Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 23 Jan 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story darktable 2.4 Open-Source RAW Image Editor Gets First Point Release Rianne Schestowitz 22/01/2018 - 5:58pm
Story openSUSE Leap 42.2 Linux Distribution Reaches End of Life on January 26, 2018 Rianne Schestowitz 22/01/2018 - 5:56pm
Story Raspberry Pi Alternatives Rianne Schestowitz 22/01/2018 - 5:55pm
Story Matrix Voice RPi add-on with 7-mic array relaunches Rianne Schestowitz 22/01/2018 - 5:49pm
Story Programming: Donald Knuth’s 80th Birthday and More Roy Schestowitz 22/01/2018 - 5:13pm
Story Android Leftovers Rianne Schestowitz 22/01/2018 - 9:55am
Story Security: Updates and Botched Updates Roy Schestowitz 22/01/2018 - 9:30am
Story OSS: 'IoT', Ellcrys, Genode OS Roy Schestowitz 22/01/2018 - 9:26am
Story Intel Graphics On Ubuntu: GNOME vs. KDE vs. Xfce vs. Unity vs. LXDE Rianne Schestowitz 22/01/2018 - 1:32am
Story Linux Kernel 4.15 Delayed Until Next Week as Linus Torvalds Announces Ninth RC Rianne Schestowitz 22/01/2018 - 1:30am

Security: Updates, SOS Fund, IR, ME, and WPA

Filed under
Security
  • Security updates for Friday
  • Seeking SOS Fund Projects

    I’m spending some time over the next few days looking for the next round of projects which might benefit from an SOS Fund security audit.

  • Strong Incident Response Starts with Careful Preparation

    Through working every day with organizations’ incident response (IR) teams, I am confronted with the entire spectrum of operational maturity. However, even in the companies with robust IR functions, the rapidly evolving threat landscape, constantly changing best practices, and surplus of available tools make it easy to overlook important steps during planning. As a result, by the time an incident occurs, it’s too late to improve their foundational procedures.

  • The Intel Management Engine: an attack on computer users' freedom

    Over time, Intel imposed the Management Engine on all Intel computers, removed the ability for computer users and manufacturers to disable it, and extended its control over the computer to nearly 100%. It even has access to the main computer's memory.

  • What Is WPA3, and When Will I Get It On My Wi-Fi?

    WPA2 is a security standard that governs what happens when you connect to a closed Wi-Fi network using a password. WPA2 defines the protocol a router and Wi-Fi client devices use to perform the “handshake” that allows them to securely connect and how they communicate. Unlike the original WPA standard, WPA2 requires implementation of strong AES encryption that is much more difficult to crack. This encryption ensures that a Wi-Fi access point (like a router) and a Wi-Fi client (like a laptop or phone) can communicate wirelessly without their traffic being snooped on.

First Impressions: Asus Tinkerboard and Docker

Filed under
Linux
Hardware

The board's standard OS is TinkerOS - a Linux variant of Debian 9. I've also read that Android is available but that doesn't interest us here. While Android may use forms of containerisation under the hood it doesn't mix with Docker containers.

Rather than trying TinkerOS I flashed Armbian's release of Ubuntu 16.04.03. The stable build on the download page contains a full desktop, but if you want to run the board headless (like I do) then you can find a smaller image on the "other downloads" link.

I initially used the stable image but had to swap to the nightly build due to a missing kernel module for Kubernetes networking. Having looked this up on Google I found the nightly build contained the fix to turn on the missing module.

Read more

PlayOnLinux For Easier Use Of Wine

Filed under
Linux

PlayOnLinux is a free program that helps to install, run, and manage Windows software on Linux. It can also manage virtual C: drives (known as Wine prefixes), and download and install certain Windows libraries for getting some software to run on Wine properly. Creating different drives using different Wine versions is also possible. It is very handy because what runs well in one version may not run as well (if at all) on a newer version. There is PlayOnMac for macOS and PlayOnBSD for FreeBSD.

Read<br />
more

Linux Kernel: KPTI, SEV, CBS

Filed under
Linux
  • Experimental KPTI Support For x86 32-bit Linux

    For the Kernel Page Table Isolation (KPTI) support currently within the Linux kernel for addressing the Meltdown CPU vulnerability it's currently limited to 64-bit on the x86 side, but for the unfortunate souls still running x86 32-bit operating systems, SUSE is working on such support.

  • AMD Secure Encrypted Virtualization Is Ready To Roll With Linux 4.16

    With the Linux 4.16 kernel cycle that is expected to begin immediately following the Linux 4.15 kernel debut on Sunday, AMD's Secure Encrypted Virtualization (SEV) technology supported by their new EPYC processors will be mainline.

    Going back to the end of 2016 have been Linux patches for Secure Encrypted Virtualization while with Linux 4.16 it will finally be part of the mainline kernel and supported with KVM (Kernel-based Virtual Machine) virtualization.

  • Deadline scheduler part 2 — details and usage

    Linux’s deadline scheduler is a global early deadline first scheduler for sporadic tasks with constrained deadlines. These terms were defined in the first part of this series. In this installment, the details of the Linux deadline scheduler and how it can be used will be examined.

    The deadline scheduler prioritizes the tasks according to the task’s job deadline: the earliest absolute deadline first. For a system with M processors, the M earliest deadline jobs will be selected to run on the M processors.

    The Linux deadline scheduler also implements the constant bandwidth server (CBS) algorithm, which is a resource-reservation protocol. CBS is used to guarantee that each task will receive its full run time during every period. At every activation of a task, the CBS replenishes the task’s run time. As the job runs, it consumes that time; if the task runs out, it will be throttled and descheduled. In this case, the task will be able to run only after the next replenishment at the beginning of the next period. Therefore, CBS is used to both guarantee each task’s CPU time based on its timing requirements and to prevent a misbehaving task from running for more than its run time and causing problems to other jobs.

Graphics: Mesa and AMDGPU

Filed under
Graphics/Benchmarks
  • Mesa 17.3.3 Released With RADV & ANV Vulkan Driver Fixes

    Mesa 17.3.3 is now available as the latest point release for the Mesa 17.3 stable series.

    This bi-weekly point release to Mesa presents several RADV Vega/GFX9 fixes, various Intel ANV Vulkan driver fixes, a DRI3 fix, and random fixes to the OpenGL drivers like RadeonSI, Etnaviv, and even Swrast.

  • R600g "Soft" FP64 Shows Signs Of Life, Enabling Older GPUs To Have OpenGL 4 In 2018

    Most pre-GCN AMD graphics cards are still limited to OpenGL 3.3 support at this time due to not supporting FP64. Only the HD 5800/6900 series on R600g currently have real double-precision floating-point support working right now so at present they are on OpenGL 4.3 rather than 3.3, but those other generations may be catching up soon thanks to the "soft" FP64 code.

  • AMDGPU DC Gets More Raven Ridge Improvements, Audio Fixes

    Harry Wentland of AMD has sent out the latest batch of patches for the AMDGPU DC display code stack. Fortunately it lightens up the DRM driver by about six thousand lines thanks to removing some unused code.

    Besides gutting out a chunk of unused code, the DC code has a few audio fixes (no word yet on supporting newer audio formats with DC), fixes on driver unload, a "bunch" of continued Raven Ridge display updates, and various other code clean-ups.

  • AMDGPU Firmware Blobs Updated For Video Encode/Decode

    There are updated AMDGPU microcode/firmware files now available for recent Radeon GPUs.

    The updated firmware files now available via the main linux-firmware.git repository are centered around the video blocks: UVD video decoding, VCE video encode, and the new VCN video encode/decode block with Raven Ridge.

Games: DRAG, Geneshift, Balloonatics and More

Filed under
Gaming

Tumbleweed Update

Filed under
SUSE
  • Tumbleweed Rolls Forward with New versions of Mesa, Squid, Xen

    This week provided a pretty healthy amount of package updates for openSUSE’s rolling distribution Tumbleweed.

    There were three snapshots released since the last blog and some of the top packages highlighted this week are from Mesa, Squid, Xen and OpenSSH.

    The Mesa update from version 17.2.6 to 17.3.2 in snapshot 20180116 provided multiple fixes in the RADV Vulkan driver and improvements of the GLSL shader cache. The Linux Kernel provides some fixes for the security vulnerabilities of Meltdown in version 4.14.13 and added a prevent buffer overrun on memory hotplug during migration for KVM with s390. The snapshot had many more package updates like openssh 7.6p1, which tightened configuration access rights. A critical fix when updating Flatpak packages live was made with the gnome-software version 3.26.4 update. File systems package btrfsprogs 4.14.1 provided cleanups and some refactoring while wireshark 2.4.4 made some fixes for dissector crashes. Xen 4.10.0_10 added a few patches. Rounding out the snapshot, ModemManager 1.6.12 fixed connection state machine when built against libqmi and blacklisted a few devices to include some Pycom devices.

  • openSUSE Tumbleweed Rolls To Mesa 17.3, Linux 4.14.13

    OpenSUSE has continued rolling in the new year with several key package updates in January.

    Exciting us a lot is that openSUSE Tumbleweed has migrated from Mesa 17.2 to now Mesa 17.3. Mesa 17.3.2 is the version currently in openSUSE's rolling-release.

Compact Quark-based embedded computer sells for $120

Filed under
Linux

Advantech’s “UBC-222” is an embedded computer that runs Yocto Linux on an Intel Quark X1000 with up to 1GB DDR3, dual 10/100 LAN ports, and a mini-PCIe socket with LTE-ready SIM slot.

Read more

Press Coverage About Wine 3.0

Filed under
Microsoft
Software
  • Windows apps on Linux: Wine 3.0 is out now with Direct3D 10, 11 support

    Wine 3.0 is now available to help you run Windows applications and games on Linux, macOS, and BSD systems.

    Wine -- or 'Wine is Not an Emulator' -- is a compatibility layer that implements the Windows API on top of Unix and Linux, to help you run Windows apps when needed.

    Currently, about 25,000 applications are compatible with Wine, with the most popular all being games, including Final Fantasy XI, Team Fortress 2, EVE, and StarCraft.

  • Wine 3.0 is here to run Windows software on your Linux box

    When people make the switch from Windows to Linux, they often experiment with Wine. If you aren’t familiar, it is a compatibility layer that can sometimes get Windows software to run on Linux and BSD. I say "sometimes" because it isn’t a flawless experience. In fact, it can be quite frustrating to use. I suggest using native Linux software as an alternative, but understandably, that isn’t always possible.

    If you depend on Wine, or want to start trying it out, I am happy to say that version 3.0 is finally available. It is quite the significant update too, as it features over 6,000 changes!

  • Have three WINEs this weekend, because WINE 3.0 has landed

    Version 3.0 of Wine Is Not an Emulator – aka WINE – has arrived, and offers all sorts of new emulation-on-Android possibilities.

    WINE lets users run Windows applications on Linux, MacOS, Solaris, and FreeBSD, plus other POSIX-compliant operating system. To do so it “translates Windows API calls into POSIX calls on-the-fly”, an arrangement its developers rate as more efficient than virtualization while “allowing you to cleanly integrate Windows applications into your desktop.”

  • Wine 3.0 Released To Run Windows Apps On Linux Efficiently — Download It Here

    Just recently, we told you that the support for Linux distros in VirtualBox is about to get a lot better with the release of Linux kernel 4.16. But, what if you wish to run Windows apps on your host Linux system? For that, Wine has got your back.

Top 6 open source desktop email clients

Filed under
OSS

Mobile and web technologies still haven't made the desktop obsolete, and despite some regular claims to the contrary, desktop clients don't seem to be going away anytime soon.

And with good reason. For many, the preference for a native application (and corresponding native performance), easy offline use, a vast array of plugins, and meeting security needs will long outweigh pressures to switch to a webmail email client. Whether you're sticking with a desktop email client because of a corporate mandate or just personal preference, there are still many great options to choose from. And just because you may be stuck on Windows doesn't mean Outlook is your only option; many open source clients are cross-platform.

Read more

The 5 Best Linux Distributions for Development

Filed under
Linux

When considering Linux, there are so many variables to take into account. What package manager do you wish to use? Do you prefer a modern or old-standard desktop interface? Is ease of use your priority? How flexible do you want your distribution? What task will the distribution serve?

It is that last question which should often be considered first. Is the distribution going to work as a desktop or a server? Will you be doing network or system audits? Or will you be developing? If you’ve spent much time considering Linux, you know that for every task there are several well-suited distributions. This certainly holds true for developers. Even though Linux, by design, is an ideal platform for developers, there are certain distributions that rise above the rest, to serve as great operating systems to serve developers.

Read more

Meltdown and Spectre Linux Kernel Status - Update

Filed under
Linux
Security

I keep getting a lot of private emails about my previous post previous post about the latest status of the Linux kernel patches to resolve both the Meltdown and Spectre issues.

These questions all seem to break down into two different categories, “What is the state of the Spectre kernel patches?”, and “Is my machine vunlerable?”

Read more

today's leftovers

Filed under
Misc

OSS: Jio, VMware Openwashing, and Testing Jobs

Filed under
OSS
  • Jio is committed to use open source technology: Akash Ambani

    Speaking at the India Digital Open Summit 2018, Akash Ambani, Director of Reliance Jio Infocomm, said that open source is very important for his company.

    “The year 2017 was the tipping point for AR and VR globally. In India, AR and VR are in the initial stages of adoption but at Jio, we believe it will grow at a 50 percent compounded rate for the next five years,” Akash said.

    He also spoke on the evolution of artificial intelligence and blockchain.

  • VMware and Pivotal’s PKS Distribution Marries Kubernetes with BOSH [Ed: It looks like the author has been reduced to Microsoft propaganda and other openwashing puff pieces sponsored by proprietary software giants. We have given up on several writers who used to support GNU/Linux. Seeing their activity, it seems as though they ended up with neither gigs nor credibility (used to get far more writing assignments from LF, often for Microsoft openwashing).]
  • Hehe, still writing code for a living? It's 2018. You could be earning x3 as a bug bounty hunter

    Ethical hacking to find security flaws appears to pay better, albeit less regularly, than general software engineering.

    And while payment remains one of the top rationales for breaking code, hackers have begun citing more civic-minded reasons for their activities.

    A survey of 1,700 bug bounty hunters from more than 195 countries and territories by security biz HackerOne, augmented by the company's data on 900 bug bounty programs, has found that white-hat hackers earn a median salary that's 2.7 times that of typical software engineers in their home countries.

    In some places, the gap is far more pronounced. In India, for example, hackers make as much as 16 times the median programmer salary. In the US, they earn 2.4 times the median.

Security: Spectre and Meltdown, Industrial System Sabotage, VDP, Windows in Healthcare

Filed under
Security
  • Some thoughts on Spectre and Meltdown

     

    Contrast that with what happened this time around. Google discovered a problem and reported it to Intel, AMD, and ARM on June 1st. Did they then go around contacting all of the operating systems which would need to work on fixes for this? Not even close. FreeBSD was notified the week before Christmas, over six months after the vulnerabilities were discovered. Now, FreeBSD can occasionally respond very quickly to security vulnerabilities, even when they arise at inconvenient times — on November 30th 2009 a vulnerability was reported at 22:12 UTC, and on December 1st I provided a patch at 01:20 UTC, barely over 3 hours later — but that was an extremely simple bug which needed only a few lines of code to fix; the Spectre and Meltdown issues are orders of magnitude more complex.  

  • Menacing Malware Shows the Dangers of Industrial System Sabotage

     

    At the S4 security conference on Thursday, researchers from the industrial control company Schneider Electric, whose equipment Triton targeted, presented deep analysis of the malware—only the third recorded cyberattack against industrial equipment. Hackers [sic] were initially able to introduce malware into the plant because of flaws in its security procedures that allowed access to some of its stations, as well as its safety control network.

  • 25 per cent of hackers don't report bugs due to lack of disclosure policies

     

    One of the standout discoveries was that almost 25 per cent of respondents said they were unable to disclose a security flaw because the bug-ridden company in question lacked a vulnerability disclosure policy (VDP).

  • 'Professional' hack [sic] on Norwegian health authority compromises data of three million patients [iophk: "Windows TCO"]

My Linux story: Coding not required

Filed under
Linux

For more than 15 years, I have earned a living working exclusively with open source products. How did I get here?

In many ways, my journey started before Linux existed. In college, I had friends who were admins in the engineering computer lab. Although I did not do too well in my CS programming classes, as a hobby and to spend time with my friends I learned about newgroups, ftp sites, and Unix systems. As a data aide student intern, I realized I made a good translator between the astronomers and the C programmer computer support staff. I could read just enough code to identify the problem, but not enough to actually fix it.

Read more

Syndicate content

More in Tux Machines

GNOME: Belated GUADEC Report, "Is GNOME Just Lazy?"

  • Alberto Ruiz: GUADEC 2017: GNOME’s Renaissance
    This is a blog post I kept as a draft right after GUADEC to reflect on it and the GNOME project but failed to finish and publish until now. Forgive any outdated information though I think the post is mostly relevant still. I’m on my train back to London from Manchester, where I just spent 7 amazing days with my fellow GNOME community members. Props to the local team for an amazing organization, everything went smoothly and people seemed extremely pleased with the setup as far as I can tell and the venues seemed to have worked extremely well. I mostly want to reflect on a feeling that I have which is that GNOME seems to be experiencing a renaissance in the energy and focus of the community as well as the broader interest from other players.
  • EzeeLinux Show 18.5 | Is GNOME Just Lazy?
    GNOME is dropping Active Desktop, Ubuntu is holding back Nautilus and I have been writing a lot of scripts.

Red Hat Hires From Microsoft; Fedora 27 Release Party at Taipei

Devices: Advantech, Tizen, F-Droid

OSS Leftovers

  • Why no more new AND successful FOSS projects in the last ten years?
     

    If you ask me, the new, successful FOSS projects should be project that fix, replace, rewrite, whatever… the really unglamorous, low-level tools, libraries and so on that would make that happen. Yes, I know that this is really unlikely to happen under current business models and until IoT everywhere, new iPhones every year and the like are perceived as higher priorities, regardless of their environmental impacts and, very often, sheer lack of sense.

  • FOSS Backstage - CfP open
    It's almost ten years ago that I attended my first ApacheCon EU in Amsterdam. I wasn't entirely new to the topic of open source or free software. I attended several talks on Apache Lucene, Apache Solr, Hadoop, Tomcat, httpd (I still remember that the most impressive stories didn't necessarily come from the project members, but from downstream users. They were the ones authorized to talk publicly about what could be done with the project - and often became committers themselves down the road.
  • Liveblogging RIT’s FOSS projects class: initial questions for community spelunking
    Stephen Jacobs (SJ) and I are co-teaching “Project in FOSS Development” at RIT this semester, which basically means “hey students, want to get course credit for contributing to a FOSS project?” The class is centered around 5 project sprints of two weeks each. The first 3 weeks of class are preparing for the sprint periods; the week before spring break is a pause to reflect on how sprints are going. Otherwise, class efforts will be centered around executing project work… (aka “getting stuff done”).
  • Design’N’Buy launches All-In-One Designer on Magento Open Source 2.2
    Design’N’Buy announces the launch of their flagship product – the AIOD on Magento Open Source Version 2.2. With the launch of web to print solution on Magento Version 2.2 , Design’N’Buy becomes first event in web to print industry to offer complete eCommerce printing solution for printers on one of the widest and latest technology platform.
  • Singapore: Blockchain startup Bluzelle raises $19.5m through ICO
    Singapore-based decentralised database provider Bluzelle has announced that its initial coin offering (ICO) has raised $19.5 million in funding, according to a press statement.
  • Blockchain Startup Bluzelle Raises $19.5M USD In ICO
    Bluzelle’ advisor list includes the likes of Brian Fox, creator of GNU Bash, Alex Leverington, one of the original Core ethereum developers, Prashant Malik, co-creator of Apache Cassandra and Ryan Fugger, the original creator of the cryptocurrency Ripple.
  • The Document Liberation project announces five new or improved libraries
    The Document Liberation Project has announced five new or improved libraries to export EPUB3 and import AbiWord, MS Publisher, PageMaker and QuarkXPress files.
  • Lawsuit accuses PACER of milking the public for cash in exchange for access
    The federally run online court document access system known as PACER now finds itself listed on a federal docket. Its overseer, the US government, is a defendant in a proposed class-action lawsuit accusing the service of overcharging the public. The suit, brought by three nonprofits on Thursday, claims millions of dollars generated from a recent 25-percent increase in page fees are being illegally spent by the Administrative Office of the Courts (AO). The cost for access is 10 cents per page and up to $3 a document. Judicial opinions are free. This isn't likely to break the bank for some, but to others it adds up and can preclude access to public records. The National Consumer Law Center, the Alliance for Justice, and the National Veterans Legal Services Program also claim in the lawsuit that these fees are illegal because the government is charging more than necessary to keep the PACER system afloat (as is required by Congress).
  • Is the Most Massive, Illegal Paywall in the World About to Come Down?
    A groundbreaking lawsuit is poised to decimate what is arguably the most unjust, destructive, and it now sounds like illegal paywall in the world, the Public Access to Court Electronic Records, PACER. PACER is the federal government court documents repository. Every federal court document, for every case, lives in PACER. It’s essentially a giant FTP document repository with a horrendous search system bolted on, not dissimilar to EDGAR. PACER was created in 1988 to enable access to court records electronically. Initially available only in courthouses the system was expanded to the web in 2001.
  • Codasip Announces Studio 7, Design and Productivity Tools for Rapid Generation of RISC-V Processors
    Codasip, the leading supplier of RISC-V® embedded processor IP, today announced that it has launched the 7th generation of its Studio, the unique IP-design and customization software that allows for fast configuration and optimization of RISCV processors, customer-proprietary processor architectures, and their accompanying software development toolchains.
  • EE4J Code Begins the Journey to Open Source
    The EE4J project, which was created to manage the Eclipse Foundation’s stewardship of Java EE technologies following Oracle’s decision to open source them, is starting to gain traction. Soon after the project was created, EclipseLink and Yasson (the official reference implementation of Java JSON Binding, JSR-367) became the first two projects to be transferred under the EE4J umbrella. As reported in December, the announcement was made that seven more projects were being proposed.