Language Selection

English French German Italian Portuguese Spanish

Misc

today's leftovers

Filed under
Misc

today's leftovers

Filed under
Misc
  • Qt 5.6 released

    I’m happy to announce that Qt 5.6.0 has been released today! This release has taken a bit longer to finish than we originally expected, mostly because we put a lot of new infrastructure in place, allowing us to make Qt 5.6 a Long Term Supported (LTS) release. With that, Qt 5.6 (LTS) will be receiving patch releases with security updates and bug fixes for the next three years, in parallel to upcoming Qt versions. Today, with Qt 5.6, we’ve now also made our new offering for start-ups and small businesses available!

  • GNOME 3.20 Release Candidate Now Available

    Being well past the various freezes, today's GNOME 3.20 release candidate doesn't offer much more than bug fixes and translation updates. If you aren't familiar with the new work added earlier in the GNOME 3.19 development cycle for GNOME 3.20, see our many GNOME 3.20 articles. There is much-improved support for native Wayland on GNOME, many improvements to GNOME's many applications, and other enhancements throughout the stack.

  • ClearOS 7.2.0 Screencast and Screenshots
  • Current (pre-release) ChangeLog for x86_64
  • FOSSASIA 2016 at the Science Centre Singapore

    FOSSASIA 2016 is now under way. The Debian, Red Hat and Ring (Savoir-Faire Linux) teams are situated beside each other in the exhibit area.

  • New VPN Feature Coming In The Ubuntu Touch OTA-10

    According to Marius of Softpedia, there will be a VPN panel in the System Settings after installing the OTA-10 update on devices. Other than that, the update includes improvement to pay and location services, better support for Web Apps in the Browser app, the EDS Plugin for Qt PIM module’s Organizer and improvements to Indicator-Datetime. The VPN feature though stands out of the rest and was first cited by Softpedia last year.

today's leftovers

Filed under
Misc
  • A Free Online Course on the Cloud and Containers

    The Linux Foundation and edX are going to be offering another free training course to the open source community. It's focused on open source cloud computing and container technology, and looks very timely.

  • Cloud tech is most important Linux skill, says Linux Foundation

    A new massive open online course (MOOC) for Linux developers will cover the implementation of cloud-based projects.

    The Linux Foundation is offering the course through edX, the nonprofit online learning platform launched in 2012 by Harvard University and Massachusetts Institute of Technology (MIT). The course is free and will begin this June.

    According to the Linux Foundation, understanding cloud technologies tops the list of most important skills for any developer, sysadmin or emerging DevOps professional.

  • RcppArmadillo 0.6.600.4.0

    Conrad announced a new Armadillo release 6.600.4 yesterday. This followed some work we had done for thorough pre-release checking with reverse dependencies tests for the over 200 CRAN packages using it and resulted in one more squashed bug. This releasehas been folded into RcppArmadillo 0.6.600.4.0 which arrived on CRAN and Debian earlier today.

  • xdg-app 0.5.0 released
  • XDG-App Is Becoming More Feature Complete

    Red Hat's Alexander Larsson today announced the release of XDG-App v0.5.

    With today's xdg-app 0.5 release, Alex considers this GNOME sandboxing tech to be feature complete for making it possible for third-parties to create and distribute applications that work across distributions. With this sandboxing, these packaged applications have minimal access to the host as needed for functionality.

today's leftovers

Filed under
Misc
  • Linux Forums Through the Eyes of a New User

    Ken Starks throws down the gauntlet and puts a hundred bucks on the line in an attempt to see if civility can be brought to the forums and a particular change made to LibreOffice.

  • First contribution to usability testing

    For the usability test, I set aside a guest user on my machine, a laptop running the Fedora 23 operating system with the GNOME desktop. There are no modifications to the install that should affect the results of the test. The participants executed the test separate from one another using otherwise identical settings.

    The scenario tasks I used were taken from previous usability tests. I used the six scenario tasks on Gedit from Jim Hall's blog. I also borrowed the four Nautilus scenario tasks from Gina Dobrescu's blog from a previous usability test internship.

  • Highlights of development sprint 16
  • Two Linux experts choose the best desktop distributions

    One of the best things about Linux is the range of choices available when it comes to desktop distributions. But that same level of choice can also be a bit confusing to newcomers to Linux. It can be hard for them to sift through all of the different distributions to find the one that might work best for them.

    Not to worry though if you're a newbie, Datamation has a helpful article that features two Linux experts who share their picks for best Linux distributions.

  • Running Intel Haswell-ULT Graphics With Ubuntu 16.04's X-Staging PPA

    There isn't much change to these results, which are found via this OpenBenchmarking.org result file. Mesa 11.2 is still exposing OpenGL 3.3 for the Intel driver but at least the next Mesa release should fully take the Intel driver well into the GL4 world. Again, if you want to help test Mesa 11.2 on Ubuntu 16.04, try the the x-staging PPA. I'm still having some other Ubuntu 16.04 graphics (including NVIDIA/Nouveau) coming out in the next few days on Phoronix.

today's leftovers

Filed under
Misc

today's leftovers

Filed under
Misc

today's leftovers

Filed under
Misc
  • Dell’s New XPS 13, Precision Laptops are Linux-based Instead of Windows
  • Dell brings Linux to its latest XPS 13 laptop

    Have you coveted the Skylake-powered version of Dell's near-borderless XPS 13 laptop, but wished it would ship with an open platform like Linux instead of Windows? Now's your chance. Dell has released a new version of its XPS 13 Developer Edition that comes with Ubuntu Linux 14.04 out of the box. You'll need a deep bank account to buy one right now, as your only current choices are high-end Core i7 models (with a quad HD+ touchscreen) that start at a lofty $1,550. You can finally get a Linux-based XPS 13 with 16GB of RAM, however, and there are promises of a far more frugal Core i5 system with 8GB of RAM and a non-touch display.

  • Expanding the Dell Portfolio of Ubuntu Laptops and Workstations
  • [Older] Major Linux Successes on the Desktop: 2016

    Linux containers has been a huge force in Linux servers and most of the press happened in 2015. Why is this in a desktop article? Because setting up tools and using containers on a Linux desktop is easier than doing so on OS X or Windows because you don’t need a VM. For developers and administrators I highly suggest you run Linux natively if you are going to be working with containers. You will have less to set up and you will learn more about the environment where your containers will run.

  • Ex-Microsoft chief executive Steve Ballmer: Linux no longer a cancer, now 'in the rearview mirror'

    Former Microsoft chief executive Steve Ballmer, who famously called Linux a "malignant cancer" 15 years ago, has softened his position on the open-source operating system. On 8 March, Microsoft announced plans to open up its SQL Server database software to users of the Linux operating system with a full launch planned for mid-2017.

  • [ANNOUNCE] wayland-protocols 1.3
  • A new Steam Client Beta adds new Steam Controller features

    I do love my Steam Controller, and Valve really are doing some amazing work with it. This latest update adds a pretty big new feature.

  • OVERLOAD from the original Descent developers has been funded

    I actually didn't think they would make it, but it's nice to see another Linux supported title be funded. They even had a Linux build for backers to play with, but as I am not someone who funds Kickstarter projects (too much risk) I wasn't able to test.

  • Live Streaming to HTML5?
  • Mouse cursor disappears in GNOME 3

    After a reboot, everything was back to normal! The cursor appears reliably in the top bar, Activities screen, and other overlays. In addition, some of the transient cursor weirdness I had with some applications seems to be gone.

  • Stock Target & Update on Red Hat, Inc. (NYSE:RHT)
  • Objectives, Wayland in F24, Flock talk deadline, QA heroes, conference metrics

    When we created the Fedora Council to succeed the previous Fedora Board, one of our goals was for the new body to take an active role in leadership and in finding project direction. One concrete way we do this is through Fedora Objectives. We choose two to four of these on a roughly 12-18 month timeframe, with full Council consensus and broader community discussion. We also appoint Objective Leads as auxiliary Council members, with binding votes on concerns relevant to their particular area.

  • F23-20160311 Updated Lives Available (4.4.4-301)

    It’s that time again, another kernel dropped to stable updates. This respin cycle also includes a series of updates (shown below).

  • Welcome Back! [Firefox]
  • Not-platform for Debian project leader elections 2016

    After some serious thinking, I've decided not to nominate myself in the Debian project leader elections for 2016. While I was doing that, I wrote the beginnings of a platform, below. I'm publishing it to have a record of what I was thinking, in case I change my mind in the future, and perhaps it can inspire other other people to do something I would like to happen.

  • Linux Gamers With AMD GPUs May Want to Avoid Ubuntu 16.04 LTS Upgrade — No fglrx Drivers
  • OnePlus One Gets Ubuntu Operating System

    Chinese smartphone maker OnePlus has announced that its OnePlus One smartphone will get an Ubuntu operating system ROM on board. The highlight of the Ubuntu OS are the Scopes and the categorized home screens, which provides a unified view of contents in a certain category.

  • Ambiance & Radiance Colors Theme Suite For Ubuntu/Linux Mint (GTK + Xfce + Lxde)
  • Ambiance & Radiance Flat Colors Suite For Ubuntu/Linux Mint

    Ambiance & Radiance Flat Colors aims to be a modern and unique theme bringing class and personality to your favorite desktop environment. It features a modern and clean flat look in your choice of 13 vibrant colors: Blue, Spring Blue, Brown, Graphite, Green, Orange, Purple, Pink, Red, Teal, and Yellow. Each color comes in 2 versions Original and Pro, there are Color buttons in Original and Mono/Colorless buttons in Pro. With fully integrated and tested support for many of the popular desktops Including: Unity, Cinnamon, MATE, XFCE, LXDE, OpenBox, Gnome Classic & Fallback. In Ambiance(Dark), Radiance (Light) As well as Ambiance Fusion (Ambiance with a light toolbar for dark icon themes). Ambiance & Radiance Flat is not by or endorsed by the original Ambiance team.

  • Orange Pi Plus Setup, Benchmarks, and Initial Impressions

    It looks amazing on paper, but my real-world experience with one has been disappointing. Between waiting for the very slow Orange Pi website and forums to load, to spending a few hours just trying to get one of the 'official' Linux distro images to boot correctly, to then debugging hardware issues (like USB keyboard detection, HDMI-to-DVI connections, etc.), there were obstacles every step of the way.

today's leftovers

Filed under
Misc

today's leftovers

Filed under
Misc
  • PlayStation 4 capable of booting Linux due to the latest hack

    This is not the first time that fail0verflow announced it had successfully hacked Sony’s PlayStation 4 to run Linux, and even showcased to the public that the team was running Pokémon. After months of testing, the team has said that the console is successfully able to run Linux, but what does this mean for the future gaming titles. Does this mean that Sony’s PlayStation 4 will be open to run pirated copies of future games? The hacking group has not stated this, but has shown us on how we too can run Linux on our consoles.

  • Radeon Crimson 16.3 Released With Vulkan, But No Sign Yet For Linux

    Today AMD released the Radeon Software Crimson Edition 16.3 driver (formerly known as Catalyst), but sadly the Linux driver update is not in tandem with this new driver update which now provides official Vulkan support.

    When hearing that Radeon Software Crimson 16.3 brings official Vulkan support over their earlier Windows beta, I was excited and hoping the Linux release would join in. The release notes also mention some performance improvements with this Crimson 16.3 driver and other enhancements to complement the Vulkan mainline API support.

  • Red Hat Enterprise Virtualization 3.6 Offers Improved Performance, Scale and Security for High-Performance Linux-Based Workloads

    Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Virtualization 3.6. This new version of Red Hat’s KVM-based virtualization solution offers increased performance, scale, and security for high-intensity Linux workloads. It also updates user experience and management tools to help reduce cost and time of VMware migrations by eliminating the need to purchase a third-party migration tool. Lowering the costs and sprawl of proprietary virtualization solutions is a common customer challenge addressed by Red Hat Enterprise Virtualization.

  • Large Cap Key Stocks of the Day: Red Hat, Inc. (NYSE:RHT)
  • Tails 2.2 Comes with Onion Circuits Instead of Vidalia

    Have you ever wondered how to access the internet anonymously or protecting your privacy against internet surveillance! without the effort of setting up a VPN and relay connections. Tails Linux distribution is a quite good choice for you.

    During your regular usage to the internet, you regularly send application tracking reports, search engine queries, browsing history, your location based on the current IP address, ..etc. All these kind of information could be used to invade your privacy. So, you could use an applications called “Tor” to connect you through multiple virtual tunnels and relays to hide your identity and your location. This seems pretty good, but what if you don’t want to bother with setting up Tor in your current Linux distribution, you could simply use a live session of Tails directly from a USB, DVD, and SD card.

  • Linaro Connect: Jon Masters talking about the importance of standards
  • Raspberry Pi 3

    Four years ago (last leap day to be specific), the first Raspberry Pi was released. And on February 29, 2016, the third version made its debut.

    In its short lifespan, the Pi has broken records to become the best-selling British computer. With more than eight million units in circulation, it has eclipsed the sales records set by Sinclair, Amstrad and Acorn. Back in the 1980s, those companies were at the forefront of the "microcomputer revolution".

today's leftovers

Filed under
Misc
Syndicate content

More in Tux Machines

Leftovers: BSD

Security Leftovers

  • Stop using SHA1 encryption: It’s now completely unsafe, Google proves
    Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm's use for security-sensitive functions should be discontinued as soon as possible. SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made. However, despite these efforts to phase out the use of SHA-1 in some areas, the algorithm is still fairly widely used to validate credit card transactions, electronic documents, email PGP/GPG signatures, open-source software repositories, backups and software updates.
  • on pgp
    First and foremost I have to pay respect to PGP, it was an important weapon in the first cryptowar. It has helped many whistleblowers and dissidents. It is software with quite interesting history, if all the cryptograms could tell... PGP is also deeply misunderstood, it is a highly successful political tool. It was essential in getting crypto out to the people. In my view PGP is not dead, it's just old and misunderstood and needs to be retired in honor. However the world has changed from the internet happy times of the '90s, from a passive adversary to many active ones - with cheap commercially available malware as turn-key-solutions, intrusive apps, malware, NSLs, gag orders, etc.
  • Cloudflare’s Cloudbleed is the worst privacy leak in recent Internet history
    Cloudflare revealed today that, for months, all of its protected websites were potentially leaking private information across the Internet. Specifically, Cloudflare’s reverse proxies were dumping uninitialized memory; that is to say, bleeding private data. The issue, termed Cloudbleed by some (but not its discoverer Tavis Ormandy of Google Project Zero), is the greatest privacy leak of 2017 and the year has just started. For months, since 2016-09-22 by their own admission, CloudFlare has been leaking private information through Cloudbleed. Basically, random data from random sites (again, it’s worth mentioning that every site that used CloudFlare in the last half year should be considered to having fallen victim to this) would be randomly distributed across the open Internet, and then indefinitely cached along the way.
  • Serious Cloudflare bug exposed a potpourri of secret customer data
    Cloudflare, a service that helps optimize the security and performance of more than 5.5 million websites, warned customers today that a recently fixed software bug exposed a range of sensitive information that could have included passwords and cookies and tokens used to authenticate users. A combination of factors made the bug particularly severe. First, the leakage may have been active since September 22, nearly five months before it was discovered, although the greatest period of impact was from February 13 and February 18. Second, some of the highly sensitive data that was leaked was cached by Google and other search engines. The result was that for the entire time the bug was active, hackers had the ability to access the data in real-time by making Web requests to affected websites and to access some of the leaked data later by crafting queries on search engines. "The bug was serious because the leaked memory could contain private information and because it had been cached by search engines," Cloudflare CTO John Graham-Cumming wrote in a blog post published Thursday. "We are disclosing this problem now as we are satisfied that search engine caches have now been cleared of sensitive information. We have also not discovered any evidence of malicious exploits of the bug or other reports of its existence."

Security Leftovers

  • Change all the passwords (again)
    Looks like it is time to change all the passwords again. There’s a tiny little flaw in a CDN used … everywhere, it seems.
  • Today's leading causes of DDoS attacks [Ed: The so-called 'Internet of things' (crappy devices with identical passwords) is a mess; programmers to blame, not Linux]
    Of the most recent mega 100Gbps attacks in the last quarter, most of them were directly attributed to the Mirai botnet. The Mirai botnet works by exploiting the weak security on many Internet of Things (IoT) devices. The program finds its victims by constantly scanning the internet for IoT devices, which use factory default or hard-coded usernames and passwords.
  • How to Set Up An SSL Certificate on Your Website [via "Steps To Secure Your Website With An SSL Certificate"]
  • SHA-1 is dead, long live SHA-1!
    Unless you’ve been living under a rock, you heard that some researchers managed to create a SHA-1 collision. The short story as to why this matters is the whole purpose of a hashing algorithm is to make it impossible to generate collisions on purpose. Unfortunately though impossible things are usually also impossible so in reality we just make sure it’s really really hard to generate a collision. Thanks to Moore’s Law, hard things don’t stay hard forever. This is why MD5 had to go live on a farm out in the country, and we’re not allowed to see it anymore … because it’s having too much fun. SHA-1 will get to join it soon.
  • SHA1 collision via ASCII art
    Happy SHA1 collision day everybody! If you extract the differences between the good.pdf and bad.pdf attached to the paper, you'll find it all comes down to a small ~128 byte chunk of random-looking binary data that varies between the files.
  • PayThink Knowledge is power in fighting new Android attack bot
    Android users and apps have become a major part of payments and financial services, carrying an increased risk for web crime. It is estimated that there are 107.7 million Android Smartphone users in the U.S. who have downloaded more than 65 million apps from the Google App Store, and each one of them represents a smorgasbord of opportunity for hackers to steal user credentials and other information.
  • Red Hat: 'use after free' vulnerability found in Linux kernel's DCCP protocol IPV6 implementation
    Red Hat Product Security has published details of an "important" security vulnerability in the Linux kernel. The IPv6 implementation of the DCCP protocol means that it is possible for a local, unprivileged user to alter kernel memory and escalate their privileges. Known as the "use-after-free" flaw, CVE-2017-6074 affects a number of Red Hat products including Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7 and Red Hat Openshift Online v2. Mitigating factors include the requirement for a potential attacker to have access to a local account on a machine, and for IPV6 to be enabled, but it is still something that will be of concern to Linux users. Describing the vulnerability, Red Hat says: "This flaw allows an attacker with an account on the local system to potentially elevate privileges. This class of flaw is commonly referred to as UAF (Use After Free.) Flaws of this nature are generally exploited by exercising a code path that accesses memory via a pointer that no longer references an in use allocation due to an earlier free() operation. In this specific issue, the flaw exists in the DCCP networking code and can be reached by a malicious actor with sufficient access to initiate a DCCP network connection on any local interface. Successful exploitation may result in crashing of the host kernel, potential execution of code in the context of the host kernel or other escalation of privilege by modifying kernel memory structures."

Android Leftovers