Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 20 Jan 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story SBC kit runs Linux on a quad -A53 i.MX8M SoC Rianne Schestowitz 18/01/2018 - 8:09pm
Story Fedora Makes Progress On Their New Modularity Concept Roy Schestowitz 18/01/2018 - 8:01pm
Story Games: Slay the Spire, OVIVO, Unity Roy Schestowitz 18/01/2018 - 7:59pm
Story today's leftovers Roy Schestowitz 18/01/2018 - 5:34pm
Story Google's Debian Move and Promotion of DRM Inside Linux Roy Schestowitz 18/01/2018 - 5:32pm
Story SUSE: Change of Plans and Disclosure Roy Schestowitz 18/01/2018 - 5:30pm
Story Kernel: Kernelci.org, Tripwire, Linux Foundation, R600 Gallium3D Roy Schestowitz 18/01/2018 - 5:28pm
Story OSS Leftovers Roy Schestowitz 18/01/2018 - 5:23pm
Story IBM code grandmaster: what Java does next Roy Schestowitz 18/01/2018 - 4:37pm
Story Programming/Development: Git 2.16, Node.js, Testing/Bug Hunting Roy Schestowitz 18/01/2018 - 3:40pm

Librem 5 Phone Progress Report

Filed under
GNU
Linux
Hardware
  • Librem 5 Phone Progress Report – The First of Many More to Come!

    First, let me apologize for the silence. It was not because we went into hibernation for the winter, but because we were so busy in the initial preparation and planning of a totally new product while orienting an entirely new development team. Since we are more settled into place now, we want to change this pattern of silence and provide regular updates. Purism will be giving weekly news update posts every Tuesday, rotating between progress on phone development from a technology viewpoint (the hardware, kernel, OS, etc.) and an art of design viewpoint (UI/UX from GNOME/GTK to KDE/Plasma). To kickoff this new update process, this post will discus the technological progress of the Librem 5 since November of 2017.

  • Purism Eyeing The i.MX8M For The Librem 5 Smartphone, Issues First Status Update

    If you have been curious about the state of Purism's Librem 5 smartphone project since its successful crowdfunding last year and expedited plans to begin shipping this Linux smartphone in early 2019, the company has issued their first status update.

Benchmarking Retpoline-Enabled GCC 8 With -mindirect-branch=thunk

We have looked several times already at the performance impact of Retpoline support in the Linux kernel, but what about building user-space packages with -mindirect-branch=thunk? Here is the performance cost to building some performance tests in user-space with -mindirect-branch=thunk and -mindirect-branch=thunk-inline.

Read more

An introduction to Inkscape for absolute beginners

Filed under
OSS

Inkscape is a powerful, open source desktop application for creating two-dimensional scalable vector graphics. Although it's primarily an illustration tool, Inkscape is used for a wide range of computer graphic tasks.

The variety of what can be done with Inkscape is vast and sometimes surprising. It is used to make diagrams, logos, programmatic marketing materials, web graphics, and even for paper scrapbooking. People also draw game sprites, produce banners, posters, and brochures. Others use Inkscape to draft web design mockups, detail layouts for printed circuit boards, or produce outline files to send to laser cutting equipment.

Read more

Behind the scenes with Pop!_OS Linux

Filed under
GNU
Linux
Interviews
Ubuntu

In October, Linux PC maker System76 released its homegrown version of Linux, Pop!_OS, giving users the choice between its legacy Ubuntu operating system or the new Pop!_OS flavor of Linux. Recently Opensource.com gave away a System76 laptop with Pop!_OS installed, which made me curious about the company and this new version of Linux, so I spoke with Cassidy James Blaede, Pop!_OS's user experience (UX) designer.

Blaede joined System76 in 2014, fresh out of college at the University of Northern Iowa and marriage to his wife, Katie. While in college, he co-founded the elementary OS project and interned at UX consultancy Visual Logic, both of which influenced his work for System76. He started at System76 as a front-end developer and was later promoted to UX architect.

Read more

Also: Linux Journal 2.0 Progress Report

Programming/Development: HHVM 3.24, 'DevOps', RcppMsgPack

Filed under
Development
  • HHVM 3.24

    HHVM 3.24 is released! This release contains new features, bug fixes, performance improvements, and supporting work for future improvements. Packages have been published in the usual places.

  • HHVM 3.24 Released, The Final Supporting PHP5

    The Facebook crew responsible for the HHVM project as a speedy Hack/PHP language implementation is out with its 3.24 release.

    HHVM 3.24 is important as it's the project's last release focusing on PHP5 compatibility. Moving forward, PHP5 compatibility will no longer be a focus and components of it will likely be dropped. As well, Facebook will be focusing on their Hack language rather than PHP7. Now that PHP7 is much faster than PHP5 and all around in a much better state, Facebook developers are focusing on their Hack language rather than just being an alternative PHP implementation.

  • How to get into DevOps

    I've observed a sharp uptick of developers and systems administrators interested in "getting into DevOps" within the past year or so. This pattern makes sense: In an age in which a single developer can spin up a globally distributed infrastructure for an application with a few dollars and a few API calls, the gap between development and systems administration is closer than ever. Although I've seen plenty of blog posts and articles about cool DevOps tools and thoughts to think about, I've seen fewer content on pointers and suggestions for people looking to get into this work.

  • RcppMsgPack 0.2.1

    Am update of RcppMsgPack got onto CRAN today. It contains a number of enhancements Travers had been working on, as well as one thing CRAN asked us to do in making a suggested package optional.

    MessagePack itself is an efficient binary serialization format. It lets you exchange data among multiple languages like JSON. But it is faster and smaller. Small integers are encoded into a single byte, and typical short strings require only one extra byte in addition to the strings themselves. RcppMsgPack brings both the C++ headers of MessagePack as well as clever code (in both R and C++) Travers wrote to access MsgPack-encoded objects directly from R.

Software: Clay, Inkscape, VirtualBox, Thunderbird

Filed under
Software
  • New York magazine is making its CMS available open-source

    There’s a short history of publishers fancying themselves as technology companies and building a business selling their tech to other publishers. Publishers realized that building a whole new side business around licensing their tech is a headache and that they needed to focus on what they’re good at, and leave the tech to others.

    New York magazine is trying out a different approach. It built its own content management system (publishers like to give their homegrown CMSes cute names; this one is called Clay, for the magazine’s founder Clay Felker) in 2015 and then licensed the software to the online magazine Slate. Slate started using Clay a year ago and was set to fully migrate its site to Clay this week. But instead of New York charging Slate a licensing fee, Slate is paying New York in the form of code. The CMS is open-source, and developers from both titles contribute to it.

  • An introduction to Inkscape for absolute beginners

    Inkscape is a powerful, open source desktop application for creating two-dimensional scalable vector graphics. Although it's primarily an illustration tool, Inkscape is used for a wide range of computer graphic tasks.

    The variety of what can be done with Inkscape is vast and sometimes surprising. It is used to make diagrams, logos, programmatic marketing materials, web graphics, and even for paper scrapbooking. People also draw game sprites, produce banners, posters, and brochures. Others use Inkscape to draft web design mockups, detail layouts for printed circuit boards, or produce outline files to send to laser cutting equipment.

  • Linux Support in VirtualBox is about to get a LOT Better

    VirtualBox makes it easy to try Linux distros without replacing your current operating system or engaging in a game of reboot leap frog.

    But things are about to get even easier. Soon you won’t need to install the VirtualBox Guest Additions package to get a fully integrated Linux experience with your host OS.

  • Have You Taken the Thunderbird Redesign Survey?

    Monterail and Thunderbird are now working on the same team.

    Yes, that Monterail, the Poland-based development company whose stunning Thunderbird mock-up went viral last year, before becoming a real, working Thunderbird theme.

    “We got in touch with […] the Thunderbird core team to discuss possibilities. We wanted to establish how to enhance user retention and make Thunderbird more user-friendly for potential and current users. We also learned how Thunderbird is built which helped with planning iterations,” Monterail’s Krystian Polański explains in a new blog post on the company’s website.

No More Ubuntu! Debian is the New Choice For Google’s In-house Linux Distribution

For years Google used Goobuntu, an in-house, Ubuntu-based operating system. Goobuntu is now being replaced by gLinux, which is based on Debian Testing.
Read more

Games: InnerSpace, BATTLETECH, Civilization VI, SteamOS, Unreal Engine

Filed under
Gaming
  • InnerSpace from PolyKnight Games & Aspyr Media launches with day-1 Linux support, some thoughts

    InnerSpace [Steam], an exploration flying game set in the Inverse, a world of inside-out planets without horizons is now available for Linux.

    Disclosure: Key provided by Aspyr Media.

    In InnerSpace, you are an autonomous drone named Cartographer, which was created by the Archaeologist from information left over by the Ancients. The Archaeologist requires your help to reach areas of the Inverse where they cannot go and so your journey begins.

    I will start off by recommending a gamepad for InnerSpace. While it does work with Keyboard, it doesn’t feel good at all, you will have a much better experience with a gamepad in your hands.

  • BATTLETECH will only be coming to Linux post-launch, along with other features

    The turn-based mech strategy game developed by Harebrained Schemes won’t be on Linux at launch later this year. Other features have also been cut or altered and will be making into the game post-release.

  • Civilization VI: Rise and Fall shows off overview of new features

    The upcoming expansion for Civilization VI [Official Site] will be introducing quite a few interesting changes to the game. You can see how exactly you’ll be spending just one more turn in this overview video.

  • SteamOS Beta Switches To Linux 4.14.13 For KPTI To Mitigate Meltdown

    Valve has pushed out a new SteamOS Beta build for the Debian Jessie-based "Brewmaster" series.

    SteamOS Beta 2.145 is out with its main focus on transitioning to the Linux 4.14 (v4.14.13) stable kernel.

  • Unreal Engine 4.19 Preview Rolls Out With Renderer Enhancements

    Epic Games has rolled out their public preview build of the upcoming Unreal Engine 4.19 game engine update.

    Unreal Engine 4.19 features renderer improvements, new animation and physics capabilities, VR improvements, initial support for the HTC Vive Pro, Steam Audio Beta 10 integration, Live Link plug-in improvements, and a plethora of other work.

  • Unreal Engine 4.19 Preview 1 Now Available

    Unreal Engine 4.19 will be available soon and it'll include many new exciting features and fixes. The first Preview build is now available on the Epic Games launcher for you to download. You can explore a number of new animation and physics updates, including improvements to the Live Link plugin and Sequencer performance, and signficant changes to VR resolution settings. There are also a number of quality-of-life improvements.

Servers: Containers, MapR, 'Serverless', Bonitasoft

Filed under
Server
  • Containers versus Operating Systems

    The most popular docker base container image is either busybox, or scratch. This is driven by a movement that is equal parts puritanical and pragmatic. The puritan asks “Why do I need to run init(1) just to run my process?” The pragmatist asks “Why do I need a 700 meg base image to deploy my application?” And both, seeking immutable deployment units ask “Is it a good idea that I can ssh into my container?” But let’s step back for a second and look at the history of how we got to the point where questions like this are even a thing.

    In the very beginnings, there were no operating systems. Programs ran one at a time with the whole machine at their disposal. While efficient, this created a problem for the keepers of these large and expensive machines. To maximise their investment, the time between one program finishing and another starting must be kept to an absolute minimum; hence monitor programs and batch processing was born.

  • MapR: How Next-Gen Applications Will Change the Way We Look at Data

    MapR is a Silicon Valley-based big data company. Its founders realized that data was going to become ever increasingly important, and existing technologies, including open source Apache Hadoop, fell short of being able to support things like real-time transactional operational applications. So they spent years building out core technologies that resulted in the MapR products, including the flagship Converged Data Platform, platform-agnostic software that’s designed for the multicloud environment. It can even run on embedded Edge devices.

  • 7 Open-Source Serverless Frameworks Providing Functions as a Service

    With virtualization, organizations began to realize greater utilization of physical hardware. That trend continued with the cloud, as organizations began to get their machines into a pay-as-you-go service. Cloud computing further evolved when Amazon Web Services (AWS) launched its Lambda service in 2014, introducing a new paradigm in cloud computing that has become commonly referred to as serverless computing. In the serverless model, organizations pay for functions as a service without the need to pay for an always-on stateful, virtual machine.

  • Bonitasoft Offers Open Source, Low-Code Platform on AWS Cloud

    Bonitasoft, a specialist in open source business process management and digital transformation software, is partnering with the Amazon Web Services Inc. (AWS) cloud to broaden the reach of its low-code development platform.

    That platform, just released in a new version called Bonita 7.6, comes in an open source version and a subscription version with professional support and advanced features.

Mozilla: VR, Ford Money, WebRender, Firefox Extensions Discovery, Firefox 58

Filed under
Moz/FF
  • Mozilla and Sundance Film Festival Present: VR the People

    On Monday January 22, Mozilla is bringing together a panel of the top VR industry insiders in the world to the Sundance Film Festival in Park City, Utah, to explain how VR storytelling is revolutionizing the film and entertainment industry.

    “We want the storyteller’s vision to exceed the capacity of existing technology, to push boundaries, because then the technologist is inspired to engineer new mechanisms that enable things initially thought impossible” says Kamal Sinclair, Director of New Frontier Lab Programs at Sundance Institute. “However, this is not about creating something that appeals to people simply because of its novel technical achievements; rather it is something that has real meaning, and where that meaning can be realized by engineering the technologies to deliver the best experience possible.”

  • Host an Open Internet Activist [Ed: Mozilla now in the pockets of the Ford Foundation, just like the ‘Guardian’]

    Today, we’re launching the Ford-Mozilla Open Web Fellowship call for host organizations. If your organization is devoted to a healthy internet for all users, we encourage you to apply.

  • WebRender newsletter #12
  • The User Journey for Firefox Extensions Discovery

    The ability to customize and extend Firefox are an essential part of Firefox’s value to users. Extensions are small tools that allow developers and users who install the extensions to modify, customize, and extend the functionality of Firefox. For example, during our workflows research in 2016, we interviewed a participant who was a graduate student in Milwaukee, Wisconsin. While she used Safari as her primary browser for common browsing, she used Firefox specifically for her academic work because of the extension Zotero was the best choice for keeping track of her academic work and citations.

    Popular categories of extensions include ad blockers, password managers, and video downloaders. Given the variety of extensions and the benefits to customization they offer, why is it that only 40% of Firefox users have installed at least one extension? Certainly, some portion of Firefox users may be aware of extensions but have no need or desire to install one. However, some users could find value in some extensions but simply may not be aware of the existence of extensions in the first place.

    Why not? How can Mozilla facilitate the extension discovery process?

    A fundamental assumption about the extension discovery process is that users will learn about extensions through the browser, through word of mouth, or through searching to solve a specific problem. We were interested in setting aside this assumption and to observe the steps participants take and the decisions they make in their journey toward possibly discovering extensions. To this end, the Firefox user research team ran two small qualitative studies to understand better how participants solved a particular problem in the browser that could be solved by installing an extension. Our study helped us understand how participants do — or do not — discover a specific category of extension.

  • Firefox Release, Xen, KDE's Plasma and More

    Set your calendars for January 23, 2018, to download the latest Firefox 58 release packed with performance/bottleneck and bug fixes, an even better site source code debugger and more.

Linux Microsoft Office Alternatives

Filed under
GNU
Linux
Microsoft

Despite what you may have been led to believe, there are in fact a number of solid Linux alternatives for Microsoft Office available. In fact, there are even options available with varied levels of docx support, if that is something relevant to your business.

This article will explore my recommended Microsoft Office alternatives for Linux. Some of them you've likely heard of, others may be cloud/server based options that you might not have thought much about until now.

Read more

Also: The best open source video editors 2018: free to download, edit, use and share

Security: Updates, WordPress, Hardware Patches, and Open Source Security Podcast

Filed under
Security
  • Security updates for Tuesday
  • WordPress 4.9.2 Security and Maintenance Release

    WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

    An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for most use cases, they have been removed from WordPress.

  • Debian-Based SolydXK Linux OS Receives Patch for Meltdown Security Vulnerability

    The Debian-based SolydXK Linux operating system has been updated today with patches for the Meltdown security vulnerability, as well as various other new features and improvements.

    To mitigate the Meltdown security exploit that allows a locally installed program to access the memory, including the kernel memory, and steal sensitive information like passwords and encryption keys, the SolydXK 201801 ISO images are now powered by the latest kernel release with patches against this vulnerability.

  • Chakra GNU/Linux Now Patched Against Meltdown & Spectre Security Vulnerabilities

    It's time for users of the Chakra GNU/Linux operating system to patch their systems against the Meltdown and Spectre security vulnerabilities as new kernel updates landed today in the repos.

    Publicly disclosed earlier this month, the Meltdown and Spectre security vulnerabilities are affecting us all, but OS vendors and OEMs are trying their best to mitigate them so that no user can be the victim of attacks where their sensitive data is at risk of getting in the hands of the wrong person.

  • Open Source Security Podcast: Episode 78 - Risk lessons from Hawaii

GNOME Devs to Users: Desktop Icons Are Moving to GNOME Shell with GNOME 3.28

Filed under
GNOME

There appears to be a lot of fuss lately about the removal of an option from the GNOME desktop environment that allows users to display icons on their desktops.

Long story short, last month, near the Christmas holidays, GNOME developer Carlos Soriano shared his plans on removing a so-called "the desktop" feature from the Nautilus file manager starting with the upcoming GNOME 3.28 release of the desktop environment, proposing its integration into the GNOME Shell component.

The feature is there to handle application icons on the user's workspace, but it shouldn't have been implemented in Nautilus in the first place, according to the developer. So for the GNOME devs to be able to add new features to the Nautilus file manager, they need to remove its ability to handle desktop icons and place the code somewhere else.

Read more

Red Hat News and Posts

Filed under
Red Hat

Yocto-on-i.MX6UL gateway serves up I2C and SPI on a DB9 port

Filed under
Linux
Hardware

Axiomtek’s compact “IFB125” DIN-rail IoT gateway runs Yocto Linux on an i.MX6 UL SoC with dual LANs, mini-PCIe expansion, extended temperature and vibration resistance, COM and USB ports, and a DB9 port that supports both SPI and I2C.

Axiomtek has released a minor variation on its IFB122 IoT gateway. Like the IDB122, the new IFB125 runs Yocto Project code with Linux 3.14.52 on NXP’s 528MHz Cortex-A7 based i.MX6 UltraLight (UL) SoC. The headless gateway is designed for remote control and remote monitoring management applications such as unmanned control room, industrial automation, automatic parking lot, and traffic cabinets.

Read more

Also: Display-oriented eNUC SBC runs on Apollo Lake

Linux Foundation and Verizon

Filed under
Linux
  • Verizon joins the Linux Foundation's ONAP project

    Verizon has joined the Open Network Automation Platform (ONAP) project as a Platinum member, a move that reflects the service provider's desire to drive industry harmony around network virtualization and automation.

    ONAP brings together several global carriers and vendors to build an automation and orchestration platform to transform the service delivery lifecycle for network, cable and cloud providers.

  • Verizon Joins Linux Foundation's Open Network Automation Platform Project as Platinum Member

    Verizon and The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced today that Verizon has joined the Open Network Automation Platform (ONAP) project as a Platinum member. ONAP brings together the majority of global carriers and vendors to build an automation and orchestration platform to transform the service delivery lifecycle for network, cable and cloud providers. ONAP enables nearly 60 percent of the world's mobile subscribers.

KDE Plasma's Discover Package Manager Gets Better Snap and Flatpak Support

Filed under
KDE

After sharing last week more info on the maturity of Flatpak support in KDE Plasma's Discover package manager, now Nathaniel Graham published details on some new user-facing highlights of what's done in Plasma Discover in the last week or so, and there's quite a bunch of improvements for both Snap and Flatpak universal binary formats.

For Snaps, Plasma Discover now no longer lets users click the "Install" button during the installation of Snaps, displays information on the license for Snaps, as well as the size of Snaps that aren’t installed on user's computer. For Flatpak apps, it now shows the version number if that info is defined in the AppStream file.

Read more

Syndicate content

More in Tux Machines

Security: OpenSSL, IoT, and LWN Coverage of 'Intelpocalypse'

  • Another Face to Face: Email Changes and Crypto Policy
    The OpenSSL OMC met last month for a two-day face-to-face meeting in London, and like previous F2F meetings, most of the team was present and we addressed a great many issues. This blog posts talks about some of them, and most of the others will get their own blog posts, or notices, later. Red Hat graciously hosted us for the two days, and both Red Hat and Cryptsoft covered the costs of their employees who attended. One of the overall threads of the meeting was about increasing the transparency of the project. By default, everything should be done in public. We decided to try some major changes to email and such.
  • Some Basic Rules for Securing Your IoT Stuff

    Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked [sic] IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large.

  • A look at the handling of Meltdown and Spectre
    The Meltdown/Spectre debacle has, deservedly, reached the mainstream press and, likely, most of the public that has even a remote interest in computers and security. It only took a day or so from the accelerated disclosure date of January 3—it was originally scheduled for January 9—before the bugs were making big headlines. But Spectre has been known for at least six months and Meltdown for nearly as long—at least to some in the industry. Others that were affected were completely blindsided by the announcements and have joined the scramble to mitigate these hardware bugs before they bite users. Whatever else can be said about Meltdown and Spectre, the handling (or, in truth, mishandling) of this whole incident has been a horrific failure. For those just tuning in, Meltdown and Spectre are two types of hardware bugs that affect most modern CPUs. They allow attackers to cause the CPU to do speculative execution of code, while timing memory accesses to deduce what has or has not been cached, to disclose the contents of memory. These disclosures can span various security boundaries such as between user space and the kernel or between guest operating systems running in virtual machines. For more information, see the LWN article on the flaws and the blog post by Raspberry Pi founder Eben Upton that well describes modern CPU architectures and speculative execution to explain why the Raspberry Pi is not affected.
  • Addressing Meltdown and Spectre in the kernel
    When the Meltdown and Spectre vulnerabilities were disclosed on January 3, attention quickly turned to mitigations. There was already a clear defense against Meltdown in the form of kernel page-table isolation (KPTI), but the defenses against the two Spectre variants had not been developed in public and still do not exist in the mainline kernel. Initial versions of proposed defenses have now been disclosed. The resulting picture shows what has been done to fend off Spectre-based attacks in the near future, but the situation remains chaotic, to put it lightly. First, a couple of notes with regard to Meltdown. KPTI has been merged for the 4.15 release, followed by a steady trickle of fixes that is undoubtedly not yet finished. The X86_BUG_CPU_INSECURE processor bit is being renamed to X86_BUG_CPU_MELTDOWN now that the details are public; there will be bug flags for the other two variants added in the near future. 4.9.75 and 4.4.110 have been released with their own KPTI variants. The older kernels do not have mainline KPTI, though; instead, they have a backport of the older KAISER patches that more closely matches what distributors shipped. Those backports have not fully stabilized yet either. KPTI patches for ARM are circulating, but have not yet been merged.
  • Is it time for open processors?
    The disclosure of the Meltdown and Spectre vulnerabilities has brought a new level of attention to the security bugs that can lurk at the hardware level. Massive amounts of work have gone into improving the (still poor) security of our software, but all of that is in vain if the hardware gives away the game. The CPUs that we run in our systems are highly proprietary and have been shown to contain unpleasant surprises (the Intel management engine, for example). It is thus natural to wonder whether it is time to make a move to open-source hardware, much like we have done with our software. Such a move may well be possible, and it would certainly offer some benefits, but it would be no panacea. Given the complexity of modern CPUs and the fierceness of the market in which they are sold, it might be surprising to think that they could be developed in an open manner. But there are serious initiatives working in this area; the idea of an open CPU design is not pure fantasy. A quick look around turns up several efforts; the following list is necessarily incomplete.
  • Notes from the Intelpocalypse
    Rumors of an undisclosed CPU security issue have been circulating since before LWN first covered the kernel page-table isolation patch set in November 2017. Now, finally, the information is out — and the problem is even worse than had been expected. Read on for a summary of these issues and what has to be done to respond to them in the kernel. All three disclosed vulnerabilities take advantage of the CPU's speculative execution mechanism. In a simple view, a CPU is a deterministic machine executing a set of instructions in sequence in a predictable manner. Real-world CPUs are more complex, and that complexity has opened the door to some unpleasant attacks. A CPU is typically working on the execution of multiple instructions at once, for performance reasons. Executing instructions in parallel allows the processor to keep more of its subunits busy at once, which speeds things up. But parallel execution is also driven by the slowness of access to main memory. A cache miss requiring a fetch from RAM can stall the execution of an instruction for hundreds of processor cycles, with a clear impact on performance. To minimize the amount of time it spends waiting for data, the CPU will, to the extent it can, execute instructions after the stalled one, essentially reordering the code in the program. That reordering is often invisible, but it occasionally leads to the sort of fun that caused Documentation/memory-barriers.txt to be written.

US Sanctions Against Chinese Android Phones, LWN Report on Eelo

  • A new bill would ban the US government from using Huawei and ZTE phones
    US lawmakers have long worried about the security risks posed the alleged ties between Chinese companies Huawei and ZTE and the country’s government. To that end, Texas Representative Mike Conaway introduced a bill last week called Defending U.S. Government Communications Act, which aims to ban US government agencies from using phones and equipment from the companies. Conaway’s bill would prohibit the US government from purchasing and using “telecommunications equipment and/or services,” from Huawei and ZTE. In a statement on his site, he says that technology coming from the country poses a threat to national security, and that use of this equipment “would be inviting Chinese surveillance into all aspects of our lives,” and cites US Intelligence and counterintelligence officials who say that Huawei has shared information with state leaders, and that the its business in the US is growing, representing a further security risk.
  • U.S. lawmakers urge AT&T to cut commercial ties with Huawei - sources
    U.S. lawmakers are urging AT&T Inc, the No. 2 wireless carrier, to cut commercial ties to Chinese phone maker Huawei Technologies Co Ltd and oppose plans by telecom operator China Mobile Ltd to enter the U.S. market because of national security concerns, two congressional aides said. The warning comes after the administration of U.S. President Donald Trump took a harder line on policies initiated by his predecessor Barack Obama on issues ranging from Beijing’s role in restraining North Korea to Chinese efforts to acquire U.S. strategic industries. Earlier this month, AT&T was forced to scrap a plan to offer its customers Huawei [HWT.UL] handsets after some members of Congress lobbied against the idea with federal regulators, sources told Reuters.
  • Eelo seeks to make a privacy-focused phone
    A focus on privacy is a key feature being touted by a number of different projects these days—from KDE to Tails to Nextcloud. One of the biggest privacy leaks for most people is their phone, so it is no surprise that there are projects looking to address that as well. A new entrant in that category is eelo, which is a non-profit project aimed at producing not only a phone, but also a suite of web services. All of that could potentially replace the Google or Apple mothership, which tend to collect as much personal data as possible.

today's howtos

Mozilla: Resource Hogs, Privacy Month, Firefox Census, These Weeks in Firefox

  • Firefox Quantum Eats RAM Like Chrome
    For a long time, Mozilla’s Firefox has been my web browser of choice. I have always preferred it to using Google’s Chrome, because of its simplicity and reasonable system resource (especially RAM) usage. On many Linux distributions such as Ubuntu, Linux Mint and many others, Firefox even comes installed by default. Recently, Mozilla released a new, powerful and faster version of Firefox called Quantum. And according to the developers, it’s new with a “powerful engine that’s built for rapid-fire performance, better, faster page loading that uses less computer memory.”
  • Mozilla Communities Speaker Series #PrivacyMonth
    As a part of the Privacy Month initiative, Mozilla volunteers are hosting a couple of speaker series webinars on Privacy, Security and related topics. The webinars will see renowned speakers talking to us about their work around privacy, how to take control of your digital self, some privacy-security tips and much more.
  • “Ewoks or Porgs?” and Other Important Questions
    You ever go to a party where you decide to ask people REAL questions about themselves, rather than just boring chit chat? Us, too! That’s why we’ve included questions that really hone in on the important stuff in our 2nd Annual Firefox Census.
  • These Weeks in Firefox: Issue 30