Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 17 Oct 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story KDE Celebrates Its 21st Birthday Roy Schestowitz 14/10/2017 - 2:40pm
Story Graphics and Games: AMDGPU DC, Vulkan, GOG Roy Schestowitz 14/10/2017 - 2:37pm
Story Haiku OS Is Still Chugging Along To Get Its First Official Release Out Roy Schestowitz 14/10/2017 - 2:34pm
Story Microsoft Breaking the Law and Computer Security Woes Roy Schestowitz 14/10/2017 - 12:14pm
Story Mozilla 'Freemium' and Visual Impairment Simulator Roy Schestowitz 14/10/2017 - 12:11pm
Story Nokia and Apple Lost in Android Era Roy Schestowitz 14/10/2017 - 12:07pm
Story Today in Techrights Roy Schestowitz 14/10/2017 - 11:56am
Story 10 open source Linux robots from car-bots to humanoids Rianne Schestowitz 14/10/2017 - 7:55am
Story How do you dump the firmware from a "secure" voting machine? With a $15 open source hardware board Roy Schestowitz 14/10/2017 - 5:31am
Story Debian, Ubuntu, elementary OS, pfSense and Windows Roy Schestowitz 14/10/2017 - 5:28am

5 benefits of contributing to open source projects

Filed under
OSS

Open source was once seen as a risky bet for the enterprise. If open source software was used at all it was by small companies, or by larger firms in stealthy pockets by IT and development professionals who saw the value of the model but couldn't "sell" it upstream.

To be fair, it was a different time with a different pace of business, and the open source model was a little too loose for most companies. Today? Open source is wearing figurative pinstripes while enabling companies of all sizes and industries to innovate at the pace of digital. And savvy companies are not only using it, but also contributing to open source projects to drive innovation, growth, and revenue.

Read more

LinuxAndUbuntu Review Of Pantheon Desktop Environment

Filed under
Linux
Reviews
Ubuntu

Pantheon is beautiful, lightweight, fast, simple and brings something new to Linux desktops. For Linux newbies, Pantheon is pretty straightforward and easy to use. For advanced users who prefer to tinker with their desktop, Pantheon is a no go as there is little to do in terms of customizations. Changing wallpapers and switching workspace could surely do with some simplification Nonetheless, I believe everyone who used Pantheon is going to be impressed with how beautiful this desktop environment is.

​The Pantheon desktop is definitely among the very best desktop environments. Currently, there are efforts to bring the Pantheon desktop to some major distributions such as Fedora and Arch. There is even a community version of Manjaro that comes with Pantheon. But if you really want to use this desktop go with elementary OS.

Read more

GNU/Linux Works, Microsoft Windows Stops Working

Filed under
GNU
Linux
Microsoft
  • Why Linux Works

    The Linux community works, it turns out, because the Linux community isn’t too concerned about work, per se. As much as Linux has come to dominate many areas of corporate computing – from HPC to mobile to cloud – the engineers who write the Linux kernel tend to focus on the code itself, rather than their corporate interests therein.

  • Windows 10 mandatory October KB4041676 update is causing machines to BSOD

    Today when people started waking up from their machines automatically updating during the night, however, they have been faced with a BSOD (Blue Screen of Death) instead of the Windows 10 desktop, and unfortunately, no-one seems to know why the installations are failing, only that it relates to KB4041676, which is yesterday's update.

  • Global shipments of PCs slump for 12th successive quarter, research suggests [iophk: "PCs no longer have any Windows or Microsoft stickers, hiding the infection"]

    An assessment by research and analysis outfit Gartner found that shipments totalled 67 million units in the third quarter of 2017; a decline of 3.6% on an annualised basis compared to the same quarter last year.

    The latest decline marked the 12th consecutive quarter of PC shipments slump.

  • The PC still isn't dead and the market is 'stabilising', says IDC

    In its Worldwide Quarterly Personal Computing Device Tracker, IDC announced worldwide shipments of traditional PCs, which includes desktops, notebooks, workstations, totalled 67.2 million units in the third quarter of 2017.

    While this translates into a slight year-over-year decline of 0.5 percent, IDC said [...]

Security: Updates, Reproducible Builds, T-Mobile, ATMs, Microsoft Outlook "Fake Crypto" and Accenture

Filed under
Security
  • Security updates for Tuesday
  • Reproducible Builds: Weekly report #128
  • T-Mobile customer data plundered thanks to bad API

    A bug disclosed and patched last week by T-Mobile in a Web application interface allowed anyone to query account information by simply providing a phone number. That includes customer e-mail addresses, device identification data, and even the answers to account security questions. The bug, which was patched after T-Mobile was contacted by Motherboard's Lorenzo Franceschi-Bicchierai on behalf of an anonymous security researcher, was apparently also exploited by others, giving them access to information that could be used to hijack customers' accounts and move them to new phones. Attackers could potentially gain access to other accounts protected by SMS-based "two factor" authentication simply by acquiring a T-Mobile SIM card.

  • Criminals stole millions from E. Europe banks with ATM “overdraft” hack

    Banks in several former Soviet states were hit with a wave of debit card fraud earlier this year that netted millions of dollars worth of cash. These bank heists relied on a combination of fraudulent bank accounts and hacking to turn nearly empty bank accounts into cash-generating machines. In a report being released by TrustWave's SpiderLabs today, SpiderLabs researchers detailed the crime spree: hackers gained access to bank systems and manipulated the overdraft protection on accounts set up by proxies and then used automated teller machines in other countries to withdraw thousands of dollars via empty or nearly empty accounts.

    While SpiderLabs' investigation accounted for about $40 million in fraudulent withdrawals, the report's authors noted, "when taking into account the undiscovered or uninvestigated attacks along with investigations undertaken by internal groups or third parties, we estimate losses to be in the hundreds of millions in USD." This criminal enterprise was a hybrid of traditional credit fraud and hacking. It relied on an army of individuals with fake identity documents, as these folks were paid to set up accounts at the targeted institutions with the lowest possible deposit. From there, individuals requested debit cards for the accounts, which were forwarded to co-conspirators in other countries throughout Europe and in Russia.

  • Buggy Microsoft Outlook Sending Encrypted S/MIME Emails With Plaintext Copy For Months

    Beware, If you are using S/MIME protocol over Microsoft Outlook to encrypt your email communication, you need to watch out.

    From at least last 6 months, your messages were being sent in both encrypted and unencrypted forms, exposing all your secret and sensitive communications to potential eavesdroppers.

    S/MIME, or Secure/Multipurpose Internet Mail Extensions, is an end-to-end encryption protocol—based on public-key cryptography and works just like SSL connections—that enables users to send digitally signed and encrypted messages.

  • Fake Crypto: Microsoft Outlook S/MIME Cleartext Disclosure (CVE-2017-11776)

    Outlook version XXX (we are still waiting for Microsoft to release detailed information and update the blog accordingly) was the first affected version. So any S/MIME encrypted mail written since that date might be affected.

    Unfortunately there is no easy solution to remediate the impact of this vulnerability (we are still waiting for Microsoft to release detailed information and update the blog).

    In cases where mails have been send to third parties (recipient is outside of the sender’s organization) remediation is not possible by the sending party, since the sender has no authority over the recipient’s mail infrastructure.

  • Accenture data leak: 'Keys to the kingdom' left exposed via multiple unsecured cloud servers

    A massive trove of sensitive corporate and customer data was left freely exposed to the public by Accenture, one of the world's biggest management firms. The tech giant left at least four cloud storage servers, which contained highly sensitive decryption keys and passwords, exposed to the public, without any password protections.

Ubuntu: elementaryOS Snaps, Kernel, MAAS, and Ubuntu Server

Filed under
Ubuntu
  • elementary on why snaps are right for their Linux distro

    elementary is the company behind the elementary OS Linux distribution and the associated app store. Celebrating their tenth anniversary this year, elementary began in 2007 with their first release in 2011. They are currently on their 4th release (Loki) and are working towards their 5th (Juno) with Jupiter, Luna and Freya as previous releases. At the Ubuntu Rally in New York, we spoke to elementary’s founder Daniel Fore and Systems Architect, Cody Garver, to discover what made snaps the right Linux application packaging format for their distro.

  • Kernel Team Summary- October 11, 2017
  • MAAS 2.3.0 beta 2 released!
  • Ubuntu Server Development Summary – 10 Oct 2017

    The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list.

today's leftovers

Filed under
Misc
  • Alpha outs Centurion Nano/Ultra Linux laptops

    If you’re looking for a slim notebook and acknowledge the superiority of Linux over Windows, you could be interested in the two new Alpha laptops that come pre-installed with a Linux-based OS. The Centurion Nano and Centurion Ultra notebooks are powered by gen 7 ULV CPUs from Intel and feature stylish slim silver aluminum cases.

  • Ditching Windows for Linux led to 'major difficulties' says open-source champion Munich [Ed: This is FUD. Munich is not replacing GNU/Linux. At least not yet. Microsoft needs Munich to fail or be perceived as failing by all means possible. This is why.]
  • Administering Chromebooks : For teams traveling to complex and hostile environments

    If you are traveling to hostile or complex environments the phrase “use a Chromebook” has become the “use Signal, use Tor” of border crossing device security. Nearly all of the individuals who work in these environments knows that, as with everything, it’s more complex than that.

  • Red Hat channel head talking to partner base about the wider opportunity

    The recently appointed UK channel head at Red Hat is keen to talk to existing partners about the benefits of selling the firm's wider portfolio

  • Red Hat unveils new containerised storage solution

    Open source solutions provider Red Hat has unveiled its new Container-Native Storage solution, which now supports containerised applications and infrastructure in Red Hat OpenShift Container Platform clusters.

    The company says providing a platform for versatile storage for containers will enable customers to manage, scale, and upgrade their storage needs using a single control plane, allowing for greater storage efficiency and cost savings.

  • Bodhi 2.12.1 released
  • Announce: Entangle “Lithium“ release 1.0 – an app for tethered camera control & capture
  • Mir 1.0 Is Pulled Back, Now It's Mir 0.28

    While we've long been told that Mir 1.0 would happen for Ubuntu 17.10 -- even as recently as last month -- and then earlier this week was a Mir 1.0 tag and the v1.0.0 milestone in Launchpad, that version is being pulled back in favor of calling it Mir 0.28.

    Even following the decision to drop the grand Unity 8 + Mir plans, Mir 1.0 was still a target for the "Artful Aardvark" and their revised plan around the remaining Mir developers has been adding Wayland client support. That initial Wayland client support in Mir is in place albeit still fairly basic but should get better over time. We haven't seen Mir Vulkan support or other previously talked about changes for Mir 1.0, including the dropping of their old APIs, etc.

  • Arch Vs. Linux Mint

    If there’s ever been a mismatch in comparing any two distros, it definitely does not get any better as a mismatch than this. While Linux Mint seeks to provide an all-around distro that is ready for work and play right out of the box with a carefully curated software selection and experience, Arch allows advanced users to custom design their own distro with only the packages and software they’d want. So how do these two distros compare, their similarities and differences?​

Software, KDE, and GNOME

Filed under
KDE
Software
GNOME
  • D-Bus Broker Updated To Version 5

    Earlier this year was word of BUS1 working on a D-Bus Broker while announced in late August was this D-Bus Broker project as a high performance message bus.

  • 10 Free Linux Productivity Apps You Haven’t Heard Of

    Productivity apps can really make your work easier. If you are a Linux user, these 10 lesser-known free productivity apps for the Linux desktop can help you.. As a matter of fact, it’s possible keen Linux users have heard of all the apps on the list, but for somebody who hasn’t gone beyond the main apps, these should be unknown.

  • Krita 3.3.1
  • KDE Plasma 5.12 Pushing For "An Awesome Release On Wayland"

    While today's release of KDE Plasma 5.11 brings with it many Wayland improvements, KWin maintainer Martin Flöser (né Gräßlin) is proposing to get the Plasma 5.12 support into better shape on Wayland.

  • GNOME Foundation hackfest in Berlin

    Last weekend we held a GNOME Foundation hackfest in Berlin, as planned in August. That means not just a hackfest organised by the foundation, but to improve the foundation itself. Many of the topics we had to cover are interconnected and it’s a challenge to untangle it all and sort it out. Being in the same room, with a projector and a whiteboard, helped a lot. Many thanks to Kinvolk who let us use their

Linux Foundation, Kernel, and Graphics

Filed under
Graphics/Benchmarks
Linux
  • A ZSTD-Compressed Linux Kernel Could Be Up Next

    Nick Terrell of Facebook is proposing support for ZSTD-compressed kernel and ramdisk images. This would add to the list of other algorithms already available like Gzip, XZ, LZ4, and others for dealing with kernel images at boot time.

  • Chasing Grace: A New Documentary Series about Women in Tech

    After hearing several women in tech, smart women with bright futures, talk about leaving their jobs, Jennifer Cloer, Founder/Lead Consultant, reTHINKit PR, decided to launch the “Chasing Grace Project,” a six-episode documentary series about women in tech. The trailer debuted at the recent Linux Foundation Diversity Empowerment Summit in LA.

    “A young, very talented female programmer recently told me: ‘I don’t want to leave tech but after a year into my first job, I’m considering it,’” said Cloer. So she asked herself, “What can I do to help”

  • OVR_multiview Extension Completed For More Efficient OpenGL VR

    The OVR_multiview OpenGL Extension developed via the OpenVR initiative has been around for several months in an incomplete form for allowing more efficient virtual reality (VR) rendering while now the extension is complete.

  • More Than 100 More AMDGPU DC Patches Line Up Ahead Of Linux 4.15

    AMDGPU DC is expected for Linux 4.15 assuming Linus Torvalds has no objections to merging the code. We hope it won't, but the code-base for this new AMD display code is outright massive at more than 120,000 lines of code over hundreds of patches. Today another 103 new patches were published.

  • Initial Gallium3D VC5 Driver Merged Into Mesa

    The initial "VC5" Gallium3D driver for next-generation Broadcom graphics hardware has been merged into mainline Mesa.

  • Linux 4.15 Will Finally Graduate Intel "Coffee Lake" Graphics Out Of Alpha Support

    Another set of Intel Direct Rendering Manager (DRM) driver updates were mailed in to DRM-Next today for the eventual Linux 4.15 kernel cycle.

Devices and TIzen Software

Filed under
Linux
Hardware
  • OSNEXUS and Pogo Linux Certify HGST Flash Storage Solution on QuantaStor SDS
  • Synology 2018 Event: DSM 6.2 With Windows/Linux Virtualization, 4K HDR10 & New NAS Ranges

    All companies like to get the word out about their products, but Synology takes things to another level by touring the world and giving as many people access to product launches and feature updates as possible. Its latest round of events can be found in 17 different countries, with the next, Netherlands, taking place on October 12. The festivities wrap up in South Korea on October 26.

  • Purism's Linux phone successfully crowdfunded

    Purism's open source mobile phone has been been successfully crowdfunded when it reached and passed its goal of $1.5 million, with 13 days left.

    Librem 5 security and privacy-focused smartphone is powered by a GNU/Linux operating system based on Debian GNU/Linux and running only Open Source software apps on top of a popular desktop environment like KDE Plasma Mobile or GNOME Shell.

  • In Device We Trust: Measure Twice, Compute Once with Xen, Linux, TPM 2.0 and TXT

    OpenEmbedded Linux supports a range of x86 and ARM devices, while Xen isolates operating systems and unikernels. Applications and drivers from multiple ecosystems can run concurrently, expanding technical and licensing options. Special-purpose software can be securely composed with general-purpose software in isolated VMs, anchored by a hardware-assisted root of trust defined by customer and OEM policies. This architecture allows specialist software vendors to share platform and hardware support costs, while supporting emerging and legacy software ecosystems that have different rates of change.

  • 64bit quad-core Risc-V for Linux

    “RISC-V is a free and open instruction set architecture [ISA] designed to enable chips across the full spectrum of computing devices, from embedded devices to the data centre,” said the firm.

    “The release of the U54-MC Coreplex marks the architecture’s expansion into the application processor space – opening entirely new use cases for RISC-V. It is ideal for applications which need full operating system support such as AI, machine learning, networking, gateways and smart IoT devices.”

  • Seamlessly access your favorite Tizen apps with Shake N Launch
  • Multi Language Voice Calculator added to the Tizen Store

Linux Foundation Events: and Webinar

Filed under
OSS

OSS and Sharing

Filed under
OSS
  • Linux Foundation and Hyperledger launch blockchain training course
  • MEF, ONAP develop pact for open network-based orchestrated services

    MEF and the Open Network Automation Platform (ONAP), a Linux Foundation project, have signed a memorandum of understanding to establish service orchestration for service providers interconnecting diverse networks and technologies.

  • How the Federal Reserve Bank of New York navigates the 'supply chain' of open source software

    Large companies have divisions and subsidiaries that make efficient organizational management a challenge. Perhaps no one recognizes that more than Colin Wynd, vice president and head of the Common Service Organization at the Federal Reserve Bank of New York. Wynd is charged with ensuring that software development practices and strategy are forward-thinking and secure, and adhere to compliance regulations.

    Several years ago, Wynd and his team started to think more holistically about how their developer teams worked, he explained in a presentation at the recent Jenkins World conference in San Francisco. They needed to transition decades of legacy applications to more modern, flexible alternatives.

  • Building an Open Standard for Distributed Messaging: Introducing OpenMessaging

    Through a collaborative effort from enterprises and communities invested in cloud, big data, and standard APIs, I’m excited to welcome the OpenMessaging project to The Linux Foundation. The OpenMessaging community’s goal is to create a globally adopted, vendor-neutral, and open standard for distributed messaging that can be deployed in cloud, on-premise, and hybrid use cases.

    Alibaba, Yahoo!, Didi, and Streamlio are the founding project contributors. The Linux Foundation has worked with the initial project community to establish a governance model and structure for the long-term benefit of the ecosystem working on a messaging API standard.

  • Cloud Foundry adds native Kubernetes support for running containers

    Cloud Foundry, the open-source platform as a service (PaaS) offering, has become somewhat of a de facto standard in the enterprise for building and managing applications in the cloud or in their own data centers. The project, which is supported by the Linux Foundation, is announcing a number of updates at its annual European user conference this week. Among these are support for container workloads and a new marketplace that highlights the growing Cloud Foundry ecosystem.

    Cloud Foundry made an early bet on Docker containers, but with Kubo, which Pivotal and Google donated to the project last year, the project gained a new tool for allowing its users to quickly deploy and manage a Kubernetes cluster (Kubernetes being the Google-backed open-source container orchestration tool that itself is becoming the de facto standard for managing containers).

  • “We’re just on the edge of blockchain’s potential”

    No one could have seen blockchain coming. Now that it’s here, blockchain has the potential to completely reinvent the world of financial transactions, as well as other industries. In this interview, we talked to JAX London speaker Brian Behlendorf about the past, present, and future of this emerging technology.

  • Measure Your Open Source Program’s Success

    Open source programs are proliferating within organizations of all types, and if yours is up and running, you may have arrived at the point where you want to measure the program’s success. Many open source program managers are required to demonstrate the ROI of their programs, but even if there is no such requirement, understanding the metrics that apply to your program can help optimize it. That is where the free Measuring Your Open Source Program’s Success guide comes in. It can help any organization measure program success and can help program managers articulate exactly how their programs are driving business value.

  • Bitcoin-Ethereum Atomic Swap Code Now Open Source

    A team of cryptocurrency startup developers is open-sourcing technology that enables trustless trading between the bitcoin and ethereum blockchains.

    Now available on GitHub, the code has already been used to execute what startup Altcoin Exchange claims is the first so-called "atomic swap" between the largest cryptocurrencies by market value. As a result of the release, a now larger community of developers can play around with and build on top of the code.

  • How Open Source boosts the Big Data-Driven Business

    Open Source offered fertile ground for digital transformation. Though Open Source revolutionized software, it now has an impact in larger business fields. But this phenomenon is way older than the Big Data revolution we are currently living, as Philippe Very, Lead Data Scientist at Sidetrade explains.

    [...]

    Open Source licenses, because of the freedom and the simplicity they offer, represent a true opportunity for Data Scientists. Statistics and machine learning open libraries, available in programming languages like R, Python or Java, became richer and easier to use than proprietary software. Open Source is not even really a choice anymore for Data Scientists.

  • Mozilla pilots Cliqz engine in Firefox to slurp user browsing data

    Mozilla has launched a pilot program using Cliqz technology to pull user browsing data in Firefox.

    Last week, Mountain View, CA-based Mozilla said the inclusion of the Cliqz plugin, bolt-on software which recommends links to news, weather, sport and other websites directly in the search bar based on a user's history and activities, will now be included in "less than one percent" of Firefox browser downloads taking place in Germany.

    The inclusion of the add-on is part of a "small experiment" designed to improve the Firefox experience, privacy, and ease of use, according to the company.

  • VISEO launches open-source platform for chatbots and voice assistants, VISEO Bot Maker
  • “Night Light” is an Open Source app using KCAL to adjust Blue Light Intensity
  • Frost for Facebook is an Open Source, Fully Themeable Facebook Alternative [Ed: Well, call if what you want, even “open”, but if that connects to Facebook surveillance behemoth, it’s all proprietary]
  • Open-Xchange, Open Source Email Provider, Wins Funding

    Open-Xchange, the German-based provider of an open-source email platform and security software, has won €21 million in funding, translating into U.S. $25 million, according to Venture Beat. The round is headed by Iris Capital and existing shareholders such as eCAPITAL.

  • Trying Out The BSDs & OpenIndiana On AMD EPYC + Tyan 2U Server

    We have begun in delivering many Linux benchmarks of AMD EPYC, but for those of you interested in the BSD operating systems or even the "open-source Solaris" Illumos/OpenIndiana, I have run some basic tests the past few days using the high-end EPYC 7601 64-thread processor on the TYAN Transport SX TN70A-B8026.

  • More AMD Zen Tuning Patches Posted For GCC

    A few days back I initially wrote about a SUSE developer working on Zen tuning patches for GCC. That work has continued with more compiler patches coming for optimizing the GNU's compiler for Ryzen / Threadripper / EPYC processors.

  • Update on Artifex v. Hancom GNU GPL compliance case

    A new ruling was issued on September 25th in the ongoing GNU General Public License (GPL) compliance case of Artifex v. Hancom. The case involves a piece of software licensed under the GPL version 3 or later, called Ghostscript. It is a project from Artifex for handling PostScript, PDFs, and printers (GNU Ghostscript is a separate version of the project, and is not involved or implicated in the case).

Open Hardware

Filed under
Hardware

Development: Kotlin, Qt 3D Studio, DevOps, Weblate

Filed under
Development
  • Kotlin could overtake Java on Android next year

    Realm performed an anonymized assessment of 100,000 developers using its database and which languages they were using, determined by developers’ selection of SDKs. Realm found that 20 percent of apps built with Java before Google’s May endorsement of Kotlin are now being built in Kotlin.

  • NVIDIA-Donated Qt 3D Studio Now Available In Pre-Release Form

    Towards the beginning of this year NVIDIA donated their "DRIVE Design Studio" software to Qt to serve as the basis of Qt 3D Studio, a new editor for Qt 3D content. The code to this new Qt 3D Studio is now available in pre-release form.

  • Qt 3D Studio Source Code and Pre-Release Snapshots Available

    As you may remember we announced in February that we are working on a new 3D design tool called Qt 3D Studio, which is based on a major contribution from NVDIA. Now we are happy to announce that the code has been pushed into the Qt Project repositories and binary snapshots are available through the Qt online installer.

  • What is DevOps? An executive guide to agile development and IT operations

    Adopting DevOps isn't just a good idea, it's a business necessity.

    To get the most from today's technologies -- from servers to virtual machines (VM)s and containers on to the clouds they empower -- you must get your system administrators working together with your developers. Hence, DevOps, the portmanteau of development and operations.

  • New projects on Hosted Weblate

Security: Updates, Accenture, Microsoft and More

Filed under
Security
  • Security updates for Wednesday
  • Accenture left a huge trove of highly sensitive data on exposed servers

    Technology and cloud giant Accenture has confirmed it inadvertently left a massive store of private data across four unsecured cloud servers, exposing highly sensitive passwords and secret decryption keys that could have inflicted considerable damage on the company and its customers.

  • Crypto Anchors: Exfiltration Resistant Infrastructure

    The obvious way to implement a tokenization service is to generate a random token and store a mapping of that token and a one-way hash of the sensitive piece of data.

    Unfortunately, the maximum number of possible SSNs is just under 1 billion, making it trivial for an attacker that downloads the database to brute-force them offline.

  • Detecting DDE in MS Office documents

    Dynamic Data Exchange is an old Microsoft technology that can be (ab)used to execute code from within MS Office documents. Etienne Stalmans and Saif El-Sherei from Sensepost published a blog post in which they describe how to weaponize MS Office documents.

  • Stack Overflow Considered Harmful?

    What proportion of Android apps in the Play store include security-related code snippets copied directly from Stack Overflow? Does the copied code increase or decrease application security?

  • ‘UK teen almost hacking US officials a serious concern for American security’

    It should be very concerning for the US security services that a teenager almost got to access to private information of top officials, including that of the CIA chief, as other hackers might actually do some real harm, Mark Chapman of the UK Pirate Party believes.

    British teenager Kane Gamble pleaded guilty to trying to hack top US officials’ personal computers.

    Gamble is autistic and was only 15 years old when he attempted to hack the computers of former CIA chief John Brennan and the head of security of the Obama administration. He was released on bail and is due to be sentenced by a British regional court in December.

Canonical Outs Important Linux Kernel Updates for All Supported Ubuntu Releases

Filed under
Ubuntu

Canonical released new kernel updates for all supported Ubuntu Linux releases, including Ubuntu 14.04 LTS (Trusty Tahr), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 17.04 (Zesty Zapus), fixing a total of five security vulnerabilities.

Read more

Endless OS Is First Linux Distro to Support Flatpak Apps from Flathub by Default

Filed under
OS

Endless Computers announced today on their Twitter account that Endless OS has recently become the first GNU/Linux distribution to enable support for Flatpak apps from Flathub by default with the latest release.

Read more

Lakka 2.1 RC5 released with improved Dolphin support and experimental ASUS TinkerBoard support

Filed under
GNU
Linux
Movies

We are proud to announce the release of Lakka 2.1 RC5!

This version required a lot of team work. We merged LibreELEC 8.2 Bêta changes in Lakka. RetroArch also got updated, as well as all the emulators and other libretro cores.

Ntemis added support for some Rockchip boards, including the ASUS Tinkerboard. These new images are still experimental.

Read more

Games: Sid Meier's Civilization VI, Reflection of Mine, Parkitect, JYDGE, Talos Principle VR, Argentum Age, Vulkan

Filed under
Gaming
Syndicate content

More in Tux Machines

Debian and Ubuntu Leftovers

  • MiniDebConf Prishtina 2017
    On 7th of October in Prishtina, Kosova’s capital, was hosted the first mini deb conference. The MiniDebConf Prishtina was an event open to everyone, regardless of their level of knowledge about Debian or other free and open source projects. At MiniDebConf Prishtina there were organized a range of topics incidental to Debian and free software, including any free software project, Outreachy internship, privacy, security, digital rights and diversity in IT.
  • No more no surprises
    Debian has generally always had, as a rule, “sane defaults” and “no surprises”. This was completely shattered for me when Vim decided to hijack the mouse from my terminal and break all copy/paste functionality. This has occured since the release of Debian 9.
  • Debian Security Advisory 3999-1
    Debian Linux Security Advisory 3999-1 - Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol, used for authentication in wireless networks. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
  • LXD Weekly Status #19
    This past week, part of the team was back in New York for more planning meetings, getting the details of the next 6 months, including LXC, LXD and LXCFS 3.0 fleshed out.

Software and howtos

  • wikipedia2text – A Command Line Tool For Querying The Wikipedia Article
    Hi folks am back with another interesting topic called wikipedia2text. It’s a small Shell script to query the Wikipedia articles in console, also it can open the article in any browser. This shell script uses text-browser to query and render Wikipedia articles. The output will be printed to standard out. It Currently supports around 30 Wikipedia languages. Most of us prefer Wikipedia to know the detailed information about any company or any product information & it’s history. For any google search by default Wikipedia link comes in Top 5.
  • Yay! I Found Yet Another Reliable AUR Helper
    Howdy Arch Users! I’ve got a good news for you. Today, I stumbled upon yet another reliable AUR helper called “Yay”. Yep! the name of this AUR helper is Yay. Currently, I use Pacaur for installing AUR packages. It does great job and I really like it. I also have used other AUR helpers such as Packer and Yaourt in the past. After reading its features, I thought to give “Yay” a try and see how things works. So, here we go!
  •  
  • mount.nfs: requested NFS version or transport protocol is not supported
  • How to Deploy Clojure Web Application on Debian 9
  • Copr stack dockerized!
  • Using Dell Dock With Ubuntu
    Over the years I have found my way around many minor hurdles when using Ubuntu, the most recent being Using the DELL ULTRAHD 4K USB 3.0 DOCKING STATION (D3100).

GNU/Linux Desktops/Laptops and Devices

OSS Leftovers