Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 14 Dec 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Server/Back End: Orange, Oracle, Docker Roy Schestowitz 12/12/2017 - 8:38am
Story BlackArch Linux Ethical Hacking OS Gets Linux Kernel 4.14.4, Updated Installer Rianne Schestowitz 12/12/2017 - 8:02am
Story System76 Enables HiDPI Support on All of Their Linux Laptops and Desktops Rianne Schestowitz 12/12/2017 - 8:01am
Story Mint 18.3: The best Linux desktop takes big steps forward Rianne Schestowitz 12/12/2017 - 7:58am
Story Today in Techrights Roy Schestowitz 12/12/2017 - 6:39am
Story Security: NSA, Microsoft Debacles, and FOSS Updates Roy Schestowitz 11/12/2017 - 10:48pm
Story OSS Leftovers Roy Schestowitz 11/12/2017 - 10:46pm
Story KDE: Randa Meetings and KDE Edu Sprint 2017 Roy Schestowitz 11/12/2017 - 10:45pm
Story Programming/Development: fwupd, LLVM and More Roy Schestowitz 11/12/2017 - 10:43pm
Story Software: Darktable, VLC, Mesa, Audacity, Toplip, GNUstep Roy Schestowitz 11/12/2017 - 10:42pm

Microsoft EEE and Holes

Filed under
Microsoft
Security

Best Gnome distro of 2017

Filed under
GNOME

And the winner is …

Well, I’ve never ever believed I’d say this, but being objective and all, it’s an Arch-based distribution that gets the highest accolade in this test – Antergos 17.9! Do mind, it’s not perfect, but it does offer a reasonably rounded experience with some really interesting (and unique) features. Like most small projects, it does suffer from obvious lack of manpower needed to tackle the usability papercuts, but on the other hand, it brings in innovation that is not apparent in other distributions, and it also provides a solid baseline for day-to-day use, without compromising on stability, and without ever disclosing its geeky DNA.

My experience with Antergos 17.9 shows a distribution that is relatively sprightly, focuses on usability, offers excellent driver support, and tries to balance beauty with functionality. It still struggles gluing all these together, but there do not seem to be any fundamental flaws. It also manages to showcase Gnome in a very positive light, which cannot be said of pretty much any other candidate that I’ve had a chance to test this year. If anything, the outcome of 2017 is satisfying in its own right, even though I did struggle and suffer a lot while playing and testing these different distributions. But in one sentence, if you do need a Gnome distro, this is the best that I can offer and recommend. And it wouldn’t be a bad recommendation either. All right, that was two sentences.

Conclusion

Back in December 2016, I said Gnome is slowly recovering. Scratch that. It was a brief flicker of hope, and it’s gone. It would seem the direction has reversed, and the Gnome desktop is becoming less usable. Its overall design remains stubbornly unchanged while the quality and stability are constantly deteriorating.

Still, an odd distro or two manage to rise above the mediocrity and provide a relatively reasonable desktop session, Gnome notwithstanding. For 2017, Antergos is Dedoimedo’s Gnome choice. You get an okay mix of everything, solid performance, a stable behavior, and a few glitches just to keep you on your toes. Most impressive is the graphics stack support, very elegant looks, and tons of great software. If you’ve never considered Arch in its many guises and sacrificial forms, then Antergos seems like a good starting point.

But wait, what if I don’t like Gnome, you asketh? Despair not! In the coming days, we will also look at what Xfce and Plasma have to offer. It shall be most interesting. Stay tuned.

Read more

Also: OSK update

PR: Bergmannos – New Linux-Based Os for Mining

Filed under
GNU
Linux

Bergmann Team has developed a new Linux-based OS for mining BergmannOS, that enables full control over the rigs and automatization of the cryptocurrency mining. Since December 11, 2017 during the entire period of ICO BergmannOS the participants will have access to a shippable beta version of the software complex for miners.

Already in the beta version of BergmannOS miners will be able to estimate the benefits of the main functions of the system. Users are guaranteed 24/7 real time control of the devices, auto and manual tuning of the units, autotuning of video cards (after first update), warning messages in the event of failures, reports on unites’ work, marketing quotation of crypto currencies and news from crypto world. User-friendly interface makes the usage of the system easier.

Read more

Free Software Foundation Fun For Xmas

Filed under
GNU

If you're looking for festive presents for programmers, the Free Software Foundation has some options that combine open software street cred with supporting open source and the GNU philosophy.

The Free Software Foundation (FSF) is a not for profit organization founded in the mid 80s to support the free software movement. Its founder was Richard Stallman, who also launched the GNU Project in the 80s to create an operating system like UNIX but entirely free. The FSF initially used its funds to pay developers to write free software for the GNU project, and once that was achieved, funds have been used to support the free software movement legally and structurally.

Most of the choices in the FSF shop do come down to items with the word GNU on them - I was hoping for some furry GNU hats or slippers, but sadly (or perhaps fortunately) this wasn't a choice.

Read more

Debian 9.3 and Debian 8.10 released

Filed under
Debian
  • Updated Debian 9: 9.3 released

    The Debian project is pleased to announce the third update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

    Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.

  • Updated Debian 8: 8.10 released

    The Debian project is pleased to announce the tenth update of its oldstable distribution Debian 8 (codename "jessie"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

    Please note that the point release does not constitute a new version of Debian 8 but only updates some of the packages included. There is no need to throw away old "jessie" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.

  • Debian GNU/Linux 9.3 "Stretch" and 8.10 "Jessie" Have Been Officially Announced

    The Debian Project announced this morning the general availability of the Debian GNU/Linux 9.3 and Debian GNU/Linux 8.10 point releases of the Stretch and Jessie series.

    While Debian GNU/Linux 9.3 is the third maintenance update to the Stretch series, the latest stable release of the operating system, Debian GNU/Linux 8.10 represents the tenth point release of the Jessie branch, which is the oldstable distribution of Debian since the release of Debian GNU/Linux 9 "Stretch." Both include the latest security updates published through the official repositories.

Cloud Native Computing Foundation (CNCF) and Kubernetes Articles

Filed under
Server
  • Deletion and Garbage Collection of Kubernetes Objects

    With the Kubernetes container orchestration engine, concepts and objects build on top of each other. An example we described previously is how deployments build on top of replica sets to ensure availability, and replica sets build on top of Pods to get scheduling for free.

    What exactly happens when we delete a deployment? We would not only expect the deployment itself to be deleted, but also the replica sets and pods that are managed by the deployment.

  • Kubernetes Preview: 'Apps Workloads' Enabled by Default, Windows Capabilities Move Forward

    Kubernetes 1.9 will feature a ready-for-prime-time Apps Workloads, Windows functionality moving into beta and forward moves in storage.

  • Salesforce is latest big tech vendor to join the Cloud Native Computing Foundation

    Salesforce announced today that it was joining the Cloud Native Computing Foundation (CNCF), the open-source organization that manages Kubernetes, the popular open-source container orchestration tool.

    It is the latest in a long line of big name companies, joining the likes of AWS, Oracle, Microsoft, VMware and Pivotal, all of whom joined in a flurry of activity earlier this year. Most of these other companies have more of a cloud infrastructure angle. Salesforce is a SaaS vendor, but it too is seeing what so many others are seeing: containerization provides a way to more tightly control the development process. Kubernetes and cloud native computing in general are a big part of that, and Salesforce wants a piece of the action.

  • How the Cloud Native Computing Foundation Is Advancing Cloud Projects

    The Cloud Native Computing Foundation (CNCF) kicked off its Kubecon CloudNativeCon North America conference on Dec. 6 with a host of announcements about its' expanding open-source cloud efforts. The CNCF is home to the Kubernetes container orchestration system as well as 13 additional cloud project that enable organizations to build cloud native architectures.

    Among the announcements at the event, which has over 4,000 attendees, are new members as well as multiple project updates, including 1.0 releases from the containerd, Jaeger, CoreDNS and Fluentd projects.

Why the Zephyr Project Uses Vendor HALs

Filed under
Linux

The use of vendor-supplied HALs (Hardware Abstraction Layers) in open source projects has been a source of ongoing discussion. At the October ELC Europe conference in Prague, we took up the topic again.

In “Using SoC Vendor HALs in the Zephyr Project,” Zephyr Project contributor Maureen Helm, an MCU Software Architect at NXP, discussed the pros and cons of using vendor HALs. Ultimately, she argued that that the benefits far outweigh the tradeoffs. This viewpoint was expanded upon in a recent Zephyr Project blog post by Helm and Frank Ohlhorst.

The main reason for using vendor-supplied HALs is to reduce coding and testing time. The Zephyr Project maintains and develops the lightweight Zephyr OS for microcontroller units (MCUs), the number and variety of which have soared in recent years.

Read more

Security: FUD, Let’s Encrypt, Updates, and 'Nature'

Filed under
Security
  • The Hidden Costs of Open Source Security Software [Ed: Using the Microsoft-connected Black Duck to badmouth FOSS again]
  • Let’s Encrypt Looking Forward to 2018

    Let’s Encrypt had a great year in 2017. We more than doubled the number of active (unexpired) certificates we service to 46 million, we just about tripled the number of unique domains we service to 61 million, and we did it all while maintaining a stellar security and compliance track record. Most importantly though, the Web went from 46% encrypted page loads to 67% according to statistics from Mozilla - a gain of 21 percentage points in a single year - incredible. We’re proud to have contributed to that, and we’d like to thank all of the other people and organizations who also worked hard to create a more secure and privacy-respecting Web.

  • Security updates for Friday
  • 'Nature' Editorial Juxtaposes FOIA Email Release With Illegal Hacking [sic]

    The release of these emails by a person who has a clear point-of-view on the issue, however, has led to yet another discussion of the proper way of publishing raw documents. Nature, one of the more respected and widely read science publishers, mentions the release of these emails in the same breath as emails that were obtained by illegal hacking [sic] in an editorial published this week:

Devices: Raspberry Pi Alternatives and New Boards

Filed under
Linux
Hardware

FreeBSD and OpenBSD Leftovers

Filed under
BSD

Bodhi Linux 4.4 Released with Linux Kernel 4.13, Based on Ubuntu 16.04 LTS

Filed under
Linux
Ubuntu

Bodhi Linux 4.4 comes three months after the Bodhi Linux 4.3 release to add all the latest software updates and security patches from the repositories of the Ubuntu 16.04 LTS (Xenial Xerus) operating system. It's an incremental update that doesn't require you to reinstall your system.

"This is a normal update release and it comes three months after the release of Bodhi 4.3.1. Existing Bodhi 4.x.y users do not need to reinstall as the primary goal of this update release is to simply keep the current ISO image up to date," writes Jeff Hoogland in today's announcement.

Read more

Amazon aims an AWS-savvy version of FreeRTOS at IoT gizmos

Filed under
OSS

Amazon is known for its semi-proprietary versions of Android and Linux that have appeared on a variety of mobile and consumer electronics devices from the Amazon Fire TV Stick to the Amazon Echo. Yet, for its foray into the generally MCU-based RTOS world, Amazon has gone completely open source.

Open source OSes like Linux and FreeRTOS continue to grow as proprietary platforms decline, according to AspenCore’s 2017 survey of embedded developers. The survey found “Embedded Linux” and FreeRTOS to be in first and second place, at 22 and 20 percent for “current use,” but with their order projected to reverse over the next 12 months to 27 and 28 percent, potentially moving FreeRTOS to the top of the heap.

Read more

Ubuntu: Server, Security, Python, and Linux Mint 18.3

Filed under
Ubuntu
  • Adapting to tech’s cloud-native shift with Kubernetes, Ubuntu

    The growing trend toward cloud-native programming is fundamentally changing the way applications are developed, integrating and automating pieces previously separated and delayed by disjointed manual processes. Adopting strategies to take advantage of more efficient development opportunities has become mission-critical for competitive businesses, but making the transition rapidly can open organizations to risk — or at the very least disorganized operations and cultural inconsistencies.

  • Canonical Outs New Kernel Security Updates for All Supported Ubuntu Releases

    Canonical released new Linux kernel security updates for all supported Ubuntu operating systems addressing a total of nine vulnerabilities discovered by various researchers.

    The newly patched Linux kernel vulnerabilities affect Ubuntu 17.10 (Artful Aardvark), Ubuntu 17.04 (Zesty Zapus), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 (Precise Pangolin) ESM (Extended Security Maintenance), as well as all of their official derivatives, including Kubuntu, Lubuntu, etc.

  • Security Team Weekly Summary: December 7, 2017
  • Ubuntu Is Getting Ready To Further Demote Python 2

    There's a little more than two years left until Python 2 will be officially discontinued by upstream and Ubuntu is preparing accordingly for this end of life.

    With the recent Ubuntu 17.10 release was the first time they were able to ship Ubuntu Linux without Python 2 pre-installed. The next step in Ubuntu phasing out Python 2 support is by demoting it from the "main" archive to the broader "universe" archive. Then a few years out, Python 2 will be dropped completely.

  • Linux Mint 18.3 Sylvia Download Links, Mirrors, and Torrents

    Linux Mint 18.3 has been released at Wednesday, 27 November 2017 with codename "Sylvia". Version 18.3 is an LTS release based on Ubuntu 16.04, and, a continuation towards the versions 18, 18.1, and 18.2. This article mentions the download links, mirrors, and torrents for Mint 18.3 Cinnamon and MATE editions, for both 32bit and 64bit types.

Fedora council elections canceled

Filed under
Red Hat

The Fedora Project's currently underway elections for the Fedora Council, FESCo, and the Mindshare committee have been canceled due to some glitches in making the interview material available. The project plans to get its act together and retry the elections in early January.

Read more

Debian 10-Based Distro DebEX KDE Plasma Now Uses Latest Calamares Installer

Filed under
Debian

GNU/Linux developer Arne Exton released a new build of his Debian-based DebEX KDE Plasma distribution that updates the graphical installer to latest Calamares universal installer framework release.

Coming one and a half months after the previous build, DebEX KDE Build 171203 incorporates all the latest package updates from the upstream Debian GNU/Linux 10 "Buster" (Debian Testing) and Debian Sid (Debian Unstable) repositories, and updates the KDE components to KDE Development Platform 4.16.0 LTS and KDE Plasma 5:37 as default desktop environment.

It also ships with the Linux 4.13.4 kernel compiled by the developer with extra hardware support, but the biggest change, however, is the replacement of the Refracta Installer with the recently released Calamares 3.1.9 universal installer framework for GNU/Linux distributions, which lets users choose their preferred language when the installation starts.

Read more

Games: HYPERNOVA: Escape from Hadea, Steam and More

Filed under
Gaming

Wine 3.0 RC1

Filed under
Software
  • Wine 3.0-rc1 Released

    The Wine development release 3.0-rc1 is now available.

    This is the first release candidate for the upcoming Wine 3.0. It marks the beginning of the code freeze period. There have been many last minute changes, so please give this release a good testing to help us make 3.0 as good as possible.

  • Wine 3.0 Just Around the Corner with Direct3D 11 Support for AMD and Intel GPUs

    The highly anticipated Wine 3.0 open-source compatibility layer for installing and running Windows apps and games on Linux and UNIX-like operating systems just got its first Release Candidate today.

    The Wine developers met at the end of October in Poland for the WineConf2017 annual Wine Conference to talk about the next major release, Wine 3.0, and it's awesome new features like Direct3D 11 and Android support, and promised to release Wine 3.0 to the world by the end of the year.

  • Wine 3.0-RC1 Released, Direct3D 11 Enabled For Intel/AMD GPUs

    Just as planned, the first release candidate for Wine 3.0 and it also marks the project's code/feature freeze.

    A big change with Wine 3.0-RC1 is that Direct3D 11.0 is now enabled by default on AMD and Intel graphics processors! The D3D11 support in Wine still isn't completely baked, but it's working for several Direct3D 11 games like Deus Ex: Human Revolution, Prey 2017, Crysis 2 and Witcher 3 to now enjoy under Linux.

  • The first release candidate for Wine 3.0 is now available for testing, fixes for The Witcher 3 included

    This marks the start of the code freeze period, where no new features go in, so it's mainly bug fixing until the stable 3.0 that's due in January.

X.Org Server Patches Updated For Non-Desktop & Leases To Better VR HMD Support

Filed under
Graphics/Benchmarks

Keith Packard has sent out his latest X.Org Server side patches for the improvements he's been working on the past year for improving the SteamVR / VR HMD support on the Linux desktop.

Keith sent out the latest patches for adding RandR 1.6 leases support. These have been re-based against the latest X.Org Server Git code and while there was initial DRM leasing in Linux 4.15, Keith says these patches only work against drm-next, which would mean Linux 4.16. These patches do go through and wire up the leasing support with the xf86-video-modesetting DDX driver.

Read more

Syndicate content

More in Tux Machines

Australian Securities Exchange completes Red Hat migration

The Australian Securities Exchange (ASX) has completed the migration of "mission-critical" legacy applications to the Red Hat JBoss Enterprise Application Platform (JBoss EAP). ASX first deployed JBoss EAP in 2011 to modernise its legacy technologies and to facilitate the introduction of new web applications after it realised its legacy application server platform was becoming increasingly inconsistent, unstable, and expensive. After the initial ASX Online Company migration was complete in 2012, ASX used JBoss EAP to build the ASX.com API, as well as its Sharemarket Game, which gives players the opportunity to learn how the share market works. Read more

Programming/Development: GAPID 1.0 and Atom 1.23

  • Diagnose and understand your app's GPU behavior with GAPID
  • GAPID 1.0 Released As Google's Cross-Platform Vulkan Debugger
    Back in March we wrote about GAPID as a new Google-developed Vulkan debugger in its early stages. Fast forward to today, GAPID 1.0 has been released for debugging Vulkan apps/games on Linux/Windows/Android as well as OpenGL ES on Android. GAPID is short for the Graphics API Debugger and allows for analyzing rendering and performance issues with ease using its GUI interface. GAPID also allows for easily experimenting with code changes to see their rendering impact and allows for offline debugging. GAPID has its own format and capturetrace utility for capturing traces of Vulkan (or GLES on Android too) programs for replaying later on with GAPID.
  • Hackable Text Editor Atom 1.23 Adds Better Compatibility for External Git Tools
    GitHub released Atom 1.23, the monthly update of the open-source and cross-platform hackable text editor application loved by numerous developers all over the world. Including a month's worth of enhancements, Atom 1.23 comes with the ability for packages to register URI handler functions, which can be invoked whenever the user visits a URI that starts with "atom://package-name/," and a new option to hide certain commands in the command palette when registering them via "atom.commands.add." Atom 1.23 also improves the compatibility with external Git tools, as well as the performance of the editor by modifying the behavior of several APIs to no longer make callbacks more than once in a text buffer transaction. Along with Atom 1.23, GitHub also released Teletype 0.4.0, a tool that allows developers to collaborate simultaneously on multiple files.

Red Hat GNU/Linux and More

Security: VLC Bug Bounty, Avast Tools, Intel ME

  • European Commission Kicks Off Open-Source Bug Bounty
    The European Commission has announced its first-ever bug bounty program, and is calling on hackers to find vulnerabilities in VLC, a popular open-source multimedia player loaded on every workstation at the Commission. The program has kicked off with a three-week, invitation-only session, after which it will be open to the public. Rewards include a minimum of $2,000 for critical severity bugs, especially remote code execution. High severity bugs such as code execution without user intervention, will start at $750. Medium severity bugs will start at a minimum of $300; these include code execution with user intervention, high-impact crashes and infinite loops. Low-severity bugs, like information leaks, crashes and the like, will pay out starting at $100.
  • Avast launches open-source decompiler for machine code
    Keeping up with the latest malware and virus threats is a daunting task, even for industry professionals. Any device connected to the Internet is a target for being infected and abused. In order to stop attacks from happening, there needs to be an understanding of how they work so that a prevention method can be developed. To help with the reverse engineering of malware, Avast has released an open-source version of its machine-code decompiler, RetDec, that has been under development for over seven years. RetDec supports a variety of architectures aside from those used on traditional desktops including ARM, PIC32, PowerPC and MIPS.
  • Avast makes 'RetDec' machine-code decompiler open source on GitHub
    Today, popular anti-virus and security company, Avast, announces that it too is contributing to the open source community. You see, it is releasing the code for its machine-code decompiler on GitHub. Called "RetDec," the decompiler had been under development since 2011, originally by AVG -- a company Avast bought in 2016.
  • The Intel ME vulnerabilities are a big deal for some people, harmless for most
    (Note: all discussion here is based on publicly disclosed information, and I am not speaking on behalf of my employers) I wrote about the potential impact of the most recent Intel ME vulnerabilities a couple of weeks ago. The details of the vulnerability were released last week, and it's not absolutely the worst case scenario but it's still pretty bad. The short version is that one of the (signed) pieces of early bringup code for the ME reads an unsigned file from flash and parses it. Providing a malformed file could result in a buffer overflow, and a moderately complicated exploit chain could be built that allowed the ME's exploit mitigation features to be bypassed, resulting in arbitrary code execution on the ME. Getting this file into flash in the first place is the difficult bit. The ME region shouldn't be writable at OS runtime, so the most practical way for an attacker to achieve this is to physically disassemble the machine and directly reprogram it. The AMT management interface may provide a vector for a remote attacker to achieve this - for this to be possible, AMT must be enabled and provisioned and the attacker must have valid credentials[1]. Most systems don't have provisioned AMT, so most users don't have to worry about this.