Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 20 Oct 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Kernel: Keeping Control in the Hands of the User and KUnit

Filed under
Linux
  • Keeping Control in the Hands of the User

    Various efforts always are underway to implement Secure Boot and to add features that will allow vendors to lock users out of controlling their own systems. In that scenario, users would look helplessly on while their systems refused to boot any kernels but those controlled by the vendors.

    The vendors' motivation is clear—if they control the kernel, they can then stream media on that computer without risking copyright infringement by the user. If the vendor doesn't control the system, the user might always have some secret piece of software ready to catch and store any streamed media that could then be shared with others who would not pay the media company for the privilege.

    Recently, Chen Yu and other developers tried to submit patches to enhance Secure Boot so that when the user hibernated the system, the kernel itself would encrypt its running image. This would appear to be completely unnecessary, since as Pavel Machek pointed out, there is already uswsusp (userspace software suspend), which encrypts the running image before suspending the system. As Pavel said, the only difference was that uswusp ran in userspace and not kernel space.

  • Google Engineer Proposes KUnit As New Linux Kernel Unit Testing Framework

    Google engineer Brendan Higgins sent out an experimental set of 31 patches today introducing KUnit as a new Linux kernel unit testing framework to help preserve and improve the quality of the kernel's code.

    KUnit is a unit testing framework designed for the Linux kernel and inspired by the well known JUnit as well as Googletest and other existing unit testing frameworks for designing unit tests and related functionality.

DragonFlyBSD Continues Squeezing More Performance Out Of AMD's Threadripper 2990WX

Filed under
Graphics/Benchmarks

DragonFlyBSD 5.4 should be a really great release if you are a BSD user and have an AMD Threadripper 2 box, particularly the flagship Threadripper 2990WX 32-core / 64-thread processor.

The project leader of this long ago fork from FreeBSD, Matthew Dillon, has been quite outspoken about the Threadripper 2990WX since he purchased one earlier this summer. This prolific BSD developer has been praising the performance out of the Threadripper 2990WX since he got the system working on the current DragonFlyBSD 5.3 development builds.

Since getting DragonFlyBSD running on the Threadripper 2 hardware in August, he's routinely been making performance tuning optimizations to DragonFly's kernel to benefit the 2990WX given its NUMA design.

Read more

Arm Launches Mbed Linux and Extends Pelion IoT Service

Filed under
Linux

Politics and international relations may be fraught with acrimony these days, but the tech world seems a bit friendlier of late. Last week Microsoft joined the Open Invention Network and agreed to grant a royalty-free, unrestricted license of its 60,000-patent portfolio to other OIN members, thereby enabling Android and Linux device manufacturers to avoid exorbitant patent payments. This week, Arm and Intel kept up the happy talk by agreeing to a partnership involving IoT device provisioning.

Arm’s recently announced Pelion IoT Platform will align with Intel’s Secure Device Onboard (SDO) provisioning technology to make it easier for IoT vendors and customers to onboard both x86 and Arm-based devices using a common Peleon platform. Arm also announced Pelion related partnerships with myDevices and Arduino (see farther below).

Read more

Programming: Version Control With Git, 5 Things Your Team Should Do to Make Pull Requests Less Painful and More GitHub Workflow Automation

Filed under
Development
  • How to Use Git Version Control System in Linux [Comprehensive Guide]

    Version Control (revision control or source control) is a way of recording changes to a file or collection of files over time so that you can recall specific versions later. A version control system (or VCS in short) is a tool that records changes to files on a filesystem.

    There are many version control systems out there, but Git is currently the most popular and frequently used, especially for source code management. Version control can actually be used for nearly any type of file on a computer, not only source code.

  • 5 Things Your Team Should Do to Make Pull Requests Less Painful

    A user story is a short description of a unit of work that needs doing. It’s normally told from the perspective of the user, hence the name. The journey towards a good pull request starts with a well-written user story. It should be scoped to a single thing that a user can do in the system being built.

  • More GitHub workflow automation

    The more you use computers, the more you see the potentials for automating everything. Who doesn't love that? By building Mergify those last months, we've decided it was time bring more automation to the development workflow.

today's howtos

Filed under
HowTos

Games: Cultist Simulator, Planetary Annihilation: TITANS, CrossOver 18, Updated Proton 3.16 Beta, Descenders, Bridge Constructor Portal, Train Valley 2, Sipho

Filed under
Gaming

Security: Stamos, E-mail and RAT Arrest

Filed under
Security

Browsing the web with Min, a minimalist open source web browser

Filed under
OSS
Web

Does the world need another web browser? Even though the days of having a multiplicity of browsers to choose from are long gone, there still are folks out there developing new applications that help us use the web.

One of those new-fangled browsers is Min. As its name suggests (well, suggests to me, anyway), Min is a minimalist browser. That doesn't mean it's deficient in any significant way, and its open source, Apache 2.0 license piques my interest.

Read more

Security: Patches, FUD and Voting Machines

Filed under
Security
  • libssh 0.8.4 and 0.7.6 security and bugfix release

    libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials.

  • A Cybersecurity Weak Link: Linux and IoT [Ed: Blaming "Linux" for companies that put default passwords on all their products? Windows has back doors.]
  • Undetectably bypass voting machines' anti-tamper mechanism with a bit of a soda-can

    But University of Michigan grad student Matt Bernhard has demonstrated that he can bypass the tamper-evident seals in seconds, using a shim made from a slice of a soda can. The bypass is undetectable and doesn't damage the seal, which can be resecured after an attacker gains access to the system.

  • Security Seals Used to Protect Voting Machines Can Be Easily Opened With Shim Crafted from a Soda Can

    Bernhard, who is an expert witness for election integrity activists in a lawsuit filed in Georgia to force officials to get rid of paperless voting machines used in that state, said the issue of security ties and seals came up in the lawsuit earlier this year when Fulton County Elections Director Richard Barron told the court that his Georgia county relies on tamper-evident metal and plastic ties to seal voting machines and prevent anyone with physical access to the machines from subverting them while they sit in polling places days before an election.

    [...]

    He noted that defeating ties and seals in non-tamper-evident ways isn’t the only method to wreak havoc on an election in Michigan. The state has a unique law that prohibits ballots from being used in a recount if the number of voters doesn't match the number of ballots cast at a precinct or if the seal on a ballot box is broken or has a different serial number than what it should have. Someone who wanted to wreak havoc on an election or alter an election outcome in Michigan could purposely tamper with ballot box seals in a way that is evident or simply replace them with a seal bearing a different serial number in order to get ballots excluded from a recount. The law came into sharp relief after the 2016 presidential election when Green Party candidate Jill Stein sought to get a statewide recount in Michigan and two other critical swing states and found that some precincts in Wayne County couldn't be recounted because the number of voters who signed the poll books—which get certified with a seal signed by officials—didn't match the number of ballots scanned on the voting machines.

OSS: Hedera Hashgraph, Service Providers, and Renaming the Bro Project

Filed under
OSS
  • Hedera Hashgraph Distributed Ledger Technology Shares New Open-Source SDK [Ed: Hedera needs to delete GitHub, however, as the new head of GitHub killed Java projects like Hedera's]

    Hedera Hashgraph, one of the DApp facilitators within the blockchain industry recently announced that it has released its Software Development Kit (SDK) in Java.

  • Service Providers Should Adapt to Open Source World

    Finding differing opinions on open source with the telecom industry isn't hard to do, especially where orchestration is concerned. That's why a panel discussion on open source and MANO at the Light Reading NFV-Carrier SDN event in Denver seemed an odd place to find such outspoken agreement on that topic, but there it was.

    Four smart guys, none shy with their opinions, all seemed to agree on key points around open source, the need for standards, the role of vendors and the lack of internal software skills. But they also agreed that telecom service providers are struggling a bit to understand how to proceed in an open source world and still need some fundamental internal changes.

  • Renaming the Bro Project

    More than 20 years ago I chose the name "Bro" as "an Orwellian reminder that monitoring comes hand in hand with the potential for privacy violations", as the original Bro paper put it. Today that warning is needed more than ever ... but it's clear that now the name "Bro" is alas much more of a distraction than a reminder.

    On the Leadership Team of the Bro Project, we heard clear concerns from the Bro community that the name "Bro" has taken on strongly negative connotations, such as "Bro culture". These send a sharp, anti-inclusive - and wholly unintended and undesirable - message to those who might use Bro. The problems were significant enough that during BroCon community sessions, several people have mentioned substantial difficulties in getting their upper management to even consider using open-source software with such a seemingly ill-chosen, off-putting name.

Back End: Apache Kafka, 'Serverless'

Filed under
Server
OSS

Microsoft Lies and Openwashing

Filed under
Microsoft
OSS

Red Hat Leftovers

Filed under
Red Hat

Why MX Linux Is the Windows Alternative You’ve Been Waiting For

Filed under
GNU
Linux

If you’re looking for a Windows alternative but have shied away from Linux, MX Linux may be the solution you’ve been waiting for.

Linux distributions have always held promise for Windows users to migrate away from an expensive OS. Even Windows 10 has enough quirks and issues that a truly robust and functional Linux alternative could easily entice longtime Windows users to switch.

Let’s take a closer look at MX Linux from the perspective of a longtime Windows user.

Read more

Chromebox and Chrome 'Hacks'

Filed under
Google
  • CTL’s New CBX1 Chromebox is a Powerhouse at a Great Price

    Chromeboxes are really great desktops for users who have moved their workflow into a web browser, especially at lower prices. You don’t need higher specs inside a Chromebox for it to work well, but it can help.

    For those who want a supercharged Chromebox on the cheap, Oregon-based CTL has just the thing for you. Its new Chromebox—the CBX1—has all the high-end parts you could want, at a comparatively low price.

  • How to Install Progressive Web Apps (PWAs) in Chrome

    Chrome 70, available now, lets you install “Progressive Web Apps,” or PWAs, on Windows. When you visit a website with a PWA, like Twitter or Spotify, you can now “install” it to make it behave more like a normal desktop application.

  • How to Stop Chrome From Automatically Signing You Into the Browser

    With Chrome 69, Google began automatically signing you into the Chrome browser whenever you signed into a Google website like Gmail. Chrome 70, available now, has a hidden option to disable this feature.

    We don’t think most Chrome users will care about this. But, if you do care, Google now gives you a choice. And that’s good news.

MongoDB Becomes Less Affero GPL-Like

Filed under
Server
OSS
Legal
  • Fed up with cloud giants ripping off its database, MongoDB forks new open-source license

    After Redis Labs relicensed the modules it developed to complement its open-source database, from AGPL to Apache v2.0 with a Commons Clause, the free-software community expressed dismay.

    And, inevitably, some responded by forking the affected code.

    Today, the maker of another open source database, MongoDB, plans to introduce a license of its own to deal with the issue cited by Redis: cloud service providers that sell hosted versions of open-source programs – such as Redis and MongoDB database servers – without offering anything in return.

    "Once an open source project becomes interesting or popular, it becomes too easy for the cloud vendors to capture all the value and give nothing back to the community," said Dev Ittycheria, CEO of MongoDB, in a phone interview with The Register.

    Ittycheria pointed to cloud service providers such as Alibaba, Tencent, and Yandex. Those companies, he claims, are testing the boundaries of the AGPL by benefiting from the work of others while failing to share their code.

  • MongoDB switches up its open-source license

    MongoDB is a bit miffed that some cloud providers — especially in Asia — are taking its open-source code and offering a hosted commercial version of its database to their users without playing by the open-source rules. To combat this, MongoDB today announced it has issued a new software license, the Server Side Public License (SSPL), that will apply to all new releases of its MongoDB Community Server, as well as all patch fixes for prior versions.

    Previously, MongoDB used the GNU AGPLv3 license, but it has now submitted the SSPL for approval from the Open Source Initiative.

  • MongoDB license could push open source deeper into cloud: Is this what industry needs?

    Things just got serious in open source land. Despite the occasional Commons Clause or Fair Source licensing attempt to change the meaning of the words "open source" to include "the right for a private company to make money from its open source efforts," we've stuck to the Open Source Definition, and it has served us well. Open source communities have become the center of the innovation universe, giving us exceptional code like Linux, Kubernetes, Apache Kafka, and more.

  • It's MongoDB's turn to change its open source license

    The old maxim that the nice thing about standards is that there are so many to choose from could well apply to open source licensing. While now nearing a couple years old, the last WhiteSource Software survey of the top 10 open source licenses found close competition between the GPL, MIT, and Apache licenses. While the commercial-friendly Apache license has dominated the world of big data platforms and AI frameworks, MIT and GPL (which has "copyleft" provisions requiring developers to contribute back all modifications and enhancements) continues to be popular. GPL and variants such as the AGPL have been popular amongst vendors that seek to control their own open source projects, like MongoDB.

  • Matthew Garrett: Initial thoughts on MongoDB's new Server Side Public License

    MongoDB just announced that they were relicensing under their new Server Side Public License. This is basically the Affero GPL except with section 13 largely replaced with new text, as follows:

    "If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License. Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Software or modified version.

    “Service Source Code” means the Corresponding Source for the Program or the modified version, and the Corresponding Source for all programs that you use to make the Program or modified version available as a service, including, without limitation, management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available."

    MongoDB admit that this license is not currently open source in the sense of being approved by the Open Source Initiative, but say:"We believe that the SSPL meets the standards for an open source license and are working to have it approved by the OSI."

    At the broadest level, AGPL requires you to distribute the source code to the AGPLed work[1] while the SSPL requires you to distribute the source code to everything involved in providing the service. Having a license place requirements around things that aren't derived works of the covered code is unusual but not entirely unheard of - the GPL requires you to provide build scripts even if they're not strictly derived works, and you could probably make an argument that the anti-Tivoisation provisions of GPL3 fall into this category.

Graphics: Mesa, DisplayPort's Forward Error Correction and New Driver From NVIDIA

Filed under
Graphics/Benchmarks
  • Mesa Vulkan Drivers Move Ahead With PCI Bus Info, Calibrated Timestamps

    With this weekend's release of Vulkan 1.1.88 stealing the show was the Vulkan transform feedback capability to allow projects like DXVK to support Direct3D's Stream Output functionality. But besides VK_EXT_transform_feedback, there are other extensions also being worked on for Mesa ANV / RADV Vulkan driver coverage.

  • Intel DRM Linux Driver Working On DisplayPort Forward Error Correction

    DisplayPort's Forward Error Correction (FEC) is part of the specification since DP 1.4 and is for ensuring reliable, error-free video transport. Forward Error Correction allows for correcting link errors and a "glitch-free visual experience" by using a Reed-Solomon parity/correction check. The DisplayPort sink can detect and correct any small errors in the compressed video stream.

  • NVIDIA GeForce RTX 2070 Linux Benchmarks Will Be Coming

    NVIDIA's embargo for reviews on the GeForce RTX 2070 graphics cards has now expired ahead of the expected retail availability on Wednesday.

  • NVIDIA 410.66 Linux Driver Released With RTX 2070 Support, Vulkan Ray-Tracing, Etc

    NVIDIA has released the 410.66 Linux graphics driver today as their first stable release in the 410 series and comes with support for the new GeForce RTX 2070 graphics card.

    The main addition to the NVIDIA 410 Linux driver series is the initial Turing GPU support with the GeForce RTX 2070/2080 graphics cards. Besides enabling Turing support, the NVIDIA 410 driver has initial RTX ray-tracing support with Vulkan. The NVIDIA driver ships new libnvidia-rtcore.so and libnvidia-cbl.so libraries for this ray-tracing functionality. The OptiX ray-tracing engine is also bundled as libnvoptix.so.

Syndicate content

More in Tux Machines

Programming: BASIC, LLVM's Clang C++17, and Mozilla

  • So I wrote a basic BASIC
    So back in June I challenged myself to write a BASIC interpreter in a weekend. The next time I mentioned it was to admit defeat. I didn't really explain in any detail, because I thought I'd wait a few days and try again and I was distracted at the time I wrote my post.
  • LLVM C++14/C++17 BoF
  • LLVM's Codebase Will Likely Move To C++17 Next Year
    While LLVM's Clang compiler already supports C++17, what this change is about is the LLVM code itself and for sub-projects like Clang can begin making use of C++17 code itself. This in turn ups the requirements for being able to compile the code-base.  As it stands now LLVM requires C++11 for being able to build the compiler stack, but at this week's LLVM Developers' Meeting in San Jose they discussed upping that requirement. While they could move to C++14, the unofficial consensus is they should just move directly to C++17. This enables LLVM developers to take advantage of all these modern C++ features.
  • Don't rely on the shape of (Native)Error.prototype.message
  • The Rust Programming Language Blog: Update on the October 15, 2018 incident on crates.io
    A user called cratesio was created on crates.io and proceeded to upload packages using common, short names. These packages contained nothing beyond a Cargo.toml file and a README.md instructing users that if they wanted to use the name, they should open an issue on the crates.io issue tracker. The rate at which this user uploaded packages eventually resulted in our servers being throttled by GitHub, causing a slowdown in all package uploads or yanks. Endpoints which did not involve updating the index were unaffected.

Red Hat Leftovers

  • Red Hat Awards Crossvale Commercial Application Platform Partner of the Year.
    Crossvale was presented with the 2018 North America Commercial Application Platform Partner of the Year award by Red Hat. The announcement was made at the Red Hat North America Partner Conference held in Maryland on October 10th.
  • [Podcast] PodCTL #52 – OpenShift 3.11 and OpenShift Container Engine
    Last week Red Hat announced the general availability of OpenShift Container Platform 3.11. This is an important release because it incorporates the first wave of technology from the CoreOS acquisition. This includes new visibility for Operations teams through the Cluster Console and integrated Prometheus monitoring and Grafana dashboards. It also added support for a number of Operators, both from Red Hat and ISV partners (supporting the Operator Framework). This is important, as Operators will continue to play a more critical role in both the OpenShift platform, as well as for applications running on OpenShift. Finally, we discussed the recently released OpenShift Container Engine, and how it offers flexibility for customers that want Enterprise Kubernetes from OpenShift, but may want flexibility in certain areas of their deployments.
  • Knative: Building your Serverless Service
    In the Part-1 of Knative Serving blog series, you were introduced on how to build and deploy your first serverless service using Knative Serving. In this blog you will be introduced to another Knative component called Knative Build.
  • Agile Integration: Enterprise integration from a necessary evil to building competitive advantage
    Business success can be increasingly based on an organization’s ability to react to change. As new disruptive players enter markets and technology upends what consumers expect, organizations often need to change plans in shorter cycles. Modern software architectures and processes can help make organizations more effective at dealing with this change and emerge as leaders in their markets. "Planning as we know it is dead," was the keynote message delivered by Jim Whitehurst, Red Hat president and CEO, at the 2017 Red Hat Summit. "Planning harder in a less-known environment just isn’t the answer." In today’s world, the pace of innovation and disruption is accelerating in business. With that comes change, which can jar or break plans quickly and, in some instances, be extremely costly. Hence, the ability to react to change quickly can be a necessity. Enterprise integration can be at the heart of an organization's IT architecture. It may be necessary. But it is often a bottleneck.
  • Red Hat CEO Whitehurst sells $709000 in Hatter shares

Happy 14th Birthday, Ubuntu!

Bust out the bunting and start cooking a cake because it’s Ubuntu’s birthday! Yes, fourteen feature-filled years have flown by since Mark Shuttleworth sat down to share news of the very first Ubuntu release. Ubuntu 4.10 ‘Warty Warthog’ was thrust into the world on Wednesday October 20, 2004. Read more

GNOME: Vala Scripting and GNOME Foundation Hackfest 2018

  • Daniel Espinosa: Vala Scripting?
    I’m working with a library called GNOME Vala Language Server (GVls), as a proof of concept for a server that will serve autocompletion, syntax highlighting and that kind of stuff, but found something interesting by accident. I’ve added an interface called Client, may is not it final name, but it allows to locale a symbol in a already parsed file, along with some goodness from other interfaces and implementations, I’ll talk about in another article.
  • GNOME Foundation Hackfest 2018
    This week, the GNOME Foundation Board of Directors met at the Collabora office in Cambridge, UK, for the second annual Foundation Hackfest. We were also joined by the Executive Director, Neil McGovern, and Director of Operations, Rosanna Yuen. This event was started by last year’s board and is a great opportunity for the newly-elected board to set out goals for the coming year and get some uninterrupted hacking done on policies, documents, etc. While it’s fresh in our mind, we wanted to tell you about some of the things we have been working on this week and what the community can hope to see in the coming months.