Language Selection

English French German Italian Portuguese Spanish

Gentoo

A Look at Redcore Linux: Gentoo based Linux Distribution

Filed under
GNU
Linux
Gentoo
Reviews

Many people in the technology world have heard, at least in passing, of the Linux distribution Gentoo. Gentoo is one of the most famous distributions to the point of becoming a joke; with it’s complexity and depth, installing Gentoo has been a daunting task for many.

Redcore is one of the latest distributions to attempt to bring the power of Gentoo to the everyday user.

I previously wrote an article in 2017 about Sabayon Linux, another popular Gentoo based system; but Redcore Linux holds its own and pulls its own weight.

Read more

[Gentoo] AArch64 (arm64) profiles are now stable!

Filed under
Gentoo

The ARM64 project is pleased to announce that all ARM64 profiles are now stable.

While our developers and users have contributed significantly in this accomplishment, we must also thank our Packet sponsor for their contribution. Providing the Gentoo developer community with access to bare metal hardware has accelerated progress in acheiving the stabilization of the ARM64 profiles.

Read more

Verifying Gentoo election results via Votrify

Filed under
Gentoo

Gentoo elections are conducted using a custom software called votify. During the voting period, the developers place their votes in their respective home directories on one of the Gentoo servers. Afterwards, the election officials collect the votes, count them, compare their results and finally announce them.

The simplified description stated above suggests two weak points. Firstly, we rely on honesty of election officials. If they chose to conspire, they could fake the result. Secondly, we rely on honesty of all Infrastructure members, as they could use root access to manipulate the votes (or the collection process).

To protect against possible fraud, we make the elections transparent (but pseudonymous). This means that all votes cast are public, so everyone can count them and verify the result. Furthermore, developers can verify whether their personal vote has been included. Ideally, all developers would do that and therefore confirm that no votes were manipulated.

Currently, we are pretty much implicitly relying on developers doing that, and assuming that no protest implies successful verification. However, this is not really reliable, and given the unfriendly nature of our scripts I have reasons to doubt that the majority of developers actually verify the election results. In this post, I would like to shortly explain how Gentoo elections work, how they could be manipulated and introduce Votrify — a tool to explicitly verify election results.

Read more

Michał Górny (Gentoo) and Daniel Kahn Gillmor (Debian) on OpenPGP Security

Filed under
GNU
Linux
Gentoo
Security
Debian
  • Michał Górny: SKS poisoning, keys.openpgp.org / Hagrid and other non-solutions

    The recent key poisoning attack on SKS keyservers shook the world of OpenPGP. While this isn’t a new problem, it has not been exploited on this scale before. The attackers have proved how easy it is to poison commonly used keys on the keyservers and effectively render GnuPG unusably slow. A renewed discussion on improving keyservers has started as a result. It also forced Gentoo to employ countermeasures. You can read more on them in the ‘Impact of SKS keyserver poisoning on Gentoo’ news item.

    Coicidentally, the attack happened shortly after the launch of keys.openpgp.org, that advertises itself as both poisoning-resistant and GDPR-friendly keyserver. Naturally, many users see it as the ultimate solution to the issues with SKS. I’m afraid I have to disagree — in my opinion, this keyserver does not solve any problems, it merely cripples OpenPGP in order to avoid being affected by them, and harms its security in the process.

    In this article, I’d like to shortly explain what the problem is, and which of the different solutions proposed so far to it (e.g. on gnupg-users mailing list) make sense, and which make things even worse. Naturally, I will also cover the new Hagrid keyserver as one of the glorified non-solutions.

  • Daniel Kahn Gillmor: WKD for debian.org

    By default, this will show you any matching certificate that you already have in your GnuPG local keyring. But if you don't have a matching certificate already, it will fall back to using WKD.

    These certificates are extracted from the debian keyring and published at https://openpgpkey.debian.org/.well-known/debian.org/, as defined in the WKD spec. We intend to keep them up-to-date when ever the keyring-maint team publishes a new batch of certificates. Our tooling uses some repeated invocations of gpg to extract and build the published tree of files.

    Debian is current not implementing the Web Key Directory Update Protocol (and we have no plans to do so). If you are a Debian developer and you want your OpenPGP certificate updated in WKD, please follow the normal procedures for Debian keyring maintenance like you always have.

Review: Sabayon 19.03

Filed under
Gentoo
Reviews

Sabayon's claim that it is a "beginner-friendly" distro that is "bleeding edge" and "stable and reliable" is a bit of a stretch. I doubt "beginners" will comprehend the instructions for what to do after installing Sabayon - and that is assuming inexperienced users will find the information in the first place. Similarly, the systemd and GNOME versions are rather old for a distro that claims to be "bleeding edge". That said, I did find Sabayon's GNOME edition to be stable and reliable, bar a few minor issues (such as the notification about the VirtualBox kernel service not running).

I don't think it is entirely fair to ask if Sabayon lives up to the bold marketing slogans on its home page. Personally, I see Sabayon as a friendly and interesting distro for tinkerers and distro-hoppers, and a very good one at that. I should also mention that, in general, Sabayon's use of language is refreshingly informal; both the graphical Rigo package manager and the wiki put a smile on my face more than once. Even Equo has some jokes built in - the command equo moo prints an ASCII cow that says "Entromoooo!".

Sabayon does still has some way to go to become the sophisticated operating system it wants to be. With 19.03 the distro switched from the Anaconda to the Calamares installer which, to my mind at least, is a good decision. However, contrary to what is claimed in the release notes, the disk encryption issue has not been resolved yet and the wiki still talks about how to find your way through the Anaconda installer. Work on the new wiki announced in the release notes seems to be at a very early stage.

I also couldn't fail to notice that Sabayon's forums are rather quiet. Lively forums don't necessarily equate to a thriving community, but the overall feeling I got is that Sabayon could do with a bit more momentum. That shouldn't discourage you from giving Sabayon a try though. On the contrary, if you are a Linux-loving tinkerer then Sabayon might be the distro for you.

Read more

Gentoo News: Nitrokey partners with Gentoo Foundation to equip developers with USB keys

Filed under
Gentoo
Security

The Gentoo Foundation has partnered with Nitrokey to equip all Gentoo developers with free Nitrokey Pro 2 devices. Gentoo developers will use the Nitrokey devices to store cryptographic keys for signing of git commits and software packages, GnuPG keys, and SSH accounts.

Thanks to the Gentoo Foundation and Nitrokey’s discount, each Gentoo developer is eligible to receive one free Nitrokey Pro 2. To receive their Nitrokey, developers will need to register with their @gentoo.org email address at the dedicated order form.

A Nitrokey Pro 2 Guide is available on the Gentoo Wiki with FAQ & instructions for integrating Nitrokeys into developer workflow.

Read more

Sabayon 19.03 - New stable release

Filed under
Gentoo

The team behind Sabayon is excited to present you the latest stable release: Sabayon 19.03.

Sabayon is a modern and easy to use distribution based on Gentoo, which follows a reliable rolling release model.

Please read on or download your flavour Smile

19.03 is a long awaited release, coming with a lot of new features and enhancements...

Read more

Also: Gentoo-Based Sabayon 19.03 - Finally Supports Full Disk Encryption, Python 3 Default

Gentoo-Based Sabayon 19.03 - Finally Supports Full Disk Encryption, Python 3 Default

A Look at the New Gentoo Based Sabayon 19.03 and Gentoo Based ChromeOS

Filed under
Gentoo
Google
  • Sabayon 19.03 overview | The beginner-friendly Gentoo-based Linux distribution.

    In this video, i am going to show an overview of Sabayon 19.03 and some of the applications pre-installed.

  • Google I/O 2019 schedule goes live with sessions on Stadia, Dark Mode, Linux on Chrome OS, and more

    Google I/O is one of the biggest developer conferences held by Google every year, wherein they announce upcoming changes to Google services and how developers should react in order to prepare themselves for these changes. Google I/O 2019 is scheduled to begin on May 7, 2019 at the Shoreline Amphitheatre in Mountain View, California (USA), and now, Google has posted the initial schedule for the conference.

    As expected, I/O 2019 will kick off with the main Google keynote at 10AM PDT, and will be hosted by key Google executives, including Mr. Sundar Pichai, in all likelihood. As it does every year, this event will provide an overview of upcoming changes to Google products and services, including Android and its next version, Android Q. This event will be livestreamed, so you won’t be missing out on too much if you did not manage to score a ticket.

  • 4K Video Editing on Chromebooks May Be Possible Soon

    If Google’s Stadia project ends up delivering the way it promises, there will be a totally viable gaming solution for Chromebooks. For photo and graphic editing, there are options like Pixlr, Gravit Designer on the web and Photoshop or Lightroom on Android. Add to that a very workable solution in GIMP and Inkscape in Linux and you have most of your photo and graphic editing needs met.

Gentoo GNOME 3.30 for all init systems

Filed under
Gentoo
GNOME

GNOME 3.30 is now available in Gentoo Linux testing branch.
Starting with this release, GNOME on Gentoo once again works with OpenRC, in addition to the usual systemd option. This is achieved through the elogind project, a standalone logind implementation based on systemd code, which is currently maintained by a fellow Gentoo user. It provides the missing logind interfaces currently required by GNOME without booting with systemd.

For easier GNOME install, the desktop/gnome profiles now set up default USE flags with elogind for OpenRC systems, while the desktop/gnome/systemd profiles continue to do that for systemd systems. Both have been updated to provide a better initial GNOME install experience. After profile selection, a full install should be simply a matter of `emerge gnome` for testing branch users. Don’t forget to adapt your system to any changed USE flags on previously installed packages too.

Read more

Don't Look For Gentoo's CPU Optimization Options To Land In The Mainline Linux Kernel

Filed under
Linux
Gentoo

Gentoo's Linux kernel build has long offered various CPU options in allowing those building their distribution to optimize their kernel build to the CPU being used. Every so often the patch is suggested for upstreaming to the mainline Linux kernel before being quickly rejected by the upstream maintainers.

This week the kernel CPU options patch was suggested for mainlining in the Linux kernel. The patch adds extra CPU options to the kernel configuration (Kconfig) area for adjusting the GCC optimization values for various generations of Intel/AMD CPUs. It allows building the kernel ranging from -march=k8-sse3 to -march=cannonlake, among other prominent generations of Intel/AMD processors over the years.

Read more

Syndicate content

More in Tux Machines

Events: Linux Fest Northwest and OSCON, Intel's OSTS, LibreOffice Hackfests and Debian at ICFP 2019

  • GNOME on the Road: Linux Fest Northwest and OSCON

    Linux Fest Northwest took place back in April, and we were there! Sri Ramkrishna and I hung out in Bellingham, Washington (USA), meeting GNOMEies, free software contributors, and open source enthusiasts.

  • Intel Shares Highlights From Their 2019 Open-Source Technology Summit

    Taking place back in May at the beautiful Skamania Lodge in Washington was Intel's OSTS 2019 for their annual Open-Source Technology Summit that traditionally was internal-only but has begun opening up including allowing external participants this year. I was at OSTS 2019 and it's by far my highlight of the year with many really great sessions and a lot of useful networking at the event. Intel's open-source team has now shared some video recordings from this open-source/Linux event. 

  • Annual Report 2018: LibreOffice Hackfests

    Most LibreOffice developers are working from their home offices, so hackfests provide a unique opportunity to spend some time working shoulder-to-shoulder with their peers. In 2018, LibreOffice developers and community members met at four hackfests in Brussels, Hamburg, Tirana and Munich.

  • ICFP 2019

    ICFP 2019 in Berlin ended yesterday, and it was – as always – a great pleasure. This year was particularly noteworthy for the quite affordable conference hotel and the absolutely amazing food during the coffee breaks.

OSS Leftovers

  • How open source is benefitting SUSE, its channel partners and customers

    Open source technology is being talked about even more rampantly today. Phillip Cockrell, Vice President of Global Channels, SUSE articulates, “More than anything, open source is the core of innovation. It is by all and for all and propelling all aspects of technology development today.” SUSE, a native open source software company, which provides reliable, software-defined infrastructure and application delivery solutions that give organisations greater control and flexibility, is a seasoned 25-year-old player in the domain.

  • What is AOSP? Android Open Source Project, the ‘Android without Google’

    AOSP is the acronym for Android Open Supply Challenge ; that’s, ‘Android Open Source Project’. So it's simply the supply code of Android, the cellular working system of the Mountain View firm. However what’s it for? Its fundamental software is by OEMs; cellular producers obtain AOSP and make their 'ROM inventory', but additionally serves as the premise for customized ROMs and forks. AOSP, or Android Open Supply Challenge, isn’t the identical as Android Inventory . Whereas AOSP is the supply code of the working system, Android Inventory is the 'pure model' with out bloatware of any sort and solely with apps and Google providers, in addition to the native launcher. AOSP, nevertheless, is the premise of Android Vanilla , which is the model that’s distributed to smartphone producers and is topic to modifications. On it, the producer's personal purposes and providers are launched, and naturally the customization layer and the variations which can be essential for particular elements to work.

  • How to Avoid Technical Debt in Open Source Projects
  • Introducing OpenDrop, an open-source implementation of Apple AirDrop written in Python

    A group of German researchers recently published a paper “A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link”, at the 28th USENIX Security Symposium (August 14–16), USA. The paper reveals security and privacy vulnerabilities in Apple’s AirDrop file-sharing service as well as denial-of-service (DoS) attacks which leads to privacy leaks or simultaneous crashing of all neighboring devices. As part of the research, Milan Stute and Alexander Heinrich, two researchers have developed an open-source implementation of Apple AirDrop written in Python – OpenDrop. OpenDrop is like a FOSS implementation of AirDrop. It is an experimental software and is the result of reverse engineering efforts by the Open Wireless Link project (OWL). It is compatible with Apple AirDrop and used for sharing files among Apple devices such as iOS and macOS or on Linux systems running an open re-implementation of Apple Wireless Direct Link (AWDL).

  • The Top 13 Free and Open Source Storage Solutions

    In this article we will examine free and open source storage solutions by providing a brief overview of what to expect, as well as blurbs on each tool.

  • Open Source Origination Technology Platform for Online Lenders

    DigiFi was founded by Joshua Jersey and Bradley Vanderstarren in 2014. It started its life as Promise Financial, an online lender, and raised $110 million in credit capital. It built up its own proprietary tech as there was no solution provider in 2014 offering an end-to-end loan origination platform that could automate the entire process. They sold off the tech to a large lending institution in 2017 and pivoted to DigiFi, one of the world’s first open source loan origination systems (LOS) which equips the lenders with flexible and modern tools to create unique platforms and digital experiences.

  • IT favors open source networking over Cisco ACI, VMware NSX

    Companies trying to avoid or lessen the use of expensive network automation software from Cisco and VMware are turning to open source tools that are often good enough for many tasks associated with managing complex modern networks. Cisco's application-centric infrastructure (ACI) and VMware's NSX are powerful technologies for operating networks built on the vendors' respective products. But many large enterprises have data centers filled with perfectly good multivendor hardware and software that very few organizations are willing to swap for an all Cisco or VMware alternative. Therefore, companies are turning to open source networking products, such as Ansible, Chef, Puppet and SaltStack, for automating many network-related chores across as much of the data center as possible, while relegating ACI and NSX to Cisco- or VMware-only portions of the network.

  • What Attorneys Should Know About Open Source Software Licensing

    With the next waves of technological change, such as autonomous vehicles, blockchain, and IoT, newer, more complex OSS licenses may be drafted, and argued in the courts, to protect the interests of software innovators and the OSS community.

Open Data: Schlumberger and Waymo

  • Schlumberger open-sources data ecosystem, contributing to industrywide data development
  • Schlumberger Open Sources Data Ecosystem

    Oilfield services company Schlumberger said it will open source its data ecosystem and contribute to The Open Group Open Subsurface Data Universe (OSDU) Forum to accelerate the delivery of the OSDU Data Platform. The OSDU Forum is an international forum of oil and gas operators, cloud services companies, technology providers, suppliers of applications to oil and gas operators, academia and other standards organizations working together to develop an open, standards-based, data platform that will bring together exploration, development and wells data.

  • Waymo open-sources data set for autonomous vehicle multimodal sensors

    Waymo, the Alphabet subsidiary that hopes to someday pepper roads with self-driving taxis, today pulled back the curtains on a portion of the data used to train the algorithms underpinning its cars: The Waymo Open Dataset. Waymo principal scientist Dragomir Anguelov claims it’s the largest multimodal sensor sample corpus for autonomous driving released to date. “[W]e are inviting the research community to join us with the [debut] of the Waymo Open Dataset, [which is composed] of high-resolution sensor data collected by Waymo self-driving vehicles,” wrote Anguelov in a blog post published this morning. “Data is a critical ingredient for machine learning … [and] this rich and diverse set of real-world experiences has helped our engineers and researchers develop Waymo’s self-driving technology and innovative models and algorithms.”

Linux Foundation: Open Mainframe, Cloud Native Computing Foundation, IBM and More