Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 16 Jul 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story GNOME Desktop/GTK/GUADEC Roy Schestowitz 14/07/2018 - 2:19am
Story 0.2.1 Release of Elisa Roy Schestowitz 14/07/2018 - 1:29am
Story Android Leftovers Rianne Schestowitz 13/07/2018 - 7:03pm
Story RK3399 based Renegade Elite debuts on Indiegogo for under $100 Rianne Schestowitz 13/07/2018 - 6:57pm
Story today's leftovers Roy Schestowitz 13/07/2018 - 3:49pm
Story Games: Hacknet, Streets of Rogue, Scrunk, Fanatical Roy Schestowitz 13/07/2018 - 3:48pm
Story OSS Leftovers Roy Schestowitz 13/07/2018 - 3:36pm
Story Windows Server 2016 vs. FreeBSD 11.2 vs. 8 Linux Distributions Performance Benchmarks Rianne Schestowitz 13/07/2018 - 2:40pm
Story Security: Chip Defects and More Roy Schestowitz 13/07/2018 - 2:39pm
Story Mozilla: Addons, OverbiteNX and Remarks on Indian Telecom Commission Roy Schestowitz 13/07/2018 - 2:28pm

Chrome 67 to Counter Spectre on Mac, Windows, Linux, Chrome OS via Site Isolation

Filed under
Google
Security
  • Chrome 67 to Counter Spectre on Mac, Windows, Linux, Chrome OS via Site Isolation

    The Spectre and Meltdown vulnerabilities, discovered earlier this year, caught everyone off guard including hardware and software companies. Since then, several vendors have patched them, and today, Google Chrome implemented measures to protect the browser against Spectre. The exploit uses the a feature found in most CPUs to access parts of memory that should be off-limits to a piece of code and potentially discover the values stored in that memory. Effectively, this means that untrustworthy code may be able to read any memory in its process’s address space. In theory, a website could use such an attack to steal information from other websites via malicious JavaScript code. Google Chrome is implementing a technique known as site isolation to prevent any future Spectre-based attacks from leaking data.

  • Google Chrome is getting a Material Design revamp – here’s how to test the new features

    Google has been promising a Material Design revamp of its desktop Chrome web browser for quite some time – and now we have our first look.

    An update to the experimental Chrome Canary browser on Windows, Linux and Mac, offers a preview of what we can expect when Google builds the changes into the main browser later this year.

  • Google Chrome Gets A Big Material Design Makeover, Here's How To Try It On Windows, Linux And macOS

    Google's dominate Chrome web browser is set to receive a big Material Design makeover later this year. However, if you want to give a try right now, you can do so by downloading the latest build of Chrome Canary. For those not in the know, Canary is the developmental branch of Chrome where new features are tested before they roll out widely to the public.

    As you can see in the image below, this is a total revamp of the browser, with a completely new address bar and look for the tabs interface. Tabs have a more rounded shape and colors have been refreshed through the UI.

  • Chrome 67 features Site Isolation to counter Spectre on Mac, Windows, Linux, Chrome OS

    Following the disclosure of Spectre and Meltdown CPU vulnerabilities earlier this year, the entire tech industry has been working to secure devices. In the current stable version of Chrome, Google has widely rolled out a security feature called Site Isolation to protect desktop browsers against Spectre.

Hiding the Fedora boot menu

Filed under
Red Hat

The venerable Linux boot menu has made its appearance at boot time since the days when LILO was the standard boot loader, through the days of GRUB, and onward to today's GRUB 2 and others. It is sometimes configured out by distributions as something that will potentially confuse less-technical users, but it has been a mainstay of Fedora for many releases. A recent proposal to hide the menu, starting in Fedora 29, has met a mixed reaction, but those who are not in favor are also those most able to revert to the existing behavior.

Hans de Goede raised the issue back at the end of May. He suggested that Fedora had at one time hidden the boot menu, but changed. As a longtime Fedora user, I don't remember that switch, but my memory is faulty and that may be the case here. In any case, De Goede's idea is to not have the distribution print any confusing messages at boot time: "the end goal being a user pressing the on button and then going to the graphical login manager without him seeing any text messages / menus filled with technical jargon."

The response was somewhat mixed, as might be expected. Stephen Gallagher was concerned about boots that failed and gave the user no alternatives to try. De Goede said that the plan was to detect failed boots and then show the boot menu on the next boot. He muddied the waters somewhat by mentioning a "fastboot" feature that he is planning for Fedora 30. It would effectively provide no way for a user sitting at the console to override the boot sequence (with a key press, say) and get the boot menu once the system has started booting.

Read more

Also: Fedora tackles Southeast Linux Fest 2018

GNOME: GUADEC and News From GLib 2.58

Filed under
GNOME
  • GUADEC 2018: BoF Days

    Monday went with engagement BoF. I worked with Rosanna to finalize the annual report. Please help us proofread it! I have also started collecting information for the GNOME 3.30 release video. If you are a developer and you have exciting features for GNOME 3.30, please add them to the wiki. The sooner you do it, the happier I am.

  • GNOME Foundation opens recruitment for further expansion

    Today, July 6th 2018, the GNOME Foundation has announced a number of positions it is recruiting for to help drive the GNOME project and Free Software on the desktop. As previously announced, this has been made possible thanks to a generous grant that the Foundation has received, enabling us to accelerate this expansion.

  • Emmanuele Bassi: News from GLib 2.58

    Next September, GLib will hit version 2.58. There have been a few changes during the past two development cycles, most notably the improvement of the Meson build, which in turn led to an improved portability of GLib to platforms such as Windows, macOS, and Android. It is time to take stock of the current status of GLib, and to highlight some of the changes that will impact GLib-based code.

Stable kernels 4.17.6, 4.14.55, 4.9.112, 4.4.140 and 3.18.115

Filed under
Linux

CAN-based passive telematics software hitches ride on the Raspberry Pi

Filed under
Linux

On Indiegogo, Network Sorcery is pitching “UCAN” software for a CAN-equipped Raspberry Pi board that enables passive, real-time decoding of automotive telematics data over the CAN Bus. UCAN initially supports GM, Infiniti, and Nissan cars.

San Diego based Network Sorcery, which publishes information about network communication protocols, including the RFC Sourcebook, has gone to Indiegogo to launch a telematics program that runs on a Raspberry Pi 3 equipped with a CAN adapter board. The Linux-based UCAN software passively extracts and decodes telematics data in real time via the CAN Bus, offering “more detail and up to 50 times the volume of data than OBD2 (or OBD-II) based systems can provide,” says Network Sorcery.

Read more

Oracle wants to improve Linux load balancing and failover

Filed under
Linux

Oracle reckons Linux remote direct memory access (RDMA) implementations need features like high availability and load balancing, and hopes to sling code into the kernel to do exactly that.

The problem, as Oracle Linux kernel developer Sudhakar Dindukurti explained in this post, is that performance and security considerations mean RDMA adapters tie hardware to a “specific port and path”.

A standard network interface card, on the other hand, can choose which netdev (network device) to use to send a packet. Failover and load balancing is native.

Read more

Kernel Space, Linux Foundation, and NVIDIA

Filed under
Linux
  • Linux Kernel Port Revised To China's C-SKY CPU Architecture

    In addition to the AMD-licensed Chengdu Haiguang x86 server processors and Zhaoxin x86-compatible CPUs from VIA Centaur lineage, another CPU effort within China has been C-SKY.

    C-SKY is a 32-bit embedded CPU core out of Hangzhou, China. C-SKY is working on RISC-V designs too, but this current C-SKY embedded processor appears to be an original CPU design. Back in March they posted the original C-SKY Linux kernel patches while this past week they sent out a revised version.

  • Another Big Pull Of Intel DRM Updates Submitted For Linux 4.19

    One month ago Intel was quick following the Linux 4.18 merge material to begin sending in new feature work for Linux 4.19 by means of the DRM-Next repository. They've already done a few rounds of updates while now another serving of Direct Rendering Manager patches were served up.

    Sent out on Tuesday is likely their last "big pull" targeting the Linux 4.19 kernel, but Intel developer Rodrigo Vivi commented that another one or two smaller pulls are still expected in the days or week ahead to DRM-Next for 4.19.

  • Xen Hypervisor 4.11 Released, New Browsh Text-Based Browser, Finney Cryptocurrency Phone, GNOME Hiring and More

    The Xen Hypervisor 4.11 was released yesterday. In this release "PVH Dom0 support is now available as experimental feature and support for running unmodified PV guests in a PVH Container has been added. In addition, significant chunks of the ARM port have been rewritten." Xen 4.11 also contains mitigations for Meltdown and Spectre vulnerabilities. For detailed download and build instructions, go here.

  • Certification Plays Big Role in Open Source Hiring

    Employers increasingly want vendor neutrality in their training providers, with 77 percent of hiring managers rating this as important, up from 68 percent last year and 63 percent in 2016. Almost all types of training have increased this year, with online/virtual courses being the most popular. Sixty-six percent of employers report offering this benefit, compared to 63 percent in 2017 and 49 percent in 2016. Forty percent of hiring managers say they are providing onsite training, up from 39 percent last year and 31 percent in 2016; and 49 percent provide individual training courses, the same as last year.

  • NVIDIA Jetson Xavier Development Kit: Under 30 Watts, 8-Core ARMv8.2, 512 Core Volta

    The NVIDIA Jetson Xavier Development Kit is pretty darn exciting with having eight ARMv8.2 cores, a 512-core Volta GPU, 16GB of LPDDR4, and under 30 Watt power use.

    Last month NVIDIA announced the Jetson Xavier with plans to ship in August at a $1,299 USD price-tag. More details on this NVIDIA Jetson Xavier Development Kit have now been announced.

Games: Dead Cells, Chicken Assassin: Reloaded, Lust for Darkness, Poly Universe, Hero-U: Rogue to Redemption

Filed under
Gaming

Security: D-Link, DOD, and GNU/Linux

Filed under
Security

Mozilla: FTAPI SecuTransfer, European Union Policy and Notes by Firefox

Filed under
Moz/FF
  • FTAPI SecuTransfer - the secure alternative to emails? Not quite...

    Emails aren’t private, so much should be known by now. When you communicate via email, the contents are not only visible to yours and the other side’s email providers, but potentially also to numerous others like the NSA who intercepted your email on the network. Encrypting emails is possible via PGP or S/MIME, but neither is particularly easy to deploy and use. Worse yet, both standard were found to have security deficits recently. So it is not surprising that people and especially companies look for better alternatives.

    It appears that the German company FTAPI gained a good standing in this market, at least in Germany, Austria and Switzerland. Their website continues to stress how simple and secure their solution is. And the list of references is impressive, featuring a number of known names that should have a very high standard when it comes to data security: Bavarian tax authorities, a bank, lawyers etc. A few years ago they even developed a “Secure E-Mail” service for Vodafone customers.

  • Mozilla Open Policy & Advocacy Blog: Searching for sustainable and progressive policy solutions for illegal content in Europe

    As we’ve previously blogged, lawmakers in the European Union are reflecting intensively on the problem of illegal and harmful content on the internet, and whether the mechanisms that exist to tackle those phenomena are working well. In that context, we’ve just filed comment with the European Commission, where we address some of the key issues around how to efficiently tackle illegal content online within a rights and ecosystem-protective framework.

  • Notes by Firefox Now Lets You Sync Notes Between Desktop and Android

    Mozilla has released a note taking app for Android that syncs with the Firefox browser on the desktop. Called (rather simply) ‘Notes by Firefox‘, the feature offers basic, encrypted note taking in the browser and via a standalone app for Android phones and tablets.

'Cloud-Native'

Filed under
Linux
Server
  • What are cloud-native applications?

    As cloud computing was starting to hit its stride six or seven years ago, one of the important questions people were struggling with was: "What do my apps have to look like if I want to run them in a public, private, or hybrid cloud?"

    There were a number of takes at answering this question at the time.

    One popular metaphor came from a presentation by Bill Baker, then at Microsoft. He contrasted traditional application "pets" with cloud apps "cattle." In the first case, you name your pets and nurse them back to health if they get sick. In the latter case, you give them numbers and, if something happens to one of them, you eat hamburger and get a new one.

  • KubeCon + CloudNativeCon, Copenhagen

    I attended KubeCon + CloudNativeCon 2018, Europe that took place from 2nd to 4th of May. It was held in Copenhagen, Denmark. I know it’s quite late since I attended it, but still I wanted to share my motivating experiences at the conference, so here it is!

    I got scholarship from the Linux Foundation which gave me a wonderful opportunity to attend this conference. This was my first developer conference aboard and I was super-excited to attend it. I got the chance to learn more about containers, straight from the best people out there.

Software: Continuous Integration, Curl, Browsh and Statcode

Filed under
Software
  • Continuous integration and delivery tool basics

    The CircleCI tool is admired for its speed. That's because CircleCI caches builds and can run tests in parallel over multiple machines. The net result is quick test times. It’s also appreciated because it can be run in the cloud or as an on-premises version.

    You can use CircleCI on almost any operating system or cloud. CircleCI is a single-page web application that makes heavy use of AJAX and HTML5. What you can't do with it is build Windows applications. While you can build applications using .NET Core under Docker with CircleCI, that's far from full Windows building or test support.

  • curl 7.61.0

    Yet again we say hello to a new curl release that has been uploaded to the servers and sent off into the world. Version 7.61.0 (full changelog). It has been exactly eight weeks since 7.60.0 shipped.

  • Browsh is the Text-based Web Browser You’ve Been Dreaming Of

    I woke up today to find my Twitter feed chok full of praise for something called Browsh.

    It’s a brand new, modern text-based web browser built for the command line.

    Yes, I did just say a text browser.

    And yes, the year is still 2018.

    So what’s got the geeks I follow gushing over something so terrifically niche?

  • Statcode – Get A Quick Explanation Of Various HTTP Status Codes

    If you’re a web developer, I’ve got a good news for you today. You can now stop spending time on Internet to look for what a particular response code mean. Say hello to Statcode. It is like man pages, but only for HTTP status codes. You can easily get the quick explanation of a http code within minutes, without leaving your Terminal. As you may know already, Hypertext Transfer Protocol (HTTP) response status codes are issued by a server in response to a client’s request made to the server. Statcode is written using Python programming language and works on GNU/Linux, Mac OS and Windows.

Red Hat News, Mostly APAC

Filed under
Red Hat

Minimum GCC Version Likely to Jump from 3.2 to 4.8

Filed under
Development
GNU

The question of the earliest GCC compiler version to support for building the Linux kernel comes up periodically. The ideal would be for Linux to compile under all GCC versions, because you never know what kind of system someone is running. Maybe their company's security team has to approve all software upgrades for their highly sensitive devices, and GCC is low on that list. Maybe they need to save as much space as possible, and recent versions of GCC are too big. There are all sorts of reasons why someone might be stuck with old software. But, they may need the latest Linux kernel because it's the foundation of their entire product, so they're stuck trying to compile it with an old compiler.

However, Linux can't really support every single GCC version. Sometimes the GCC people and the kernel people have disagreed on the manner in which GCC should produce code. Sometimes this means that the kernel really doesn't compile well on a particular version of GCC. So, there are the occasional project wars emerging from those conflicts. The GCC people will say the compiler is doing the best thing possible, and the kernel people will say the compiler is messing up their code. Sometimes the GCC people change the behavior in a later release, but that still leaves a particular GCC version that makes bad Linux code.

Read more

Best Bug Bounty Programs On Internet

Filed under
Linux

​The software revolution brought many opportunities for programmers. The modern software industry is not just limited to development. The developed software or service might have backdoors or glitches. These can cause vulnerabilities that hackers use to their benefit by exploiting such services.

Read<br />
more

Syndicate content