Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 17 Dec 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Mobile Linux: Tizen and Android Roy Schestowitz 17/12/2017 - 10:16am
Story Security: Vista 10, Ransom, and "Zealot" Roy Schestowitz 17/12/2017 - 10:13am
Story today's howtos Roy Schestowitz 17/12/2017 - 10:12am
Story FLOSSophobia Roy Schestowitz 17/12/2017 - 10:05am
Story Today in Techrights Roy Schestowitz 17/12/2017 - 9:37am
Story Hands on With elementary OS Powered Centurion Nano Laptop by Alpha Store Rianne Schestowitz 17/12/2017 - 8:56am
Story Tryton and Python Deprecation Warnings Roy Schestowitz 17/12/2017 - 5:58am
Story Red Hat News Roy Schestowitz 17/12/2017 - 5:57am
Story Linux Kernel Space: eBPF and More (LWN Paywall Expired) Roy Schestowitz 17/12/2017 - 5:52am
Story today's howtos Roy Schestowitz 17/12/2017 - 5:05am

Mobile Linux: Tizen and Android

Filed under
Android
Linux

Security: Vista 10, Ransom, and "Zealot"

Filed under
Security
  • Face Palm: Windows 10 Bundled A Password Manager That Exposed Your Saved Passwords

    bout 16 months ago, a Google Project Zero researcher found a critical bug in a password manager named Keeper. The bug allowed Keeper to inject its trusted UI into untrusted web pages with a content script. This allowed websites to steal user passwords using techniques like clickjacking.

    In a surprising development, Tavis Ormandy, the same researcher, has found that Microsoft bundled the same password manager with Windows 10. “I recently created a fresh Windows 10 VM with a pristine image from MSDN, and found that a password manager called “Keeper” is now installed by default,” he said. Moreover, a similar flaw was again found in this pre-installed password manager, which remained present for eight days.

  • British companies 'stockpile' Bitcoin to use as ransomware hush money
  • "Zealot" Campaign Uses NSA Exploits to Mine Monero on Windows and Linux Servers

    An aggressive and sophisticated malware campaign is currently underway, targeting Linux and Windows servers with an assortment of exploits with the goal of installing malware that mines the Monero cryptocurrency.

    The campaign was detected by security researchers from F5 Networks, who named it Zealot, after zealot.zip, one of the files dropped on targeted servers.

today's howtos

Filed under
HowTos

FLOSSophobia

Filed under
GNU
Linux

I have seen it many times. "Linux is a cancer". "Open sauce". "Linuxtard". I even remember the teacher who did not bring a laptop for her presentation and, when I offered her my Linux netbook, she rejected it as if I had presented her something illegal. She tried to use an old Windows computer instead but, when the computer failed, she ended up displaying her presentation with my Linux netbook.
Clearly, this teacher's position was not based on ignorance or lack of expertise because she knew Linux existed and all she had to do was to display slides. Her refusal was due to indoctrination: she had learned that Linux and non-Microsoft office suites had to be rejected.

Read more

Hands on With elementary OS Powered Centurion Nano Laptop by Alpha Store

Filed under
Linux
Reviews

If you want to buy a new laptop, no doubt you should consider the Centurion line. It will be a good choice for you, Linux aficionado. As well as for your Windows-addicted husband/wife/employees. The Centurion Nano is certainly not a “gamer” laptop. However, besides that particular use case, and for an interesting price, you will get a very competent computer, 100% compatible with Linux and usable for a broad range of tasks.

Read more

Tryton and Python Deprecation Warnings

Filed under
Development
  • Trying Tryton

    The quest to find a free-software replacement for the QuickBooks accounting tool continues. In this episode, your editor does his best to put Tryton through its paces. Running Tryton proved to be a trying experience, though; this would not appear to be the accounting tool we are searching for.
    Tryton is a Python 3 application distributed under the GPLv3 license. Its home page mentions that it is based on PostgreSQL, but there is support for MySQL and SQLite as well. Tryton, it is said, is "a three-tier high-level general purpose application platform" that is "the core base of a complete business solution providing modularity, scalability and security". The "core base" part of that claim is relevant: Tryton may well be a solid base for the creation of a small-business accounting system, but it is not, out of the box, such a system itself.

  • Who should see Python deprecation warnings?

    As all Python developers discover sooner or later, Python is a rapidly evolving language whose community occasionally makes changes that can break existing programs. The switch to Python 3 is the most prominent example, but minor releases can include significant changes as well. The CPython interpreter can emit warnings for upcoming incompatible changes, giving developers time to prepare their code, but those warnings are suppressed and invisible by default. Work is afoot to make them visible, but doing so is not as straightforward as it might seem.
    In early November, one sub-thread of a big discussion on preparing for the Python 3.7 release focused on the await and async identifiers. They will become keywords in 3.7, meaning that any code using those names for any other purpose will break. Nick Coghlan observed that Python 3.6 does not warn about the use of those names, calling it "a fairly major oversight/bug". In truth, though, Python 3.6 does emit warnings in that case — but users rarely see them.

Red Hat News

Filed under
Red Hat

Linux Kernel Space: eBPF and More (LWN Paywall Expired)

Filed under
Linux
  • A thorough introduction to eBPF

    In his linux.conf.au 2017 talk [YouTube] on the eBPF in-kernel virtual machine, Brendan Gregg proclaimed that "super powers have finally come to Linux". Getting eBPF to that point has been a long road of evolution and design. While eBPF was originally used for network packet filtering, it turns out that running user-space code inside a sanity-checking virtual machine is a powerful tool for kernel developers and production engineers. Over time, new eBPF users have appeared to take advantage of its performance and convenience. This article explains how eBPF evolved how it works, and how it is used in the kernel.

  • Restricting automatic kernel-module loading

    The kernel's module mechanism allows the building of a kernel with a wide range of hardware and software support without requiring that all of that code actually be loaded into any given running system. The availability of all of those modules in a typical distributor kernel means that a lot of features are available — but also, potentially, a lot of exploitable bugs. There have been numerous cases where the kernel's automatic module loader has been used to bring buggy code into a running system. An attempt to reduce the kernel's exposure to buggy modules shows how difficult some kinds of hardening work can be.

  • Container IDs for the audit subsystem

    Linux containers are something of an amorphous beast, at least with respect to the kernel. There are lots of facilities that the kernel provides (namespaces, control groups, seccomp, and so on) that can be composed by user-space tools into containers of various shapes and colors; the kernel is blissfully unaware of how user space views that composition. But there is interest in having the kernel be more aware of containers and for it to be able to distinguish what user space considers to be a single container. One particular use case for the kernel managing container identifiers is the audit subsystem, which needs unforgeable IDs for containers that can be associated with audit trails.

    Back in early October, Richard Guy Briggs posted the second version of his RFC for kernel container IDs that can be used by the audit subsystem. The first version was posted in mid-September, but is not the only proposal out there. David Howells proposed turning containers into full-fledged kernel objects back in May, but seemingly ran aground on objections that the proposal "muddies the waters and makes things more brittle", in the words of namespaces maintainer Eric W. Biederman.

Graphics: Texture Compression, Enlightenment Foundation Libraries (EFL), and AMD FreeSync

Filed under
Graphics/Benchmarks
  • Unity Continues Crunching More Out Of Crunch Texture Compression

    Unity is one of the big public users of the open-source Crunch DXT texture compression library. While it's no longer maintained by Rich Geldreich / Binomial, Unity has continued advancing this open-source code to further improve the compression ratio and speed.

    For months Unity has been talking about their promising findings with Crunch. But this is the project that Rich Geldreich, the former Valve developer, previously expressed regret having open-sourced all of it. While he is on to working on better and more advanced technologies at his Binomial startup, Unity is working to squeeze more out of this open-source library.

  • Improving EFL Graphics With Wayland Application Redraws

    Under X, application redraws are tricky to do without tearing because content can be updated at any chosen time with no clear feedback as to when the compositor will read it. EFL uses some clever tricks to this end (check out the state of the art X redraw timing for yourself), but it’s difficult to get right in all cases. For a lot of people this just works, or they’re not sensitive to the issue when it doesn’t.

  • Improved Wayland Application Redraws Coming To Enlightenment's EFL

    Samsung's Open-Source Group has been working on making their Wayland support in the Enlightenment Foundation Libraries (EFL) even better.

    The latest Wayland work on the Enlightenment/EFL front has been improving the application redraw process. The EFL toolkit with the upcoming v1.21 release will now be hooking into Wayland's frame callbacks to better dealing with drawing, only drawing when necessary, and doing so without the possibility of tearing.

  • AMD FreeSync For Tear-Free Linux Gaming - Current State In 2017

    If you are thinking of gifting yourself (or someone else) a FreeSync-compatible monitor this holiday season, here's a look at how the AMD FreeSync support is working right now, the driver bits you need to be aware of, and how it's all playing out for those wanting to use this tear-free capability for Linux gaming.

KStars 2.8.9 is released!

Filed under
KDE

Here comes the last KStars release for 2017! KStars v2.8.9 is available now for Windows, MacOS, and Linux.

Robert Lancaster worked on improving PHD2 support with Ekos. This includes retrieving the guide star image, drift errors and RMS values, among other minor improvements and refactoring of the Ekos PHD2 codebase to support future extensions.

Read more

Security: Mirai, Vista 10, Starbucks, and Hacking Team Investigation

Filed under
Security
  • Mirai IoT Botnet Co-Authors Plead Guilty

    The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks designed to knock Web sites and entire networks offline (including multiple major attacks against this site).

  • Google Researcher Finds Flaw in Pre-Installed Windows 10 Password Manager

    Google security researcher Tavis Ormandy, who has previously discovered, reported, and disclosed several major bugs in Windows and its features, came across a new security vulnerability affecting Microsoft users.

    This time, the flaw exists in the Keeper password manager that comes pre-installed in some Windows 10 versions, with Ormandy explaining that it’s similar to a vulnerability that he discovered in August 2016.

    “I remember filing a bug a while ago about how they were injecting privileged UI into pages,” Ormandy explained on December 14. “I checked and, they're doing the same thing again with this version,” he continues.

  • Starbucks Wi-Fi Turned People’s Laptops into Cryptocurrency Miners

    The free Wi-Fi that the Buenos Aires Starbucks offers to its customers was being used to mine for cryptocurrency, and what’s worse, it used people’s laptops to do it.

    The whole thing was discovered by Stensul CEO Noah Dinkin who actually paid a visit to the store and wanted to browse the web using the free Wi-Fi, only to discover that his laptop was unknowingly converted into a cryptocurrency miner.

    He then turned to Twitter to ask Starbucks if they know about the what he described as bitcoin mining taking place without customers knowing about it.

    “Hi Starbucks, did you know that your in-store wifi provider in Buenos Aires forces a 10 second delay when you first connect to the wifi so it can mine bitcoin using a customer's laptop? Feels a little off-brand,” he said in his tweet.

  • Italian Prosecutor Makes Request to Close Hacking Team Investigation

    The damaging data breach that exposed the secrets of an infamous surveillance tech company might go unsolved forever. After more than two years, the Italian prosecutor who was investigating the attack on the Milan-based Hacking Team has asked the case to be dismissed, according to multiple sources.

    On Monday, the Milan prosecutor Alessandro Gobbis sent a notice to the people under investigation informing them that he had sent the judge a request to shut down the investigation, according to a copy of the document obtained by Motherboard.

GNOME: Bluetooth, Predictions, Librsvg and NetworkManager

Filed under
GNOME
  • More Bluetooth (and gaming) features

    Finally, this is the boring part. Benjamin and I reworked code that's internal to gnome-bluetooth, as used in the Settings panel as well as the Shell, to make it use modern facilities like GDBusObjectManager. The overall effect of this is, less code, less brittle and more reactive when Bluetooth adapters come and go, such as when using airplane mode.

  • Some predictions for 2018

    Ever since Steve Jobs died it has become quite clear in my opinion that the emphasis
    on the traditional desktop is fading from Apple. The pace of hardware refreshes seems
    to be slowing and MacOS X seems to be going more and more stale. Some pundits have already
    started pointing this out and I predict that in 2018 Apple will be no longer consider the
    cool kid on the block for people looking for laptops, especially among the tech savvy crowd.
    Hopefully a good opportunity for Linux on the desktop to assert itself more.

  • Librsvg 2.40.20 is released

    Today I released librsvg 2.40.20. This will be the last release in the 2.40.x series, which is deprecated effectively immediately.

    People and distros are strongly encouraged to switch to librsvg 2.41.x as soon as possible. This is the version that is implemented in a mixture of C and Rust. It is 100% API and ABI compatible with 2.40.x, so it is a drop-in replacement for it. If you or your distro can compile Firefox 57, you can probably build librsvg-2.41.x without problems.

  • NetworkManager 1.10.2 Released with Support for "onlink" IPv4 Routes Attribute

    GNOME developer Beniamino Galvani announced the availability of the first point release of the NetworkManager 1.10 open-source network connection manager software.

    NetworkManager is the most popular network connection manager tool these days, coming pre-installed with numerous GNU/Linux distributions. The latest stable release, NetworkManager 1.10.2, is here about five weeks after the launch of NetworkManager 1.10.0 to add a handful of new features and improvements.

Parrot Security 3.10 Ethical Hacking OS Adds Full Firejail/AppArmor Sandboxing

Filed under
Security
Debian

ParrotSec devs released today a new stable version of their Debian-based Parrot Security OS ethical hacking and penetration testing GNU/Linux distribution.

There are many enhancements implemented in the Parrot Security OS 3.10 release, but the biggest new feature is the introduction of a full Firejail and AppArmor sandboxing system that should proactively protect the operating system from attacks by isolating its components with the combination of various security techniques.

"The first experiments were already introduced in Parrot 3.9 with the inclusion of Firejail, but we took almost a month of hard work to make it even better with the improvement of many profiles, the introduction of the AppArmor support and enough time to make all the tests," reads today's announcement.

Read more

Also: Parrot 3.10 is out

GNOME 3.27.3 Released

Filed under
GNOME
  • GNOME 3.27.3 released

    GNOME 3.27.3, the third development snapshot in the 3.28 development cycle, is now available.

    A few more modules have been ported to meson, and lots of development is happening across all modules. To point out a few highlights, dconf-editor is seeing significant work, and evolution has had many bug fixes.

  • GNOME 3.27.3 Brings More Meson Ports, Redesign To DConf Editor

    Matthias Clasen of Red Hat announced the release of GNOME 3.27.3 this weekend.

    GNOME 3.27.3 is the latest in a string of development releases leading up to the stable GNOME 3.28 debut in March.

  • GNOME 3.28 Desktop Environment Gets Third Development Snapshot, More Meson Ports

    GNOME leader Matthias Clasen announced a few moments ago the availability of the third development snapshot towards the GNOME 3.28 desktop environment for GNU/Linux distributions.

    The development cycle of the upcoming GNOME 3.28 desktop environment continues today with the GNOME 3.27.3 milestone, which ports more components to the Meson build system and adds various improvements to various apps and tools, including the Evolution email and calendar client, NetworkManager network connection manager, and dconf-editor.

Review: OnePlus 5T

Filed under
Android
Reviews

Have you ever arrived at a party, looked around, and realized you’re totally underdressed? It’s a panic-inducing moment. This nightmare scenario happened to OnePlus earlier this year. Its OnePlus 5 had the brains to match any competing Android device, but next to phones like the Galaxy S8, LG G6, iPhone X, it looked, well, dowdy. With thick, squared off bezels and an eyesore of a home button, it was so last season.

For four years, OnePlus has pinned its entire identity to the idea that it sells the phone with the highest specs at the lowest price. Instead of paying $850+ for a fancy phone from the likes of Google or Samsung, you can buy a nearly identical, slightly off-brand OnePlus for $500 or less. It was the phone those in the know would recommend to save a few hundred bucks and still have a brag-worthy device. But you couldn’t brag about the OnePlus 5, especially after some bugs plagued the device.

Read more

Canonical Releases Small Kernel Patch for Ubuntu 16.04 LTS to Fix a Regression

Filed under
Ubuntu

Last week, Canonical released a kernel update for the Ubuntu 16.04 LTS (Xenial Xerus) operating system patching a total of four security issues, including a use-after-free vulnerability in the Netlink subsystem (XFRM), an out-of-bounds read in the GTCO digitizer USB driver, a bug in the associative array implementation, and improper copy-on-write (COW) handling of transparent huge pages.

However, it would appear that the respective kernel update also introduced a regression, which apparently prevented the use of the Ceph network file system on machines that upgraded to the new kernel versions. Canonical patched the issue and released a new Linux kernel update that addresses the problem on all Ubuntu 16.04 LTS systems, as well as Ubuntu 14.04.5 LTS machines.

Read more

FreeNAS, World’s Most Popular Storage OS, Gets AMD Ryzen Support, Cloud Sync

Filed under
OS

Coming six months after the release of the FreeNAS 11 stable series, the FreeNAS 11.1 update is based on FreeBSD 11.1 and introduces cloud integration, support for AMD Ryzen and Intel Xeon Scalable family of processors, OpenZFS performance improvements, as well as preliminary support for Docker application container engine through a virtual machine built from RancherOS.

"FreeNAS 11.1 adds a cloud sync (data import/export to the cloud) feature," reads the announcement. "This new feature lets you sync (similar to backup), move (erase from source), or copy (only changed data) data to and from public cloud providers that include Amazon S3 (Simple Storage Services), Backblaze B2 Cloud, Google Cloud, and Microsoft Azure."

Read more

Syndicate content