Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 19 Jan 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Security: Spectre and Meltdown, Industrial System Sabotage, VDP, Windows in Healthcare

Filed under
Security
  • Some thoughts on Spectre and Meltdown

     

    Contrast that with what happened this time around. Google discovered a problem and reported it to Intel, AMD, and ARM on June 1st. Did they then go around contacting all of the operating systems which would need to work on fixes for this? Not even close. FreeBSD was notified the week before Christmas, over six months after the vulnerabilities were discovered. Now, FreeBSD can occasionally respond very quickly to security vulnerabilities, even when they arise at inconvenient times — on November 30th 2009 a vulnerability was reported at 22:12 UTC, and on December 1st I provided a patch at 01:20 UTC, barely over 3 hours later — but that was an extremely simple bug which needed only a few lines of code to fix; the Spectre and Meltdown issues are orders of magnitude more complex.  

  • Menacing Malware Shows the Dangers of Industrial System Sabotage

     

    At the S4 security conference on Thursday, researchers from the industrial control company Schneider Electric, whose equipment Triton targeted, presented deep analysis of the malware—only the third recorded cyberattack against industrial equipment. Hackers [sic] were initially able to introduce malware into the plant because of flaws in its security procedures that allowed access to some of its stations, as well as its safety control network.

  • 25 per cent of hackers don't report bugs due to lack of disclosure policies

     

    One of the standout discoveries was that almost 25 per cent of respondents said they were unable to disclose a security flaw because the bug-ridden company in question lacked a vulnerability disclosure policy (VDP).

  • 'Professional' hack [sic] on Norwegian health authority compromises data of three million patients [iophk: "Windows TCO"]

My Linux story: Coding not required

Filed under
Linux

For more than 15 years, I have earned a living working exclusively with open source products. How did I get here?

In many ways, my journey started before Linux existed. In college, I had friends who were admins in the engineering computer lab. Although I did not do too well in my CS programming classes, as a hobby and to spend time with my friends I learned about newgroups, ftp sites, and Unix systems. As a data aide student intern, I realized I made a good translator between the astronomers and the C programmer computer support staff. I could read just enough code to identify the problem, but not enough to actually fix it.

Read more

Amazing Facts about Linux Operating System You Probably Don't Know

Filed under
Linux

It was almost 30 years ago when the first version of Linux came into the market and since then, this operating system has made its important stature beside Microsoft Windows. Linux has turned out to be one of the most acknowledged and extensively used operating system. Enthused by UNIX, Linux has smartly managed to attract a lot of tech giants such as Facebook, Google, Yahoo, Twitter, Amazon, and much more. However, when it comes to assessing the exact rate of adoption of Linux in the market, the task is a bit tough since the sources to get copies are wide in number. Appreciating workers' and developers' hard-work, Linux has been designed in such a way that exploring and learning things on this operating system has become quite captivating and enthralling.

In this post, let's know more about amazing features and facts of this operating system.

Read more

Red Hat News

Filed under
Red Hat

Raising Funds for GNU/Linux

Filed under
GNU
Linux
  • $25k Linux Journalism Fund

    Linux Journal's new parent, Private Internet Access, has established a $25k fund to jump-start the next generation of Linux journalism—and to spend it here, where Linux journalism started in 1994.

    This isn't a contest, and there are no rules other than the ones that worked for journalism before it starting drowning in a sea of "content".

  • Nearly six years after the Kickstarter, Stainless Games claim Carmageddon is still coming to Linux

    Another year has passed and it's now nearing six years since the Carmageddon: Reincarnation Kickstarter that was supposed to have a Linux version. The developer said it is still coming, apparently.

Linux Foundation Events: India Digital Open Summit 2018, Open Source Networking Day, Open Source Leadership Summit

Filed under
Linux

GPL Violations: Grsecurity Carries on Bullying Bruce Perens, Israel Complies with AGPL, Xiaomi Violates GPL

Filed under
GNU
  • Linux's Grsecurity dev team takes blog 'libel' fight to higher court

    Open Source Security, Inc., the maker of the Grsecurity Linux kernel patches, suffered a setback last month when San Francisco magistrate judge Laurel Beeler granted a motion by defendant Bruce Perens to dismiss the company's defamation claim, with the proviso that the tossed legal challenge could be amended.

    The code biz and its president Brad Spengler sued Perens over a blog post in June in which Perens said that using the firm's Grsecurity software could expose customers to a contributory infringement claim under the terms of the Linux kernel's GPLv2 license.

    Open Source Security contends that statement has damaged its business.

  • Israel’s Information and Communications Technology Authority Bows to Pressure to Comply with Affero GPL

    Under pressure from open source advocates, the Israeli Information and Communications Technology (ICT) Authority recently shared its first open source software, extensions made by the ICT Authority to the CKAN data portal platform to help make the platform usable in Hebrew.

    The CKAN software is an open source data portal platform used since 2016 by the ICT Authority to make Israeli government data open and available on its government database website. The CKAN software is licensed under the GNU AGPL Version 3 license, an “ultra-strong” open source license that requires users of modified versions of CKAN software to offer its source code, even in the absence of distribution, to users interacting with software over the Internet.

  • Xiaomi Violating GPL 2.0 License With Mi A1 Kernel Sources

    Xiaomi is in violation of the GPL 2.0 license of the Linux Kernel project by still not releasing the kernel sources for the Mi A1 Android One and has been publicly criticized on the matter by established Android developer Francisco Franco earlier this week. While the smartphone was released in September and the Chinese consumer electronics manufacturer’s official policy is to publicize kernel sources for its devices within three months of their market launch, the Android One edition of the Mi A1 remains undetailed in this regard. Mr. Franco — best known for his work on the Franco Kernel, one of the most popular custom OS cores in the Android ecosystem — had some harsh words for the company on Twitter, calling its laidback approach to publicizing the kernel sources for the Mi A1 “an embarrassment” for the open source community and the type of software it allows it to create its commercial devices in the first place.

Security: Updates, Secure Contexts, EFF, Google, Fedora

Filed under
Security

Introducing my new friend: a Slimbook

Filed under
GNU
KDE
Linux
Reviews

I have been following Slimbook for some time now. As you probably know, they ship a KDE laptop that is very cool, with KDE Neon pre-installed. They have attended to a couple of events I have attended to so I have been able to test their laptops, get feedback from buyers and ask them questions directly. The fact that they are a Spanish company was a beautiful surprise, We do not have that many hardware integrators and vendors in Spain.

But what definitely caught my attention was the fact that they pay a lot of attention to the software. They ship the laptops with Linux pre-installed. Ok, that is not new any more. But they do pre-install several different distros. Now, that’s uncommon. But news do not stop there.

Read more

RF-enabled Raspberry Pi add-on brings Google Assistant to gizmos, speakers, and robots

Filed under
Linux
Hardware

JOY-iT and Elector have launched a $42 “Talking Pi” RPi add-on that enables Google Home/AIY compatible voice activation of home automation devices linked to the Pi’s GPIO, and includes a mic board, PWM servo controls, and support for a 433MHz SRD radio.

Elektor has begun selling a $42, open source voice control add-on board that is programmable via the Google Assistant SDK. Built by Germany based JOY-iT, and marketed by Conrad Business Supplies, the RF-enabled Talking Pi enables voice control of home automation equipment such as smart lights, power sockets, and other gizmos via addressable extensions to the Raspberry Pi’s GPIO.

Read more

16-Way Graphics Card Comparison With Radeon On ROCm, NVIDIA With Initial 2018 Linux Drivers

Filed under
Graphics/Benchmarks

Towards the end of December AMD quietly released ROCm 1.7.60 as the newest version of their Radeon Open Compute stack complete with their maturing OpenCL implementation. With the improvements there plus NVIDIA recently introducing their 390 Linux driver series (390.12 Beta currently), I ran some fresh Linux OpenCL GPU compute benchmarks on a variety of AMD and NVIDIA graphics cards for those curious how the current performance stacks up.

Read more

Also: X.Org Server Finally Adapted To Better Deal With 16:9 & 16:10 Displays

Proprietary Slack as Canonical's Showcase of Snap

Filed under
Ubuntu
  • Slack comes to Linux as a snap

    Slack’s ambition to become the default, go-to place for employees chat to each other and link into hundreds of other applications to get work done is getting one more step up today by becoming available on a new platform. From today, Slack will be available as a Snap, an application package that’s available across a range of open-source-based Linux environments.

  • Slack now available as a Snap for Linux

    At the end of last year, the Linux desktop scored a huge win when Spotify became available as a Snap. If you aren't familiar with Snaps, please know that they are essentially software packages designed to run as a container on any Linux distro. Not only does it make installing software packages easier for users, but it makes things simpler for developers too. Ultimately, Snaps have the potential to solve the big fragmentation problem in the Linux desktop community.

  • Slack Is Now Available as a Snap for Ubuntu and Other Linux Distros

    Canonical and Slack announced today that the popular Slack team collaboration and communication platform is now available as a Snap for Ubuntu and other Snappy-enabled GNU/Linux distributions.

    With the promise of making your working life simpler, more productive and pleasant, Slack is used by numerous organizations and businesses to increase the productivity of their employees. It's an all-in-one platform that offers messaging, planning, calendaring, budgeting, code reviewing, and many other tools.

    "Slack brings team communication and collaboration into one place so you can get more work done, whether you belong to a large enterprise or a small business. Check off your to-do list and move your projects forward by bringing the right people, conversations, tools, and information you need together," reads project's page.

  • Canonical brings Slack to the snap ecosystem

    Canonical, the company behind Ubuntu, today announced the first iteration of Slack as a snap, bringing collaboration to open source users.

    Slack is an enterprise software platform that allows teams and businesses of all sizes to communicate effectively. Slack works seamlessly with other software tools within a single integrated environment, providing an accessible archive of an organisation’s communications, information and projects.

    In adopting the universal Linux app packaging format, Slack will open its digital workplace up to an-ever growing community of Linux users, including those using Linux Mint, Manjaro, Debian, ArchLinux, OpenSUSE, Solus, and Ubuntu.

  • Want to Install Slack on Ubuntu? It’s Now Easier Than Ever

    You can easily install Slack on Ubuntu as a Snap application from the Ubuntu Software app. The popular app lets people chat and collaborate in realtime.

Ubuntu Patches

Filed under
Ubuntu
  • Ubuntu Preparing Kernel Updates With IBRS/IBPB For Spectre Mitigation

    Canonical has rolled out Spectre Variant One and Spectre Variant Two mitigation to their proposed repository with updated kernels for Ubuntu 14.04 LTS / 16.04 LTS / 17.10. These kernels with IBRS and IBPB added in will be sent down as stable release updates next week.

  • Canonical Invites Ubuntu Users to Test Kernel Patches for Spectre Security Flaw

    Canonical has released preliminary kernel updates to mitigate both variants of the Spectre security vulnerability in all supported Ubuntu Linux operating systems, including all official flavors.

    The company promised last week that it would release new kernel updates on Monday, January 15, 2018, for all supported Ubuntu releases. But it didn't happen as they needed more time to thoroughly test and prepare the patches that would presumably address variant 1 and 2 of the Spectre exploit, which is harder to fix than Meltdown, so that it won't cause any issues.

  • Purism Progress Report, Spectre Mitigation for Ubuntu, Malicious Chrome Extensions and More

    Canonical has made Spectre Variant One and Spectre Variant Two mitigation availble in Ubuntu Proposed with updated kernels for Ubuntu 14.04 LTS, 16.04 LTS and 17.10. Those kernels will be in the stable release updates starting January 22, 2018. See ubuntu insights for more information.

Canonical Wants to Stick to Older Nautilus for Desktop Icons in Ubuntu 18.04 LTS

Filed under
Ubuntu

As you may be aware, upstream GNOME team decided to remove the handling of desktop icons from the Nautilus file manager, moving it to the GNOME Shell user interface through an extension. The change will take effect with the upcoming GNOME 3.28 desktop environment, due for release on March 14, 2018.

Now that Ubuntu switched to GNOME as default desktop environment, the change will affect all upcoming releases of the operating system, starting with Ubuntu 18.04 LTS (Bionic Beaver), which is currently under heavy development.

Read more

CentOS Linux 7 and 6 Users Receive New Microcode Updates for Intel and AMD CPUs

Filed under
Red Hat

CentOS Linux is an open-source, free, enterprise-class, and community-supported operating system based on and compatible with Red Hat Enterprise Linux. As such, it regularly receives new important security updates as soon as they are released upstream by Red Hat.

About two weeks ago, CentOS Linux 7 and 6 users received kernel and microcode updates that mitigated the Meltdown and Spectre security vulnerabilities unearthed earlier this month. However, after some thorough testing, Red Hat discovered that these updated microcode firmware developed by Intel and AMD caused hardware issues.

Read more

Google moves to Debian for in-house Linux desktop

Filed under
Linux
Google
Debian

Google has officially confirmed the company is shifting its in-house Linux desktop from the Ubuntu-based Goobuntu to a new Linux distro, the DebianTesting-based gLinux.

Margarita Manterola, a Google Engineer, quietly announced Google would move from Ubuntu to Debian-testing for its desktop Linux at DebConf17 in a lightning talk. Manterola explained that Google was moving to gLinux, a rolling release based on Debian Testing.

Read more

Android Support Removed from Intel Graphics Driver Debugging Tool for Linux

Filed under
Android
Linux

For those unfamiliar with intel-gpu-tools, it's a collection of tools for GNU/Linux distribution that allows the debugging the official Intel graphics driver for Intel GPUs. Tools include a GPU hang dumping program, performance microbenchmarks for regression testing the DRM, as well as a performance monitor.

The latest release, intel-gpu-tools 1.21, adds quite a bunch of changes, including automatic loading of DRM modules when opening a DRM device, much-improved GPU quiescing code to more thoroughly flush pending work and old data, as well as production support for the Meson build system while automake is still kept around.

Read more

Educational-Oriented Escuelas Linux 5.6 Distro Released with LibreOffice 6.0

Filed under
LibO
Linux

Based on the latest release of the Ubuntu-based and Enlightenment-focused Bodhi Linux operating system, Escuelas Linux 5.6 is powered by the Linux 4.14.13 kernel, which includes patches against the Meltdown and Spectre security vulnerabilities, and comes with a bunch of up-to-date educational apps.

These include the OnlyOffice 4.8.6 office suite (only for the 64-bit edition), Vivaldi 1.13, Chromium 63, Google Chrome 63, and Mozilla Firefox 57 "Quantum" web browsers, Geogebra 5.0.414 geometry, algebra, statistics, and calculus app, latest Adobe Flash Player 28 plugin, and the upcoming LibreOffice 6.0 open-source office suite.

Read more

Syndicate content