Language Selection

English French German Italian Portuguese Spanish

Site News

Signal-to-Noise Ratio

Filed under
Site News

Non-cached site traffic still increasing

Stats chart for Tux Machines

Tux Machines has been my favourite GNU/Linux news site since I first discovered it around 2005. I publicly recommended Tux Machines for several years. Susan knew how to select important stories and she contributed objective articles of her own.

Running Tux Machines

Filed under
Site News

Roy Schestowitz

TUX Machines has become an integral part of our life right here in this humble home. It's a rewarding experience but also a demanding experience. I personally write my articles in the lounge (which is no 'press room') and it requires many hours of digging and researching news. In Tux Machines, unlike in Techrights for example, it's mostly about finding news of high relevance and importance, and finding them fast! Timing counts. We don't want readers to waste their time wading/going through irrelevant, unimportant and out-of-date reports.

24/7 coverage of news is easy for us. Rianne works mostly at daytime, whereas I usually work at nights (customers are mostly government/public sector and they require 24/7 coverage). When Rianne is working I take over the responsibilities at Tux Machines and vice versa. We swap responsibilities like this when it comes to housework as well; we work out together when we are out of the house (also separately in terms of gym sections, e.g. cardiovascular/weights). This week we go to yoga classes as much as 5 times, but we usually just to Town for other facilities like pool, table tennis, sauna (men and women separately), gym, etc. This is our main escape from Tux Machines; given Wi-Fi (scarce coverage but definitely existent in Manchester City Centre), we sometimes update Tux Machines while out of the house as well.

The site forums are now open for participation and every registered member can add blog posts and push them to the front page (now that we've got the spam epidemic under control). Please do consider participating. This week, as in previous weeks, we are seeing a ~10% growth in traffic (week-to-week), perhaps owing to the slight redesign, loading speeds (Varnish cache), and very frequent updates. We check for news once in a few hours in order to keep abreast of breaking events.

Running Tux Machines will hopefully become more of a community effort over time. Anyone who is logged in can now submit stories. Unless this gets abused by spammers, we will keep it that way.

Mollom Works

Filed under
Site News

Drupal's very own Mollom is a Free/Open Source (collaboratively-developed and freely-shared) software for battling script kiddies and fighting against SPAM. The past 2 weeks were difficult because spammers exploited the fact that we had opened up the site for registration/subscription (to leave comments). After exploring some options for dealing with the problem (spam making it to the front page even!) we found that Mollom was good enough to eliminate almost 100% of all of spam (so far). Hence, for the time being, it seems safe to say now that we beat the script kiddies. Thanks, Mollom!

Mollom

First Month on the New Server (Updated)

Filed under
Site News

Tux Machines behind Varnish cache proxy

Chart for Tux Machines

Summary: Tux Machines growth and a note regarding SPAM prevention after a week or so of experiments

Here are the first four weeks' log sizes, plotted with LibreOffice and demonstrating week-to-week growth since the site's nameservers changed and the server moved to CoPilotCo. After 4 weeks all logs get deleted (logrotate) to ensure privacy through lack of data retention (except short term in case of DDOS).

Opening Up Communications (Updatedx5)

Filed under
Site News

Script kiddies can't get their way

Diversity

Summary: Script kiddies made it impractical to manage comments and forum posts; we are trying to tackle this issue today

IN ANOTHER attempt to restore user registrations, this time on the new server which has just been configured for mail, we are enabling anyone to quickly self-register (takes less than a minute and requires no verification), then immediately post comments, forum posts, etc.

Site Update (Updatedx2)

Filed under
Site News

Newspaper

Summary: Recent changes at Tux Machines, in just a nutshell

INSPIRED in part by Slashdot, we recently added topical icons to submissions, applying these changes retroactively to over 50,000 older pages. The idea was, this can improve orientation by helping to quickly associate text with topics. More minor modifications were made as well, some textual and some layout related. They are subtle but they can be seen. After receiving feedback regrading icons size we made further modifications. Regarding social media buttons, some of the ones we initially found were unbelievably privacy-infringing (allowing Google, Facebook, Twitter etc. to see visitors of this site), so we disabled them immediately and replaced them with static buttons. Right now we can assure that whenever loading pages in this Web site nothing except our security-aware network gets contacted. We share no data about visitors (with anyone) and Apache logs get shredded for good after a few weeks, leaving sufficient trail just in case of attacks on the site, which would merit investigation. Log rotation is similarly privacy-respecting at the cache level, which leads to the following point.

Today, after the above changes had been made and stability attained (there were some network disruptions yesterday), we also updated Drupal, ensuring it is secure and fully up to date (the latest minor bugfix release is a month old). There is still an issue with Varnish and until we tackle this issue users who are not logged in might be getting error pages. One way to overcome this is to append "?something" to the URL requested. This bypasses the Varnish cache until we finish our investigation of this issue and resolve it for good.

Update: The issue with Varnish turns out to be a conflict between two caching layers. It's fixed now. If you spot an issue, still, please let us know.

Update #2: Yesterday we identified another issue and soon thereafter fixed it. After Twitter syndication had failed we realised that RSS feeds were not standards-compliant, due to a blank line at the start of each generated page in Drupal. This is a common issue and it is a nightmare to debug (requires a complete code review with help of GNU utilities like grep). After 4 hours of investigation I found the culprit and fixed the coding error. RSS feeds are back.

This is "See Ya Around"

Filed under
Site News

I started to say "this is goodbye," but just because I sold the site doesn't mean I won't be around Linuxville. I'm still writing at ostatic and I may turn up here now and again as well. I'll be looking around to expand my writing after the new year too, so you're not rid of me yet. But the sale on tuxmachines.org has been completed.

Sold! (tentatively)

Filed under
Site News

I guess tuxmachines.org has been sold for $1000. I know it's kinda low, but times have changed and the new owner plans to carry on the tuxmachines tradition.

going twice

Filed under
Site News

going twice

fair warning - going once....

Filed under
Site News

Well, I think I'm going to accept one of the two $1000 bids received, unless anyone else wants to bid...

Syndicate content

More in Tux Machines

Development: RTOS, LipidFinder, Github Threat, and Stack Overflow Survey

  • RTOS Primer, Part Two: Real Time Applications
    Employing Linux as an embedded RTOS has several advantages that make it highly attractive on a number of levels, specifically the most important concern these days, which seems to be cost. The second concern is security; Linux proves to be pretty secure in comparison to several common alternatives like Windows.
  • LipidFinder: An Open-Source Python Workflow for Novel Lipid Discovery
    Obtaining precise, high-quality lipidomic (or metabolomic) datasets comes with its challenges. One factor that I am sure comes to mind is the ability to minimize, or even better, eliminate those large numbers of artefacts that could otherwise hinder your mass spectrometry data analysis, to ensure accurate interpretation.
  • The Github threat
    The Github application belongs to a single entity, Github Inc, a US company which manage it alone. So, a unique company under US legislation manages the access to most of Free Software application code sources, which may be a problem with groups using it when a code source is no longer available, for political or technical reason.
  • Stack Overflow gives an even closer look at developer salaries
    Today, Stack Overflow announced a slightly more useful application for that same data, with the Stack Overflow Salary Calculator. Tell it where you live, how much experience and education you have, and what kind of developer you are, and it will tell you the salary range you should expect to make in five national markets (US, Canada, UK, France, Germany) and a handful of cities (New York, San Francisco, Seattle, Toronto, London, Paris, Berlin).

Security: Equifax, Kodi, Infrared, and Windows XP in 2017

  • Safer but not immune: Cloud lessons from the Equifax breach
  • Warning: If you are using this Kodi repository, you could be in danger
    Kodi is quite possibly the best media center software of all time. If you are looking to watch videos or listen to music, the open source solution provides an excellent overall experience. Thanks to its support for "addons," it has the potential to become better all the time. You see, developers can easily add new functionality by writing an addon for the platform. And yes, some addons can be used for piracy, but not all of them are. These addons, such as Exodus and Covenant, are normally added using a repository, which hosts them. [...] We do not know 100 percent if the person that re-registered the metalkettle name on GitHub is planning anything evil, but it is better to be safe than sorry.
  • Infrared signals in surveillance cameras let malware jump network air gaps
    The malware prototype could be a crucial ingredient for attacks that target some of the world's most sensitive networks. Militaries, energy producers, and other critical infrastructure providers frequently disconnect such networks from the Internet as a precaution. In the event malware is installed, there is no way for it to make contact with attacker-controlled servers that receive stolen data or issue new commands. Such airgaps are one of the most basic measures for securing highly sensitive information and networks. The proof-of-concept malware uses connected surveillance cameras to bridge such airgaps. Instead of trying to use the Internet to reach attacker-controlled servers, the malware weaves passwords, cryptographic keys, and other types of data into infrared signals and uses a camera's built-in infrared lights to transmit them. A nearby attacker then records the signals with a video camera and later decodes embedded secrets. The same nearby attackers can embed data into infrared signals and beam them to an infected camera, where they're intercepted and decoded by the network malware. The covert channel works best when attackers have a direct line of sight to the video camera, but non-line-of-sight communication is also possible in some cases.
  • Manchester police still relies on Windows XP
    England's second biggest police force has revealed that more than one in five of its computers were still running Windows XP as of July. Greater Manchester Police told the BBC that 1,518 of its PCs ran the ageing operating system, representing 20.3% of all the office computers it used. Microsoft ended nearly all support for the operating system in 2014. Experts say its use could pose a hacking risk. The figure was disclosed as part of a wider Freedom of Information request. "Even if security vulnerabilities are identified in XP, Microsoft won't distribute patches in the same way it does for later releases of Windows," said Dr Steven Murdoch, a cyber-security expert at University College London.

Flock 2017, Fedora 27, and New Fedora 26 (F26) ISO

  • Flock 2017: How to make your application into a Flatpak?
  • Flock to Fedora 2017
  • Flock 2017 – A Marketing talk about a new era to come.
    I had two session at Flock this year, one done by me and another in support of Robert Mayr in the Mindshare one, if there were been any need for discussing. Here I’m talking about my session: Marketing – tasks and visions (I will push the report about the second one after Robert’s one, for completion). In order to fit the real target of a Flock conference (that is a contributor conference, not a show where people must demonstrate how much cool they are; we know it!) is to bring and show something new, whether ideas, software, changes and so on, and discuss with other contributors if they’re really innovative, useful and achievable.
  • F26-20170918 Updated Live isos released
  • GSoC2017 Final — Migrate Plinth to Fedora Server
  • Building Modules for Fedora 27
    Let me start with a wrong presumption that you have everything set up – you are a packager who knows what they want to achieve, you have a dist-git repository created, you have all the tooling installed. And of course, you know what Modularity is, and how and why do we use modulemd to define modular content. You know what Host, Platform, and Bootstrap modules are and how to use them.

Red Hat Financial Results Expectations High