Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

today's leftovers

  • Fedora program update: 2020-28

    Here’s your report of what has happened in Fedora this week. The Nest With Fedora Call for Participation is now open. I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

  • openSUSE Tumbleweed – Review of the week 2020/28

    This week I have been fighting a bit with the size of the DVD. Due to some mistake in the pattern definition, it was for a good chunk ignored. Serves me right for fixing the error and then getting an ISO file that would not ever fit on a DVD, eh? Well, long story short: I needed to save some space, so looked at what the ‘fix’ newly brought on the DVD and aligned to what the DVD looked like before.

  • Nour E-Din ElNhass: An Appointment Up the Hill

    In my last post I showed screenshots for contacts appearing in Evolution, and explained that the .source file was created manually and that the credentials were hard coded for retrieving a specific journal form a specific EteSync account. After finishing this, I extended so that I can also retrieve calenders and tasks in the same manner which was quite easy as I already understood what should be done. Then I created an etesync-backend file, which generally handles the user’s collection account in evolution (retrieving/ creating /deleting) journals which are address-book or calenders .source files. The next step was then to make a user enter his credentials, So it isn’t hard coded. In this stage I had faced some issues regarding the implementation, I asked for my mentors help. Some of the problems that I faced were I needed to create a new dialog that will appear ask the user for his credentials and retrieve the data from EteSync, this had some implementation problems for me at first. Other issues appeared while integrating had to change some pieces.

  • Kiwi TCMS 8.5

    We're happy to announce Kiwi TCMS version 8.5! [...] Our website has been nominated in the 2020 .eu Web Awards and we've promised to do everything in our power to greet future FOSDEM visitors with an open source billboard advertising at BRU airport.

  • What is Application Definition?

    Application definition is the process of creating a codified operational runbook. It formalizes the process of describing in code everything an application needs to be built, run, and managed.

  • Open source contributions face friction over company IP

    Now, the overwhelming majority -- more than 90% -- of proposed open source contributions are approved by the council, said Nithya Ruff, the head of the Comcast open source program office. Under the current advisory council process, once engineers are approved to contribute to existing projects, they can make further contributions without having to go through the process all over again, according to Ruff. The process typically takes a few days at most. And since 2016, Comcast has donated several entire projects to open source, such as its Traffic Control CDN and Web PA client-server interface.

  • Virtualization Is Key to the Future of IT. Therefore ... What?

    If you look at commercial servers around the world, including those that provide the cloud in all its many forms to consumers of cloud-based infrastructures, platforms, services, and applications, you’ll soon learn that the vast majority of them run some version of Linux on the hardware, and consume a great many more Linux-based VMs than Windows-based ones. Even Microsoft has had to become more catholic in its approach: Today, its Azure cloud environment spawns Linux and Windows VMs with equal facility. Windows 10 has also become ever more accommodating of Linux, thanks to the Windows Subsystem for Linux (WSL) support for Linux within the Windows OS, along with Hyper-V’s ability to accommodate both Linux and Windows VMs. Specific versions of Linux have been developed as “network operating systems” that run on switches, and provide fully virtualized complex, networking environments. Thus, for example, Nvidia subsidiary Cumulus Networks offers a free virtual appliance called Cumulus VX that runs on KVM (a Linux-based or bare-metal hypervisor), Virtualbox (from a provider or as a local hypervisor), and Vagrant (from a libvirt provider). Cumulus Networks’ offering is based around Cumulus Linux, which adds a Network Command Line Utility (NCLU) to the basic Linux environment. This supports configuration, provisioning, and virtualization of network switches to support fully virtualized network infrastructures and let people learn about complex routing protocols such as BGP, XBGP, OSPF, and so forth. Other network players also offer virtualized toolsets and learning environments for their networking products and services as well, so they’re worth looking into as well, if networking is your thing.

  • Docker partners with AWS to smooth container deployments

    Docker containers, of course, can be used anywhere. But while developers may use Docker Desktop and the Docker CLI for building applications on their desktop, they may also have used Docker Compose to define and run multi-container applications via a YAML file. So far, so good. The problem is that there hasn't been a simple seamless way to use Docker and deploy to AWS from their desktop. That's because essential Amazon ECS constructs were not part of the Docker Compose specification. For instance, to run even a simple Compose file and deploy to ECS, developers are required to leave Docker tools and configure an Amazon VPC, Amazon ECS Cluster, and Amazon ECS Task Definition.

today's howtos

  • Linux networking - A weird little problem with DNS, DHCP

    At this point, or rather, just before this point, I was inclined to blame systemd. But it turns out, there's nothing wrong with it. Now, there were/are bugs in it, which is why it comes up quite high if you search for any connectivity problems in Linux.

  • Top Linux Interview Questions
  • Pandoc Flavoured Markdown: Guide To Your First Document
  • How to play Mount & Blade II: Bannerlord on Linux
  • Light OpenStreetMapping with GPS

    Now that lockdown is lifting a bit in Scotland, I’ve been going a bit further for exercise. One location I’ve been to a few times is Tyrebagger Woods. In theory, I can walk here from my house via Brimmond Hill although I’m not yet fit enough to do that in one go. Instead of following the main path, I took a detour along some route that looked like it wanted to be a path but it hadn’t been maintained for a while. When I decided I’d had enough of this, I looked for a way back to the main path but OpenStreetMap didn’t seem to have the footpaths mapped out here yet. I’ve done some OpenStreetMap surveying before so I thought I’d take a look at improving this, and moving some of the tracks on the map closer to where they are in reality. In the past I’ve used OSMTracker which was great, but now I’m on iOS there doesn’t seem to be anything that matches up.

Programming: Perl, Git/Emacs and Compilers

  • Listen to Larry Wall's State of the Onion 2000 on YouTube

    It’s a typical Larry talk filled with quirky, humorous observations about life and programming, and notably he announces the Perl 6 project. Unfortunately the audio is low quality (hey it was 20 years ago at a low-budget conference); you can read a transcript of the talk here (with mp3 download links at the bottom). We also have collection of attendees’ reports from the conference.

  •        
  • Chicago.pm Virtual Meeting: July 23

    In case you are not familiar with gather.town, after you join the conversation, you will have a small avatar on a 2d map and can walk around. When you are close to somebody or a group of people, you can video chat with them over video. Perlmongers is supposed to be a social gathering, and we are experimenting with this venue to see if it'll make that possible!

  • The Magit Git Client Is The "Killer Feature" In Emacs

    Users of other text editors often ask "why should I switch to Emacs?" or, more specifically, "what is the killer feature that Emacs offers?" Depending on your workflow, the killer feature for Emacs could be a number of things, one them being Magit!

  • Alder Lake-S Compiler Update Points to big.LITTLE Desktop Chips

    This design builds upon the big.LITTLE (Big.BIGGER in Intel parlance) design that debuted in the company's 3D Lakefield chips. These designs incorporate one large Sunny Cove core combined with four Atom Tremont smaller cores in an ARM-like design. With the architecture proven and already working its way through the ecosystem, it's rational to expect Intel to scale it up to tackle desktop PCs, too. The GNU compiler updates include a list of compatible instructions for both Intel's upcoming data center Sapphire Ridge chips and Alder Lake desktop chips, with the latter noticeably missing support for AVX-512, a SIMD instruction that Intel recently introduced to its desktop chips. These instructions are disabled in Intel's hybrid Lakefield chips to keep the instruction set consistent between cores (Atom doesn't support AVX instructions), therefore easing operating system scheduling routines that target different workloads at the cores best suited for the task. Therefore, the lack of AVX-512 support for Alder Lake could serve as further evidence that Intel will bring its hybrid architecture to desktop PCs.

Security: Patches, Web Security Books, SecWeb – Designing Security for the Web

  • Security updates for Friday

    Security updates have been issued by Fedora (curl, LibRaw, python-pillow, and python36), Mageia (coturn, samba, and vino), openSUSE (opera), and Ubuntu (openssl).

  • Comparing 3 Great Web Security Books

    I thought about using a clickbait title like “Is this the best web security book?”, but I just couldn’t do that to you all. Instead, I want to compare and contrast 3 books, all of which I consider great books about web security. I won’t declare any single book “the best” because that’s too subjective. Best depends on where you’re coming from and what you’re trying to achieve.

  • Hardening Firefox against Injection Attacks – The Technical Details

    In a recent academic publication titled Hardening Firefox against Injection Attacks (to appear at SecWeb – Designing Security for the Web) we describe techniques which we have incorporated into Firefox to provide defense in depth against code injection attacks. Within this blogpost we are going to provide insights into the described hardening techniques at a technical level with pointers to the actual code implementing it. Note that links to source code are perma-linked to a recent revision as of this blog post. More recent changes may have changed the location of the code in question. [...] Firefox ships with a variety of built-in pages, commonly referred to as about: pages. Such about: pages allow the user to view internal browser information or change settings. If one were able to inject script into a privileged about: page it would represent a complete browser takeover in many cases. To reduce this injection attack surface, we apply a strong Content Security Policy (CSP) of default-src chrome: to all about: pages. The applied CSP restricts script to only JavaScript files bundled and shipped with the browser and accessible only via the Firefox internal chrome:// protocol. Whenever loading any kind of JavaScript, Firefox internally consults its CSP implementation by calling the function ShouldLoad() for external resources, or GetAllowsInline() for inline scripts. If the script to be executed is not allow-listed by the added CSP then Firefox will block the script execution, rendering the code injection attack obsolete. Further, we verify that any newly added about: page within Firefox exposes a strong CSP by consulting the function AssertAboutPageHasCSP(). This function basically acts as a commit guard to our codebase and ensures that no about: page makes it into the Firefox codebase without a strong CSP. Before we started to protect about: pages with a CSP we faced a bug where text and markup controlled by a web application was reused in a permission prompt, which led to a Universal Cross-Site Scripting (UXSS) attack in the browser interface (CVE-2018-5124). These scripts run with elevated privileges that get access to internal APIs and can result in a full system compromise. What raises the severity of such bugs is the high-level nature of the vulnerability and the highly deterministic nature of the exploit code which allowed comparably trivial exploitation.