Language Selection

English French German Italian Portuguese Spanish

GNU

WINE Linux and Upcoming LibreOffice 6.0

Filed under
GNU
LibO
Linux
  • Is WINE Linux Enterprise Friendly?

    Migrating to a new operating system is not a simple task, especially for enterprise users. This has led many people to exploring whether WINE on Linux is an enterprise friendly solution. This article will look at working examples at how it can be, but may not be the best idea for a long term approach.

  • LibreOffice 6.0 Launches January 31 with New Libraries to Export EPUB3 Files

    The Document Liberation Project announced today the availability of five new or improved libraries designed to aid the export of EPUB3 files and import of several widely-used document formats.

    LibreOffice 6.0, the next major release of the acclaimed open-source and cross-platform office suite, is slated for release at the end of the month, on January 31, and it will incorporate a bunch of new libraries that'll make it easier for users to export or import various document formats.

    These libraries will give LibreOffice 6.0 compatibility with the EPUB3 (export only), AbiWord, Microsoft Publisher, PageMaker, and QuarkXPress documents (import only). However, they can also be used as standalone libraries for any other open source software project that needs them.

Compilers and CLI: LLVM, GCC and Bash

Filed under
Development
GNU
BSD

10 Best Text Editors For Linux And Programming (2018 Edition)

Filed under
Development
GNU
Linux
Software

The year 2018 is here. Just in case you’re looking for some powerful text editor for Linux to kickstart programming new year, you’re at the right place. While the debate of the best programming editors for Linux won’t end anytime soon, there are many editors that bring an impressive set of features. While Vim, Emacs, and Nano are older and dependable players in the game, Atom, Brackets, and Sublime Text are relatively newer text editors.

Read more

GNU Privacy Guard (GnuPG), GNU Radio, and BPF Compiler Collection

Filed under
Development
GNU
  • Future directions for PGP

    Back in October, LWN reported on a talk about the state of the GNU Privacy Guard (GnuPG) project, an asymmetric public-key encryption and signing tool that had been almost abandoned by its lead developer due to lack of resources before receiving a significant infusion of funding and community attention. GnuPG 2 has brought about a number of changes and improvements but, at the same time, several efforts are underway to significantly change the way GnuPG and OpenPGP are used. This article will look at the current state of GnuPG and the OpenPGP web of trust, as compared to new implementations of the OpenPGP standard and other trust systems.

    GnuPG produces encrypted files, signed messages, and other types of artifacts that comply to a common standard called OpenPGP, described in RFC 4880. OpenPGP is derived from the Pretty Good Privacy (PGP) commercial software project (since acquired by Symantec) and today is almost synonymous with the GnuPG implementation, but the possibility exists for independent implementations of the standard that interoperate with each other. Unfortunately, RFC 4880 was released in 2007 and a new standard has not been published since then. In the meantime, several extensions have been added to GnuPG without broader standardization, and a 2017 IETF working group formed to update RFC 4880 ultimately shut down due to lack of interest.

    GnuPG 2 is a significantly heavier-weight software package than previous GnuPG versions. A major example of this change in architecture is GnuPG 2's complete reliance on the use of the separate gpg-agent daemon for private-key operations. While isolating private-key access within its own process enables improvements to security and functionality, it also adds complexity.

    In the wake of the Heartbleed vulnerability in OpenSSL, a great deal of scrutiny has been directed toward the maintainability of complex and long-lived open-source projects. GnuPG does not rely on OpenSSL for its cryptographic implementation, instead it uses its own independent implementation: Libgcrypt. This leads to the question of whether GnuPG's cryptographic implementation is susceptible to the same kinds of problems that OpenSSL has had; indeed the concern may be larger in the case of GnuPG.

  • Foundations of Amateur Radio - Episode 137

    I've been playing with a wonderful piece of software called GNU Radio, more on that in a moment.

  • An introduction to the BPF Compiler Collection

    In the previous article of this series, I discussed how to use eBPF to safely run code supplied by user space inside of the kernel. Yet one of eBPF's biggest challenges for newcomers is that writing programs requires compiling and linking to the eBPF library from the kernel source. Kernel developers might always have a copy of the kernel source within reach, but that's not so for engineers working on production or customer machines. Addressing this limitation is one of the reasons that the BPF Compiler Collection was created. The project consists of a toolchain for writing, compiling, and loading eBPF programs, along with example programs and battle-hardened tools for debugging and diagnosing performance issues.

    Since its release in April 2015, many developers have worked on BCC, and the 113 contributors have produced an impressive collection of over 100 examples and ready-to-use tracing tools. For example, scripts that use User Statically-Defined Tracing (USDT) probes (a mechanism from DTrace to place tracepoints in user-space code) are provided for tracing garbage collection events, method calls and system calls, and thread creation and destruction in high-level languages. Many popular applications, particularly databases, also have USDT probes that can be enabled with configuration switches like --enable-dtrace. These probes are inserted into user applications, as the name implies, statically at compile-time. I'll be dedicating an entire LWN article to covering USDT probes in the near future.

KaOS 2018.01 KDE-focused Linux distro now available with Spectre and Meltdown fixes

Filed under
GNU
KDE
Linux

It can be difficult to find a quality Linux distribution that meets your needs. This is partly because there are just too many operating systems from which to choose. My suggestion is to first find a desktop environment that you prefer, and then narrow down your distro search to one that focuses on that DE. For instance, if you like KDE, both Kubuntu and Netrunner are solid choices.

With all of that said, there is another KDE-focused Linux distro that I highly recommend. Called "KaOS," it is rolling release, meaning you can alway be confident that your computer is running modern packages. Today, KaOS gets its first updated ISO for 2018, and you should definitely use it to upgrade your install media. Why? Because version 2018.01 has fixes for Spectre and Meltdown thanks to Linux kernel 4.14.14 with both AMD and Intel ucode.

Read more

GNU/Linux: Live Patching, Gravity of Kubernetes, Welcome to 2018

Filed under
GNU
Linux
  • How Live Patching Has Improved Xen Virtualization

    The open-source Xen virtualization hypervisor is widely deployed by enterprises and cloud providers alike, which benefit from the continuous innovation that the project delivers.

    In a video interview with ServerWatch, Lars Kurth, Chairman of the Xen Project Advisory Board and Director, Open Source Solutions at Citrix, details some of the recent additions to Xen and how they are helping move the project forward.

  • The Gravity of Kubernetes

    Most new internet businesses started in the foreseeable future will leverage Kubernetes (whether they realize it or not). Many old applications are migrating to Kubernetes too.

    Before Kubernetes, there was no standardization around a specific distributed systems platform. Just like Linux became the standard server-side operating system for a single node, Kubernetes has become the standard way to orchestrate all of the nodes in your application.

    With Kubernetes, distributed systems tools can have network effects. Every time someone builds a new tool for Kubernetes, it makes all the other tools better. And it further cements Kubernetes as the standard.

  • Welcome to 2018

    The image of the technology industry as a whole suffered in 2017, and that process is likely to continue this year as well. That should lead to an increased level of introspection that will certainly affect the free-software community. Many of us got into free software to, among other things, make the world a better place. It is not at all clear that all of our activities are doing that, or what we should do to change that situation. Expect a lively conversation on how our projects should be run and what they should be trying to achieve.

    Some of that introspection will certainly carry into projects related to machine learning and similar topics. There will be more interesting AI-related free software in 2018, but it may not all be beneficial. How well will the world be served, for example, by a highly capable, free facial-recognition system and associated global database? Our community will be no more effective than anybody else at limiting progress of potentially freedom-reducing technologies, but we should try harder to ensure that our technologies promote and support freedom to the greatest extent possible.

    Our 2017 predictions missed the fact that an increasing number of security problems are being found at the hardware level. We'll not make the same mistake in 2018. Much of what we think of as "hardware" has a great deal of software built into it — highly proprietary software that runs at the highest privilege levels and which is not subject to third-party review. Of course that software has bugs and security issues of its own; it couldn't really be any other way. We will see more of those issues in 2018, and many of them are likely to prove difficult to fix.

Raising Funds for GNU/Linux

Filed under
GNU
Linux
  • $25k Linux Journalism Fund

    Linux Journal's new parent, Private Internet Access, has established a $25k fund to jump-start the next generation of Linux journalism—and to spend it here, where Linux journalism started in 1994.

    This isn't a contest, and there are no rules other than the ones that worked for journalism before it starting drowning in a sea of "content".

  • Nearly six years after the Kickstarter, Stainless Games claim Carmageddon is still coming to Linux

    Another year has passed and it's now nearing six years since the Carmageddon: Reincarnation Kickstarter that was supposed to have a Linux version. The developer said it is still coming, apparently.

GPL Violations: Grsecurity Carries on Bullying Bruce Perens, Israel Complies with AGPL, Xiaomi Violates GPL

Filed under
GNU
  • Linux's Grsecurity dev team takes blog 'libel' fight to higher court

    Open Source Security, Inc., the maker of the Grsecurity Linux kernel patches, suffered a setback last month when San Francisco magistrate judge Laurel Beeler granted a motion by defendant Bruce Perens to dismiss the company's defamation claim, with the proviso that the tossed legal challenge could be amended.

    The code biz and its president Brad Spengler sued Perens over a blog post in June in which Perens said that using the firm's Grsecurity software could expose customers to a contributory infringement claim under the terms of the Linux kernel's GPLv2 license.

    Open Source Security contends that statement has damaged its business.

  • Israel’s Information and Communications Technology Authority Bows to Pressure to Comply with Affero GPL

    Under pressure from open source advocates, the Israeli Information and Communications Technology (ICT) Authority recently shared its first open source software, extensions made by the ICT Authority to the CKAN data portal platform to help make the platform usable in Hebrew.

    The CKAN software is an open source data portal platform used since 2016 by the ICT Authority to make Israeli government data open and available on its government database website. The CKAN software is licensed under the GNU AGPL Version 3 license, an “ultra-strong” open source license that requires users of modified versions of CKAN software to offer its source code, even in the absence of distribution, to users interacting with software over the Internet.

  • Xiaomi Violating GPL 2.0 License With Mi A1 Kernel Sources

    Xiaomi is in violation of the GPL 2.0 license of the Linux Kernel project by still not releasing the kernel sources for the Mi A1 Android One and has been publicly criticized on the matter by established Android developer Francisco Franco earlier this week. While the smartphone was released in September and the Chinese consumer electronics manufacturer’s official policy is to publicize kernel sources for its devices within three months of their market launch, the Android One edition of the Mi A1 remains undetailed in this regard. Mr. Franco — best known for his work on the Franco Kernel, one of the most popular custom OS cores in the Android ecosystem — had some harsh words for the company on Twitter, calling its laidback approach to publicizing the kernel sources for the Mi A1 “an embarrassment” for the open source community and the type of software it allows it to create its commercial devices in the first place.

Introducing my new friend: a Slimbook

Filed under
GNU
KDE
Linux
Reviews

I have been following Slimbook for some time now. As you probably know, they ship a KDE laptop that is very cool, with KDE Neon pre-installed. They have attended to a couple of events I have attended to so I have been able to test their laptops, get feedback from buyers and ask them questions directly. The fact that they are a Spanish company was a beautiful surprise, We do not have that many hardware integrators and vendors in Spain.

But what definitely caught my attention was the fact that they pay a lot of attention to the software. They ship the laptops with Linux pre-installed. Ok, that is not new any more. But they do pre-install several different distros. Now, that’s uncommon. But news do not stop there.

Read more

Microsoft Against GNU/Linux in the Public Sector

Filed under
GNU
Linux
Microsoft
  • NHS: Thanks for all the free work, Linux nerds, now face our trademark cops [Ed: NHS has long been a Microsoft stronghold]

    Dev team quits, suggests NHS used them to get better deal with Microsoft

    [...]

    The small team behind an ambitious NHoS Linux project are calling it a day, citing receipt of a trademark infringement warning from the Department of Health's (DoH) "brand police" as the "final straw".

    The initial raison d’être of NHoS was to identify a way to roll out NHSbuntu, a strand of open-source Linux distro Ubuntu designed for the NHS, on three-quarters of a million smartcards. The smartcards are used to verify the healthcare pros that access 80 per cent of applications on millions of NHS PCs.

    The volunteer force behind NHoS wanted NHSbuntu to replace the current smartcard verification system that was running on Windows, and ultimately, have the operating system replace Windows on the desktop as well. Smart card recognition was seen as a mile-high hurdle in this grand plan.

    [...]

    Baw alleged the pair "(unbeknown to us) were also duplicitously negotiating with Microsoft about a new NHS Enterprise Wide Agreement".

  • Barcelona Council abandons Microsoft for open-source software [iophk: "again, disinfo about the reason for Munich's change"

    The Spanish city of Barcelona has announced it will phase out its use of Microsoft software in favour of open-source alternatives. Over the next few years, the city will transition away from Microsoft's services to guarantee its "technical sovereignty."

Syndicate content

More in Tux Machines

Welcome To The (Ubuntu) Bionic Age: Nautilus, a LTS and desktop icons

If you are following closely the news of various tech websites, one of the latest hot topic in the community was about Nautilus removing desktop icons. Let’s try to clarify some points to ensure the various discussions around it have enough background information and not reacting on emotions only as it could be seen lately. You will have both downstream (mine) and upstream (Carlos) perspectives here. Read more

Programming: Perl, JavaScript, Ick, PowerFake, pylint-django, nbdkit filters

  • An Open Letter to the Perl Community

    Some consider Perl 6 to be a sister language to Perl 5. Personally, I consider Perl 6 more of a genetically engineered daughter language with the best genes from many parents. A daughter with a difficult childhood, in which she alienated many, who is now getting out of puberty into early adulthood. But I digress.

  • Long Live Perl 5!

    While not mentioned in the original Letter, a frequent theme in the comments was that Perl 6 should be renamed, as the name is inaccurate or is damaging.

    This is the topic on which I wrote more than once and those who have been following closely know that, yes, many (but by no means all) in the Perl 6 community acknowledge the name is detrimental to both Perl 6 and Perl 5 projects.

    This is why with a nod of approval from Larry we're moving to create an alias to Perl 6 name during 6.d language release, to be available for marketing in areas where "Perl 6" is not a desirable name.

  • JavaScript Trends for 2018
    Trying to bet on how many new JavaScript frameworks will be released each month, is, the best software engineer’s game in the past 5 years.
  • Ick: a continuous integration system
    TL;DR: Ick is a continuous integration or CI system. See http://ick.liw.fi/ for more information.
  • Introducing PowerFake for C++
    PowerFake is a new mini-framework/tool to make it possible to fake/mock free functions and static & non-virtual member functions in C++. It requires no change to the code under test, but it might need some structural changes, like moving some parts of the code to a different .cpp file; or making inline functions non-inline when built for testing. It is useful for writing unit tests and faking/mocking functions which should not/cannot be run during a test case. Some say that such a feature is useful for existing code, but should not be needed for a code which is written testable from the beginning. But, personally I don’t agree that it is always appropriate to inject such dependencies using virtual interfaces or templates. Currently, it is not supposed to become a mocking framework on its own. I hope that I can integrate PowerFake into at least one existing C++ mocking framework. Therefore, currently it doesn’t provide anything beyond faking existing functions.
  • Introducing pylint-django 0.8.0
    Since my previous post was about writing pylint plugins I figured I'd let you know that I've released pylint-django version 0.8.0 over the weekend. This release merges all pull requests which were pending till now so make sure to read the change log.
  • nbdkit filters
    nbdkit is our toolkit for creating Network Block Device (NBD) servers from “unusual” data sources. nbdkit was already configurable by writing simple plugins in several programming languages. Last week Eric Blake and I added a nice new feature: You can now modify existing plugins by placing “filters” in front of them.

Moving to Linux from dated Windows machines

Every day, while working in the marketing department at ONLYOFFICE, I see Linux users discussing our office productivity software on the internet. Our products are popular among Linux users, which made me curious about using Linux as an everyday work tool. My old Windows XP-powered computer was an obstacle to performance, so I started reading about Linux systems (particularly Ubuntu) and decided to try it out as an experiment. Two of my colleagues joined me. Read more

Security: TPM, Yubikey, Holes, Bricking and Uber

  • Trusted Computing
    The Trusted Platform Module on your computer's motherboard could lead to better security for your Linux system. The security of any operating system (OS) layer depends on the security of every layer below it. If the CPU can't be trusted to execute code correctly, there's no way to run secure software on that CPU. If the bootloader has been tampered with, you cannot trust the kernel that the bootloader boots. Secure Boot allows the firmware to validate a bootloader before executing it, but if the firmware itself has been backdoored, you have no way to verify that Secure Boot functioned correctly.
  • Locking the screen when removing a Yubikey

    I have my Yubikey on my key ring, so whenever I leave my computer, I have to remove the Yubikey. So why not lock the screen automatically?

  • Corporate cultural issues hold back secure software development

    The study of over 1,200 IT leaders, conducted by analysts Freeform Dynamics for software company CA Technologies, finds 58 percent of respondents cite existing culture and lack of skills as hurdles to being able to embed security within processes.

  • Stop installing our buggy Spectre CPU firmware fixes, Intel says
  • Uber shrugs off flaw that lets hackers bypass two-factor authentication

    Security researcher Karan Saini found the bug in Uber's two-factor authentication process, which has yet to be rolled out widely to Uber users. The flaw relates to the way an account is authenticated when users log in, meaning hackers [sic] with someone's username and password can drift pass the 2FA with ease.