Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 20 Mar 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Atom 1.25 Roy Schestowitz 19/03/2018 - 2:08am
Story Linux Mint 19 'Tara' Cinnamon will be faster Roy Schestowitz 19/03/2018 - 2:00am
Story antiX-17.1 released Roy Schestowitz 18/03/2018 - 4:22pm
Story UBports Continues Work On Moving From Ubuntu 15.04 Base To 16.04 Roy Schestowitz 18/03/2018 - 3:52pm
Story Coming Soon: Shotwell 0.28, KDE Applications 18.04 Roy Schestowitz 18/03/2018 - 2:01pm
Story Android/Google: Pixel 2, Xiaomi Kernel Source, David Kleidermacher on Security Roy Schestowitz 18/03/2018 - 1:59pm
Story If you owned a 'fat' PlayStation 3 you could be entitled to $65 from Sony because of Linux option Roy Schestowitz 18/03/2018 - 1:29pm
Story today's leftovers Roy Schestowitz 18/03/2018 - 11:15am
Story Linux 4.17 Spring Cleaning To Drop Some Old CPU Architectures and Recent Torvalds Interview Roy Schestowitz 18/03/2018 - 11:12am
Story Software: KDE, DocKnot and More Roy Schestowitz 18/03/2018 - 11:10am

Security: 17 Things

Filed under

A list for protecting yourself and others from the most common and easiest-to-pull-off security crimes.

I spend a lot of time giving information security advice, such as why RMF (Risk Management Framework) is too top-heavy for implementing risk management practices in small or R&D-focused organizations, what the right Apache SSL settings really are or how static analysis can help improve C code. What I'm asked for the most though isn't any of those things; it's the everyday stuff that even non-technical people can do to protect themselves from the looming but nebulous threat of an information security accident.

Read more

Linux Foundation unveils open source hypervisor for IoT products

Filed under

The Linux Foundation recently unveiled ACRN (pronounced "acorn"), a new open source embedded reference hypervisor project that aims to make it easier for enterprise leaders to build an Internet of Things (IoT)-specific hypervisor.

The project, further detailed in a press release, could help fast track enterprise IoT projects by giving developers a readily-available option for such an embedded hypervisor. It will also provide a reference framework for building a hypervisor that prioritizes real-time data and workload security in IoT projects, the release said.

Read more

NXP IoT platform links ARM/Linux Layerscape SoCs to cloud

Filed under

NXP’s “EdgeScale” suite of secure edge computing device management tools help deploy and manage Linux devices running on LSx QorIQ Layerscape SoCs, and connects them to cloud services.

NXP has added an EdgeScale suite of secure edge computing tools and services to its Linux-based Layerscape SDK for six of its networking oriented LSx QorIQ Layerscape SoCs. These include the quad-core, 1.6GHz Cortex-A53 QorIQ LS1043A, which last year received Ubuntu Core support, as well as the octa-core, Cortex-A72 LS2088a (see farther below).

Read more

Games Leftovers

Filed under

OSS Leftovers

Filed under
  • Univa Taps Open Source Community to Bolster Enterprise HPC

    Univa is looking to the open source community to help evolve its Navops Launch platform for enterprises migrating high-performance computing (HPC) workloads to the cloud. The open source efforts will run under the Project Tortuga banner, with access available through an Apache 2.0 license model.

    Rob LaLonde, general manager and vice president for Navops at Univa, explained that the open source plan will focus on general purpose cluster and cloud management frameworks. This includes the ability to automate the deployment of clusters in local on-premises, cloud-based, and hybrid-cloud configurations. These will be applicable to applications like HPC, big data frameworks, Kubernetes, machine learning, and deep learning environments.

  • Univa Open Sources Project Tortuga

    Univa, a leading innovator in on-premise and hybrid cloud workload management solutions for enterprise HPC customers, announced the contribution of its Navops Launch (née Unicloud) product to the open source community as Project Tortuga under an Apache 2.0 license to help proliferate the transition of enterprise HPC workloads to the cloud.

  • Univa Open Sources Project Tortuga to Accelerate the Migration of Enterprise HPC Workloads to the Cloud
  • Univa open sources Project Tortuga to boost migration of enterprise HPC workloads to the cloud
  • Google Open-Sources Impressive AI Camera Tools

    People use smartphones for lots of different reasons. Some folks like to browse the web. Some like to listen to music. Some like to spend infinite money on bad mobile games. And some people even still like to make phone calls. But one of the biggest selling points of a modern phone is the quality of its camera. Gone are the dark ages of blurry flip-phone images. Phones these days can take pictures professional enough to be screened in theaters or advertised in subway stops. And manufacturers are always looking to get an edge on the competition.

  • Why Open Source & Hardware Integration Can Work for Service Providers

Best Linux distros for small businesses in 2018

Filed under

Running a small business is no easy task. The last thing you need is extra complexity in your IT infrastructure – so why turn to Linux?

Well, it could (if you're lucky) actually turn out to be a less complex choice for many tasks, depending on the distribution you select. And, critically, Linux is free; at least if you don't figure in support costs. That's an overhead ticked off the list.

Read more

Openwashing 'Cloud'

Filed under

Red Hat and Fedora Leftovers

Filed under
Red Hat

Security: CPU Patches, PostgreSQL, Apple 'Back Door'

Filed under
  • Canonical Releases Spectre/Meltdown Patches for Ubuntu 17.10 for Raspberry Pi 2

    Canonical published two security advisories on Thursday to announce the availability of Spectre mitigations for the ARM64 (AArch64) hardware architecture on its Ubuntu 17.10 and Ubuntu 16.04.4 LTS systems.

    In January, Canonical released several kernel updates for Ubuntu 17.10 (Artful Aardvark) and other supported Ubuntu releases with software mitigations against the Spectre and Meltdown security vulnerabilities. These patches were first released for 64-bit (amd64) architectures, and then for 32-bit (i386), PPC64el, and s390x systems.

    Today, the company announced the availability of new kernel updates that address both the Meltdown and Spectre security vulnerabilities for the ARM64 (AArch64) hardware architecture, patching the Raspberry Pi 2 kernel for Ubuntu 17.10, as well as its derivatives.

  • Oracle Patches Spectre for Red Hat

    The Red Hat community has patiently awaited a retpoline kernel implementation that remediates CVE-2017-5715 (Spectre v2) and closes all Meltdown and Spectre vulnerabilities that have captured headlines this year.

    Red Hat's initial fixes rely upon microcode updates for v2 remediation, a decision that leaves the vast majority of AMD64-capable processors in an exploitable state. Intel's new microcode has proven especially problematic; it performs badly and the January 2018 versions were plagued with stability issues that crashed many systems. It is a poor solution to a pressing problem.

  • ​Meet the Scarlett Johansson PostgreSQL malware attack

    t's not the first time an image has been used to give a victim malware, but it may be the first time it's been used so narrowly. According to the security firm Imperva, their StickyDB database management system (DBMS) honeypot has uncovered an attack that places malware, which cryptomines Monero, on PostgreSQL DBMS servers. Its attack vector? An image of Hollywood star Scarlett Johansson.

    Now, you might ask, "How many PostgreSQL DBMS servers are out there on the internet to be attacked?" The answer: "More than you'd expect." A Shodan search revealed almost 710,000 PostgreSQL servers ready to be hacked. It appears there are so many of them because it's way too easy, especially on Amazon Web Services (AWS), to set up PostgreSQL servers without security.

  • This Black Box Can ‘Unlock Your iPhone’ For Cops; Images Leaked

    The debate whether law enforcement agencies should be given exclusive access to iOS-powered Apple devices started when the FBI was unable to unlock San Bernardino shooter’s iPhone. Eventually, FBI found other ways to get inside Apple’s secured digital fortress, through an Israel-based company called Cellebrite.

    In the latest news, we have come across about a new iPhone unlocking device called GrayKey that can be used by law enforcement guys to harvest passcode of an iPhone and other iOS-powered devices such as iPads and iPods.

Ubuntu Has Made its Minimal Images Even More Minimal — Just 28MB!

Filed under

The Ubuntu minimal image has been reduced in size for the upcoming Ubuntu 18.04 LTS Bionic Beaver release. Ubuntu devs have reduced the images to just 28MB.

Read more

Also: TeX Live 2018 (pretest) hits Debian/experimental

Linux Beats Windows To Become The Most Popular Development Platform: Stack Overflow Survey 2018

Filed under

Every year, Stack Overflow conducts its developer survey and shares its results with the public for analysis. Expanding its reach, this year over 100,000 developers took part in the 30-minute survey and told how they learn new technologies, which tools they use to get their work done, and what they look for while hunting some job.

Over the next few weeks, I’ll be sharing the different findings of the survey with you and telling you how it compares to the past years’ trends. Today, I’ll be telling you about the platforms that were most commonly used by the developers over the past year.

Read more

Zorin OS 12.3 Released – A Stronger, More Versatile System

Filed under

We’re excited to announce the release of Zorin OS 12.3. This version focuses on strenghtening the fundamentals of the operating system that contribute towards Zorin OS’s unique user experience: simplicity, security, and functionality.

Read more

today's leftovers

Filed under
  • Ubuntu Podcast from the UK LoCo: S11E02 – A Tale of Two Cities - Ubuntu Podcast

    This week we interview Will Cooke, Manager of the Ubuntu Desktop team, about the changes we can expect to see in Ubuntu 18.04.

  • The Latest Winevulkan Patches Make It Usable For Doom, Wolfenstein & DXVK

    Roderick Colenbrander and those working with him on "Winevulkan" to provide a clean Vulkan implementation for Wine supporting the Vulkan ICD concept, etc, rather than the old hacked together code in Wine-Staging have done a great job. With Roderick's latest Winevulkan patches, this new implementation is considered usable.

    It was just at the start of March that the initial Winevulkan support merged and since then more patch series have landed for this implementation that allows Windows programs on Wine to tap Vulkan support, permitting the host system has working Vulkan API support.

  • Samsung/Enlightenment Developers Are Busy At Work On EFL 2.0

    Cedric Bail of Samsung's Open-Source Group presented today at the Embedded Linux Conference on EFL 2.0 as part of the Enlightenment project's long-standing goal to provide a new and unified API.

    While the Enlightenment Foundation Libraries 1.x (EFL1) continues to be maintained, the developers at Samsung OSG that are part of the Enlightenment team have been busy construction EFL 2.0 and hope to show off the first of their new wares in 2018.

  • Present your images from the couch with Gwenview, MPRIS & KDE Connect

    KDE Applications 18.04 Feature Freeze is setting in. Or: reminder to do finally that feature you always wanted to implement.

  • Reflections on the GNOME 3.28 Release Video

    I just flipped the switch for the 3.28 Release Video. I’m really excited for all the new awesome features the community has landed, but I am a bit sad that I don’t have time to put more effort into the video this time around. A busy time schedule collided with technical difficulties in recording some of the apps. When I was staring at my weekly schedule Monday there didn’t seem much chance for a release video to be published at all..

  • Slackware: What all happened in March so far

    I realize I have been a wee bit silent on the blog (not counting my replies in the comments section). This was due to private issues that drained the desire for social interactions. Nevertheless there was quite a bit of activity on the Slackware packaging front.

  • Development Versions of Oracle Linux UEK now available on GitHub

    The source for UEK has always been available at, as a git repository with full git history. Starting now, we'll also be posting the UEK source on By doing so, we intend to increase the visibility for our work and to make it even easier for people to access the source for UEK. We will also use this repository for working with developers at partner companies and in the Linux community. The repository contains the source for the Unbreakable Enterprise Kernel including a small number of Oracle additions which have not yet been accepted into the mainline Linux kernel source tree.

    The Unbreakable Enterprise Kernel (UEK) is a Linux kernel built by Oracle and supported via Oracle Linux support. Its focus is performance, stability, and minimal backports by tracking the mainline source code as closely as is practical. UEK is well-tested and used to run Oracle's Engineered Systems, Oracle Cloud Infrastructure, and large enterprise deployments for Oracle customers.

  • Defining the Spectrum of Cloud Deployment Technologies

    “Cloud computing” has been a catch-all phrase over the past decade to describe anything that’s a shift away from hardware servers. However, the term has become nebulous in recent times with the growing diversity in how many different ways you can leverage the cloud.

    We’ve come far from a simplistic separation between on-premises and cloud. Today, it’s about on-premises versus a range of different cloud options. Indeed, the cloud can be a confusing place for newcomers and veterans alike, with new options cropping up every few months, and the landscape always shifting towards the newer and better.

    But how do you choose between good, better and best? Let’s compare the various cloud deployment technologies available today and find the common ground and what separates them from each other.

Software: LPlayer, GNU Automake, GStreamer, Sigal

  • LPlayer is a new, minimal audio player for Linux

    Sometimes I want listen to a couple of podcast episodes or audio tracks back-to-back, without adding them to my media library.

    PLlayer could be the minimalist audio player for Linux U’ve been looking for.

    I’m not going to spend 500 words waffling about how this app is better than Rhythmbox, Clementine or any other Linux music player.

  • GNU Automake 1.16.1 released

    We are pleased to announce the GNU Automake 1.16.1 maintenance release.

    This release follows 1.16 which was made 2 weeks ago.

  • GStreamer 1.14 Nears Release With WebRTC Support, Experimental AV1 & NVIDIA NVDEC

    Just a little more than one week past the GStreamer 1.14 RC1 release, the second and final release candidate of the upcoming GStreamer 1.14 is now available for testing.

  • Easy photo galleries with Sigal

    Sigal is a "simple static gallery generator" with a straightforward design, a nice feature set, and great themes. It was started as a toy project, but has nevertheless grown into a sizable and friendly community. After struggling with maintenance using half a dozen photo gallery projects along the way, I feel I have found a nice little gem that I am happy to share with LWN readers.

Red Hat Leftovers

Filed under
Red Hat

OSS Leftovers

Filed under

Mozilla: Mozilla Firefox 60 Plans, Firefox 59 Release and More

Filed under
  • Mozilla Firefox 60 Promises Enhanced Camera Privacy and USB Token Authentication

    While most Internet users are enjoying their brand-new Firefox 59 web browser with all of its performance improvements and new privacy features, Mozilla works hard on the next major release, Firefox 60.

  • Firefox Quantum for Enterprise Brings Control to Browser Deployments

    Mozilla is aiming to increase its browser market share with a new effort that will better enable managed deployments of the Firefox browser in enterprise environments.

    The new Firefox Quantum for Enterprise technology is part of the Firefox 60 release which reached the beta milestone on March 14 and is set to become generally available on May 9. The Firefox 60 Beta release comes a day after the Firefox 59 browser was released, providing incremental feature updates and security fixes.

  • Firefox 59 Released: Faster Page Loading, Better Graphics For macOS, New Screenshot Features
  • March Add(on)ness: Tree Style Tab (1) Vs Don’t Touch My Tabs (4)
  • Enter the Firefox Quantum Extensions Challenge

    Firefox users love using extensions to personalize their browsing experience. Now, it’s easier than ever for developers with working knowledge of JavaScript, HTML, and CSS to create extensions for Firefox using the WebExtensions API. New and improved WebExtensions APIs land with each new Firefox release, giving developers the freedom to create new features and fine-tune their extensions.

  • Building Mixed Reality spaces for the web

    One of the primary goals of our Social Mixed Reality team is to enable and accelerate access to Mixed Reality-based communication. As mentioned in our announcement blog post, we feel meeting with others around the world in Mixed Reality should be as easy as sharing a link, and creating a virtual space to spend time in should be as easy as building your first website. In this post, we wanted to share an early look at some work we are doing to help achieve the second goal, making it easy for newcomers to create compelling 3D spaces suited for meeting in Mixed Reality.

Openwashing Microsoft

Filed under
Syndicate content

More in Tux Machines

Fedora: Release Party, Fedora Diversity, Critical Firefox Fix

Microsoft Openwashing and Revisionism

  • Microsoft joins effort to cure open source license noncompliance [Ed: Pushing Microsoft lies under the false pretenses that Microsoft plays along with the GPL (it violates, smears and undermines it)]
  • Microsoft joins group working to 'cure' open-source licensing issues [Ed: Mary Jo Foley uses this initiative to whitewash Microsoft after it repeatedly violated the GPL and attacked it publicly, behind the scenes etc. And watch the image she uses: a lie.]
    It's kind of amazing that just over a decade ago, Microsoft was threatening Linux vendors by claiming free and open-source software infringed on 235 of Microsoft's patents. In 2007, Microsoft was very openly and publicly anti-GPLv3, claiming it was an attempt "to tear down the bridge between proprietary and open source technology that Microsoft has worked to build with the industry and customers."
  • Today's channel rundown - 19 March 2018
    The six have committed to extending additional rights "to cure open source license noncompliance". The announcement was made by Red Hat, which says the move will lead to greater cooperation with distributors of open source software to correct errors. In a statement, Red Hat referenced widely used open source software licenses, GNU General Public License (GPL) and GNU Lesser General Public License, which cover software projects including the Linux kernel. GPL version 3 offers distributors of the code an opportunity to correct errors and mistakes in license compliance.
  • Tails Security Update, Companies Team Up to Cure Open Source License Noncompliance, LG Expanding webOS and More
    According to a Red Hat press release this morning: "six additional companies have joined efforts to promote greater predictability in open source licensing. These marquee technology companies—CA Technologies, Cisco, HPE, Microsoft, SAP, and SUSE—have committed to extending additional rights to cure open source license noncompliance. This will lead to greater cooperation with distributors of open source software to correct errors and increased participation in open source software development."

GNOME: New Flow, GNOME 3.28, New Shotwell

  • GitLab + Flatpak – GNOME’s full flow
    In this post I will explain how GitLab, CI, Flatpak and GNOME apps come together into a (imho) dream-come-true full flow for GNOME, a proposal to be implemented by all GNOME apps.
  • GNOME 3.28 released & coming to Fedora 28
    Last week, The GNOME project announced the release of GNOME 3.28. This major release of the GNOME desktop is the default desktop environment in the upcoming release of Fedora 28 Workstation. 3.28 includes a wide range of enhancements, including updates to Files (nautilus), Contacts, Calendar, Clocks and the on-screen keyboard. Additionally, the new application Usage is added to “make it easy to diagnose and resolve performance and capacity issues”
  • Shotwell Photo Manager Just Got a Big Performance Boost
    A new version of the Shotwell photo manager and editor is available to download. Shotwell 0.28 “Braunschweig” arrives half a year later than originally planned but hasn’t shirked on improvements or bug fixes during the wait. In all some 60 bugs have been closed since the Shotwell 0.27 release last year...

Graphics: Mesa/Mali, Wayland 1.15 Beta, and Mesa 17.3.7 RC2

  • Reverse-Engineering of ARM Mali "Midgard" Now Has A Working NIR Shader Compiler
    Earlier this year work on the "Chai" open-source Mali T700 GPU driver resumed with an aim to get a working Mesa driver for this "Midgard" graphics architecture. There's still a long battle ahead, but their NIR shader compiler is beginning to work. Alyssa Rosenzweig remains the main developer working on this Chai driver effort but with using some remnants done by Luc and Connor during the Lima driver days. Her focus lately has been on assembler and shader support for this reverse-engineered driver for ARM Mali graphics.
  • Wayland 1.15 Beta Released With Weston 4.0 Beta
    The beta releases are available today of Wayland 1.15 and the Weston 4.0 reference compositor. Wayland 1.15 is another relatively modest cycle. Wayland 1.15 pulls in libwayland-egl where as before that library was part of Mesa, making some semantics of Wayland more clear in the documentation, improvements to wayland-scanner, and some minor API additions.
  • Mesa 17.3.7 RC2 Issued With Even More Patches
    Last week the release candidate of Mesa 17.3.7 was issued with more than 50 patches queued. That count grew more over the weekend resulting in an additional release candidate. Mesa point releases tend to get just one RC and a few days of testing before going gold, but on top of the 50 patches last week another handful of patches were since proposed and queued up for this increasingly large point release. The very latest patches include a RADV Vulkan driver fix by Feral Interactive, and several other RADV and Intel Vulkan fixes.