Language Selection

English French German Italian Portuguese Spanish


today's leftovers

Filed under

today's leftovers

Filed under
  • Smaller Docker containers for Go apps

    Most of our services are in Go, and thanks to the fact that compiled Go binaries are mostly-statically linked by default, it’s possible to create containers with very few files within. It’s surely possible to use these techniques to create tighter containers for other languages that need more runtime support, but for this post I’m only focusing on Go apps.

  • In Korean, Multipath TCP is pronounced GIGA Path

    Enabling Multipath TCP on the smartphone is the first step in deploying it. However, this is not sufficient since there are very few servers that support Multipath TCP today. To enable their users to benefit from Multipath TCP for all the applications that they use, KT has opted for a SOCKSv5 proxy. This proxy is running on x86 servers using release 0.89.5 of the open-source Multipath TCP implementation in the Linux kernel. During the presentation, SungHoon Seo mentioned that despite the recent rollout of the service, there were already 5,500 active users on the SOCKS proxy the last time he checked. Thanks to this proxy, the subscribes of the Giga Path service in Korea can benefit from Multipath TCP with all the TCP-based applications that they use.

  • Cleaning the house (GSoC #6) & GUADEC
  • Zorin OS 10 Is Out, the Best, Most Beautiful Release Yet, Based on Ubuntu 15.04 - Screenshot Tour

    On August 1, Artyom Zorin had the great pleasure of announcing the immediate availability for download of the final release of his Zorin OS 10 GNU/Linux operating system, distributed as Core and Ultimate editions, based on Ubuntu 15.04.

today's leftovers

Filed under
  • Dawn of the data center operating system

    How microservices architecture and Linux containers will tame distributed computing for developers and ops

  • 30 Sys Admins to Follow on SysAdmin Day

    Systems administrators: They keep our high-tech world up and running. From capacity planning, to 3 a.m. phone calls, to retiring that 10-year-old server that uses more power than your whole house, sys admins do it all. Open source communities would not be able to thrive without the networks, services, and tools that allow for communication and collaboration, and sys admins are the ones who work thanklessly year-round to keep them going.

    July 31 is System Administrator Appreciation Day, a day for all of us to express our undying gratitude for sys admins. Sure, you could buy your favorite sys admin cake and ice cream, or perhaps a nice gift card. You could even go as far as not breaking the server for just one day. You also can follow these 30 sys admins.

  • See What Systemd 223 Brings New
  • Sparkfun's pcDuino Acadia Benchmarks Against Other ARM SBCs

    Sparkfun's pcDuino Acadia os a $119 USD development board powered by a Freescale i.MX6 quad-core Cortex-A9 SoC with Mali 400 graphics. There's 1GB of RAM and other connectivity options for this board.

  • Linux Based Solus OS Now Boots in Flat 1.2 Seconds

    Solus OS is a Linux distro that was built from scratch and uses a new desktop environment called Budgie. You can consider it as the next version of the Solus OS as it was built by the same developer team, so they didn’t bother changing the name for a new operating system.

  • Arch Linux 2015.08.01 Has Been Released. Upgrade Now!

    Arch Linux 2015.08.01 has been released and is powered by Kernel 4.1 and includes all the update patches since the 1st of July 2015.

  • uReadIt 3 – The Best Reddit Client For Ubuntu Touch

    As you may know, uReadIt is an open-source Reddit client for Ubuntu Touch, being one of the best native apps for Ubuntu mobile.

  • You Can Now Watch Flash Content With MPV On Ubuntu

    As you may know, Adobe Flash is not the safest thing on the internet this days. Mozilla even disabled it from the Firefox browser a while, due to the vulnerabilities found lately.

  • Ubuntu MATE 15.04 Running on the Rikomatic MK808B

    Ubuntu MATE, the latest member of the Ubuntu family, has been spotted running on the MK808B Plus Quad-Core mini TV box device. The device runs with Android 4.4 by default, but a third party developer has tweaked it to run Ubuntu.

  • LEGO Smart Home

    We spoke to Bhavana Srinivas and Geremy Cohen from PubNub about their LEGO Smart Home model, a proof of concept project that shows how you can use the Raspberry Pi with communication platform PubNub in order to automate your household electronics and other Internet of Things devices. You can read the full piece in the latest issue.

  • Compact module runs Linux on quad-core Braswell

    Congatec announced a compact, low power computer-on-module based on Intel’s 14nm “Braswell” SoCs, and featuring triple display outputs, and up to 4K video.

today's leftovers

Filed under

today's leftovers

Filed under

today's leftovers

Filed under

today's leftovers

Filed under
  • Three months with a Chromebook computer

    Chromebooks have become incredibly popular among some users, as you can see from Amazon's list of bestselling Chromebooks. One user decided to use a Chromebook as his primary computing device for three months, and found that it worked extremely well for him.


    Debian Linux is known as a distribution that supports lots of different hardware, but now the Debian developers have announced the removal of support for the SPARC hardware architecture.

  • New Target for Mobile App Devs: Plasma Mobile on Linux
  • New Plasma Mobile, New Security Issues

    Jonathan Riddell said the hacking was frustrating at first, but Martin Gräßlin was able to get the system going with Wayland and KWin. Gräßlin said Plasma Mobile is the first product to use Wayland by default and the only reason Wayland is mature enough to be included as a technical preview in upcoming Plasma 5.4. They're confident Android apps will run on it at some point as well.

  • KDE Creates Plasma Mobile, A KDE Based Operating System For Mobile Phones

    As you may know, the KDE developers have created Plasma Phone UI, a Linux based operating based on Ubuntu Touch and Kubuntu Linux.

    The OS is open-source, has an user-friendly interface and provides a customizable platform for mobile devices. For now, KDE’s mobile OS is just a prototype and can be tested on the LG Nexus 5.

  • GSoC ’15 Post #5: Port Complete – Time for the Real Deal

    With loads of help from people on #kde-devel, we finally managed to complete the KDE Network Filesharing port to KF5. Wasn’t easy, given that this was my first time porting frameworks, but it was real fun. Apart from apol’s blogpost shared in my last post, here’s another post that was immensely helpful to me while porting: Porting a KControl Module to KF5.

  • Gnome Pie 0.6.3 (Circular Application Launcher) Brings New Features And Bug-Fixes

    As you may know, Gnome Pie is a circular application launcher, enabling the users to easily access their favorite apps, which they have added to the pie. For usage information, see this link.

  • Gnome 3.18 Will Include A News Reader App
  • ExLight Distro Brings Enlightenment 0.19.7 and Linux Kernel 4.0 to Ubuntu 15.04

    On July 26, Arne Exton, the creator of numerous distributions of GNU/Linux as well as various Android-x86 Live DVDs, was more than proud to announce the immediate availability for download of a new build for his ExLight Linux distribution.

  • OpenSUSE Leap 42 Will Be An OpenSUSE Flavor For The Users That Need A Stable System
  • Very slow ssh logins on Fedora 22

    I’ve recently set up a Fedora 22 firewall/router at home (more on that later) and I noticed that remote ssh logins were extremely slow. In addition, sudo commands seemed to stall out for the same amount of time (about 25-30 seconds).

  • Debian Dropping SPARC Support

    While Debian supports many CPU architectures, it's working to remove support for the Sun/Oracle SPARC architecture. As of this weekend, Debian has dropped SPARC from their unstable, experimental, and jessie-updates archives.

  • Ubuntu Touch OTA-5 Update Brings Double Battery Life On Meizu MX4 Ubuntu Edition
  • Ubuntu Phone Gets Blasted In Reviews This Week
  • 3.5-inch SBC runs Yocto on Braswell and 6 Watts

    Aaeon’s Yocto Linux ready, 3.5-inch “GENE-BSW5″ SBC offers Intel Braswell CPUs, dual GbE ports, six serial ports, and mini-PCIe, SATA, and mSATA expansion.

  • Not Learning Unix is a Mistake

    It has occurred to me that not learning Unix is a grave mistake. My relatively early exposure to Unix was important. I may not have appreciated Linux as much or even at all if I hadn't had that ability to experiment at home with Xenix. Learning about Unix develops new mental muscles like playing a musical instrument or learning a new language. But learning these new processes becomes more difficult with age. To me the exact technical details are less important. It does not really matter if you are a Linux user or if you use one of the BSDs or even something more exotic like Plan 9. The important thing is you can learn new concepts from what I will broadly refer to as the Unix/Internet Community.

  • Mmm, what's that smell, Google+? Yes it's death: Google unhooks 'social network' from YouTube

    Google is no longer forcing Google+ on the world: people will be able to log into YouTube, and other Googley services, without having to create mandatory Google+ profiles.

    From now on, only those who deliberately sign up for Google+ will create profiles on the ghost town of a social network. Previously, Google harassed users of YouTube, Gmail and so on, to convert their accounts into Google+ accounts, a move obviously designed to boost G+'s sad numbers. It didn't go down very well at all – a lot of folks hated it.

  • Google to block access to unofficial autocomplete API

    Google has decided the autocomplete API it informally offers will no longer be available for “unauthorised” users as of August 10th.

today's leftovers

Filed under

today's leftovers

Filed under
  • Intel's Mesa DRI Driver Now Supports Shader Subroutines
  • Where AMD's Catalyst Driver Does The Best On Linux

    Earlier this week I finished up a 15-way AMD/NVIDIA graphics card comparison on Linux with the very latest proprietary Linux drivers. That earlier article focused on the OpenGL performance and simply put the Catalyst performance on the tested Radeon hardware was abysmal compared to NVIDIA's Linux driver performance. However, there is one area where the Catalyst Linux driver really excels at performance and routinely beats out the green competition.

  • Dolphin Emulator 4.0.2 (Old Gaming Console Emulator) Has Been Released

    As you may know, Dolphin Emulator is an open-source, multi-platform Nintendo GameCube, Wii and Triforce emulator. Like all the emulated software, the games have minor bugs and issues. Being an open-source project, it may be improved by third party developers.

  • Mosh 1.2.5 (Open-Source SSH-Like Software) Brings New Features
  • An inlaid GNOME logo, part 4

    In the last part, I glued the paper templates for the shield and foot onto the wood. Now comes the part that is hardest for me: excavating the foot pieces in the dark wood so the light-colored ones can fit in them. I'm not a woodcarver, just a lousy joiner, and I have a lot to learn!

  • TDD, Unit Tests & Liblarch. Lesson -- learnt!
  • openSUSE Leap 42.1 Milestone 1 Available

    DeMaio quoted Richard Brown, chairman of the openSUSE board, saying, "The opportunity for topping this SLE core with the things you want in a long-term release really makes this attractive and I see people wanting to get involved with this next chapter of openSUSE. Leap will fill the gap between the longevity of a SLE core and the innovation related to Tumbleweed."

  • The First Milestone Reached For openSUSE 42.1 "Leap"

    OpenSUSE 42.1 Leap is derived from SUSE Linux Enterprise's source-code and is going to be the openSUSE project's next non-rolling release and entered development last month. Currently Leap is due for release in November. OpenSUSE Tumbleweed, the rolling-release arm of the distribution, will meanwhile keep on rolling.

  • Chromium 44 available (Netflix still works)

    That updated version 44.0.2403.107 may have to wait, because I will be unable to do a lot of Slackware related stuff until august; real life is catching up with me. If there are real useability issues with 44.0.2403.89, let me know and I will see if I can shift priorities or make the older 43.x packages available again. My initial (not exhaustive) testing showed no weirdness at least.

  • Schedules for Flock and F23, Atomic & Workstation, DNF — and a Fedora job opening!

    Speaking of schedules, Fedora 23 development is well underway. Last week, Fedora 23 branched from Rawhide, so that we can focus on stabilization and bugfixes for the planned October release while ongoing work on future features — Fedora 24 and beyond! — can continue in the development branch. The Alpha Freeze (where F23 features and changes are supposed to be substantially complete and testable) is scheduled for a week from today, with the actual Alpha release August 11th — the day before Flock starts. The QA team is already working on early test candidates, and Docs has put out a call for help with release notes.

  • PHP on the road to the 7.0.0 release
  • Linux Mint 17.2 OEM and No-Codecs ISO Images Now Available for Download

    We reported the other day that Clement Lefebvre, leader of the Linux Mint project has published news about some of the upcoming work that will be done for the acclaimed GNU/Linux operating system based on Ubuntu.

  • A New MIPS Creator CI20 Is Running Much Better

    The MIPS Creator CI20 is a fun little $65 board for those wanting to experiment with alternative architectures on Linux.

  • Embedded Linux Pioneer MontaVista Spins IoT Linux Distribution

    MontaVista Software has launched an Internet of Things version of its commercial MontaVista Linux Carrier Grade Edition (CGE) development platform. The new Yocto Linux-based MontaVista Linux Carrier Grade eXpress (CGX) distribution will be available in the fourth quarter in a scaled down CGX Foundation optimized for IoT products. Customers can then add profiles including Carrier Grade and Virtualization in modular fashion.

  • [Video] The Weather Network app running on Samsung Tizen Smart TV

    Smart TVs are becoming the central point of our communications in the modern Smart home. They can entertain and increasingly provide us with important information, and living in the UK it doesn’t get more Important than the weather for me.

  • Friday's security updates
  • Researchers Enlist Machine Learning In Malware Detection

    In 100 milliseconds or less, researchers are now able to determine whether a piece of code is malware or not -- and without the need to isolate it in a sandbox for analysis.

  • The OpenSSH Bug That Wasn't

    Get your facts straight before reporting, is the main takeaway from Peter Hansteen's latest piece, The OpenSSH Bug That Wasn't. OpenSSH servers that are set up to use PAM for authentication and with a very specific (non-default on OpenBSD and most other places) setup are in fact vulnerable, and fixing the configuration is trivial.

  • VUPEN Founder Launches New Zero-Day Acquisition Firm Zerodium

    In the weeks since the Hacking Team breach, the spotlight has shone squarely on the small and often shadowy companies that are in the business of buying and selling exploits and vulnerabilities. One such company, Netragard, this week decided to get out of that business after its dealings with Hacking Team were exposed. But now there’s a new entrant in the field, Zerodium, and there are some familiar names behind it.

today's leftovers

Filed under
  • Calibre Gets Support for the Crazy Expensive and Fun SONY DPT-S1

    The Calibre eBook reader, editor, and library management software, has been updated to version 2.33. It's one of the smallest updates, and it's just here to bring support for an important new device and deliver a few small changes.

  • Jack Wallen Gets It

    In 2015, we see the huge sluggishness of Wintel markets. This will motivate retailers to seek other solutions. Better GNU/Linux on those retail shelves than a product that’s not selling… Last Christmas was a wake-up call for retailers. GNU/Linux sold well, and “8.1” did not. Q1 of 2015 showed huge increases in usage of GNU/Linux according to web-stats. When school resumes in the north, I expect more increases. Then, what worked last Christmas will work again. 2015 will be the last year we see reluctance on the part of retailers to sell GNU/Linux. They’ve seen what Android/Linux has done. They will be ready to give GNU/Linux a try on the desktops. The OEMs are OK with whatever ships because the lock-in to M$ is gone. US DOJ v M$ and EU v M$ fixed that.

  • GUADEC presentation preview: compiling GNOME apps with the Meson build system

    If you talk with software developers, sooner or later the topic drifts to tools. The most obvious one is the editor. People really love their editors and are happy to talk about the wonderful features they have and how they increase productivity. The second tool is the compiler, which also receive a lot of praise. The compilers we have today are massively better, faster and more powerful than ones from just 10 years ago. And then there’s the build systems, which are, well…

  • openSUSE releases first milestone for Leap

    Leap1The newest openSUSE release Leap 42.1, which is based on core SUSE Linux Enterprise source code, has just released its first development milestone.

  • openSUSE Leap 42.1 Is Based on SUSE Linux Enterprise, Milestone 1 Ready for Testing

    We reported the other day that the openSUSE Project had plans on publishing the first development milestone of their anticipated openSUSE Leap 42.1 operating system, which promises to change the openSUSE Linux distribution as we know it.

  • libuser vulnerabilities

    It was discovered that the libuser library contains two vulnerabilities which, in combination, allow unprivileged local users to gain root privileges. libuser is a library that provides read and write access to files like /etc/passwd, which constitute the system user and group database. On Red Hat Enterprise Linux it is a central system component.

  • Thursday's security updates
Syndicate content

More in Tux Machines

Linux 4.8.4

I'm announcing the release of the 4.8.4 kernel. And yeah, sorry about the quicker releases, I'll be away tomorrow and as they seem to have passed all of the normal testing, I figured it would be better to get them out earlier instead of later. And I like releasing stuff on this date every year... All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git:// linux-4.8.y and can be browsed at the normal git web browser: Read more Also: Linux 4.7.10 Linux 4.4.27

New Releases: Budgie, Solus, SalentOS, and Slackel

  • Open-Source Budgie Desktop Sees New Release
    The pet parakeet of the Linux world, Budgie has a new release available for download. in this post we lookout what's new and tell you how you can get it.
  • Solus Linux Making Performance Gains With Its BLAS Configuration
    - Those making use of the promising Solus Linux distribution will soon find their BLAS-based workloads are faster. Solus developer Peter O'Connor tweeted this week that he's found some issues with the BLAS linking on the distribution and he's made fixes for Solus. He also mentioned that he uncovered these BLAS issues by using our Phoronix Test Suite benchmarking software.
  • SalentOS “Luppìu” 1.0 released!
    With great pleasure the team announces the release of SalentOS “Luppìu” 1.0.
  • Slackel "Live kde" 4.14.21
    This release is available in both 32-bit and 64-bit architectures, while the 64-bit iso supports booting on UEFI systems. The 64-bit iso images support booting on UEFI systems. The 32-bit iso images support both i686 PAE SMP and i486, non-PAE capable systems. Iso images are isohybrid.

Security News

  • Free tool protects PCs from master boot record attacks [Ed: UEFI has repeatedly been found to be both a detriment to security and enabler of Microsoft lock-in]
    Cisco's Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks. The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub. The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems. Since the MBR code is executed before the OS itself, it can be abused by malware programs to increase their persistence and gain a head start before antivirus programs. Malware programs that infect the MBR to hide from antivirus programs have historically been known as bootkits -- boot-level rootkits. Microsoft attempted to solve the bootkit problem by implementing cryptographic verification of the bootloader in Windows 8 and later. This feature is known as Secure Boot and is based on the Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.
  • DDOS Attack On Internet Infrastructure
    I hope somebody's paying attention. There's been another big DDOS attack, this time against the infrastructure of the Internet. It began at 7:10 a.m. EDT today against Dyn, a major DNS host, and was brought under control at 9:36 a.m. According to Gizmodo, which was the first to report the story, at least 40 sites were made unreachable to users on the US East Coast. Many of the sites affected are among the most trafficed on the web, and included CNN, Twitter, PayPal, Pinterest and Reddit to name a few. The developer community was also touched, as GitHub was also made unreachable. This event comes on the heels of a record breaking 620 Gbps DDOS attack about a month ago that brought down security expert Brian Krebs' website, KrebsonSecurity. In that attack, Krebs determined the attack had been launched by botnets that primarily utilized compromised IoT devices, and was seen by some as ushering in a new era of Internet security woes.
  • This Is Why Half the Internet Shut Down Today [Update: It’s Getting Worse]
    Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.
  • Major DNS provider Dyn hit with DDoS attack
    Attacks against DNS provider Dyn continued into Friday afternoon. Shortly before noon, the company said it began "monitoring and mitigating a DDoS attack" against its Dyn Managed DNS infrastructure. The attack may also have impacted Managed DNS advanced service "with possible delays in monitoring."
  • What We Know About Friday’s Massive East Coast Internet Outage
    Friday morning is prime time for some casual news reading, tweeting, and general Internet browsing, but you may have had some trouble accessing your usual sites and services this morning and throughout the day, from Spotify and Reddit to the New York Times and even good ol’ For that, you can thank a distributed denial of service attack (DDoS) that took down a big chunk of the Internet for most of the Eastern seaboard. This morning’s attack started around 7 am ET and was aimed at Dyn, an Internet infrastructure company headquartered in New Hampshire. That first bout was resolved after about two hours; a second attack began just before noon. Dyn reported a third wave of attacks a little after 4 pm ET. In all cases, traffic to Dyn’s Internet directory servers throughout the US—primarily on the East Coast but later on the opposite end of the country as well—was stopped by a flood of malicious requests from tens of millions of IP addresses disrupting the system. Late in the day, Dyn described the events as a “very sophisticated and complex attack.” Still ongoing, the situation is a definite reminder of the fragility of the web, and the power of the forces that aim to disrupt it.
  • Either IoT will be secure or the internet will be crippled forever
    First things first a disclaimer. I neither like nor trust the National Security Agency (NSA). I believe them to be mainly engaged in economic spying for the corporate American empire. Glenn Greenwald has clearly proven that in his book No Place to Hide. At the NSA, profit and power come first and I have no fucking clue as to how high they prioritize national security. Having said that, the NSA should hack the Internet of (insecure) Things (IoT) to death. I know Homeland Security and the FBI are investigating where the DDoS of doomsday proportions is coming from and the commentariat is already screaming RUSSIA! But it is really no secret what is enabling this clusterfuck. It’s the Mirai botnet. If you buy a “smart camera” from the Chinese company Hangzhou XiongMai Technologies and do not change the default password, it will be part of a botnet five minutes after you connect it to the internet. We were promised a future where we would have flying cars but we’re living in a future where camera’s, light-bulbs, doorbells and fridges can get you in serious trouble because your home appliances are breaking the law.
  • IoT at the Network Edge
    Fog computing, also known as fog networking, is a decentralized computing infrastructure. Computing resources and application services are distributed in logical, efficient places at any points along the connection from the data source (endpoint) to the cloud. The concept is to process data locally and then use the network for communicating with other resources for further processing and analysis. Data could be sent to a data center or a cloud service. A worthwhile reference published by Cisco is the white paper, "Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are."
  • Canonical now offers live kernel patching for Ubuntu 16.04 LTS users
    Canonical has announced its ‘Livepatch Service’ which any user can enable on their current installations to eliminate the need for rebooting their machine after installing an update for the Linux kernel. With the release of Linux 4.0, users have been able to update their kernel packages without rebooting, however, Ubuntu will be the first distribution to offer this feature for free.
  • ​The Dirty Cow Linux bug: A silly name for a serious problem
    Dirty Cow is a silly name, but it's a serious Linux kernel problem. According to the Red Hat bug report, "a race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."
  • Ancient Privilege Escalation Bug Haunts Linux
  • October 21, 2016 Is Dirty COW a serious concern for Linux?
  • There is a Dirty Cow in Linux
  • Red Hat Discovers Dirty COW Archaic Linux Kernel Flaw Exploited In The Wild
  • Linux kernel bug being exploited in the wild
  • Update Linux now: Critical privilege escalation security flaw gives hackers full root access
  • Linux kernel bug: DirtyCOW “easyroot” hole and what you need to know
  • 'Most serious' Linux privilege-escalation bug ever discovered
  • New 'Dirty Cow' vulnerability threatens Linux systems
  • Serious Dirty Cow Linux Vulnerability Under Attack
  • Easy-to-exploit rooting flaw puts Linux PCs at risk
  • Linux just patched a vulnerability it's had for 9 years
  • Dirty COW Linux vulnerability has existed for nine years
  • 'Dirty Cow' Linux Vulnerability Found
  • 'Dirty Cow' Linux Vulnerability Found After Nine Years
  • FakeFile Trojan Opens Backdoors on Linux Computers, Except openSUSE
    Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed in live attacks. Russian antivirus vendor Dr.Web discovered this new trojan in October. The company's malware analysts say the trojan is spread in the form of an archived PDF, Microsoft Office, or OpenOffice file.

today's howtos