Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 21 Feb 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Events: FOSDEM Samba Talks, USENIX Enigma, LCA (linux.conf.au) and FAST18

Filed under
OSS
  • Authentication and authorization in Samba 4

    Volker Lendecke is one of the first contributors to Samba, having submitted his first patches in 1994. In addition to developing other important file-sharing tools, he's heavily involved in development of the winbind service, which is implemented in winbindd. Although the core Active Directory (AD) domain controller (DC) code was written by his colleague Stefan Metzmacher, winbind is a crucial component of Samba's AD functionality. In his information-packed talk at FOSDEM 2018, Lendecke said he aimed to give a high-level overview of what AD and Samba authentication is, and in particular the communication pathways and trust relationships between the parts of Samba that authenticate a Samba user in an AD environment.

  • Two FOSDEM talks on Samba 4

    Much as some of us would love never to have to deal with Windows, it exists. It wants to authenticate its users and share resources like files and printers over the network. Although many enterprises use Microsoft tools to do this, there is a free alternative, in the form of Samba. While Samba 3 has been happily providing authentication along with file and print sharing to Windows clients for many years, the Microsoft world has been slowly moving toward Active Directory (AD). Meanwhile, Samba 4, which adds a free reimplementation of AD on Linux, has been increasingly ready for deployment. Three short talks at FOSDEM 2018 provided three different views of Samba 4, also known as Samba-AD, and left behind a pretty clear picture that Samba 4 is truly ready for use. I will cover the first two talks in this article, and the third in a later one.

  • A report from the Enigma conference

    The 2018 USENIX Enigma conference was held for the third time in January. Among many interesting talks, three presentations dealing with human security behaviors stood out. This article covers the key messages of these talks, namely the finding that humans are social in their security behaviors: their decision to adopt a good security practice is hardly ever an isolated decision.

    Security conferences tend to be dominated by security researchers demonstrating their latest exploits. The talks are attack-oriented, they keep a narrow focus, and usually they close with a dark outlook. The security industry has been doing security conferences like this for twenty years and seems to prefer this format. Yet, if you are tired of this style, the annual USENIX Enigma conference is a welcome change of pace. Most of the talks are defense-oriented, they have a horizon going far beyond technology alone, and they are generally focused on successful solutions.

  • DIY biology

    A scientist with a rather unusual name, Meow-Ludo Meow-Meow, gave a talk at linux.conf.au 2018 about the current trends in "do it yourself" (DIY) biology or "biohacking". He is perhaps most famous for being prosecuted for implanting an Opal card RFID chip into his hand; the Opal card is used for public transportation fares in Sydney. He gave more details about his implant as well as describing some other biohacking projects in an engaging presentation.

    Meow-Meow is a politician with the Australian Science Party, he said by way of introduction; he has run in the last two elections. He founded BioFoundry, which is "Australia's first open-access molecular biology lab"; there are now two such labs in the country. He is also speaks frequently as "an emerging technology evangelist" for biology as well as other topics.

  • Notes from FAST18

    I attended the technical sessions of Usenix's File And Storage Technology conference this week. Below the fold, notes on the papers that caught my attention.

Security: Vista10 and uTorrent Holes Found by Google

Filed under
Security
  • Google drops new Edge zero-day as Microsoft misses 90-day deadline

    Google originally shared details of the flaw with Microsoft on 17 November 2017, but Microsoft wasn’t able to come up with a patch within Google’s non-negotiable “you have 90 days to do this” period.

  • Google Goes Public with Another Major Windows 10 Bug

    After revealing an Edge browser vulnerability that Microsoft failed to fix, Google is now back with another disclosure, this time aimed at Windows 10 Fall Creators Update (version 1709), but potentially affecting other Windows versions as well.

    James Forshaw, a security researcher that’s part of Google’s Project Zero program, says the elevation of privilege vulnerability can be exploited because of the way the operating system handles calls to Advanced Local Procedure Call (ALPC).

    This means a standard user could obtain administrator privileges on a Windows 10 computer, which in the case of an attack, could eventually lead to full control over the impacted system.

    But as Neowin noted, this is the second bug discovered in the same function, and both of them, labeled as 1427 and 1428, were reported to Microsoft on November 10, 2017. Microsoft said it fixed them with the release of the February 2018 Patch Tuesday updates, yet as it turns out, only issue 1427 was addressed.

  • uTorrent bugs let websites control your computer and steal your downloads

    The vulnerabilities, according to Project Zero, make it possible for any website a user visits to control key functions in both the uTorrent desktop app for Windows and in uTorrent Web, an alternative to desktop BitTorrent apps that uses a web interface and is controlled by a browser. The biggest threat is posed by malicious sites that could exploit the flaw to download malicious code into the Windows startup folder, where it will be automatically run the next time the computer boots up. Any site a user visits can also access downloaded files and browse download histories.

  • BitTorrent Client uTorrent Suffers Security Vulnerability (Updated)

    BitTorrent client uTorrent is suffering from an as yet undisclosed vulnerability. The security flaw was discovered by Google security researcher Tavis Ormandy, who previously said he would reveal a series of "remote code execution flaws" in torrent clients. BitTorrent Inc. has rolled out a 'patch' in the latest Beta release and hopes to fix the stable uTorrent client later this week.

Red Hat introduces updated decision management platform

Filed under
Red Hat

Troubleshoot a network? No problem. Write a 3,000 word article on Kubernetes cloud container management? When do you want it. Talk to a few hundred people about Linux's history? Been there, done that. Manage a business's delivery routing and shift scheduling? I'll break out in a cold sweat.

If you too find the nuts and bolts of business processing management a nightmare, you'll want to check out Red Hat's latest program: Red Hat Decision Manager 7.

Read more

KDE Says Its Next Plasma Desktop Release Will Start a Full Second Faster

Filed under
KDE

According to the developer, the upcoming KDE Plasma 5.13 desktop environment release will start a full second faster than previous versions because of the removal of the QmlObjectIncubationController component, which apparently slowed down the entire desktop, and promises to let users pin apps on the panel that contain spaces in their desktop file names.

Goodies are also coming to the upcoming KDE Applications 18.04 software suite this spring, which makes creating of new files with the Dolphin file manager instantaneous, improves drag-and-drop support from Spectacle to Chromium, and lets users configure the Gwenview image viewer to no longer display the image action buttons on thumbnails when they hover with the mouse cursor over them.

Read more

Intel Coffee Lake OpenGL Performance On Windows 10 vs. Linux

Filed under
Graphics/Benchmarks

For those curious about the state of Intel's open-source Mesa OpenGL driver relative to the company's closed-source Windows OpenGL driver, here are some fresh benchmark results when making use of an Intel Core i7 8700K "Coffee Lake" processor with UHD Graphics 630 and testing from Windows 10 Pro x64 against Ubuntu 16.04.3 LTS, Ubuntu with the Linux 4.16 Git kernel and Mesa 18.1-dev, and then Intel's own Clear Linux distribution.

Read more

Why open source could be IBM's key to future success in the cloud

Filed under
Server
OSS

Do those same developers need IBM? Developers certainly benefit from IBM's investments in open source, but it's not as clear that those same developers have much to gain from IBM's cloud. Google, for example, has done a stellar job open sourcing code like TensorFlow and Kubernetes that feeds naturally into running related workloads on Google Cloud Platform. Aside from touting its Java bonafides, however, IBM has yet to demonstrate that developers get significant benefits for modern workloads on its cloud.

That's IBM's big challenge: Translating its open source expertise into real, differentiated value for developers on its cloud.

Read more

Top 8 Debian-Based Distros

Filed under
Debian

Most people tend to forget that despite Ubuntu's success over the years, it's still just a distro based on another distro - Debian. Debian on its own, however, isn't really well suited for newer users...hence the explosion of distros based on Debian over the recent years. There are lot of great choices for Linux users. Which one is best for you?

Read more

Compact, rugged IoT gateway offers dual GbE with PoE

Filed under
Linux

Inforce has launched a $250 “Inforce 6320” IoT gateway that runs Linux on a quad -A53 Snapdragon 410, and offers WiFi, BT, GPS, HDMI, USB, -30 to 85°C support, and dual GbE ports with PoE.

Inforce Computing’s $250 Inforce 6320 is a compact (170 x 95 x 42mm) IoT gateway that runs Ubuntu Core (Snappy) and Debian on Qualcomm’s Snapdragon 410E. Inforce promises “periodic upstream kernel based BSP releases [that] include in-depth documentation along with a host of royalty-free software.” The Debian BSP includes LXDE, drivers for all available interfaces, as and access to the Inforce TechWeb tech support services.

Read more

today's leftovers

Filed under
Misc

Debian and Ubuntu Leftovers

Filed under
Debian
Ubuntu
  • Listing and loading of Debian repositories: now live on Software Heritage

    Software Heritage is the project for which I’ve been working during the past two and a half years now. The grand vision of the project is to build the universal software archive, which will collect, preserve and share the Software Commons.

    Today, we’ve announced that Software Heritage is archiving the contents of Debian daily. I’m reposting this article on my blog as it will probably be of interest to readers of Planet Debian.

    TL;DR: Software Heritage now archives all source packages of Debian as well as its security archive daily. Everything is ready for archival of other Debian derivatives as well. Keep on reading to get details of the work that made this possible.

  • Canonical announces Ubuntu Core across Rigado’s IoT gateways
  • Collecting user data while protecting user privacy

    Lots of companies want to collect data about their users. This is a good thing, generally; being data-driven is important, and it’s jolly hard to know where best to focus your efforts if you don’t know what your people are like. However, this sort of data collection also gives people a sense of disquiet; what are you going to do with that data about me? How do I get you to stop using it? What conclusions are you drawing from it? I’ve spoken about this sense of disquiet in the past, and you can watch (or read) that talk for a lot more detail about how and why people don’t like it.

    So, what can we do about it? As I said, being data-driven is a good thing, and you can’t be data-driven if you haven’t got any data to be driven by. How do we enable people to collect data about you without compromising your privacy?

    Well, there are some ways. Before I dive into them, though, a couple of brief asides: there are some people who believe that you shouldn’t be allowed to collect any data on your users whatsoever; that the mere act of wanting to do so is in itself a compromise of privacy. This is not addressed to those people. What I want is a way that both sides can get what they want: companies and projects can be data-driven, and users don’t get their privacy compromised. If what you want is that companies are banned from collecting anything… this is not for you. Most people are basically OK with the idea of data collection, they just don’t want to be victimised by it, now or in the future, and it’s that property that we want to protect.

    Similarly, if you’re a company who wants to know everything about each individual one of your users so you can sell that data for money, or exploit it on a user-by-user basis, this isn’t for you either. Stop doing that.

OSS Leftovers

Filed under
OSS
  • QMO: Firefox 59 Beta 10 Testday Results

    As you may already know, last Friday – February 16nd – we held a new Testday event, for Firefox 59 Beta 10.

    Thank you Mohammed Adam, Abhishek Haridass,  Fahima Zulfath A. and  Surentharan.R.A. from  India QA Community team for helping us make Mozilla a better place.

  • Bugzilla Triage Helper

    There are an awful lot of bugs filed against Firefox and all it's components in the course of a release. Keeping on top of that is hard and some teams have adopted some policies to help with that (for example see: design-decision-needed).

    Having a consistent approach to bugs across the organisation makes it a little easier for everyone to get a feel for what's going.

  • Alfresco Founder: Commercial Open Source is more than Old Stuff for Free

    February sees Open Source turn 20 years old. Or the OSI definition at least. According to the OSI, the term was coined in Palo Alto by nanotechnologist Christine Peterson during a meeting on February 3rd, 1998 shortly after the announcement of the release of Netscape’s source code.

  • EOH and LSD Information Technology partner to lead open source in Africa

    By identifying global trends and local needs, EOH is able to proactively source and secure capabilities that will assist with the adoption of the digital revolution. LSD’s offerings across Linux, automation, devops and containers is a great technology fit for EOH to lead open source in the market.

  • Choosing a tool to track and mitigate open source security vulnerabilities

    Continuously tracking your application’s dependencies for vulnerabilities and efficiently addressing them is no simple feat. In addition, this is a problem shared by all, and is not an area most companies would consider their core competency. Therefore, it is a great opportunity for the right set of tools to help tackle this concern.

  • Open source software: to be celebrated or cursed?

    The use of Open Source Software (OSS) has become widespread. The latest statistics show that 78% of companies run OSS, and a number of mainstream software and hardware products are based on the OSS model – for example Android, Skype [sic], Firefox, Amazon Kindle, Tivo and BT Home Hub.

  • Marshall Students Use Open Source Data to Help Stop Sex Trafficking Cases

    The work involved sex trafficking cases in Latin America, the Caribbean and Southeast Asia. Select students in Marshall’s Open Source Intelligence Exchange program worked to provide open source intelligence collection and analysis for law enforcement and other clients. Open source refers to data collection from publicly available sources.

  • Stanford scholar celebrates Western culture’s open-access tradition

    The move toward “open access” to research and scholarship, far from being a modern digital-age creation, has roots in the West that date back to medieval times, writes a Stanford education scholar. John Willinsky’s new book explains how learning has long benefited from efforts to increase its circulation.

Events: OpenStack Summit Vancouver, IBM Index, Eclipse CheConf 2018

Filed under
OSS
  • OpenStack Summit Vancouver '18: Vote for Speakers

    The next OpenStack Summit takes place again in Vancouver (BC, Canada), May 21-25, 2018. The "Vote for Presentations" period started. All proposals are up for community votes. The deadline for your vote is will end February 25 at 11:59pm PST (February 26th at 8:59am CET)

  • IBM Index: A Community Event for Open Source Developers

    The first-ever INDEX community event, happening now in San Francisco, is an open developer conference featuring sessions on topics including artificial intelligence, machine learning, analytics, cloud native, containers, APIs, languages, and more.

  • Eclipse CheConf 2018 – Join the live stream February 21st at 10 am EST

    2017 was a fantastic year for the Che project, with more contributors, more commits, and more usage – this solidified Che’s position as the leading developer workspace server and browser IDE. Eclipse Che users logged over 7 million hours of public Che usage (plus more in private installs). We’ll discuss the growing cloud development market, Che’s position in it, and the exciting changes we’re planning for 2018.

Kernel News and Linux Foundation

Filed under
Linux
  • Linux Kernel Module Growth

    The Linux kernel grows at an amazing pace, each kernel release adds more functionality, more drivers and hence more kernel modules. I recently wondered what the trend was for kernel module growth per release, so I performed module builds on kernels v2.6.24 through to v4.16-rc2 for x86-64 to get a better idea of growth rates...

  • A Linux Kernel Driver Is Being Worked On For Valve's Steam Controller

    Right now to make most use of the Steam Controller on Linux you need to be using the Steam client while there have been independent user-space programs like SC-Controller to enable Steam Controller functionality without the Steam client running. A new and independent effort is a Linux kernel driver for the Steam Controller.

    Through reverse-engineering, Rodrigo Rivas Costa has been developing a kernel driver for the Valve Steam Controller. This driver supports both USB cable and USB wireless adapters for the Steam Controller. This driver is being developed as a proper HID kernel driver so it should work with all existing Linux programs and doesn't require the use of the proprietary Steam client.

  • AT&T Puts Smart City IoT 'Edge' Computing On Direct Dial
  • Linux Foundation, AT&T Launch Akraino

Red Hat News and New Fedora 27 Live ISOs

Filed under
Red Hat

Software: funny-manpages, Nginx, Cockpit and More

Filed under
Software
  • Have a Laugh With Funny Linux Man Pages

    There is a package unsurprisingly called funny-manpages and it adds some witty entries to the man pages.

  • HTTP/2 Server Push Directives Land in Nginx 1.13.9

    The open source Nginx 1.13.9 web server debuted today, providing support for a new HTTP/2 standard feature known as Server Push.

    The HTTP/2 web standard was completed three years ago in February 2015, with Nginx ahead of the curve in terms of HTTP/2 standard adoption. The NGINX Plus R7 release in September 2015 featured the first commercially supported enterprise-grade support provided by Nginx for HTTP/2.

  • Cockpit 162

    Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 162.

  • 6 Best Linux Music Players That Every User Must Try — (2018 Edition)

    Watching movies and playing music is one of the primary entertainment purposes served by our computers. So, when you move to a new operating system, it makes perfect sense if you look for useful media players. In the past, we’ve already told you about the best video players for Linux and, in this article, we’ll be telling you about the best music players for Linux-based operating systems. Let’s take a look at them:

  • CPod (formerly Cumulonimbus) – A Beautiful Podcast App

    Today, we introduce a somewhat new podcast application that is simple and yet delivers efficiently across all 3 desktop platforms.

    CPod, (formerly known as Cumulonimbus), is an electron-based podcast app player for audiobook and podcast lovers.

  • Apper 1.0.0 is out!

    Apper the package/apps manager based on PackageKit has got it’s 1.0.0 version on it’s 10th birthday!

  • VidCutter – Quickly Trim and Join Video Clips

    VidCutter is an open-source cross-platform video editor with which you can quickly trim and join video clips. It is Python and Qt5-based, uses FFmpeg for its encoding and decoding operations, and it supports all the popular video formats not excluding FLV, MP4, AVI, and MOV.

    VidCutter boasts a customizable User Interface that you can personalize using themes and a plethora of settings that you can tweak to make your video editing environment more appealing.

  • Weblate 2.19.1
  • Tusk Evernote Client Updated, Is Now Available as a Snap

    The Tusk Evernote client is now available as a Snap.

    We spotlighted the unofficial Evernote app last year, finding that it added to and improved on the standard Evernote web app in a number of ways.

today's howtos

Filed under
HowTos

KDE: Calamares, Qt, KDE Bugzilla, Kdenlive, KWin

Filed under
KDE
  • A Day on Krypton

    It’s a bird! It’s a plane! No, it’s a shiny stable-yet-bleeding-edge KDE Plasma distro!

    Since Calamares has to run all over the place, and is used in derivatives of all of the “Big Five” Linux distributions, I regularly switch distro’s as a development platform. Also because I inevitably blow up the VM while running Calamares, or because an update renders the system useless. At FOSDEM I had the pleasure of chatting with the folks from the SUSE stand about OpenQA and OBS.

  • Exporting 3D content for Qt 3D with Blender

    At the heart of every 3D application is geometry. Qt 3D-based 3D applications are no different and require the user to either generate geometry or provide asset files for Qt 3D to load. This blog post demonstrates how Blender and its Python API could be used to write an exporter that generates geometry for Qt 3D.

  • KDE Receives Pineapple Fund Donation, Red Hat Decision Manager, Chef's InSpec 2.0 and More

    KDE has received a $200,000 donation from the Pineapple Fund: "With this donation, the Pineapple Fund recognizes that KDE as a community creates software which benefits the general public, advances the use of Free Software on all kinds of platforms, and protects users' privacy by putting first-class and easy to use tools in the hands of the people at zero cost."

  • KDAB’s City Lights Display with Qt 3D

    The City Lights demo is an example of Qt 3D being put to novel use to implement a deferred rendering pipeline.

  • It’s now much easier to be a bug triager

    We’ve just rolled out a significant and welcome policy change to KDE’s Bugzilla bug tracker: Everyone with an account may now edit any bug without prior permission. This means that every KDE Bugzilla user can now be a bug triager anytime they want!

  • New Kdenlive Beta is Available for Testing

    A new beta of Kdenlive the popular open source video editor is available for testing. The beta is based on a 'refactored' codebase and available as an App Image.

  • There's Experimental Work On A Vulkan Renderer For KDE's KWin

    There is an experimental branch of KDE's KWin window manager / compositor with support for Vulkan compositing.

    Over the past week Fredrik Höglund has begun work on KWin Vulkan support so this low-level, high-performance graphics API could be used for compositing rather than OpenGL. So far he charted out a lot of the fundamental Vulkan code and the necessary infrastructure work along with some basic features like for being able to render window shadows and porting some other window effects over to Vulkan.

KDE neon 5.12 review - Living on the edge

Filed under
KDE
Reviews

KDE neon 5.12 is a reasonable distro. It is MUCH better than Kubuntu Aardvark but not as sweet as my 2017 favorite, Zesty Zebra. That said, it had none of the horrible problems that I saw in the 17.10 release. It's fast, there were no real errors, you get multimedia playback out of the box, reasonable smartphone and network support, and the bleeding edge of what Plasma can deliver.

On the other hand, there are some really life-sapping annoyances in the system, which do not belong in year 2018, or even 2008 for that matter. Better hardware support is needed. The decorations need a cleanup. The software arsenal is thin. Discover needs a miracle. Overall, neon behaves like a developer-focused system, and it has that rough, test-commit feel about it. It does try to balance the best of all worlds - an LTS base combined with the latest Plasma, but that's no excuse for sloppy work or bugs.

It can do better, and we have the most splendid Kubuntu 17.04 as the golden benchmark from now on until the end of times, we few, we happy few, we band of geeks, for he who tests with me together, shall be my code brother, may his git ne'er be so vile, and the persons of all genders now in bed shall feel themselves accursed, and hold their VR sets cheap ... I think you get the idea. I got carried away. Let's summarize. KDE neon 5.12, fresh, cool, sleek, needs more apps, better package management, better overall peripheral support. But there's a lot of potential and hope, and I think we will see cool things in Plasma this year. 7.5/10. Worth checking.

Read more

More on GNU/Linux on Nintendo Switch

Filed under
GNU
Linux
Syndicate content

More in Tux Machines

KDE Says Its Next Plasma Desktop Release Will Start a Full Second Faster

According to the developer, the upcoming KDE Plasma 5.13 desktop environment release will start a full second faster than previous versions because of the removal of the QmlObjectIncubationController component, which apparently slowed down the entire desktop, and promises to let users pin apps on the panel that contain spaces in their desktop file names. Goodies are also coming to the upcoming KDE Applications 18.04 software suite this spring, which makes creating of new files with the Dolphin file manager instantaneous, improves drag-and-drop support from Spectacle to Chromium, and lets users configure the Gwenview image viewer to no longer display the image action buttons on thumbnails when they hover with the mouse cursor over them. Read more

Intel Coffee Lake OpenGL Performance On Windows 10 vs. Linux

For those curious about the state of Intel's open-source Mesa OpenGL driver relative to the company's closed-source Windows OpenGL driver, here are some fresh benchmark results when making use of an Intel Core i7 8700K "Coffee Lake" processor with UHD Graphics 630 and testing from Windows 10 Pro x64 against Ubuntu 16.04.3 LTS, Ubuntu with the Linux 4.16 Git kernel and Mesa 18.1-dev, and then Intel's own Clear Linux distribution. Read more

Why open source could be IBM's key to future success in the cloud

Do those same developers need IBM? Developers certainly benefit from IBM's investments in open source, but it's not as clear that those same developers have much to gain from IBM's cloud. Google, for example, has done a stellar job open sourcing code like TensorFlow and Kubernetes that feeds naturally into running related workloads on Google Cloud Platform. Aside from touting its Java bonafides, however, IBM has yet to demonstrate that developers get significant benefits for modern workloads on its cloud. That's IBM's big challenge: Translating its open source expertise into real, differentiated value for developers on its cloud. Read more

Top 8 Debian-Based Distros

Most people tend to forget that despite Ubuntu's success over the years, it's still just a distro based on another distro - Debian. Debian on its own, however, isn't really well suited for newer users...hence the explosion of distros based on Debian over the recent years. There are lot of great choices for Linux users. Which one is best for you? Read more