Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 21 Oct 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Titlesort icon Author Replies Last Post
Story An open source mantra: Avoid "no derivatives" Roy Schestowitz 06/01/2015 - 9:52pm
Story An open source tool for every classroom need Roy Schestowitz 18/12/2015 - 10:09am
Story An open vision: Strategic planning is transparent at Mozilla Roy Schestowitz 22/12/2015 - 12:22pm
Story antiX A Fast And Lightweight Linux Distribution Roy Schestowitz 17/03/2017 - 9:51am
Story Arno, the first open source platform for NFV Roy Schestowitz 24/06/2015 - 7:22pm
Story Avoiding quality assurance disasters with openQA Roy Schestowitz 04/10/2016 - 4:11pm
Story Awesome Lucid Mockup srlinuxx 12/02/2010 - 4:24pm
Story BackBox 4.1 Ubuntu Based Distro Released, Available To Download And Install Mohd Sohail 31/01/2015 - 8:37am
Story Best of open hardware in 2014 Roy Schestowitz 22/12/2014 - 8:43pm
Story Best open education tools and tales in 2014 Roy Schestowitz 30/12/2014 - 12:42pm

Software and howtos

Filed under
Software
HowTos
  • wikipedia2text – A Command Line Tool For Querying The Wikipedia Article

    Hi folks am back with another interesting topic called wikipedia2text. It’s a small Shell script to query the Wikipedia articles in console, also it can open the article in any browser.

    This shell script uses text-browser to query and render Wikipedia articles. The output will be printed to standard out. It Currently supports around 30 Wikipedia languages.

    Most of us prefer Wikipedia to know the detailed information about any company or any product information & it’s history. For any google search by default Wikipedia link comes in Top 5.

  • Yay! I Found Yet Another Reliable AUR Helper

    Howdy Arch Users! I’ve got a good news for you. Today, I stumbled upon yet another reliable AUR helper called “Yay”. Yep! the name of this AUR helper is Yay. Currently, I use Pacaur for installing AUR packages. It does great job and I really like it. I also have used other AUR helpers such as Packer and Yaourt in the past. After reading its features, I thought to give “Yay” a try and see how things works. So, here we go!

  •  

  • mount.nfs: requested NFS version or transport protocol is not supported
  • How to Deploy Clojure Web Application on Debian 9
  • Copr stack dockerized!
  • Using Dell Dock With Ubuntu

    Over the years I have found my way around many minor hurdles when using Ubuntu, the most recent being Using the DELL ULTRAHD 4K USB 3.0 DOCKING STATION (D3100).

GNU/Linux Desktops/Laptops and Devices

Filed under
GNU
Linux

OSS Leftovers

Filed under
OSS

Security Leftovers

Filed under
Security
  • Google and IBM launch open-source security tool for containers

    Google and IBM, together with a few other partners, released an open-source project that gathers metadata that developers can use to secure their software.

    According to an IBM blog post, the goal of the project is to help developers keep security standards, while microservices and containers cut the software supply chain.

  • Top 10 Hacking Techniques Used By Hackers

    We live in a world where cyber security has become more important than physical security, thousands of websites and emails are hacked daily. Hence, It is important to know the Top hacking techniques used by hackers worldwide to exploit vulnerable targets all over the internet.

  • Protect your wifi on Fedora against KRACK

    You may have heard about KRACK (for “Key Reinstallation Attack”), a vulnerability in WPA2-protected Wi-Fi. This attack could let attackers decrypt, forge, or steal data, despite WPA2’s improved encryption capabilities. Fear not — fixes for Fedora packages are on their way to stable.

  • Federal watchdog tells Equifax—no $7.25 million IRS contract for you

    The Government Accountability Office (GAO) on Monday rejected Equifax's bid to retain its $7.25 million "taxpayer identity" contract—the one awarded days after Equifax announced it had exposed the Social Security numbers and other personal data of some 145 million people.

  • Adobe Flash vulnerability exploited by BlackOasis hacking group to plant FinSpy spyware

    Security researchers have discovered a new Adobe Flash vulnerability that has already been exploited by hackers to deploy the latest version of FinSpy malware on targets. Kaspersky Lab researchers said a hacker group called BlackOasis has already taken advantage of the zero-day exploit – CVE-2017-11292 – to deliver its malicious payload via a Microsoft Word document.

  • Companies turn a blind eye to open source risk [Ed: No, Equifax got b0rked due to bad practices, negligence, incompetence, not FOSS]

    For instance, criminals who potentially gained access to the personal data of the Equifax customers exploited an Apache Struts CVE-2017-5638 vulnerability.

  • Checking Your Passwords Against the Have I Been Pwned List

    Two months ago, Troy Hunt, the security professional behind Have I been pwned?, released an incredibly comprehensive password list in the hope that it would allow web developers to steer their users away from passwords that have been compromised in past breaches.

How to use an Arduino and Raspberry Pi to turn a fiber optic neural network into wall art

Filed under
Linux
HowTos

Hollywood has made many big promises about artificial intelligence (AI): how it will destroy us, how it will save us, and how it will pass us butter. One of the less memorable promises is how cool it will look.

There's a great example of amazing AI visualization in Avengers: Age of Ultron when Tony Stark's AI butler Jarvis interacts with Ultron and we see an organic floating network of light morphing and pulsing. I wanted to make something similar to fill blank space on my apartment wall (to improve upon the usual Ikea art). Obviously, I couldn't create anything as amazing as Jarvis as a floating orb of light; however, I could use a machine learning algorithm that looks interesting with quirky data visualization: a neural network! It employs biologically inspired elements that were meant to replicate how (we thought) the human brain works.

Read more

Red Hat: Alibaba, CRI-O, Silencing Critics

Filed under
Red Hat

Linux Users Discuss DRM

Filed under
GNU
Linux
  • Linux Users Discuss DRM – Unleaded Hangout

    Today my Patreons and I discuss encrypted media extensions, digital rights management and our freedom on the Linux desktop.

  • The European Parliament Should Be Talking About DRM, Right Now!

    [Teresa Nobre, Communia Association, Link (CC-0)] The European Union is currently discussing a reform of its copyright system, including making mandatory certain copyright exceptions, in order to introduce a balance into the system. However, no one, except Julia Reda, is paying any attention to one of the biggest obstacles to the enforcement of copyright exceptions in the digital age: technological protection measures (TPM), including digital rights management (DRM). In this blogpost we will present the reasons why the European Parliament should not lose this opportunity to discuss a reform of the EU anti-circumvention rules.

Games: OpenMW and Linux Gaming Benchmark

Filed under
Gaming
  • OpenMW, the open source Morrowind game engine continues advancing

    OpenMW [Official Site], the open source Morrowind game engine continues advancing with recent blog posts highlighting some changes sounding rather great.

    Speaking on their official blog, the developers noted back in September that they've had some new developers come on board, with thanks in part to the multiplayer "TES3MP" project (Morrowind Multiplayer), which is built from OpenMW.

  • Core i7 8700K vs. Ryzen 7 1800X For NVIDIA/Radeon Linux Gaming

    Following last week's look at using the new "Coffee Lake" Intel Core i3 / i5 / i7 CPUs for Linux gaming comparison among our other ongoing tests of these new "8th Gen" processors, a frequent request has been a closer look at the gaming performance between the Core i7 8700K and the Ryzen 7 1800X. Here's a look with two AMD Radeon graphics cards and two NVIDIA GeForce offerings.

Bloomberg's big move on machine learning and open source

Filed under
OSS

With its orange text on black interface and colour coded keyboard, the Bloomberg professional services terminal – known simply as ‘The Terminal’ – doesn’t appear to have changed much since it was launched in the early ’80s.

But behind the retro (Bloomberg prefers ‘modern icon’) stylings, its delivery of financial markets data news, and trading tools has advanced rapidly.

The terminal’s 315,000 subscribers globally are now able to leverage on machine learning, deep learning, and natural language processing techniques developed by the company, as they seek an edge in their investment decisions. Bloomberg is also applying those same techniques to its internal processes.

Leading the company’s efforts in the area is Bloomberg’s head of data science Gideon Mann, who spoke with CIO Australia earlier this month.

[...]

Behind much of Bloomberg’s recent builds has been an open source ethic. Mann says there has been a sea change within the company about open source.

"When the company started in 1981 and there really wasn't a whole lot of open source. And so there was a mentality of you know if it's not invented here we're not interested,” Mann says.

[...]

The organisation took some convincing, but, championed by the CTO, there has been a “huge culture change” towards open source.

“There are two groups you got to convince: you’ve got to convince management that using open source is going to be safe and lead to better software, and then you also have to convince engineers that using open source is going to increase their skillset, will lead to software that’s easier to maintain and is less buggy and it's going to be a more beautiful system. Once you can kind of convince those two then you're set,” Mann says.

The company is an active contributor to projects including Solr, Hadoop, Apache Spark and Open Stack.

Read more

Also: Uber Open Sources AthenaX, Its Streaming Analytics Platform

Firefox 57 - Trick or Treat?

Filed under
Moz/FF

The best way to describe Firefox 57 is too little, too late, but better later than never. In a way, it's a pointless release, because it brings us back roughly where Firefox was and should have been years ago. Only all this time in between was wasted losing user base.

WebExtensions will be the thing that makes or breaks the browser, and with insufficient quality in the available replacements for those that don't make the culling list, there will be no real incentive for people to stay around. Firefox 57 is better than earlier versions in terms of looks and performance, but that's like saying you get 50% discount on a price that is twice what it should be. Ultimately unnecessary, just like graduating from university by the age of 68. There aren't any major advantages over Chrome. This is essentially a Firefox that sucks less.

So yes, on the positive side, if you do want to continue using Firefox, version 57 makes much more sense than the previous 53 releases. It has an almost normal look, some of the sorely needed security & privacy addons are available, and it offers a passable user experience in terms of speed and responsiveness. Bottom line, I will stick with Firefox for now. As long as my extensions keep working. Take care.

Read more

The origin and evolution of FreeDOS

Filed under
OS

Over the years, developers have shared with me how they use FreeDOS to run embedded systems. My all-time favorite example is a developer who used FreeDOS to power a pinball machine. FreeDOS ran an application that controlled the board, tallied the score, and updated the back display. I don't know exactly how it was built, but one way such a system could work is to have every bumper register a "key" on a keyboard bus and the application simply read from that input. I thought it was cool.

People sometimes forget about legacy software, but it pops up in unexpected places. I used to be campus CIO of a small university, and once a faculty member brought in some floppy disks with old research data on them. The data wasn't stored in plaintext files, rather as DOS application data. None of our modern systems would read the old data files, so we booted a spare PC with FreeDOS, downloaded a shareware DOS program that could read the application data, and exported the data to plaintext.

Read more

U.S. makes renewable energy software open source

Filed under
OSS

As a longtime proponent of open source solar photovoltaic development, I am happy that the U.S. National Renewable Energy Lab (NREL) has shared all the source code for System Advisor Model (SAM), its most powerful renewable energy economic analysis software.

SAM is now SAM Open Source. It is a performance and financial model designed to help make decisions about renewable energy. This is perfect timing, as the costs of solar have dropped so far that the levelized cost of electricity for solar power is less than what you are probably paying for electricity from your utility.

Read more

Solus Gets Driverless Printing, Improvements to Linux Steam Integration, More

Filed under
OS
Linux

Solus' communications manager Joshua Strobl is reporting today on the latest goodies and software updates that landed recently in the software repositories of the Linux-based operating system.

Read more

Canonical Adds Last-Minute Finishing Touches to Ubuntu 17.10 (Artful Aardvark)

Filed under
Ubuntu

Ubuntu contributor Didier Roche shares today with the community some of the last minute finishing touches that he and the Ubuntu Desktop team had to add to the forthcoming Ubuntu 17.10 release.

Read more

OSS Leftovers

Filed under
OSS
  • 20 Most Promising Open Source Solution Providers - 2017

    Open source has become an imperative part of every developer’s arsenal. The potential to gather assistance from the community and the capacity to link into a range of systems and solutions make open source incredibly powerful. As open source software becomes ubiquitous, and used by the vast majority of enterprises throughout the world, 2017 is all set for vendors of application delivery controller (ADC) to start providing improved and tighter integration packages for various open source projects, especially surrounding ADC-generated telemetry. Companies have been extensively using their analytics and machine learning capabilities for quite some time to identify actionable patterns from the collected data. With the rising demand for business intelligence, this year is foreseen to be the year of information superiority with businesses, leveraging data as a key differentiator. In the past couple of years, containers have been emerging as an imminent trend. As the business focus starkly shifts on rightsizing of resources, containers are expected to become a common phenomenon, giving businesses the ability to leverage highly portable assets and make the move into micro services much simpler. Adjacently, automation has become essential now. Mostly intensified by DevOps adoption, the automation of software delivery and infrastructure changes have freed developers to spend more time creating and less time worrying about infrastructure.

  • DevOps pros and open source: Culturally connected

    Like chocolate and peanut butter, DevOps and open source are two great tastes that taste great together. For many DevOps pros, it's the perfect cultural and technical match.

  • Interoperability: A Case For Open Source - GC@PCI Commentary

    He continues: “An open source model allows companies to see the assumptions behind the calculation and lowers the cost of entry into the cat modeling business. More importantly, the standardized and interoperable hazard, vulnerability and financial modules included in a true open source model facilitate the collaboration of data from insurers, reinsurers, entrepreneurs, scientists, computer programmers and individuals, all of which may result in a new generation of cat models.”

  • DevOps Skills Are Key to Collaboration within Organizations

    DevOps is one of the most highly sought skills employers are seeking to fill among 57 percent of respondents in the 2017 Open Source Jobs Report, from Dice and The Linux Foundation. Specifically, firms are looking for developers (73 percent) and DevOps engineers (60 percent).

  • Projects You Can Help With For Advancing Open-Source NVIDIA "Nouveau" Graphics

    Longtime Nouveau contributor Karol Herbst has been working on an updated list of project ideas for new contributors or those that may be wanting to participate in an Endless Vacation of Code / Google Summer of Code.

  • Join The Linux Foundation at Open Source Summit EU for Booth Swag, Project Updates, and More

    Going to Open Source Summit EU in Prague? While you’re there, be sure stop by The Linux Foundation training booth for fun giveaways and a chance to win one of three Raspberry Pi kits.

  • Oracle Promises To Open Source Oracle JDK And Improve Java EE

    Oracle had already announced it would be moving Java EE to the Eclipse Foundation, and the announcements at JavaOne move the language further to a more vendor-neutral future. It's worth noting that the keynote was preceded by a Safe Harbor disclaimer in which Oracle said it could not be held to plans made during the speech, so nothing is actually certain.

  • Linux Kernel Community Enforcement Statement
  • Linux Kernel Gets An "Enforcement Statement" To Deal With Copyright Trolls

    Greg Kroah-Hartman on the behalf of the Linux Foundation Technical Advisory Board has today announced the Linux Kernel Community Enforcement Statement. This statement is designed to better fend off copyright trolls.

    Among the copyright troll concerns is how a Netfilter developer has been trying to enforce his personal copyright claims against companies for "in secret and for large sums of money by threatening or engaging in litigation."

  • An enforcement clarification from the kernel community

    The Linux Foundation's Technical Advisory board, in response to concerns about exploitative license enforcement around the kernel, has put together this patch adding a document to the kernel describing its view of license enforcement. This document has been signed or acknowledged by a long list of kernel developers. In particular, it seeks to reduce the effect of the "GPLv2 death penalty" by stating that a violator's license to the software will be reinstated upon a timely return to compliance.

Devices: Aaeon, Corvalent, and Renesas Electronics

Filed under
GNU
Linux
Hardware

Red Hat and Servers: India, China, Docker and Kubernetes

Filed under
Red Hat
Server
Syndicate content

More in Tux Machines

LWN on Linux: LTS, API, Pointer Leaks and Linux Plumbers Conference (LPC)

  • Cramming features into LTS kernel releases
    While the 4.14 development cycle has not been the busiest ever (12,500 changesets merged as of this writing, slightly more than 4.13 at this stage of the cycle), it has been seen as a rougher experience than its predecessors. There are all kinds of reasons why one cycle might be smoother than another, but it is not unreasonable to wonder whether the fact that 4.14 is a long-term support (LTS) release has affected how this cycle has gone. Indeed, when he released 4.14-rc3, Linus Torvalds complained that this cycle was more painful than most, and suggested that the long-term support status may be a part of the problem. A couple of recent pulls into the mainline highlight the pressures that, increasingly, apply to LTS releases. As was discussed in this article, the 4.14 kernel will include some changes to the kernel timer API aimed at making it more efficient, more like contemporary in-kernel APIs, and easier to harden. While API changes are normally confined to the merge window, this change was pulled into the mainline for the 4.14-rc3 release. The late merge has led to a small amount of grumbling in the community.
  • Improving the kernel timers API
    The kernel's timer interface has been around for a long time, and its API shows it. Beyond a lack of conformance with current in-kernel interface patterns, the timer API is not as efficient as it could be and stands in the way of ongoing kernel-hardening efforts. A late addition to the 4.14 kernel paves the way toward a wholesale change of this API to address these problems.
  • What's the best way to prevent kernel pointer leaks?
    An attacker who seeks to compromise a running kernel by overwriting kernel data structures or forcing a jump to specific kernel code must, in either case, have some idea of where the target objects are in memory. Techniques like kernel address-space layout randomization have been created in the hope of denying that knowledge, but that effort is wasted if the kernel leaks information about where it has been placed in memory. Developers have been plugging pointer leaks for years but, as a recent discussion shows, there is still some disagreement over the best way to prevent attackers from learning about the kernel's address-space layout. There are a number of ways for a kernel pointer value to find its way out to user space, but the most common path by far is the printk() function. There are on the order of 50,000 printk() calls in the kernel, any of which might include the value of a kernel pointer. Other places in the kernel use the underlying vsprintf() mechanism to format data for virtual files; they, too, often leak pointer values. A blanket ban on printing pointer values could solve this problem — if it could be properly enforced — but it would also prevent printing such values when they are really needed. Debugging kernel problems is one obvious use case for printing pointers, but there are others.
  • Continuous-integration testing for Intel graphics
    Two separate talks, at two different venues, give us a look into the kinds of testing that the Intel graphics team is doing. Daniel Vetter had a short presentation as part of the Testing and Fuzzing microconference at the Linux Plumbers Conference (LPC). His colleague, Martin Peres, gave a somewhat longer talk, complete with demos, at the X.Org Developers Conference (XDC). The picture they paint is a pleasing one: there is lots of testing going on there. But there are problems as well; that amount of testing runs afoul of bugs elsewhere in the kernel, which makes the job harder. Developing for upstream requires good testing, Peres said. If the development team is not doing that, features that land in the upstream kernel will be broken, which is not desirable. Using continuous-integration (CI) along with pre-merge testing allows the person making a change to make sure they did not break anything else in the process of landing their feature. That scales better as the number of developers grows and it allows developers to concentrate on feature development, rather than bug fixing when someone else finds the problem. It also promotes a better understanding of the code base; developers learn more "by breaking stuff", which lets them see the connections and dependencies between different parts of the code.

An update on GnuPG

The GNU Privacy Guard (GnuPG) is one of the fundamental tools that allows a distributed group to have trust in its communications. Werner Koch, lead developer of GnuPG, spoke about it at Kernel Recipes: what's in the new 2.2 version, when older versions will reach their end of life, and how development will proceed going forward. He also spoke at some length on the issue of best-practice key management and how GnuPG is evolving to assist. It is less than three years since attention was focused on the perilous position of GnuPG; because of systematic failure of the community to fund its development, Koch was considering packing it all in. The Snowden revelations persuaded him to keep going a little longer, then in the wake of Heartbleed there was a resurgent interest in funding the things we all rely on. Heartbleed led to the founding of the Core Infrastructure Initiative (CII). A grant from CII joined commitments from several companies and other organizations and an upsurge in community funding has put GnuPG on a more secure footing going forward. Read more

Ubuntu: GNOME, New Video, Ubuntu Podcast, Refreshing the Xubuntu Logo

  • Ubuntu 17.10: We're coming GNOME! Plenty that's Artful in Aardvark, with a few Wayland wails
    Ubuntu has done a good job of integrating a few plugins that improve GNOME's user experience compared to stock GNOME – most notably a modified version of the Dash-to-Dock and the App Indicator extensions, which go a long way toward making GNOME a bit more like Unity. It's worth noting that Ubuntu's fork of Dash-to-Dock lacks some features of the original, but you can uninstall the Ubuntu version in favour of the original if you prefer. In fact you can really revert to a pretty stock GNOME desktop with just a few tweaks. Canonical said it wasn't going to heavily modify GNOME and indeed it hasn't.
  • What’s New in Ubuntu 17.10 Artful Aardvark
  • Ubuntu Podcast: S10E33 – Aggressive Judicious Frame
    This week we’ve been protecting our privacy with LineageOS and playing Rust. Telegram get fined, your cloud is being used to mine BitCoin, Google announces a new privacy focused product tier, North Korea hacks a UK TV studio, a new fully branded attack vector is unveiled and Purism reach their funding goal for the Librem 5.
  • Refreshing the Xubuntu logo
    Earlier this year I worked a bit with our logo to propose a small change to it – first change to the logo in 5 years. The team approved, but for various reasons the new logo did not make it to 17.10. Now we’re ready to push it out to the world.

Intel Linux and GCC Work

  • Intel Begins Landing GFNI Support In GCC 8
    Intel compiler engineers have begun landing "GFNI" support within the GNU Compiler Collection as one of the new ISA extensions not expected until the Icelake processor debut.
  • Control-Flow Enforcement Technology Begins To Land In GCC 8
    Intel Control-flow Enforcement Technology (CET) support has begun landing within the GNU Compiler Collection (GCC) for this code safety feature. Patches have been in the works for several months while now the start of the patches are being merged to mainline. Coincidentally, at the same time Intel is also landing their GFNI instruction patches in GCC as well.
  • Intel Continues Landing New i915 DRM Features For Linux 4.15
    Jani Nikula has sent in another drm-intel-next update for David Airlie's DRM-Next tree. They continue prepping more updates to their Direct Rendering Manager (DRM) for targeting the upcoming Linux 4.15 cycle. There have already been several Intel "i915" DRM driver updates queued in DRM-Next for this new kernel version. Past pulls have included marking Coffeelake graphics as stable, continued Cannonlake "Gen 10" graphics enablement, various display improvements, and quite a lot of other low-level code improvements.