Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 23 Oct 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story 3 Tools to Help You Remember Linux Commands Roy Schestowitz 21/10/2017 - 8:54am
Story How Eclipse is advancing IoT development Roy Schestowitz 21/10/2017 - 6:48am
Story Effective Strategies for Recruiting Open Source Developers Roy Schestowitz 21/10/2017 - 6:47am
Story Fedora meets RHEL Roy Schestowitz 21/10/2017 - 6:45am
Story Servers: Containers, 'Cloud', Microservices, and Hyperledger Roy Schestowitz 21/10/2017 - 6:44am
Story Games: Steam Sale, Skirmish Line, Maia, Observer Roy Schestowitz 21/10/2017 - 6:41am
Story Canonical on Path to IPO as Ubuntu Unity Linux Desktop Gets Ditched Roy Schestowitz 21/10/2017 - 6:39am
Story More “Linux On Galaxy” Roy Schestowitz 21/10/2017 - 6:33am
Story NODE Handheld Linux Terminal Version 3 Roy Schestowitz 21/10/2017 - 6:32am
Story OSS: F-Droid, Rackspace, Oracle, CableLabs, Hacktoberfest, Mozilla, Facebook Roy Schestowitz 20/10/2017 - 10:30pm

Linux 4.13.8, 4.9.57, 4.4.93, 3.18.76 and Ubuntu Kernel Team Summary

Filed under
Linux

Security: FUD, Adobe, Cybersecurity Improvement Act, Updates and More

Filed under
Security
  • Focusing on Healthcare Open Source Security Awareness [Ed: More Flexera marketing in the form of scare-mongering]
  • Adobe patches zero-day vulnerability used to plant gov't spying software

    Adobe has patched a zero-day vulnerability used by the BlackOasis APT to plant surveillance software developed by Gamma International.

    On Monday, researchers from Kaspersky Lab revealed the new, previously unknown vulnerability, which has been actively used in the wild by advanced persistent threat (APT) group BlackOasis.

  • IoT Cybersecurity: What's Plan B?

    In August, four US Senators introduced a bill designed to improve Internet of Things (IoT) security. The IoT Cybersecurity Improvement Act of 2017 is a modest piece of legislation. It doesn't regulate the IoT market. It doesn't single out any industries for particular attention, or force any companies to do anything. It doesn't even modify the liability laws for embedded software. Companies can continue to sell IoT devices with whatever lousy security they want.

  • Security updates for Wednesday
  • Security updates for Thursday
  • Abuse of RESTEasy Default Providers in JBoss EAP

    Red Hat JBoss Enterprise Application Platform (EAP) is a commonly used host for Restful webservices. A powerful but potentially dangerous feature of Restful webservices on JBoss EAP is the ability to accept any media type. If not configured to accept only a specific media type, JBoss EAP will dynamically process the request with the default provider matching the Content-Type HTTP Header which the client specifies. Some of the default providers where found to have vulnerabilities which have now been removed from JBoss EAP and it's upstream Restful webservice project, RESTEasy.

  • “Security concerns” lead to LTE service shutdown on Chinese Apple Watches

Motorola Moto X4 Android One review: a Nexus by any other name

Filed under
Android
Reviews

That’s been a tough pill for many fans of the prior Nexus phones to swallow, as they frequently offered a lot of specs and performance for a lot less money than other smartphones. You could realistically get a great Nexus phone for under $500 without having to give up the traits that make them great: clean software, fast performance, and timely updates.

Enter Motorola’s new Moto X4 Android One smartphone. While not technically a Nexus phone, it shares many of the same qualities that made the Nexus line so loved. Clean build of Android? Check. Promise of fast updates and years of software support? Check. Reasonable cost? Check.

The $399 X4 won’t appeal to everyone. It’s not meant to compete with the Pixel or other premium phone in terms of features or performance, and its biggest limitation is that it’s only available on Google’s own Project Fi network. (Though it comes unlocked and works with other networks, the only way to buy this flavor of X4 is to be a Fi customer.) But if you’ve been holding on to that aging Nexus 5X hoping something would come along and pick up its mantle, the Moto X4 Android One version is it.

Read more

Xubuntu 17.10 Brings a Refreshed Xfce Experience and Latest Software Updates

Filed under
Ubuntu

The Xubuntu 17.10 operating system has been released today as part of the Ubuntu 17.10 (Artful Aardvark) release, bringing a refreshed Xfce desktop experience, up-to-date components, and many other improvements.

Read more

Also: Kubuntu 17.10 Switches to VLC as Default Media Player, Uses KDE Plasma 5.10.5

Ubuntu Budgie 17.10 Releases with Budgie Desktop 10.4, Night Light, and More

Filed under
Ubuntu

Ubuntu Budgie is a more recent officially recognized flavor of the popular and free Ubuntu operating system, and today it has been updated to version 17.10 as part of the Ubuntu 17.10 (Artful Aardvark) release.

Read more

BeagleBone based 3D printer focuses on ease of use

Filed under
Linux

The “Voladd 3D Printer” features a Linux-driven BeagleBone SBC that connects to a cloud-based sharing site, plus a unique cartridge and cooling system.

San Sebastián, Spain based Voladd has won Kickstarter funding for a Voladd 3D printer that runs Debian Linux on a BeagleBone Black single board computer. Like several other Linux-based printers we’ve seen (see farther below) the Voladd connects to a cloud service, and does not require an attached computer. The printer stands out with its mobile app remote control, as well as a streamlined cloud interface that lets you download one of thousands of free designs in 25 categories and share designs and printer access with others. Kickstarter pricing starts with early bird packages of 499 Euros ($591), with shipments due in December.

Read more

Ubuntu 17.10 Released! See What's New in Ubuntu 17.10

Filed under
News

Ubunt 17.10 has been released. Check out the new features in Ubuntu 17.10 and see how to upgrade to Ubuntu 17.10.

Read more

OSS: Open Source Initiative, Open Xchange, OpenOffice, MakerBot

Filed under
OSS
  • Open Source Initiative Welcomes Cumulus Networks As Premium Sponsor

    The Open Source Initiative® (OSI), the internationally recognized home of the open source software movement working to raise awareness and adoption of open source software, announced today the generous sponsorship of Cumulus Networks. Cumulus joins OSI's growing community of corporations that recognize the importance of not only investing in open source software projects and development, but also building a diverse ecosystem that promotes collaboration, enables innovation, and ensures quality.

    Cumulus Networks has a strong tradition of internally-driven development of original open source software, including most notably, contributions to the Linux kernel that complete the data center feature set for Linux such as Virtual Routing and Forwarding (VRF), MPLS, MLAG infrastructure, multicast routing features, etc. Cumulus' most recent open source effort is FRRouting, co-developed by a group of contributing companies in the open networking space, to enhance routing protocols. Cumulus Networks has also been a key driving member of the Open Network Install Environment (ONIE) with contributions to the Open Compute Project, Prescriptive Topology Manager--which simplifies the deployment of large L3 networks--and ifupdown2, a rewrite of Debian's tool for configuring networks that greatly simplifies large, complicated networking configurations.

  • Let's dig into how open source could KO the Silicon Valley chat silos

    There's never been a better opportunity for the world to start untangling itself from the giant Silicon Valley data harvesters than now. Last week, we revealed a plan to embed open-source chat into three quarters of the world's IMAP servers.

    And this may be an important development. Maybe.

    Google, Yahoo!, Apple and Microsoft handle around half the world's email, some 2.5 billion users, while open-source IMAP servers handle the rest, around 2.5-3 billion. Of these the Dovecot open-source server, part of the German business Open Xchange, is installed on 75 per cent of boxes. Quietly drop IM into the mix, and you've given the world a reason to leave WhatsApp.

  • Open source, agility powering enterprise IT

    Looking back over the past decade, history has certainly demonstrated that trying to predict the pace and nature of technology development is a near impossible task, writes Quentin Barnard, lead architect at redPanda Software.
    While analysts, business leaders and policymakers have certainly made wise predictions, businesses and individuals have to remain agile, responsive and open-minded to a wide possibility of outcomes and developments. It is also helpful, however, to reflect on key trends that have emerged in recent times — and to use this information to prepare for the years ahead.
    For software developers and development houses, several prominent themes emerged in 2017.

  • The Apache Software Foundation Announces Five Years of Apache® OpenOffice™ as a Top-Level Project

    The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the five-year anniversary of Apache® OpenOfficeTM, the leading Open Source office document productivity suite.

  • MakerBot Labs: new experimental 3D printing platform is MakerBot's olive branch to open source community

    New York 3D printing company MakerBot has launched MakerBot Labs, an experimental platform with open APIs, custom print modes, and an online resource-sharing site. The platform purportedly allows users to “push the limits” of 3D printing.

  • MakerBot attempts to embrace the open-source community with its new Labs platform

    The topic of open source has been a touchy one for MakerBot over the past decade. The one-time 3D-printing darling was the subject of some serious smack talk among the maker community when it stopped disclosing machine design in 2012 — a departure from the company’s roots as in the open-source Rep-Rap community.

    Announced this week, MakerBot Labs doesn’t mark a full return to those roots, but it does find the company carving out a niche for the DIY community that was once a driving force in its rapid growth.

    “I understand the history,” CEO Nadav Goshen told TechCrunch during a phone call this week, “This is one step in the direction. It’s a step to understand that there are limitations to openness. Openness for us doesn’t mean we have to compromise on quality or ease of use. We’re trying to take responsibility for both.”

More on Samsung DeX and Bixby

Filed under
GNU
Linux

Security: WPA2, Smartwatches, Google, NSA, Microsoft and Flexera FUD

Filed under
Security
  • WPA2 flaw's worst impact on Android, Linux devices

    The flaw in the WPA2 wireless protocol revealed recently has a critical impact on Android phones running version 6.0 of the mobile operating system and Linux devices, a security researcher says.

  • Why the Krack Wi-Fi Mess Will Take Decades to Clean Up

    But given the millions of routers and other IoT devices that will likely never see a fix, the true cost of Krack could play out for years.

  • 'All wifi networks' are vulnerable to hacking, security expert discovers

    WPA2 protocol used by vast majority of wifi connections has been broken by Belgian researchers, highlighting potential for internet traffic to be exposed

  • Kids' smartwatches can be 'easily' hacked, says watchdog

    Smartwatches bought for children who do not necessarily need them can be hacked [sic], according to a warning out of Norway and its local Consumer Council (NCC).

  • John Lewis pulls children's smartwatch from sale over spying fears

    The Norwegian Consumer Council (NCC) revealed that several brands of children’s smartwatch, have such poor security controls that hackers [sic] could easily follow their movements and eavesdrop on conversations.

  • Google's 'Advanced Protection' Locks Down Accounts Like Never Before

    Google hasn't shared the details of what that process entails. But the CDT's Hall, whom Google briefed on the details, says it will include a "cooling-off" period that will lock the account for a period of time while the user proves his or her identity via several other factors. That slowed-down, intensive check is designed to make the account-recovery process a far less appealing backdoor into victims' data.

  • NSA won't say if it knew about KRACK, but don't look to this leaked doc for answers

    Given how involved the NSA has been with remote and local exploitation of networks, systems, devices, and even individuals, many put two and two together and assumed the worst.

    What compounded the matter was that some were pointing to a 2010-dated top secret NSA document leaked by whistleblower Edward Snowden, which detailed a hacking tool called BADDECISION, an "802.11 CNE tool" -- essentially an exploit designed to target wireless networks by using a man-in-the-middle attack within range of the network. It then uses a frame injection technique to redirect targets to one of the NSA's own servers, which acts as a "matchmaker" to supply the best malware for the target device to ensure it's compromised for the long-term. The slide said the hacking tool "works for WPA/WPA2," suggesting that BADDECISION could bypass the encryption.

    Cue the conspiracy theories. No wonder some thought the hacking tool was an early NSA-only version of KRACK.

  • You're doing open source wrong, Microsoft tsk-tsk-tsks at Google: Chrome security fixes made public too early [Ed: Says the company that gives back doors to the NSA and attacks FOSS with patents, lobbying etc.]
  • Why Open Source Security Matters for Healthcare Orgs [Ed: marketing slant for firms that spread FUD]

    Open source software can help healthcare organizations remain flexible as they adopt new IT solutions, but if entities lack open source security measures it can lead to larger cybersecurity issues. A recent survey found that organizations in numerous industries might not be paying enough attention to potential open source risk factors.

    Half of all code used in commercial and Internet of Things (IoT) software products is open source, but only 37 percent of organizations have an open source acquisition or usage policy, according to a recent Flexera report.

    More than 400 commercial software suppliers and in-house software development teams were interviewed, with respondent roles including software developers, DevOps, IT, engineering, legal, and security.

Games: JASEM, openage, Riskers, Rise to Ruins, Slime Rancher

Filed under
Gaming

The most promising linux distributions in 2017

Filed under
GNU
Linux

Linux distributions have already gained recognition of its users and with every year new products appear in the market. Many of them focus on the certain tasks, so you can’t create a single list of the best ones. Here we have chosen several fields of Linux use and those distributions that have all chances to take the initial positions in their niche in 2017.

Read more

Ubuntu 17.10 (Artful Aardvark) released

Filed under
Ubuntu

Codenamed "Artful Aardvark", Ubuntu 17.10 continues Ubuntu's proud
tradition of integrating the latest and greatest open source technology
into a high-quality, easy-to-use Linux distribution. As always, the
team has been hard at work through this cycle, introducing new features
and fixing bugs.

Under the hood, there have been updates to many core packages, including
a new 4.13-based kernel, glibc 2.26, gcc 7.2, and much more.

Ubuntu Desktop has had a major overhaul, with the switch from Unity as
our default desktop to GNOME3 and gnome-shell. Along with that, there
are the usual incremental improvements, with newer versions of GTK and
Qt, and updates to major packages like Firefox and LibreOffice.

Read more

Also: Ubuntu 17.10 Debuts Officially with GNOME 3.26 on Top of Wayland, Linux 4.13

How to: Upgrade Ubuntu 17.04 to Ubuntu 17.10

Ubuntu 17.10 ISOs Officially Released

10 Things To Do After Installing Ubuntu 17.10

Ubuntu 17.10 Now Available to Download, This Is What’s New

How to Enable Night Light on Ubuntu 17.10

Ubuntu 17.10 Artful Aardvark Released With New Features — Download Torrents And ISO Files Here

Ubuntu Flavors, Including Ubuntu MATE 17.10, Are Available to Download

Ubuntu 17.10 'Artful Aardvark' ditches Unity for Gnome

Top 7 open source terminal emulators for Linux

Filed under
Linux
OSS

Are you a system administrator, Linux power user, or someone who just spends a lot of time at the command line? Chances are your choice of terminal emulator says something about you. Do you prefer something lightweight? Full of features and customizable options? Or do you just use the default that ships with your distribution?

If you're not familiar with terminal emulator clients, essentially they are graphical applications that give you shell access to your machine. By using a text-mode interface to your computer, you can unleash the true power of Linux and the many applications that provide fast, efficient, and customizable control over its every function, not to mention many utilities that system administrators and developers rely on for their day-to-day work. To get to the shell from your system's graphical interface, you need a terminal emulator.

Read more

NVIDIA ups Competition Using Open Source Collaboration

Filed under
OSS

Let’s imagine that you are a company with a very successful if nuanced product. Graphics accelerator chips, for example.

Hypothetically speaking, imagine that you find an interesting use for your chip in a rising market defined by a burgeoning technology. If you need an example, just use deep learning AI software.

Now, let’s say this proves to be a massive windfall for your company, raising its stock prices tenfold in just three short years.

What do you do with this fortunate turn of events?

Do you start designing your own AI chips based on your original design and remain one of the top competitors in this new market, or do you go open source and give your chip architecture designs to the public?

Read more

Ubuntu 17.10 (Artful Aardvark) Is Now Available to Download

Filed under
Ubuntu

While there's no official announcement published at the moment of writing, Canonical released the final ISO images of the Ubuntu 17.10 (Artful Aardvark) operating systems and its derivatives.

Read more

Also: Ubuntu 17.10 Ships Today - Arguably Its Most Interesting Release In Years

Security: WPA2, RSA/TPM, and Microsoft Breach

Filed under
Security
  • Google and Apple yet to fix Wi-Fi hole in a billion devices

    The WPA2 security protocol has been a mandatory requirement for all devices using the Wi-Fi protocol since 2006, which translates into billions of laptops, mobiles and routers. The weakness identified by Mathy Vanhoef, a digital security researcher at the Catholic University of Leuven (KUL) in Belgium, lies in the way devices running WPA2 encrypt information.

  • The Flawed System Behind the Krack Wi-Fi Meltdown

    No software is perfect. Bugs are inevitable now and then. But experts say that software standards that impact millions of devices are too often developed behind closed doors, making it difficult for the broader security community to assess potential flaws and vulnerabilities early on. They can lack full documentation even months or years after their release.

  • Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible

    Security experts say the bug has been present since 2012 and found specifically in the Infineon’s Trusted Platform Module used on a large number of business-class HP, Lenovo and Fijitsu computers, Google Chromebooks as well as routers and IoT devices.

  • ROCA: RSA encryption key flaw puts 'millions' of devices at risk

    This results in cyber criminals computing the private part of an RSA key and affects chips manufactured from 2012 onwards, which are now commonplace in the industry.

  • Infineon RSA Key Generation Issue

    Yubico estimates that approximately 2% of YubiKey customers utilize the functionality affected by this issue. We have addressed this issue in all shipments of YubiKey 4, YubiKey 4 Nano, and YubiKey 4C, since June 6, 2017.

  • Microsoft remains tight-lipped about 2013 internal database hack [sic]

    A secretive internal database used by Microsoft to track bugs in its software was compromised by hackers [sic] in 2013.

  • Exclusive: Microsoft responded quietly after detecting secret database hack in 2013

    Microsoft Corp’s secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking [sic] group more than four years ago, according to five former employees, in only the second known breach of such a corporate database.

Syndicate content

More in Tux Machines

today's leftovers

  • Linux Users Discuss DRM 1 on 1 – Unleaded Hangout
    Linux Users Discuss DRM. Today my Brandon and I discuss encrypted media extensions, digital rights management and our freedom on the Linux desktop. So join Brandon and I as we as Linux Users Discuss DRM.
  • i965 Shader Cache Revised As It Still Might Squeeze Into Mesa 17.3
    Intel's Jordan Justen has sent out his third revision to the recently renewed patches for allowing an OpenGL on-disk shader cache for the "i965" Mesa driver. Just a few days back Jordan sent out a revised Intel shader cache implementation for this code that's long been baking on the Intel side but yet to be merged for mainline Mesa while the RadeonSI shader cache and co has been present now for many months.
  • Sunday Linux Gaming Wrap-up
  • retro-gtk: The Future, Marty!
    Let's come back to retro-gtk. In the previous articles I explained how bad retro-gtk was, what I did to start improving it and more importantly what I did to prepare the terrain for further development. This article will detail the aforementioned planed improvements!
  • Ikea’s Open-Source Showrooms
    Ikea Group will also roll out a new digital platform called 'Co-Create Ikea' which mimics its IT division's open-source software development, where customers have the chance help develop and test new products.
  • Glibc Picks Up Some More FMA Performance Optimizations
    The GNU C Library, glibc, has picked up support for some additional functions as FMA-optimized versions. The newest functions now getting the fused multiply-add (FMA) support are powf(), logf(), exp2f(), and log2f(). The FMA instruction set is present since Intel Haswell and AMD Piledriver generations and like past FMA optimizations, the benefits can be quite noticeable.
  • Landmark release of Termination of Transfer tool from Creative Commons and Authors Alliance
    For more than a decade, Creative Commons has developed and stewarded legal tools that give creators the opportunity to share their work on open terms. We have focused on tools that empower sharing at the moment of publication, leaving out an important group of creators: what about those who previously signed away their rights to their works long ago, but who now want to share on open terms under a CC license or renegotiate unfavorable publishing terms?
  • The recent catastrophic Wi-Fi vulnerability was in plain sight for 13 years behind a corporate paywall
    The recent Wi-Fi “KRACK” vulnerability, which allowed anyone to get onto a secure network (and which was quickly patched by reputable vendors), had been in plain sight behind a corporate-level paywall for 13 years. This raises a number of relevant, interesting, and uncomfortable questions.

Events: openSUSE.Asia Summit 2017, GStreamer Conference 2017, FSFE Assembly During 34C3

  • openSUSE.Asia Summit 2017 in Tokyo
  • GStreamer Conference 2017 Videos
    Taking place this weekend in Prague has been the 8th annual GStreamer Conference, which is preceding next week's Linux Foundation Embedded Linux Conference Europe.
  • Call for sessions at the FSFE assembly during 34C3
    With the CCC moving from Hamburg to Leipzig, there are not only logistic changes to be done but also some organisational changes. We are still figuring out the details, but in the context of this call, one of the major changes will be the loss of free available rooms to book for self-organised sessions. Instead, assemblies that match with each other are asked to cluster around 1 of several stages and use that as a common stage for self-organized sessions together. To make the most of this situation, the FSFE will for the first time not join the Noisy Square this year but form a new neighbourhood with other freedom fighting NGOs – in particular with our friends from European Digital Rights. However, at this point of time, we do not yet have more information about the concrete or final arrangements.

Android Leftovers

GNOME 3.28 Linux Desktop Environment Development Kicks Off with First Snapshot

GNOME developer Javier Jardón is kicking off the development of the GNOME 3.28 desktop environment with the first snapshot, GNOME 3.27.1, which is now available for public testing. Read more