Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 21 May 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story today's leftovers Roy Schestowitz 19/05/2018 - 5:21am
Story GNOME: GNOME Boxes and More Roy Schestowitz 19/05/2018 - 4:20am
Story KDE/Qt: Krita, Calamares and Qt Roy Schestowitz 19/05/2018 - 4:18am
Story Events: Fractal Hackfest, FOSS-North, OpenDev, MiniDebConf Hamburg Roy Schestowitz 19/05/2018 - 4:17am
Story Ubuntu 18.10 and Ubuntu in Microsoft Prison Roy Schestowitz 19/05/2018 - 4:15am
Story today's howtos Roy Schestowitz 19/05/2018 - 3:52am
Story Server/Back End: Blockchain, Cloud Foundry Platform, Kubernetes, Labtainers Roy Schestowitz 19/05/2018 - 3:51am
Story Security and privacy: Do you know what's lurking on your system? Roy Schestowitz 19/05/2018 - 3:12am
Story Games: Antigraviator and 0 A.D. Alpha 23 Roy Schestowitz 1 19/05/2018 - 3:07am
Story Purism/PureOS Development Updates Roy Schestowitz 19/05/2018 - 2:57am

Games: Spartan Fist, Wizard of Legend, Myst 25th Anniversary Collection, Wine 3.0.1 and More

Filed under
Gaming

Security: DHCP, System Updates, and Ubuntu Blobs Store

Filed under
Security
  • Protect your Fedora system against this DHCP flaw

    A critical security vulnerability was discovered and disclosed earlier today in dhcp-client. This DHCP flaw carries a high risk to your system and data, especially if you use untrusted networks such as a WiFi access point you don’t own. Read more here for how to protect your Fedora system.

    Dynamic Host Control Protocol (DHCP) allows your system to get configuration from a network it joins. Your system will make a request for DHCP data, and typically a server such as a router answers. The server provides the necessary data for your system to configure itself. This is how, for instance, your system configures itself properly for networking when it joins a wireless network.

    However, an attacker on the local network may be able to exploit this vulnerability. Using a flaw in a dhcp-client script that runs under NetworkManager, the attacker may be able to run arbitrary commands with root privileges on your system. This DHCP flaw puts your system and your data at high risk. The flaw has been assigned CVE-2018-1111 and has a Bugzilla tracking bug.

  • Security updates for Tuesday
  • Potentially Malicious Bytecoin Miner Removed from the Ubuntu Snap Store
  • Canonical on trust and security in the Snap Store

    Here's a posting from Canonical concerning the cryptocurrency-mining app that was discovered in its Snap Store.

  • Canonical finds hidden crypto-miners in the Linux Snap app store

    Last Friday, Canonical, the developer of the popular Ubuntu operating system and owner of the Snapcraft app store, spotted one application surreptitiously mining cryptocurrencies in the background.

Microsoft 'Imprisons' GNU/Linux, Spreads FUD Against FOSS (via Former Staff)

Filed under
Microsoft

Red Hat News

Filed under
Red Hat

AsteroidOS, an open-source Wear OS alternative, now available as a stable release

Filed under
GNU
Linux

A few years ago, a French computer science student named Florent Revest undertook a project to keep Android Wear smartwatches from dying of obsolescence. That project is called AsteroidOS, built entirely on GNU/Linux libraries and technologies, and in its current state, it's fairly basic. Even so, for all fans of open source software out there, this is pretty damn great.

This is the stable release of v1.0 and it works on a few select watches: Asus ZenWatch, Asus ZenWatch 2, Asus ZenWatch 3, LG G Watch, LG Watch Urbane, LG G Watch R, and Sony Smartwatch 3. Each has a different level of support – e.g. the Urbane's sensors aren't working at time of writing – but AsteroidOS is a mostly fully-functioning smartwatch operating system.

Read more

GNOME Devs to Remove the Ability to Launch Apps from the Nautilus File Manager

Filed under
GNOME

Launched in mid-March 2018, GNOME 3.28 is the most advanced and also the first release of the widely-used desktop environment for Linux-based operating systems to drop support for desktop icons from the Nautilus file manager, which handled them for the past two decades, planning to move the functionality to GNOME Shell.

Last month, the GNOME Project kicked off the next six-month development cycle, for GNOME 3.30, which will see the light of day in September 2018 with a more sandboxed system where you won't be able to launch binaries/executables, nor programs directly from the Nautilus file manager.

Read more

Endless OS Picks Up Companion App for Android, Smarter Updates in Major Release

Filed under
OS
Android

Packed with dozens of stability and performance improvements, the Endless OS 3.4 release is one of those major ones that you'll have to install on your personal computer if you're running the Linux-based Endless OS. It features an enhanced GNOME 3.26 desktop environment with smarter updates to help you manage data consumption on limited data plans.

Additionally, Endless OS 3.4 marks the introduction of the Endless Companion App for Android smartphones, which will be available in the coming weeks and promises to let users view content from their Endless OS computers on their Android phones while enjoying the features of the native Endless OS apps.

Read more

Also: Endless OS 3.4 Released, Allows Scheduled Updates & Companion App For Android

Openwashing Tactics by Jadu (Proprietary)

Filed under
OSS
  • Councils back launch of open source library for digital services

    A new community driven repository of shared material where local authorities and partners can collaborate by uploading and downloading assets for building digital services has been launched.

    Local authorities already sharing and using resources on the Jadu Library include Swindon Borough Council, The Royal Borough of Windsor and Maidenhead, Norwich City Council, Canterbury City Council, London Borough of Hounslow and Birmingham City Council, with more pledging to follow.

    Dr Mark Thompson, a key architect of the UK government’s open IT strategy and senior lecturer at Cambridge Judge Business School who co-authored the recent Green Paper Better Public Services: A Manifesto commented: “In the UK there are 430 councils that at a business process and technology level are pretty much replicating versions of the same things. It makes no sense to be reinventing the wheel time and time again.

  • New open source library helps councils share digital assets

    The Jadu Library will enable the sharing and reusing of work and help councils become hubs for economic and social exchange. Rather than having to build online services themselves, the councils can capitalise on what is already available and use service specialists.

Canonical Says There's No Rules Against Mining Cryptocurrencies through Snaps

Filed under
Ubuntu

Last week, users discovered that two of the snap packages uploaded by user Nicolas Tomb in the Snap Store, namely 2048buntu and Hextris, mined cryptocurrency in the background while the applications were running without user's knowledge. Canonical immediately removed the apps from its Snap Store.

Now, the company behind the popular Ubuntu Linux operating system is addressing the issue saying it has no rules against mining cryptocurrencies through snap apps if the developer informs users about this. As Nicolas Tomb didn't inform users that his apps are mining for cryptocurrencies, the apps were removed.

Read more

Also: Canonical finally comments on Ubuntu Linux Snap Store security failure

today's leftovers

Filed under
Misc
  • New Technologies Lead to New Linux and Cloud Training Options
  • Everything You Need to Know about the Cloud and Cloud Computing, Part II: Using the Cloud [Ed: Latest cloudwashing by IBM/LJ; just call it what it is: servers being pushed back to a mainframe era -- companies controlling all the servers.]
  • Kakoune: A Better Code Editor Heavily Inspired by Vim

    It comes with numerous text editing/writing tools such as contextual help, syntax highlighting, auto-completion while typing, and supports many different programming languages. It also implements multiple selections as an essential procedure for interacting with your text.

    In addition, Kakoune’s client/server architecture allows for multiple clients to connect to the same editing session.

  •  

  • New in Qt 5.11: improvements to the model/view APIs (part 1)

    The Qt model/view APIs are used throughout Qt — in Qt Widgets, in Qt Quick, as well as in other non-GUI code. As I tell my students when I deliver Qt trainings: mastering the usage of model/view classes and functions is mandatory knowledge, any non-trivial Qt application is going to be data-driven, with the data coming from a model class.

  • Akademy 2019 Call for Hosts

    The organization of this year's Akademy is in full swing: the official conference program is out, we have had an insightful interview with one of the keynote speakers, another is coming soon, and attendees are already booking flights and accommodation. The #akademy IRC channel on Freenode and the Telegram group are buzzing with messages, advice and recommendations.

  • GNOME Is Removing the Ability to Launch Binary Apps from Nautilus

    Last year Nautilus lost the ability to show desktop icons — now GNOME developers plan to drop another familiar feature.

    According to a code commit on Gitlab the famous file manager is set to lose the ability to run binaries and launch apps directly.

    Or, to put it another way, you won’t be able to double-click on programs, scripts or apps to launch them using Nautilus.

  • Mageia Blog (English) : Issues with the Grand Update?

    This should not be needed, as 32-bit libraries should be able to co-exist on a 64 bit install, as they may be needed for third party applications.

    Bug 23016 has been reopened to study this a bit more. For now, we’re watching for reports, and giving you the workaround of uninstalling the 32 bit library.

    It’s not that 32-bit isn’t able to mix with 64-bit in all cases, just in some, where there are files in the lib package that should be in a different (non-arch specific) package. In these two cases, it’s the /usr/share/locale/ files are in both the 32 and 64 bit packages, with identical names and paths.

    The rpm package manager allows a file to be owned by more than one package, provided the attributes are identical, but it blocks updating with a new version, since it’s trying to update one of the packages, but until the other version is updated too, there is a conflict. We’re keeping a watch-out for these packaging errors.

    It’s possible that if you’ve used DNF to do the update, rather than urpmi, you won’t have this problem; as we gather more information, we’ll add it to roundups in the coming weeks.

    While all this Grand stuff has been happening, we’ve also been doing plenty of the usual things, including over 300 packages into Cauldron.

Proprietary Software on Linux

Filed under
Android
Linux
Gaming

Linux Graphics: AMDVLK and GEM

Filed under
Graphics/Benchmarks
  • AMDVLK Driver Adds VK_KHR_display Support

    The AMD developers working on their official Vulkan driver code updated the public source trees yesterday for XGL and PAL that form the AMDVLK open-source Linux driver.

  • GEM Improvements & Better Intel Icelake Support Coming To Linux 4.18

    Building off their first batch of DRM updates for Linux 4.18, the Intel open-source crew has submitted a second batch of new feature material to DRM-Next that in turn will land with this next kernel cycle.

    Changes with this pull request include NV12 pixel format support finally being firmed up, a number of Intel Icelake improvements, GVT virtualization updates, Panel Self Refresh (PSR) updates, execlist fixes and updates, "tons" of GEM memory management improvements, and a variety of other fixes and code improvements.

OSS Leftovers

Filed under
OSS
  • Open source connecting people and technology

    Candice Herotodou, formerly Mesk, will speak about agile. A collaborator by nature and involved in all things agile and DevOps, Herotodou will relay the story of her journey in a presentation titled DevOps Culture: Are you ready?

  • Fractal Hackfest 2018

    The last couple of days I was in Strasbourg for the Fractal Hackfest. We made some fundamental decisions for the future of Fractal, our Matrix client.  We also decided on some basic architectural changes we want to make.

    You probably already read about the split of Fractal into two separate apps, to cover two different use cases: Barbecue and Banquet. Barbecue will mostly cover “one to one” chats and Banquet high-traffic group chats and IRC-like rooms. We are certain that the split is the right direction for Fractal, but we didn’t define the exact split between the apps.

  • Fracturing Fractal  Fracturing Fractal

    Last week my employer Purism allowed me to attend the Fractal hackfest in Strasbourg. There we chatted about the future of Fractal and of the messaging applications Purism needs for the Librem 5.

  • The Ultimate Postgres vs MySQL Blog Post

    I should probably say up front that I love working with Postgres and could die happy without ever seeing a mysql> prompt again. This is not an unbiased comparison -- but those are no fun anyway.

  • Prisma raises $4.5M seed round led by Kleiner Perkins

    Silicon Valley’s Kleiner Perkins led the round, with participation from a number of angel investors, many of whom have deep roots in the developer and/or open source space, including Nick Schrock, one of the creators of GraphQL itself.

  • The fatal flaw of libertarianism, exemplified by BSD vs GPL

    I'll get right to the point: libertarianism's fatal flaw is that it commits a fallacy, the name of which I do not know, in assuming that the fewest up-front restrictions on personal freedoms necessarily and inevitably translates into the most freedom for the most people into the indefinite future.

    The BSD vs GPL licensing example is perhaps the single best illustration of this I've seen in the tech world to date. Debate, and I use the term charitably, rages on still about the merits of each license, with the BSD partisans making almost verbatim the exact same argument just laid out above: that the BSD license is morally, ethically, and pragmatically superior because it places fewer restrictions on who may do what with the code.

    By contrast, they say, the GPL is infectious, inserting itself like a retrovirus into the replication machinery of any code licensed with it and forcing certain behaviors (redistribution of source) the BSD types disagree with. As I understand it, the reason they give explicitly for disliking this is that it means fewer people will use the GPL compared to the BSD license, which theoretically therefore translates into BSD-licensed code both proliferating and persisting more than its GPL'd siblings.

    What this *actually* means, on the psychological and perhaps subconscious level, is "fuck you, I won't do what you tell me." Sorry guys, but it's the truth: dress it up however you like, but the underlying principle here is "I don't wanna share."

    It also betrays an almost stunning naivete about human nature, the very same one that small-L-libertarianism itself seems predicated on. There is a sort of ceteris paribus assumption at work here, one which assumes that the wide world of coding is meritocratic (it is not), equal-access (it is not), and measures worth solely on quality, correctness, usefulness, etc., of code (it does not). It is the Just World Fallacy writ small and in C, you might say.

    It *completely* fails to take into account human nature, and such wholly non-technical yet pervasive and powerful human engines of corruption as the corporation. Witness Theo de Raadt's anger, entirely justified morally but also entirely his own fault, over the lack of gratitude from corporations who took OpenSSH and OpenBSD itself for their own use and contributed back, perhaps, a single laptop, which took over a year to arrive.

    From the outside, this makes perfect sense. I mean, if you leave a plate of cookies out with a sign that says "free cookies," you don't have a right to complain when someone comes by and takes the entire plate for him/herself. But somehow this simple and obvious line of thought seems to elude the BSD-license partisans, or maybe they quash it for ideological reasons, such as faith (and it *is* a faith position...) in the idea that their code will conquer by virtue of spreading far and wide and continuing to evolve.

  • Friday Free Software Directory IRC meetup time: May 18th starting at 12:00 p.m. EDT/16:00 UTC
  • Generating Third-Party Attribution Documents

    In this post, I’ll show you how to use the qtattributionsscanner tool and Python to generate an attribution document for third-party code in Qt.

  • Edge computing and the importance of open infrastructure

    Open infrastructure is not as much about packaging and deployment as it is about creating a consistent paradigm and environment for running workloads in the form best used to address those applications. Many edge workloads today run on Linux or in VM's, they may evolve for simplified lifecycle management, or they may be superseded by a next generation of applications.

  • Metsä Wood Launches a Groundbreaking Platform for Open Source Wood
  • How citizen science and open-source tech can create change

    As a teenager, Jason Gomez never was the biggest fan of science, and among his peers, environmental work brought to mind planting trees. But he lived in Sunset Park, Brooklyn, where asthma and heart disease affected the lives and health of many residents. Uprose, a local environmental justice organization, recruits youth volunteers like Gomez to understand that these are not side effects of living in a working-class neighborhood that one should just accept–they are the result of planning and design decisions that de-prioritize the health and well-being of the residents of those neighborhoods. Specifically, in Sunset Park, they are the result of the Gowanus Expressway, a large elevated highway that runs directly through the neighborhood.

    [...]

    And with open-source software, their findings are becoming easier to verify and share. Red Hat, a leading open-source tech company, created a documentary called The Science of Collective Discovery featuring citizen scientists like Cooper and the Uprose team to highlight the practice for its annual Summit in San Francisco this week.

Microsoft-Connected Smears Against FOSS

Knoppix 8.2 Linux Distribution Released

Filed under
Debian

Longtime Linux users likely have many fond memories of the Knoppix Live CD Linux distribution and today a new release is now available.

Knoppix 8.2 is now available to succeed last year's 8.1 release. Knoppix 8.2 features a wealth of package updates over 8.1, including the use of the Linux 4.16 kernel, KDE Plasma 5.12.4, Qt 5.10, and hundreds of other package updates for this Debian-based Live CD/DVD/USB distribution.

Read more

Jim Whitehurst's Latest Article and Red Hat Summit 2018 Videos Posted Online

Filed under
Red Hat
  • Jim Whitehurst: Why aren't we more invested in our work?

    Understanding employee engagement is difficult—and so is defining engagement in the first place. Many smart people offer different definitions of "engagement," but most seem to agree that it refers to the emotional connection people feel to their work.

    And it's becoming one of the most frequently cited challenges for organizations around the world. Statistics about employee engagement tell a sobering story. For example, a Gallup study found that only 15% of employees globally feel engaged at work (in the U.S. and Canada, that number is 31%—not much better).

  • Watch over 100 Red Hat Summit 2018 session videos online

    Over 100 breakout sessions from Red Hat Summit 2018 are now available to watch on YouTube. Even if you were at Summit, there were too many sessions to attend all of the ones you might have wanted to see. All of the recorded sessions are in one big searchable YouTube playlist. In the next few weeks, a number of the developer sessions will be highlighted on this blog by topic.

OpenSUSE News: OpenSUSE Leap 15 and OpenSUSE Conference

Filed under
SUSE
  • OpenSUSE Leap 15 Supports Transactional Updates Using Btrfs / Zypper / Snapper

    Of the many new features coming to openSUSE Leap 15 that is built from the same sources as SUSE Linux Enterprise 15 is support for transactional updates.

    Incubated by the Kubic Project for fleshing out an openSUSE micro-OS container operating system, openSUSE Leap 15 supports transactional updates -- to basically update operating system packages in an atomic manner. Under this transactional approach, updates will either be applied all together in a single transaction or not at all. If something goes wrong, the system can also be returned to the previous functioning state.

  • Transactional Updates in openSUSE Leap 15

    This blog is part of a series of technical blogs leading up to the release of openSUSE Leap 15. All of the blogs provide a use case regarding openSUSE Leap and the packages available in the distribution. Happy reading.

    Transactional Updates is one of the exciting new features available in the upcoming release of openSUSE Leap 15, which is scheduled to be officially released May 25.

    Contributed by the Kubic Project, Transactional Updates provides openSUSE systems with a method of updating the operating system and its packages in an entirely ‘atomic’ way. Updates are either applied to the system all together in a single transaction, or not at all. This happens without influencing the running system. If an update fails, or if the successful update is deemed to be incompatible or otherwise incorrect, it can be discarded to immediately return the system to its previous functioning state.

    This differs from existing alternatives that already exist in the open source world. Some users use a rather exorbitant approach of maintaining multiple versions of their system in multiple partitions on disk to switch between the partitions to address a fear of tampering with a perfectly running system.

  • Status update for openSUSE Conference

    The openSUSE Conference is right around the corner and attendees list keeps growing for oSC18, which will take place May 25 – 27 at the Faculty of Information Technologies of Czech Technical University in Prague.

    There are about 250 people signed up to attend the conference and most of the talks have been scheduled for this year’s conference. In addition to the conference, there will be a cryptofest on May 26, which will incorporate comes oSC18. The schedule for the cryptofest list three oSC18 security-focused talks and will be room 107.

    There are several track that will be taking place at the conference like an openSUSE track, a cloud and containers track, an open source track, a desktop and application track and an embedded track. On Saturday, May 26, will be a lightingbeers talk where people will get a free beer and give a short 5 minutes talks; people can sign up for this at http://bit.ly/2wtjczw.

Mozilla: Surveys, WebRender, Firefox 61, Response to EFail/EFFail

Filed under
Moz/FF
  • What’s Your Open Source Strategy? Here Are 10 Answers…

    Mozilla is a radically open and participatory project. As part of the research we compiled into turning openness into a consistent competitive advantage, we identified that the application of open practices should always be paired with well-researched strategic intent. Without clarity of purpose, organizations will not (and nor should they) maintain long-term commitment to working with community. Indeed, we were not the first to observe this.

  • curl user survey 2018

    The curl user survey 2018 is up. If you ever use curl or libcurl, please donate some of your precious time and provide your answers!

    The curl user survey is an annual tradition since 2014 and it is one of our primary ways to get direct feedback from a larger audience about what's good, what's bad and what to focus on next in the curl project. Your input really helps us!

  • WebRender newsletter #19

    I skipped a newsletter again (I’m trying to put publish one every two weeks or so), sorry! As usual a lot of fixes and a few performance improvement, and sometimes both the same time. For example the changes around image and gradient repetition were primarily motivated by bugs we were encountering when dealing with repeated backgrounds containing very large amounts of repetitions, and we decided to solve these issues by moving all images to the “brush” infrastructure (bringing better batching, faster fragment shader and the ability to move more pixels out of the alpha pass), and optimize the common cases by letting the CPU generate a single primitive that is repeated in the shader. I don’t always properly highlight fixes that benefit performance but they are here.

  • GSConnect, Mozilla Firefox 61, Scientific Linux 7.5, GNOME and Nautilus

    The Mozilla team has been hard at work to address all of the known problems plaguing their bookmark sync functionality. A new engine has been developed to address these issues which landed in the latest Nightly build.

  • Cameron Kaiser: Secure mail on Power Macs is not a good idea
Syndicate content

More in Tux Machines

Plasma 5.12.5 bugfix update for Kubuntu 18.04 LTS – Testing help required

Are you using Kubuntu 18.04, our current LTS release? We currently have the Plasma 5.12.5 LTS bugfix release available in our Updates PPA, but we would like to provide the important fixes and translations in this release to all users via updates in the main Ubuntu archive. This would also mean these updates would be provide by default with the 18.04.1 point release ISO expected in late July. Read more

New Arduino boards include first FPGA model

Arduino launched a “MKR Vidor 4000” board with a SAMA21 MCU and Cyclone 10 FPGA, as well as an “Uno WiFi Rev 2” with an ATmega4809 MCU. Both boards have a crypto chip and ESP32-based WiFi module. In conjunction with this weekend’s Maker Faire Bay Area, Arduino launched two Arduino boards that are due to ship at the end of June. The MKR Vidor 4000 is the first Arduino board equipped with an field programmable . The Intel Cyclone 10 FPGA. will be supported with programming libraries and a new visual editor. The Arduino Uno WiFi Rev 2, meanwhile, revises the Arduino Uno WiFi with a new Microchip ATmega4809 MCU. It also advances to an ESP32-based u-blox NINA-W102 WiFi module, which is also found on the Vidor 4000. Read more

DragonFlyBSD 5.3 Works Towards Performance Improvements

Given that DragonFlyBSD recently landed some SMP performance improvements and other performance optimizations in its kernel for 5.3-DEVELOPMENT but as well finished tidying up its Spectre mitigation, this weekend I spent some time running some benchmarks on DragonFlyBSD 5.2 and 5.3-DEVELOPMENT to see how the performance has shifted for an Intel Xeon system. Read more

Red Hat News: KVM, OpenStack Platform 13 and More