Language Selection

English French German Italian Portuguese Spanish

Server

MariaDB 10.5.9 Release Notes

Filed under
Server

MariaDB 10.5 is the current stable series of MariaDB. It is an evolution of MariaDB 10.4 with several entirely new features not found anywhere else and with backported and reimplemented features from MySQL.

Read more

5 Free and Open Source Lightweight Alternatives to WordPress

Filed under
Server
Web

Now don’t get us wrong, WordPress is one of our favorite applications. With good reason, it’s a high quality, open source blog publishing application. It’s a mature and highly polished application with development starting in 2003, and it has an active community. The largest self-host blogging tool, a full content management system, which can be extended through thousands of widgets, plugins, and themes, is a good fit for many projects. The software was born out of a desire for an elegant, well-architectured personal publishing system built on PHP and MySQL.

WordPress instantly springs to mind when any project is planned that needs a content management system. However, WordPress can be complicated, offering more bells and whistles than actually needed or wanted. While it’s always tempting to stick with familiar territory, this can actually stifle creativity and does not enhance an individual’s skill-set.

When embarking on a new project, there’s a lot to be said experimenting with new software. Fortunately, WordPress is not the only option. There’s a good range of lightweight open source content management systems ready to be deployed that can transform a web site.

Some of the content management systems featured in this article are well publicised, but there are many good management systems that you may not have heard of that are perfectly suited for small projects.

Here is our verdict with our recommendations. They are all free and open source goodness.

Read more

Also: HOWTO: Migrate from Ghost v3 to Squarespace

WordPress 5.7 Beta 3

Filed under
Server
Software
Web

This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with it.

Read more

Federated/Decentralised Communications With Movim and P2P VoIP

Filed under
Server
OSS
Security
Web
  • Movim | Basic Review & Beginner's Guide

    Once you read about Movim, immediately you will find about Xmpp. It is Jabber, also known as Xmpp, a secure, decentralized, and federated technology everyone can use to chat online existed strongly since 1990's. To give you how great Xmpp network is, actually when you use WhatsApp you use Xmpp, so does with Google Talk and Jitsi, so when you use those you are using Xmpp. To give you a few of its benefits, Xmpp is not controlled by a single company (so unlike Twitter) it is hard to shut down by anyone.


  • Daniel Pocock: Comparing private and peer-to-peer VoIP solutions

    One of the top questions people ask RTC developers around Valentine's Day is whether we finally have a private solution people can use to communicate with their partner.

    There is fresh attention on the issue this year after Twitter and other large providers flexed their muscles and demonstrated that they are more powerful than the US President.

    [...]

    Achieving independence from cloud services doesn't necessarily give you privacy. There are trade-offs to be made. John Goerzen recently published a blog about privacy issues in current P2P tools.

OpenStack: Collaboration and Charmed OpenStack

Filed under
Server
Ubuntu
  • How the OpenStack community is collaborating during the pandemic

    The OpenStack community is BIG. From Argentina to Morocco to Israel to Vietnam, we literally span the globe, so it's not surprising that we largely knew what to do to accommodate COVID-19's circumstances. But it still has been a struggle to keep moving forward and adapt while still delivering Ussuri and Victoria, the 21st and 22nd releases of OpenStack.

    Even if you were working remotely before the pandemic, many things changed. I have worked remotely for over four years, but it was broken up by seeing coworkers and community members in real life roughly once a month at conferences and meetups. But now, I haven't seen any of them in person in a year, and I have twice as many meetings as I used to. My circumstances are certainly nothing like what frontline workers face, but when screen time is your main interaction with humanity, it gets downright lonely.

  • OpenStack Ironic, Cinder volume replication and Glance multi-store – OpenStack Charms 21.01

    Canonical is proud to announce the availability of OpenStack Charms 21.01. This new release includes: a tech-preview version of OpenStack Ironic operators (charms), Cinder volume replication and Glance multi-store support for Charmed OpenStack.

Your Service is not Open Source

Filed under
Server
OSS

Open Sourcing the code to your SaaS is insufficient to make it actually be Open Source. Sounds self-contradictory?

Most services that espouse “Open Source”, do so by simply throwing the code over the wall. It’s better than nothing, but really misses the point that powers Open Source: enabling users to make a change to the software they’re using.

Some other popular services powered by Open Source software, such as GitLab.com or ElasticSearch do include the tools used to operate/deploy their service. Pause for applause

Read more

Servers: Clown Computing, Kubernetes, Docker, Sysadmins

Filed under
Server

  • All new Building Cloud Native and Multicloud Applications course now available

    A brand new version of the Building Cloud Native and Multicloud Applications course is now available. For this second version, we completely restructured and rewrote the course from the ground up to include the most current cloud-native and multicloud knowledge, technologies, and tools. It incorporates real-world demos and hands-on labs using IBM Cloud® and its rich set of services and offerings.

  • Benefits of containers for enterprises

    Within just five years, Kubernetes and containers have redefined how software is deployed. Researchers expect the container market to grow by 30% year over year to become a 5 billion industry by 2022. But what is the reason behind this mass adoption of container technology in the enterprise?

  • Sysadmin careers: How long do you typically stay in a job?

    Some sysadmins change jobs often, while some of us stay too long in one place. Where do you fall on the job change continuum?

  • Orchestral Manoeuvres in the Docker | Linux Format

    Jonni’s been arguing with me this issue – he thinks Linux Format readers don’t need virtual machine orchestration. Of course, as always, he’s right, but I’ve never let being wrong stop me before… Just because you don’t actually “need” something doesn’t mean you don’t want to learn about it or try it out!

    [...]

    Finally, Les Pounder brings us another breaking Raspberry Pi Pico review. We managed to sneak the review into the issue just as we were going to press. The Pi Foundation does it again cramming so many features into a $4 device. This microcontroller in many ways is better for smaller projects that the main Pi was still being used for. We’re sure we’ll be seeing much more of it in the future, so I hope you enjoy!

Becoming a Linux system administrator: From sales to sysadmin

Filed under
GNU
Linux
Red Hat
Server

Working under my own banner felt great, and I could only blame myself when things went wrong. I could follow my curiosity and use my common sense to avoid some pitfalls while still being young enough to walk straight into others. I loved every minute of it, and when I landed my first few contracts as a Lotus Notes developer, I managed to find a lot of limitations in the application, which kept me both challenged and motivated.

I tried expanding my business and hired some staff. At the peak, I had six employees. However, I was too young and inexperienced at managing staff. They looked to me for guidance, but I had my head buried in development and the early days system administration. With my company on the brink of disaster, I realized I was not ready to be a manager and had to let everyone go. This was a very humbling experience, and I felt like dirt, but we all got through it with several lessons learned.

The one-man-band company was back in the game, but I had run into issues because my applications were not performing as expected, and workflows were interrupted. I realized that my code was good, but the servers were poorly administered. Curiosity had me caught once again, so I started to learn server administration.

Read more

Open-Source Slack Alternative ‘Rocket.Chat’ Raises $19M To Add Smart Bots, Improve Security & More

Filed under
Server

Rocket.Chat is undoubtedly one of the most impressive open-source slack alternatives available out there.

Even we at It’s FOSS, utilize it daily to communicate and work. It may not be a perfect Slack alternative from every aspect depending on your requirements, but it does the job that we expect.

Also, it’s no surprise that every collaboration platform (open-source or not) have seen a significant rise in their user base after the pandemic. Similarly, Rocket.Chat has seen a growth of 500% in their user base and a 260% increase in their open-source community.

Read more

Proprietary Software Leftovers

Filed under
Server
Google
Microsoft
Security
  • Google’s cloud business lost more than $5.5 billion last year, but it’s growing fast

    Google parent company Alphabet weathered the tail end of 2020 to post better-than-expected earnings for the fourth quarter of the year. But the bigger story is that Alphabet broke out Google Cloud’s sales for the first time ever, revealing an eye-popping $5.6 billion annual loss last year, but a nearly 50 percent jump in revenue (to $13 billion) compared to 2019. And Google Cloud maintained that growth well into the fourth quarter, when the division generated $3.8 billion in sales. That’s a 46 percent jump from the fourth quarter of 2019.

  • Google Cloud Reports Huge Operating Losses in New Disclosure

    Alphabet Inc. said its Google Cloud business had an operating loss of $1.2 billion in the fourth quarter, a new disclosure that may disappoint some Wall Street analysts.

    The Mountain View, California-based company revealed the number on Tuesday in a statement. For 2020, the cloud division lost $5.6 billion, Alphabet said.

  • Microsoft 365 Becomes Haven for BEC Innovation

    Two fresh business email compromise (BEC) tactics have emerged onto the phishing scene, involving the manipulation of Microsoft 365 automated email responses in order to evade email security filters.

    In one case, scammers are targeting victims by redirecting legitimate out-of-office (OOO) replies from an employee to them; and in the other, read receipts are being manipulated. Both styles were seen being used in the wild in the U.S. in December, when auto-responders were more prevalent due to holiday vacation.

  • The reshaped Mac experience

    [...] I’ll quote the relevant ones here (emphasis mine):

    "The selling point of the Macintosh was never the hardware, it was the user interface. So if the selling point now is the hardware, that’s a damning indictment of the current user interface.

    I cannot emphasize enough how everyone seems to have lowered their standards with regard to the user interface. The “Overton window” has moved. The Overton window now has rounded rects.

    We’ve gone from “insanely great” and “It just works” to “Catalyst is good enough for most people.”

    That’s fucking BS, and I won’t tolerate it. [...]"

  • ‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

    ValidCC, a dark web bazaar run by a cybercrime group that for more than six years hacked online merchants and sold stolen payment card data, abruptly closed up shop last week. The proprietors of the popular store said their servers were seized as part of a coordinated law enforcement operation designed to disconnect and confiscate its infrastructure.

  • The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack

    As America struggles to assess the damage from the devastating SolarWinds cyberattack discovered in December, ProPublica has learned of a promising defense that could shore up the vulnerability the hackers exploited: a system the federal government funded but has never required its vendors to use.

    The massive breach, which U.S. intelligence agencies say was “likely Russian in origin,” penetrated the computer systems of critical federal agencies, including the Department of Homeland Security, the Treasury Department, the National Institutes of Health and the Department of Justice, as well as a number of Fortune 500 corporations. The hackers remained undetected, free to forage, for months.

Syndicate content

More in Tux Machines

Free Software Leftovers

  • From Clean & Green Mockup to OpenBSD cwm(1) desktop

    If the words CGA or Hercules raise sweet memories from your far away youth, the Mockup Clean & Green from u/awareofdistractions may hit you right in the heart. And if you like it so much, it may be used for real-life desktop environment using OpenBSD stock and ports material.

  • Learning more about our users

    At the Tor Project we practice user-centered design. This means we put our users at the heart of our development process, making a conscious effort to understand the contexts in which people use our tools and paying particular attention to the bumps they encounter along the way.

    Many digital product companies rely heavily on data gathered from invasive tracking scripts to better understand their users’ behavior, further fueling the surveillance economy. However that’s not how we do things at Tor – instead, we aim to conduct research that respects the basic principles of privacy and consent.

  • New Release: Tor Browser 10.5a11

    Tor Browser 10.5a11 is now available from the Tor Browser Alpha download page and also from our distribution directory.

    Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

  • FSFE20 +++ IloveFS +++ Job vacancy

    In our February Newsletter, we interview our founding president Georg Greve as part of our publication series to celebrate 20 Years FSFE, we reflect on I love Free Software Day and our FOSDEM participation, we advertise our new job vacancy and as usual we report on our diverse community activities.

  • Keeping platforms open

    My previous article, Whatsapp and the domestication of users, got more attention than I was expecting. Some responses gave me a lot to think about,1 especially regarding actions we can take. I suggest reading that article first; it explained what “user domestication” is and why it’s a problem. It enumerated three countermeasures: FOSS, simplicity, and open platforms.

    Hard problems, by definition, lack easy solutions. Simply choosing (or creating) a platform that avoids user domestication isn’t enough if that platform can change. The price of freedom is eternal vigilance; in addition to settling on the right platform, we must ensure that it honors its users in both the present and the future. Keeping a platform FOSS and simple is more straightforward2 than keeping a platform “open”.

    How do we keep an open platform from becoming a closed platform in the future?

Programming Leftovers

  • 6 Top Data Analysis Tools for Big Data

    Big Data is an all-inclusive term that refers to data sets so large and complex that they need to be processed by specially designed hardware and software tools. The data sets are typically of the order of tera or exabytes in size. These data sets are created from a diverse range of sources: sensors that gather climate information, publicly available information such as magazines, newspapers, articles. Other examples where big data is generated include purchase transaction records, web logs, medical records, military surveillance, video and image archives, and large-scale e-commerce. There is a heightened interest in Big Data and Big Data analysis and the implications they have for businesses. Big Data analysis is the process of examining huge quantities of data to find patterns, correlations, and other useful information that can help firms become more responsive to change, and to make better informed decisions. Big Data analysis can be performed with data mining software. However, the unstructured data sources used for big data analysis are not necessarily suitable for investigation by traditional data mining software.

  • 50 Years of Pascal

    Pascal was easy to teach, and it covered a wide spectrum of applications, which was a significant advantage over Algol, Fortran, and Cobol. The Pascal System was efficient, compact, and easy to use. The language was strongly influenced by the new discipline of structured programming, advocated primarily by E.W. Dijkstra to avert the threatening software crisis (1968).

  • How to use Django Serializers – Linux Hint

    Serializer is used in Django to convert the model instances or querysets into python supported data types that can be easily rendered into JSON, XML, or other formats. The deserialization can also be done by serializers to get back the original data from the serialized data. This feature is available in Django REST Framework. So, the users have to install this framework to use the serializers. Any webpage of the website may contain HTML, CSS, and data from the database tables. But the API does not understand these types of content, and it can understand the raw data only, that is, JSON data. How the serializers can be used to convert the model instance into JSON format has shown in this tutorial.

  • How to use queryset in django – Linux Hint

    Most of the web applications are implemented with the database now. queryset is used in the Django application to retrieve records by filtering or slicing or ordering the database table without changing the original data. The model used Django to create the table in the database. So, the knowledge of using the model in Django is necessary to understand the use of queryset. The main function of the queryset is to iterate the records of database tables by converting them into SQL queries. It can be used from the python command line or by writing the python script to display the browser’s output. The uses of queryset for retrieving data from a database table in different ways have been explained in this tutorial.

  • This Week In Rust: This Week in Rust 379 [Ed: The usual paradox of developing "openly" while requiring people to get an account with Microsoft and then use proprietary software of Microsoft, which attacks Free software.]

    This Week in Rust is openly developed on GitHub.

  • What Is BC in a Bash Script? – Linux Hint

    BC, which stands for Basic Calculator, is a command in Bash that is used to provide the functionality of a scientific calculator within a Bash script. This can be useful for scripting with various arithmentic use cases and scenarios. This article shows you how to use BC in a Bash script.

Security Leftovers

  • How often should I rotate my ssh keys?

    My story for today is about ssh and how even public keys, while much better than simple passwords, are still not a perfect solution.

    The danger is credential theft, which is a fancy way of saying “someone stole your private keys.” Back in the 1990s, that problem was pretty far from our minds; Windows 98 didn’t even have the concept of a separate administrator account, never mind the idea of app sandboxing or the inkling that someone might intentionally want to load malware onto your computer and encrypt all your files for ransomware. Those were the days when some people thought ActiveX controls (essentially loading .exe files from web sites) might be a good idea. Actually, maybe even a great idea as long as there was an “are you sure?” dialog box first.

  • 4 of the Best LastPass Alternatives

    LastPass has recently changed its free account usage policy to be only available on one device, and a lot of its users are not happy about it. If you are a LastPass Free user and are looking to switch, here are four great LastPass alternatives you should check out. These services reserve their pricing tiers for more advanced, business-oriented users while still leaving free users with a powerful set of features to safeguard their online accounts data.

  • Security updates for Thursday

    Security updates have been issued by Arch Linux (ansible-base, keycloak, mumble, and postgresql), Debian (firefox-esr and nodejs), Fedora (dotnet3.1, dotnet5.0, keylime, php-horde-Horde-Text-Filter, radare2, scap-security-guide, and wireshark), openSUSE (postgresql, postgresql13 and python-djangorestframework), Red Hat (Ansible, firefox, and thunderbird), Scientific Linux (firefox and thunderbird), SUSE (php7, postgresql-jdbc, python-cryptography, rpmlint, and webkit2gtk3), and Ubuntu (dnsmasq, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, linux-oem-5.10, linux-oem-5.6, screen, and xterm).

  • Biden signs executive order calling for semiconductor supply chain review

    President Biden signed an executive order Wednesday addressing growing concern over a global semiconductor shortage hampering the production of goods like automobiles and smartphones.

    The White House’s executive order directs the federal government to conduct 100-day reviews of supply chains in four sets of products, including computer chips and large capacity batteries, like those used in electric vehicles, according to administration officials.

  • Biden Orders Review to Shore Up Supply Chain Resiliency

    On top of the 100-day review of the four key industries, Biden’s order will also direct yearlong reviews for six sectors: defense, public health, information technology, transportation, energy and food production.

    Biden said his administration will implement the recommendations as soon as they are available. “We're not going to wait for the review to be completed before we start closing the existing gaps,” he said.

  • Technology Executives Say All Evidence Points To Russia In Major Hack Of Computer Networks

    Smith told the committee that the true scope of the intrusions is still unknown because most victims are not legally required to disclose attacks unless they involve sensitive information about individuals.

  • Finnish IT Giant Hit with Ransomware Cyberattack [iophk: Windows TO]

    Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesday, claiming to have spoken with Geir Remman, a communications director at the company. Remman acknowledged technical problems with several services that TietoEVRY provides to 25 customers, which are “due to a ransom attack,” according to the report.

    Remman told E24 that the company considers the attack “a serious criminal act.” TietoEVRY turned off the unspecified services and infrastructure affected “as a preventative measure” until it can recover relevant data, and restart systems “in a controlled manner,” he said.

Ubuntu Leftovers

  • Ubuntu Aims For Higher Quality LTS Point Releases - Phoronix

    New restrictions will be in place beginning with Ubuntu 20.04.3 LTS this summer to try to enforce better quality releases with less regressions by enforcing better quality control. The change beginning with Ubuntu 20.04.3 LTS will require that stable release update (SRU) procedures are followed even for release blockers. This will require that every fix follows the same verification, regression analysis, and aging period process. The tighter quality controls will likely lead to slips in release targets if bugs are found in the release candidates for new point releases, as it will first need to go through the verification and aging process.

  • DFI Partners With Ubuntu For IoT Hardware, OTA Updates - Phoronix

    Most of you probably haven't heard of DFI much in nearly two decades since the days of their colorful "LanParty" motherboards that were well known at the time, but these days they are focused on the industrial computer industry and have now teamed up with Canonical to partake in the Ubuntu IoT Hardware Certification Partner Program. DFI is the first industrial computer vendor joining the Ubuntu IoT Hardware Certification Partner Program for Ubuntu-certified hardware focused on the Internet of Things and embracing over-the-air software updates.

  • What is MEC ? The telco edge.

    MEC, as ETSI defines it, stands for Multi-access Edge Computing and is sometimes referred to as Mobile edge computing. MEC is a solution that gives content providers and software developers cloud-computing capabilities which are close to the end users. This micro cloud deployed in the edge of mobile operators’ networks has ultra low latency and high bandwidth which enables new types of applications and business use cases. On top of that an application running on MEC can have real-time access to a subset of radio network information that can improve the overall experience.