Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 20 Sep 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Openwashing VMworld, Amdocs, VCV, and Microsoft

Filed under
OSS

Security: Kaspersky, Equifax and Internet of Things (IoT) at the Open Source Summit

Filed under
Security
  • Kaspersky Banned: Federal Agencies Ditch Russian Cybersecurity Firm Over Spying Concerns

     

    Acting Department of Homeland Security secretary Elaine Duke announced the ban of Kaspersky Lab software from federal government networks. The agencies have an unspecified timeline to rid their machines of the software, which DHS declared may pose a security risk.

  • US homeland security dept bans Kaspersky use by govt

     

    The US Department of Homeland Security has ordered all government agencies to stop using products from Kaspersky Labs, with a deadline of 90 days to implement plans to discontinue the use and to remove software from information systems.  

  • U.S. moves to ban Kaspersky software in federal agencies amid concerns of Russian espionage

     

    In a binding directive, acting homeland security secretary Elaine Duke ordered that federal civilian agencies identify Kaspersky Lab software on their networks. After 90 days, unless otherwise directed, they must remove the software, on the grounds that the company has connections to the Russian government and its software poses a security risk.

  • Ayuda! (Help!) Equifax Has My Data!

    Equifax last week disclosed a historic breach involving Social Security numbers and other sensitive data on as many as 143 million Americans. The company said the breach also impacted an undisclosed number of people in Canada and the United Kingdom. But the official list of victim countries may not yet be complete: According to information obtained by KrebsOnSecurity, Equifax can safely add Argentina — if not also other Latin American nations where it does business — to the list as well.

    [...]

     

    It took almost no time for them to discover that an online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: “admin/admin.”

  • Equifax hack: 44 million Britons' personal details feared stolen in major US data breach
  • On the Equifax Data Breach

    Last Thursday, Equifax reported a data breach that affects 143 million US customers, about 44% of the population. It's an extremely serious breach; hackers got access to full names, Social Security numbers, birth dates, addresses, driver's license numbers -- exactly the sort of information criminals can use to impersonate victims to banks, credit card companies, insurance companies, and other businesses vulnerable to fraud.

    Many sites posted guides to protecting yourself now that it's happened. But if you want to prevent this kind of thing from happening again, your only solution is government regulation (as unlikely as that may be at the moment).

    The market can't fix this. Markets work because buyers choose between sellers, and sellers compete for buyers. In case you didn't notice, you're not Equifax's customer. You're its product.

  • Open Source Summit: Securing IoT is About Avoiding Anti-Patterns

    The security perils inherent in Internet of Things (IoT) devices are painfully obvious at this point in 2017, but why are there so many security issues? At a session during the Open Source Summit here Marti Bolivar, senior software engineer at Linaro detailed what he described as "anti-patterns" that ultimately lead to negative security outcomes.

    Bolivar started his session by defining what security in IoT is really all about, by pulling a quote from security engineer Ross Anderson.

Ubuntu GNOME Shell in Artful: Day 12

Filed under
GNOME
Ubuntu

We’ll focus today on our advanced user base. We, of course, try to keep our default user experience as comprehensible as possible for the wider public, but we want as well to think about our more technical users by fine tuning the experience… and all of this, obviously, while changing our default session to use GNOME Shell. For more background on our current transition to GNOME Shell in artful, you can refer back to our decisions regarding our default session experience as discussed in my blog post.

Read more

OSS: Networking, Wipro, Idaho National Laboratory (INL) and FOSS in Government

Filed under
OSS
  • New network demands push adoption of open-source networking solutions

    Networking makes the modern connected world possible. Yet as networking has become more important, new technologies must rise to shoulder the burden. Businesses at all levels are discovering that open-source networking can provide the solutions they need.

    “I can confidently say that open-source networking, not just networking but open-source networking, is now mainstream,” said Arpit Joshipura (pictured), general manager of networking and orchestration at The Linux Foundation.

  • Richard Morrell: a brief history (of life) in open source

    I worked with Red Hat until the end of last year and am now at Falanx in the UK – a firm building possibly the fastest and most intelligent security platform to ever emerge from the open source community.

  • Wipro Joins Hyperledger to Catalyze Collaboration on Enterprise-Grade Blockchain Solutions
  • Wipro partners with open source blockchain project Hyperledger

    Wipro Limited said today that it will partner with an open source project Hyperledger to design and develop open source-based blockchain solutions for enterprise-grade blockchain deployments.

    Hyperledger is a global open source collaborative effort created to advance cross-industry blockchain technologies across sectors such as finance, banking, Internet of Things, supply chain, manufacturing and technology.

    “We are excited to welcome Wipro to the Hyperledger community. Wipro brings industry-acknowledged blockchain advisory and consulting capabilities, coupled with industry solutions for specific use cases and a strong partner ecosystem to help client businesses innovate on blockchain. We look forward to Wipro’s active contribution in the Hyperledger community to share insights on blockchain use cases, technology frameworks, tools and standards, and thought leadership,” said Brian Behlendorf, Executive Director, Hyperledger in a statement.

  • Government lab that gives a crap pushes open source

    The US government wants you to use its software, and if you're into manure, so much the better.

    The Idaho National Laboratory (INL), part of the US Department of Energy, last week released a new round of open-source projects in the hope that the public will take its research and run with it.

    Known for its MOOSE physics modeling software and a companion project for continuous integration and testing called CIVET, INL last year brought Paul Berg over from Amazon to serve as the lab's senior R&D software licensing manager. His remit is to oversee the handling of open-source projects.

    When Berg spoke to The Register earlier this year, he said the lab was preparing to make a number of its projects available to the public. And now the floodgates have opened.

  • Software Paid For With Public Money Should Be Open Source, Groups Say

    Publicly financed software should be open source, more than 30 signatories of an open letter are proclaiming, calling for others to sign the letter.

    According to a press release from the European Digital Rights initiative (EDRi), the 31 organisations and 469 people who signed the open letter want legislation requiring that publicly financed software developed for the public sector be made publicly available under a free and open source software licence.

    “If it is public money, it should be public code as well,” it says.

    “We need software that guarantees freedom of choice, access, and competition. We need software that helps public administrations regain full control of their critical digital infrastructure, allowing them to become and remain independent from a handful of companies,” the release says.

Linux Foundation Event and Initiatives

Filed under
Linux
  • Torvalds Wants Hackers on Linux's Team Instead of Going to 'Dark Side’

    Today’s topics include Linus Torvalds wanting hackers to join Linux before turning to the “dark side”; an Apache Struts vulnerability being the potential cause of the Equifax breach; ScanMyPhotos.com offering free photo digitizing to Texas and Florida residents; and Google’s appeal of its $2.9 billion EU antitrust fine.

    At the Open Source Summit in Los Angeles on Sept. 11, Linux founder Linus Torvalds said one way to improve security is to get hackers to join Linux before they attack us. He also said the concept of absolute security in Linux doesn't exist.

    "Even if we do a perfect job … let's be honest, there will always [be] bugs,"Torvalds said. There are a lot of security checks to help identify vulnerabilities in the Linux kernel. Therefore, as a technical person he is impressed by the ingenuity of the people who attack Linux code.

  • New Initiatives to Create Sustainable Open Source Projects at The Linux Foundation

    Open source software isn’t only growing. It’s actually accelerating exponentially in terms of its influence on technology and in society.

  • Linux Foundation: Announcing Our Open Source Guides for the Enterprise

    Last March we held a TODO Group track at Open Source Leadership Summit focused entirely on sharing best practices for businesses managing and building out open source programs. More than a dozen open source program leads and other leaders from companies shared their tips and best practices at the event.

    Furthermore in the last year or so, we have seen companies like AWS build out an open source program via @AWSOpen and even companies like VMWare hired their first Chief Open Source Officer. We’ve had many organizations approach TODO Group members asking for advice on how to get started with an open source program.

  • OPNFV Membership Grows Globally as Community Plans Fourth Developer Plugfest

6 Best Free And Open Source Reddit Alternatives You Must Visit

Filed under
OSS

Just recently, Reddit announced its plans to stop sharing its main website’s open source code base. The website gave a number of reasons, which weren’t welcomed by the open source community. So, we’ve decided to prepare a list of some free and open source Reddit alternatives that you can give a try. Some of these aren’t much popular, but we thought it’s a good time to spread the world and tell you about these options.

Read more

Why open source developers are burning out: No respect

Filed under
OSS

It takes money—a whole lot of money—to make open source work, but it takes recognition and appreciation to make an open source developer happy.

As it turns out, maintaining good open source code is difficult. Just ask James Coglan, who disgorged a litany of reasons why releasing code can take forever. Oh, and without much hope of empathy in return. Or ask Isaac Schlueter, CEO of npm, who agonized over the burden of maintaining code for entitled downstream users who "don't love me."

As people, we want to be recognized for the good work we do. Open source, however, often tends to maximize negative feedback loops, contributing to developer burnout, as Schlueter highlighted.

Read more

Why hackathons should insist on free software

Filed under
GNU

Hackathons are an accepted method of giving community support to digital development projects. The community invites developers to join an event which offers an encouraging atmosphere, some useful resources, and the opportunity to work on useful projects. Most hackathons choose the projects they will support, based on stated criteria.

Hackathons fit the spirit of a community in which people take an attitude of cooperation and respect towards each other. The software that accords with this spirit is free (libre) software, free as in freedom. Free software carries a license that gives its users (including programmers) freedom to cooperate. Thus, hackathons make sense within the free software community. Hardware design projects also can and ought to be free.

Read more

Red Hat News and CentOS Release

Filed under
Red Hat

More Coverage of GNOME 3.26 'Manchester'

Filed under
GNOME
  • GNOME 3.26 'Manchester' desktop environment is here, Linux fans!

    When people think of Linux-based operating systems, they often imagine people typing in a terminal or coding in a basement while drinking Mountain Dew -- yeah, those stupid old stereotypes still exists, sadly. While that is surely part of the user base, other users choose an open source operating system for nothing more than using their computer as a tool. In other words, some folks use Ubuntu, Fedora, or other distros just to get normal stuff done -- word processing, web surfing, and more. No terminal. No coding. No religious-like experiences.

  • GNOME 3.26 Officially Released

    GNOME 3.26 has been officially released — hurrah! If you’ve been waiting on the official nod to pull the string of your celebratory party popper, that’s your cue!

  • GNOME 3.26 is great

    I am incredibly excited for GNOME 3.26, and it’s been hard to wait for it. I openly admit this fact. This release saw serious, important improvements all over the places, new features landed, some others didn’t, thousands of bugs were fixed all across the platform, and I’d like to share my personal highlights for this release.

Linux Gains Ascendance in Cloud Infrastructures: Report

Filed under
GNU
Linux

Based on data from the experiences of 1,500 Sumo Logic customers, the report gives other organizations a set of frameworks, best practices and hard stats to guide their migration to the cloud. It shows how developers build modern applications across each tier of the application architecture.

"Today's enterprises are striving to deliver high-performance, highly scalable and always-on digital services. These services are built on modern architectures -- an application stack with new tiers, technologies and microservices -- typically running on cloud platforms like AWS, Azure and Google Cloud Platform," said Kalyan Ramanathan, vice president of product marketing for Sumo Logic.

Read more

LoRa access point offers Yocto or Node-RED Linux development options

Filed under
Linux

MultiTech has launched a rugged, Linux-driven “MultiConnect Conduit AP” LoRa access point with 8x LoRa uplinks, LTE, and optional mDot and xDot end points.

MultiTech’s MultiConnect Conduit AP supports the increasingly popular, long distance, low-power LoRA RF technology and LoRaWAN Low Power Wide Area Network (LPWAN) specification. The Linux-powered Conduit AP is designed to be mounted on walls or ceilings to extend LoRaWAN connectivity in IoT networks within “commercial buildings like hotels, convention centers, offices and retail facilities,” says MultiTech.

Read more

Software: Atom-IDE, MPV 0.27, and Sublime Text 3

Filed under
Software
  • Introducing Atom-IDE

    GitHub, in collaboration with Facebook, are pleased to announce the launch of Atom-IDE - a set of optional packages to bring IDE-like functionality to Atom.

    The start of this journey includes smarter context-aware auto-completion as well as a host of code navigation features such as an outline view, go to definition, find all references as well as other useful functions such as hover-to-reveal information, errors and warnings (diagnostics) and document formatting.

    Our initial release includes packages for TypeScript, Flow, JavaScript, Java, C# and PHP that utilize the power of language servers to provide deep syntactical analysis of your code and projects. The language server protocol is being adopted by a number of organizations including Microsoft, Eclipse, Sourcegraph, Palantir, Red Hat, Facebook and now GitHub too!

  • Github Announce Atom IDE

    Github has announced Atom IDE, an add-on that transforms the Atom text editor into a full IDE using language servers to provide syntactical analysis of code.

  • MPV 0.27 Released with Minor Fixes, New OpenGL Options

    An updated version of MPV, the popular open-source media player, is available to download.

  • Sublime Text 3 Officially Released, Here’s How To Install It

    Sublime Text 3 has been officially released! I know; it feels like you’ve been using the beta builds for what feels like an eternity — but, at long last, a new stable release of the text editor is now available to download.

Uber, Lyft, and CNCF

Filed under
GNU
Linux
OSS
  • Uber and Lyft Bring Open-Source Cloud Projects to CNCF

    In the market for ride sharing services, Uber and Lyft are fierce competitors, the world of open-source however is another story. At the Open Source Summit here on Sept. 13, the Cloud Native Computing Foundation (CNCF) announced that it had accepted two new projects, Envoy from Lyft and Jaeger from Uber.

  • ​Lyft and Uber travel the same open-source road

    Coke and Pepsi, Gimbels and Macy's, Apple and Microsoft -- these were all great business rivals. Today, we have Lyft and Uber fighting tooth and nail over the new ride-sharing market. While they may be bitter rivals on the highways, the pair can agree on one thing: Open source is the best way to develop software.

    At The Linux Foundation's Open Source Summit in Los Angeles, both companies appeared -- but not at the same time -- to announce they were launching two new cloud-native, open-source software projects with the Cloud Native Computing Foundation (CNCF).

  • Ride-hailing firms Lyft and Uber open-source microservices technology

    Ride-hailing companies Lyft Inc. and Uber Technologies Inc. are embracing the open-source software movement.

    The two megastartups have both donated technologies developed in-house to the Cloud Native Computing Federation, which is best known for hosting the Kubernetes container orchestrator project.

Ed Warnicke's Talk About Networking and DevOps

Filed under
Server
  • Open-source tech unites networking and DevOps

    In the tech world, innovation and new systems are great, but nothing moves unless the network can handle it. This truth makes networking very important for businesses, because a company can only be as agile as its network. Part of that agility comes from making the network easy to use. Open-source tech is coming to the rescue.

    “The truth is, there’s a lot of work that goes into making the network invisible and ubiquitous for people,” said Ed Warnicke (pictured), distinguished consulting engineer at Cisco Systems Inc. “In particular, one of the challenges that we see arising as the world moves more cloud native, as the microservices get smaller, as the … the shift happens toward serverless, as Kubernetes [container orchestration management] is coming on with containers is that the network is really becoming the runtime, and that runtime has the need to scale and perform like it never has before.”

  • Open Source Summit: It's Time for DevOps and Networking to Talk

    Warnicke delivered a lighting keynote talk titled, Bridging the Divide: Brining Network and DevOps People Together to Build a Unified Cloud Native Future. Warnicke started off his talk by outlining the shift in networking over the last decade from bare metal server needs to virtual machines.

    With Virtual Machines, networking vendors built overlay network topologies and approaches that have enabled virtual networking

Games: HIVE: Altenum Wars, Civilization VI, Banished, Rocket League, Astral Traveler, Hot Lava

Filed under
Gaming

Oracle: Liberating Java EE and Joining the Cloud Native Computing Foundation

Filed under
Development
Server
  • Red Hat Gives Thumbs Up to Java EE's Move to Eclipse

    So Java Enterprise Edition has a new home.

    Yesterday Oracle announced it's turning control of the platform over to the nonprofit Eclipse Foundation. On the surface, this makes a lot of sense, as the foundation's namesake project is the most widely used Java IDE. The announcement came just a month after Oracle said it was considering moving control of the platform to an open source foundation.

    All of the details have yet to be ironed-out, but in a blog Oracle's David Delabassee said that Oracle-led Java EE and related GlassFish technologies, including RIs, TCKs, and associated project documentation, will be re-licensed to the foundation, presumably under the Eclipse Public License. In addition, the project will be rebranded with a not yet determined new name.

  • Java EE to Eclipse: A Welcome Move

    In a blog post on the venerable Aquarium blog (started by the Glassfish team at Sun a decade or so ago) Oracle has announced that it has selected the Eclipse Foundation as the new home for Java EE. They will relicense and rename it and invent a new standards process. It looks like the MicroProfile rebellion was successful as this has all been negotiated with Red Hat and IBM as well.

    I don’t see this move as “dumping” Java EE. Moving a project to an open source Foundation is complex and expensive and Oracle should be congratulated on finally committing to this move. Java EE has already been uploaded to GitHub, but that’s not sufficient as the default Github Governance is isolation mediated via pull requests.

    Eclipse is an extremely good choice of host. It has evolved excellent governance that recognises both the primacy of technical contribution and the inevitability of corporate politics and keeps both in balance. It’s ideally suited to the complexities and politics of Java EE, having hosted multiple large projects and survived de-investment by its founder IBM. Under the smart and firm leadership of Mike Milinkovich, Eclipse is the perfect home for Java EE (or whatever Oracle will want us to call it).

  • Oracle opens up enterprise Java and moves it to the Eclipse Foundation
  • Java EE Is Moving to the Eclipse Foundation
  • Tech’s old guard continues to embrace Kubernetes, as Oracle joins the Cloud Native Computing Foundation

    Oracle has always been a little more pragmatic about the role of open-source software in the tech industry than a company like Microsoft, which fought the very concept tooth and nail for years. Still, now that both companies have joined the foundation at the heart of one of the most important open-source projects in enterprise tech at the moment, it’s another sign the center of gravity has shifted.

  • ​Oracle joins the Kubernetes movement

    Oracle joined the Cloud Native Computing Foundation and released Kubernetes on Oracle Linux and its own Kubernetes cloud installer.

NEC Display Solutions Partners with Canonical and Screenly on Ubuntu Core-Based Digital Signage Platform

Filed under
Ubuntu

NEC Display Solutions Europe on Sept. 13, announced a collaboration with Canonical, the company behind Ubuntu Core and Screenly, the leading digital signage software solution for Raspberry Pi. This is one of several partnerships NEC has made with digital signage software companies leveraging Raspberry Pi as part of their digital signage solution. The joint collaboration facilitates an innovative digital signage solution which uses NEC’s P and V Series 40–55 inch large format displays and modular Raspberry Pi Compute Module 3 (CM3) to deliver high impact visual content in an integrated package for professional AV applications.

Read more

today's leftovers

Filed under
Misc
Syndicate content

More in Tux Machines

Development: RTOS, LipidFinder, Github Threat, and Stack Overflow Survey

  • RTOS Primer, Part Two: Real Time Applications
    Employing Linux as an embedded RTOS has several advantages that make it highly attractive on a number of levels, specifically the most important concern these days, which seems to be cost. The second concern is security; Linux proves to be pretty secure in comparison to several common alternatives like Windows.
  • LipidFinder: An Open-Source Python Workflow for Novel Lipid Discovery
    Obtaining precise, high-quality lipidomic (or metabolomic) datasets comes with its challenges. One factor that I am sure comes to mind is the ability to minimize, or even better, eliminate those large numbers of artefacts that could otherwise hinder your mass spectrometry data analysis, to ensure accurate interpretation.
  • The Github threat
    The Github application belongs to a single entity, Github Inc, a US company which manage it alone. So, a unique company under US legislation manages the access to most of Free Software application code sources, which may be a problem with groups using it when a code source is no longer available, for political or technical reason.
  • Stack Overflow gives an even closer look at developer salaries
    Today, Stack Overflow announced a slightly more useful application for that same data, with the Stack Overflow Salary Calculator. Tell it where you live, how much experience and education you have, and what kind of developer you are, and it will tell you the salary range you should expect to make in five national markets (US, Canada, UK, France, Germany) and a handful of cities (New York, San Francisco, Seattle, Toronto, London, Paris, Berlin).

Security: Equifax, Kodi, Infrared, and Windows XP in 2017

  • Safer but not immune: Cloud lessons from the Equifax breach
  • Warning: If you are using this Kodi repository, you could be in danger
    Kodi is quite possibly the best media center software of all time. If you are looking to watch videos or listen to music, the open source solution provides an excellent overall experience. Thanks to its support for "addons," it has the potential to become better all the time. You see, developers can easily add new functionality by writing an addon for the platform. And yes, some addons can be used for piracy, but not all of them are. These addons, such as Exodus and Covenant, are normally added using a repository, which hosts them. [...] We do not know 100 percent if the person that re-registered the metalkettle name on GitHub is planning anything evil, but it is better to be safe than sorry.
  • Infrared signals in surveillance cameras let malware jump network air gaps
    The malware prototype could be a crucial ingredient for attacks that target some of the world's most sensitive networks. Militaries, energy producers, and other critical infrastructure providers frequently disconnect such networks from the Internet as a precaution. In the event malware is installed, there is no way for it to make contact with attacker-controlled servers that receive stolen data or issue new commands. Such airgaps are one of the most basic measures for securing highly sensitive information and networks. The proof-of-concept malware uses connected surveillance cameras to bridge such airgaps. Instead of trying to use the Internet to reach attacker-controlled servers, the malware weaves passwords, cryptographic keys, and other types of data into infrared signals and uses a camera's built-in infrared lights to transmit them. A nearby attacker then records the signals with a video camera and later decodes embedded secrets. The same nearby attackers can embed data into infrared signals and beam them to an infected camera, where they're intercepted and decoded by the network malware. The covert channel works best when attackers have a direct line of sight to the video camera, but non-line-of-sight communication is also possible in some cases.
  • Manchester police still relies on Windows XP
    England's second biggest police force has revealed that more than one in five of its computers were still running Windows XP as of July. Greater Manchester Police told the BBC that 1,518 of its PCs ran the ageing operating system, representing 20.3% of all the office computers it used. Microsoft ended nearly all support for the operating system in 2014. Experts say its use could pose a hacking risk. The figure was disclosed as part of a wider Freedom of Information request. "Even if security vulnerabilities are identified in XP, Microsoft won't distribute patches in the same way it does for later releases of Windows," said Dr Steven Murdoch, a cyber-security expert at University College London.

Flock 2017, Fedora 27, and New Fedora 26 (F26) ISO

  • Flock 2017: How to make your application into a Flatpak?
  • Flock to Fedora 2017
  • Flock 2017 – A Marketing talk about a new era to come.
    I had two session at Flock this year, one done by me and another in support of Robert Mayr in the Mindshare one, if there were been any need for discussing. Here I’m talking about my session: Marketing – tasks and visions (I will push the report about the second one after Robert’s one, for completion). In order to fit the real target of a Flock conference (that is a contributor conference, not a show where people must demonstrate how much cool they are; we know it!) is to bring and show something new, whether ideas, software, changes and so on, and discuss with other contributors if they’re really innovative, useful and achievable.
  • F26-20170918 Updated Live isos released
  • GSoC2017 Final — Migrate Plinth to Fedora Server
  • Building Modules for Fedora 27
    Let me start with a wrong presumption that you have everything set up – you are a packager who knows what they want to achieve, you have a dist-git repository created, you have all the tooling installed. And of course, you know what Modularity is, and how and why do we use modulemd to define modular content. You know what Host, Platform, and Bootstrap modules are and how to use them.

Red Hat Financial Results Expectations High