and wpa), Fedora (kmplayer), openSUSE (podman and samba), Oracle (thunderbird), Red Hat (thunderbird), Slackware (expat), SUSE (curl), and Ubuntu (apache2).

  • This New Linux Malware Mines Crypto By Creating Malign Linux Modules

    As per the research, the new Linux malware mines crypto by creating malicious loadable kernel modules (LKM) to stay under the wraps. As the malware utilizes Linux kernel module rootkits, it becomes difficult to detect and patch it. This is because of its overwriting and modification of kernel parts capabilities.

  • A Critical Exim Vulnerability, Lilocked Ransomware on the Rise, but Linux Not to Blame

    In the context of these recent vulnerabilities and exploits, it is easy to label Linux and Open Source as “vulnerable” or “insecure”. However, doing so is unfair as well as incorrect. Unlike Windows and MacOS, Linux is a multi-user environment (a characteristic that the OS inherited from Unix) where users are granted specific privileges. This design prevents the compromise of one user account from impacting an entire system. In order to gain control over a Linux system, malware would have to gain root access to the system.

    Vulnerabilities exist in every system, and in terms of security vulnerabilities, Linux has a relatively clean record when compared to other popular operating systems. In the words of Linux creator Linus Torvalds, “Given enough eyeballs, all bugs are shallow”. Because of the intense review that Linux is continuously undergoing from security experts in the Open Source community, vulnerabilities are quickly identified and fixed. Because of this, as well as the way in which Linux manages privileges, relatively few viruses and worms are written to attack Linux systems. In comparison, proprietary operating systems like Microsoft Windows are easy targets for malicious coders, making them frequent victims of malware and viruses. This year, a total of 700 vulnerabilities in Microsoft Windows were disclosed, 189 of which were classified as critical.

    Exim, however, is a notoriously insecure mail server. In spite of this, it has a market share of over 57 percent, due to the fact that the MTA has been bundled with many Linux distros, including Debian and Red Hat. Thus, the frequent security bugs and exploits involving Exim affect a large number of Linux users, but are not a reflection of the inherent security of the Linux OS.

Syndicate content