Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 30 Apr 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Security Leftovers Roy Schestowitz 01/05/2017 - 1:57am
Story Kernel Graphics and Benchmarks Roy Schestowitz 01/05/2017 - 1:56am
Story Containers News Roy Schestowitz 01/05/2017 - 1:55am
Story Distributions News: Ubuntu, Manjaro, and Lakka Roy Schestowitz 01/05/2017 - 1:55am
Story Software: Monitoring Tools, VSXu, and FSearch Roy Schestowitz 01/05/2017 - 1:54am
Story today's howtos Roy Schestowitz 01/05/2017 - 1:53am
Story Linux Mint's Plans Roy Schestowitz 01/05/2017 - 1:14am
Story Linux Wants the Future of Automotive Software to Be Open Source Roy Schestowitz 01/05/2017 - 12:55am
Story Today in Techrights Roy Schestowitz 30/04/2017 - 4:21pm
Story today's leftovers Roy Schestowitz 30/04/2017 - 4:12pm

Security Leftovers

Filed under
Security
  • Security fail is people

    The other day I ran across someone trying to keep their locker secured by using a combination lock. As you can see in the picture, the lock is on the handle of the locker, not on the loop that actually locks the door. When I saw this I had a good chuckle, took a picture, and put out a snarky tweet. I then started to think about this quite a bit. Is this the user's fault or is this bad design? I'm going to blame bad design on this one. It's easy to blame users, we do it often, but I think in most instances, the problem is the design, not the user. If nothing is ever our fault, we will never improve anything. I suspect this is part of the problem we see across the cybersecurity universe.

  • Free software activities in April 2017

    Whilst anyone can inspect the source code of free software for malicious flaws, most software is distributed pre-compiled to end users.

    The motivation behind the Reproducible Builds effort is to permit verification that no flaws have been introduced — either maliciously or accidentally — during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

Kernel Graphics and Benchmarks

Filed under
Graphics/Benchmarks

Containers News

Filed under
Server
  • Containers running Containers

    Some genuinely exciting news piqued my interest at this year’s DockerCon, that being the new Operating System (OS), LinuxKit, which was announced and is immediately on offer from the undisputed heavyweight container company, Docker.

    The behemoth has announced a flexible, extensible Operating System where system services run inside containers for portability. You might be surprised to hear that even includes the Docker runtime daemon itself.

    [...]

    As the powerhouse that is Docker continues to grow arms and legs there’s no doubt whatsoever that these giant-sized leaps in the direction of solid progress will benefit users and other software projects alike.

  • Bare-metal Kubernetes

    A few years ago, I attended my first Linux conference, DevConf 2014. Many of the speakers talked about containers and how wonderful they were, and my interest was piqued, but I’ve never really had an opportunity to use them.

    As the sysadmin for a school, there just isn’t much need for the scalability provided for by containers. Our internal web site runs on a single VM, and the short downtimes required for system updates and upgrades are not a problem, especially if I plan them for the weekends. On the flip side, having something that we can use to spin up web services quickly isn’t a bad idea, so, over the last few months, I’ve been experimenting with Kubernetes.

  • Docker loves AtCore

    Today I’m going to talk about Docker. I may have been laying around a draft about my start on Docker world, but probably will be below some web dust by now in my drafts…

Distributions News: Ubuntu, Manjaro, and Lakka

Filed under
GNU
Linux
  • Ubuntu founder retakes the CEO throne, many employees gone

    Mark Shuttleworth, the founder of Canonincal has once again returned to his positition of CEO, as Jane Silber, the previous CEO now heads to the Board of Directors; and big changes happen to the staff lineup as a result.

    In a blog bost by Sibler, she says, “I originally agreed to be CEO for 5 years and we’ve extended my tenure as CEO by a couple of years already. We’ve been preparing for a transition for some time by strengthening the executive leadership team and maturing every aspect of the company, and earlier this year Mark and I decided that now is the time to effect this transition.”

  • [Video] Manjaro 17.0 KDE Edition - See What’s New

    Manjaro 17.0 KDE is the latest release of Manjaro Linux. This release brings new KDE Plasma 5.9.x as desktop environment include the most of KDE applications 16.12 and KDE Frameworks 5.32.

  • Make your own NES Classic Edition with Lakka 2.0 LibreELEC Linux distro and Raspberry Pi

    The NES Classic Edition is a very fun nostalgia-based gaming console. As someone who grew up with Nintendo, I knew I wanted the mini system as soon as it was announced. A family member was able to score me one on launch day, and I've been very happy with it. Unfortunately, other people have not been so lucky. Supply was very limited and it has since been discontinued. If you do not already have it, you are sort of out of luck without paying high prices on eBay or Craigslist.

    If you are only looking to replay the NES games of your youth, and you are OK with doing it in an unofficial way, emulation is another route. In fact, if you'd rather not play these games on your PC, you can instead use a Linux-based operating system and a Raspberry Pi (or other devices) hooked to a television. One such distro is Lakka, which just reached version 2.0. It is arguably better than an NES Classic Edition as it can also play games from other systems, such as SNES, Sega Genesis, Nintendo 64, PlayStation 1, and many more.

Software: Monitoring Tools, VSXu, and FSearch

Filed under
Software

Linux Mint's Plans

Filed under
GNU
Linux
Ubuntu
  • Some Of The Features Coming To Linux Mint's Cinnamon 3.4 Desktop

    In the latest monthly progress report on Linux Mint, some of the upcoming changes for the GNOME3-forked Cinnamon Desktop Environment were shared.

  • Monthly News – April 2017

    Many thanks to all the people who donated to us and who help to fund our project. Donations are down to about 60% of what they were last year, but they’re still quite high. In the first trimesters of 2015, 2016 and 2017 we respectively received $23k, $40k and $25k. Our development team has gotten bigger and our budget is being extended to include some administrators and designers. Other figures and metrics indicate we’re growing so this probably just reflects an exceptional year for donations in 2016.

  • Linux Mint Is Adopting LightDM as its Login Manager

    Linux Mint is adopting the LightDM display manager to handle and authenticate user sessions.

    Revealing plans in its latest monthly update, Mint says it will formally drop the MDM Display Manager (MDM) in favour of LightDM with Mint 18.2, release date for which is as-yet unknown.

    The popular Ubuntu-based Linux distribution mooted a possible switch earlier this year, noting that it had a key feature MDM lacks (guest sessions), and has become something of a standard across distributions.

  • Linux Mint 13 support ends, LMDE to get MATE 1.18 soon, big changes heading to Cinnamon

    The news from the Linux Mint team was quite interesting this week. First up, Linux Mint 13 has officially hit EOL (end of life), so you really do need to upgrade.

    LMDE (Linux Mint Debian Edition) is set to get the MATE desktop version 1.18 "this week" and they have ported mintMenu over to GTK3, since the rest of MATE is now using GTK3 too it makes sense.

Linux Wants the Future of Automotive Software to Be Open Source

Filed under
Linux
OSS

Automotive companies are increasing the connectivity of their cars. In the process, they're all developing their own automotive software. Linux thinks that its open source software, AGL, will unify the industry. Will the cars of the future speak Linux?

Read more

today's leftovers

Filed under
Misc

Leftovers: Software

Filed under
Software
  • The Atom Editor

    I didn’t set out to write a blog post about a text editor. I was going to write about one of the other awesome projects that the Ops team is doing here at Wombat. Along the way I decided to give Atom a chance again and I’m glad I did. I enjoyed it enough that I thought I would defer my post about automating my “Ops Environment” on a mac (I promise, I’ll do that one soon-ish) in favor of this.

  • Quick Update: ClipGrab and PlayOnLinux Applications Are Now Available For ALL Ubuntu Versions

    ClipGrab is fairly popular application to download video from famous sites of the Internet. It allows you to search video with in application and select to download the video or other way you can copy and paste the video URL to the application to download the video. Since famous video sites are supported by this application, if some site isn't officially supported, you may still be able to download the videos from it.

  • aTunes Enriched Audio Player Now Available For All Current Ubuntu/Linux Mint Versions

    There are wide variety of audio players available for Linux and you may have your favorite one installed on your system. aTunes is not new audio player but its initial release was way back in 2006 and the most recent version was released in June, 2014. In almost two years there is no news on the website or release from developers, well it is open-source released under GPL-V2 license and we don't see any other to carry on the development of this great application. It is written in Java programming language and it's cross-platform available for Linux, Unix, Windows and Mac. It uses Mplayer as its playback engine and supports wide variety of known formats such as: MP3, Ogg Vorbis, FLAC, WMA and other formats.

QNX 7 Can Be Fitted With A Qt5 Desktop

Filed under
OS
  • QNX 7 Can Be Fitted With A Qt5 Desktop

    While QNX remains targeted as an operating system for mobile/embedded solutions, a BlackBerry developer in his spare time has fitted QNX 7 with a Qt5 desktop.

    QNX 6 and prior had a desktop option, but was removed in QNX 7, which was released this past March. QNX 7.0 also brought support for 64-bit (and maintaining 32-bit) Intel x86 and ARM platforms along with C++14 support. For those wanting to experiment with QNX 7, a BlackBerry kernel developer has been working on making this operating system more desktop friendly.

  • Building a BlackBerry QNX 7 Desktop

    Having Qt allowed me to port one of my favourite applications, SpeedCrunch. It was a simple matter of running ‘qmake’ followed by ‘make’. Next, I ported the QTermWidget library so that I could have terminal windows.

Kernel Space/Linux

Filed under
Linux
  • Kernel explained
  • [Older] [Video] Audio on Linux: The End of a Golden Age?
  • State of Sway April 2017

    Development on Sway continues. I thought we would have slowed down a lot more by now, but every release still comes with new features - Sway 0.12 added redshift support and binary space partitioning layouts. Sway 0.13.0 is coming soon and includes, among other things, nvidia proprietary driver support. We already have some interesting features slated for Sway 0.14.0, too!

    Today Sway has 21,446 lines of C (and 4,261 lines of header files) written by 81 authors across 2,263 commits. These were written through 653 pull requests and 529 issues. Sway packages are available today in the official repos of pretty much every distribution except for Debian derivatives, and a PPA is available for those guys.

Supporting Burning Platforms

Filed under
GNU
Linux
Microsoft
  • Surface revenue does a U-boat, and dives

    Revenue generated by Microsoft's Surface hardware during the March quarter was down 26% from the same period the year before, the company said yesterday as it briefed Wall Street.

    For the quarter, Surface produced $831 million, some $285 million less than the March quarter of 2016, for the largest year-over-year dollar decline ever.

  • Acer said to me: "do not use our products with Linux. Find another manufacturer"

    Last year, I bought an Acer notebook and it came with Windows 10.

    As I didn't want spyware neither bloatware, I got Linux installed and asked for a refund of the OEM license. After a little of talking, they were wanting to charge me US$100 (to remove the license, which I already had wiped, as I got FDE Linux installed) to refund US$70 of the OEM license.

    This year, wondering to buy a new Acer notebook, I asked them again if they would refund me the OEM license without all the hassle (as they did pay me the US$70, without me having to pay the US$100).

Leftovers: OSS

Filed under
OSS
  • LibreOffice the better Office, really?
  • A serious bug in GCC

    This post is to inform you about a bug in GCC that may cause memory (or other resource) leaks in your valid C++ programs.

  • [Older] Supporting Bangladesh’s software industry with Indian cooperation

    It’s worth noting that the word “free” in free/open-source software implies not just free of cost, but also freedom from commercial dependence upon multi-national software vendors.

    To emphasise this, the biography of Richard Stallman, the founder of the free software movement which ultimately produced the Linux operating system, is titled Free as in Freedom.

    In fact, it is impossible to run a modern government without computers; so it should not be acceptable that sovereign nations like Bangladesh be forever dependent on foreign IT vendors, especially when the Linux alternative offers both freedom and zero-cost.

Security Leftovers

Filed under
Security
  • Is there any way to truly secure Docker container contents?

    All this adds up to a lot of work, which is not taken care of for you by default in Docker. It is no surprise that many Docker images are insecure, given this picture. The unfortunate reality is that many Docker containers are running with known vulnerabilities that have known fixes, but just aren’t, and that’s sad.

  • Compromise recovery on Qubes OS

    Occasionally fuckups happen, even with Qubes (although not as often as some think).

    What should we – users or admins – do in such a situation? Patch, obviously. But is that really enough? What good is patching your system if it might have already been compromised a week earlier, before the patch was released, when an adversary may have learned of the bug and exploited it?

    That’s an inconvenient question for many of us – computer security professionals – to answer. Usually we would mutter something about Raising the Bar(TM), the high costs of targeted attacks, attackers not wanting to burn 0-days, or only nation state actors being able to afford such attacks, and that in case one is on their list of targets, the game is over anyway and no point in fighting. Plus some classic cartoon.

    While the above line of defense might work (temporarily), it really doesn’t provide for much comfort, long term, I think. We need better answers and better solutions. This post, together with a recently introduced feature in Qubes OS 3.2 and (upcoming) 4.0, is an attempt to offer such a solution.

  • Top 5 Kali Linux Pentest tools for WiFi/network and exploits
  • Linux/Shishiga Malware Brute-Forces SSH Credentials

    A new strain of Linux malware has been detected. Dubbed Linux/Shishiga, the malware could transform into a dangerous piece of malware. Linux/Shishiga was officially discovered and examined by researchers at Eset.

  • Cybercriminals have taken notice of leaked government spying techniques
  • Microsoft Closes Word/Wordpad Hole—6 Months after Report
  • [Older] The Pentagon’s Bug Bounty Program Should Be Expanded to Bases, DOD Official Says [iophk: "any version of Windows at all is inappropriate"]

    “About 75 percent of the devices that are control systems are on Windows XP or other nonsupported operating systems,” said Daryl Haegley, program manager for the Office of the Assistant Secretary of Defense for Energy, Installations and Environment.

    [...]

    “A lot of these systems are still Windows 95 or 98, and that’s OK—if they’re not connected to the internet,” Haegley added.

  • Don’t Info Op Until You See The Whites of Their Eyes
  • CFP P70

    This is the official CFP for P70.

  • VM escape - QEMU Case Study

    In this paper, we provide a in-depth analysis of CVE-2015-5165 (a memory-leak vulnerability) and CVE-2015-7504 (a heap-based overflow vulnerability), along with working exploits. The combination of these two exploits allows to break out from a VM and execute code on the target host. We discuss the technical details to exploit the vulnerabilities on QEMU's network card device emulation, and provide generic techniques that could be re-used to exploit future bugs in QEMU.

  • CIA’s anti-leaking tool leaked as ‘whistleblowers watch the watchers’

    Former MI5 intelligence officer Annie Machon and retired US Army Colonel Ann Wright, who is also a retired US State Department official, shared their views on these and other questions with RT.

    On Friday, WikiLeaks released a series of documentations on a US Central Intelligence Agency (CIA) project known as ‘Scribbles,’ which was allegedly created to allow ‘web beacon’ tags to be embedded “into documents that are likely to be copied.”

    WikiLeaks began publishing a huge cache of secret documents on the CIA named ‘Vault 7’ in March.

  • Vault 7: CIA tool to track people through Word docs released

    The documentation says: "Scribbles (SCRIB) is a document watermarking tool that can be used to batch process a number of documents in a pre-seeded input directory. It generates a random watermark for each document, inserts that watermark into the document, saves all such processed documents in an output directory, and creates a log file which identifies the watermarks inserted into each document."

    It says the tool was successfully tested on Office 2013 (on Windows 8.1 x64), documents from Office versions 97-2016 (Office 95 documents will not work!) and documents that are not locked forms, encrypted, or password-protected.

    There is a limitation to the Scribbles system: if a document that has the watermarks in it and is opened in OpenOffice, LibreOffice the watermark images and URLs may become visible.

  • The US Takes On the World in NATO’s Cyber War Games

    Last year, Capt. Sean Ruddy and his team of operator-soldiers from the US Cyber Brigade entered a Locked Shields, a NATO-organized cyber-defense war game that pits teams from dozens of countries against “live-fire” attacks. It was their first time. And of the 19 countries represented, the US finished dead last. This week, they got their shot at redemption.

Anbox Runs Android In Your Linux Without Emulation

Filed under
Linux

​In a recent article, we talked about android emulators for Ubuntu or Linux in general. Most of the time we need to play a game or try some applications on android or even when we don’t have a smartphone we opt to use an emulator to try applications. A fan on facebook let us know about Anbox and asked for the tutorial on Anbox installation in Linux. So here you have how to install Anbox in Linux.

Read<br />
more

Coming Soon in Firefox

Filed under
Moz/FF
  • If Firefox 57 would be released today, 2273 add-ons would be compatible

    The Firefox web browser is in a bit of a moving state right now in regards to the browser's add-on system and add-ons that are available for it.

    Mozilla plans to make Firefox 57 the first version of the browser that supports only WebExtensions. WebExtensions in plain old English are very similar to Google Chrome extensions, only that the Firefox version supports more powerful add-ons than Google Chrome does once Mozilla reaches feature parity with Chrome.

  • Firefox gets “Always open in Container” option

    Containers is a new feature of the Firefox web browser that is currently being tested and in active development.

    The feature allows you to launch websites and services in containers to separate them from one another in various ways.

  • These Weeks in Firefox: Issue 15

There won’t be a Replicant 6.0 SDK because there is already something better

Filed under
Android
Development

And you can help making it accessible to more GNU/Linux users!

We have decided not to create a Replicant 6.0 SDK as part of the upcoming Replicant 6.0 release. For three previous Replicant versions (2.2, 4.0 and 4.2), a SDK was provided.

Replicant offered its own SDK because the Android SDK released by Google is distributed under a non-free license and suggests installing non-free plug-ins such as the Google APIs. For a long time, Replicant has provided the only Android SDK that is available under a free license and that doesn’t offer to install non-free software.

Read more

Also: Halium is in the air!

Syndicate content

More in Tux Machines

Distributions News: Ubuntu, Manjaro, and Lakka

  • Ubuntu founder retakes the CEO throne, many employees gone
    Mark Shuttleworth, the founder of Canonincal has once again returned to his positition of CEO, as Jane Silber, the previous CEO now heads to the Board of Directors; and big changes happen to the staff lineup as a result. In a blog bost by Sibler, she says, “I originally agreed to be CEO for 5 years and we’ve extended my tenure as CEO by a couple of years already. We’ve been preparing for a transition for some time by strengthening the executive leadership team and maturing every aspect of the company, and earlier this year Mark and I decided that now is the time to effect this transition.”
  • [Video] Manjaro 17.0 KDE Edition - See What’s New
    Manjaro 17.0 KDE is the latest release of Manjaro Linux. This release brings new KDE Plasma 5.9.x as desktop environment include the most of KDE applications 16.12 and KDE Frameworks 5.32.
  • Make your own NES Classic Edition with Lakka 2.0 LibreELEC Linux distro and Raspberry Pi
    The NES Classic Edition is a very fun nostalgia-based gaming console. As someone who grew up with Nintendo, I knew I wanted the mini system as soon as it was announced. A family member was able to score me one on launch day, and I've been very happy with it. Unfortunately, other people have not been so lucky. Supply was very limited and it has since been discontinued. If you do not already have it, you are sort of out of luck without paying high prices on eBay or Craigslist. If you are only looking to replay the NES games of your youth, and you are OK with doing it in an unofficial way, emulation is another route. In fact, if you'd rather not play these games on your PC, you can instead use a Linux-based operating system and a Raspberry Pi (or other devices) hooked to a television. One such distro is Lakka, which just reached version 2.0. It is arguably better than an NES Classic Edition as it can also play games from other systems, such as SNES, Sega Genesis, Nintendo 64, PlayStation 1, and many more.

Software: Monitoring Tools, VSXu, and FSearch

today's howtos

Linux Mint's Plans

  • Some Of The Features Coming To Linux Mint's Cinnamon 3.4 Desktop
    In the latest monthly progress report on Linux Mint, some of the upcoming changes for the GNOME3-forked Cinnamon Desktop Environment were shared.
  • Monthly News – April 2017
    Many thanks to all the people who donated to us and who help to fund our project. Donations are down to about 60% of what they were last year, but they’re still quite high. In the first trimesters of 2015, 2016 and 2017 we respectively received $23k, $40k and $25k. Our development team has gotten bigger and our budget is being extended to include some administrators and designers. Other figures and metrics indicate we’re growing so this probably just reflects an exceptional year for donations in 2016.
  • Linux Mint Is Adopting LightDM as its Login Manager
    Linux Mint is adopting the LightDM display manager to handle and authenticate user sessions. Revealing plans in its latest monthly update, Mint says it will formally drop the MDM Display Manager (MDM) in favour of LightDM with Mint 18.2, release date for which is as-yet unknown. The popular Ubuntu-based Linux distribution mooted a possible switch earlier this year, noting that it had a key feature MDM lacks (guest sessions), and has become something of a standard across distributions.
  • Linux Mint 13 support ends, LMDE to get MATE 1.18 soon, big changes heading to Cinnamon
    The news from the Linux Mint team was quite interesting this week. First up, Linux Mint 13 has officially hit EOL (end of life), so you really do need to upgrade. LMDE (Linux Mint Debian Edition) is set to get the MATE desktop version 1.18 "this week" and they have ported mintMenu over to GTK3, since the rest of MATE is now using GTK3 too it makes sense.