Language Selection

English French German Italian Portuguese Spanish

May 2017

Android Leftovers

Filed under
Android

An Early Look At Debian 9.0 Performance vs. Debian 8.8, Ubuntu 17.04, CentOS 7, Clear Linux

Filed under
Graphics/Benchmarks
Debian

Debian 9.0 has settled on the Linux 4.9 kernel, GNOME Shell 3.22 desktop by default, X.Org Server 1.19.2, Mesa 13.0.6 (yes, sadly not Mesa 17.0 or 17.1), GCC 6.3.0 and is using an EXT4 file-system by default. With Debian 9 is also the switch from ACPI CPUFreq to P-State for CPU frequency scaling on newer Intel hardware, which is why the CPU frequency of this Skylake test system is reflected differently between them on the system table.

Read more

Security Leftovers

Filed under
Security
  • Tech pro cautions on attribution of cyber attacks
  • Cyber crime to cost business US$8 trillion: Juniper

    The report, by Juniper Research, also forecasts that the number of personal data records stolen by cyber criminals will reach 2.8 billion in 2017, and almost double to 5 billion in 2020.

  • Russian Hackers Are Using Google’s Own Infrastructure to Hack Gmail Users

    The “Change Password” button linked to a short URL from the Tiny.cc link shortener service, a Bitly competitor. But the hackers cleverly disguised it as a legitimate link by using Google’s Accelerated Mobile Pages, or AMP. This is a service hosted by the internet giant that was originally designed to speed up web pages on mobile, especially for publishers. In practice, it works by creating a copy of a website’s page on Google’s servers, but it also acts as an open redirect.

  • The sudo tty bug and procps
  • Improving Linux Security with DevSecOps

    Ask people who run IT departments these days what keeps them up at night, and they'll probably tell you it's security—or the lack of it. With the explosive growth of malicious attacks on everything from hospitals to Fortune 500s, security—not hardware, software and even staff—is what currently makes life miserable.

    That's why organizations of all sizes are looking to change fundamentally how they do security. It's no longer a single team's job to make sure systems are secure and internal auditing is good enough to identify and mitigate attacks. Today, everyone is responsible for security, which is the guiding principal of DevSecOps.

    Just as in DevOps, which aims to speed the development of software by improving collaboration and balancing the competing interests of operations teams and developers, DevSecOps seeks to get everyone thinking about security together and up front. Trying to bake in security after systems are built and code is deployed is simply too late.

21-Way NVIDIA Fermi/Kepler/Maxwell/Pascal OpenCL GPU Comparison

Filed under
Graphics/Benchmarks

    The tested GPUs included the:

    MSI NVIDIA GeForce GTX 460 768MB
    eVGA NVIDIA GeForce GT 520 1024MB
    Zotac NVIDIA GeForce GT 610 1024MB
    MSI NVIDIA GeForce GTX 650 1024MB
    NVIDIA GeForce GTX 680 2048MB
    eVGA NVIDIA GeForce GTX 750 1024MB
    NVIDIA GeForce GTX 750 Ti 2048MB
    NVIDIA GeForce GTX 760 2048MB
    NVIDIA GeForce GTX 780 Ti 3072MB
    eVGA NVIDIA GeForce GTX 950 2048MB
    eVGA NVIDIA GeForce GTX 960 2048MB
    eVGA NVIDIA GeForce GTX 970 4096MB
    NVIDIA GeForce GTX 980 4096MB
    NVIDIA GeForce GTX 980 Ti 6144MB
    MSI NVIDIA GeForce GT 1030 2048MB
    Zotac NVIDIA GeForce GTX 1050 2048MB
    eVGA NVIDIA GeForce GTX 1050 Ti 4096MB
    NVIDIA GeForce GTX 1060 6GB 6144MB
    NVIDIA GeForce GTX 1070 8192MB
    NVIDIA GeForce GTX 1080 8192MB
    NVIDIA GeForce GTX 1080 Ti 11264MB

    Read more

KDE: Krita, FreeBSD, Cutelyst 1.7.0, and Qt

Filed under
KDE
  • Krita 3.1.4 Open-Source Digital Painting App Improves Loading of GIMP 2.9 Files

    Krita 3.1.4 is here as the latest bugfix and stability release of the popular application, which is loved by amateur and professional digital artists alike, and it's a recommended update for anyone using Krita 3.1.3 or a previous version from the Krita 3.1 series. It has been released for all supported platforms.

  • Moving KDE-FreeBSD ports infrastructure

    We’re updating the documentation (in the KDE Community Wiki), but mostly things will be simpler, and it may make sense to simply checkout /usr/ports from the KDE-FreeBSD ports tree instead of anything else. We’ll continue to call it “Area51”, even if that string doesn’t occur in its name anymore.

  • Cutelyst 1.7.0 released! WebSocket support added.

    WebSocket support is probably a key feature to have on a modern web framework, Perl Catalyst doesn’t look like it wasn’t designed with it in mind, the way I found to do WS there wasn’t intuitive.

  • QProcess Or KProcess ?

    Most of the time of community bonding period was spent giving college exams. By the time my exams got over, I only had a week left to make something useful of the community bonding period time.

  • Qt 5.9 Launches as Long-Term Supported Release with C++11 Compliant Compiler

    Qt Project's Lars Knoll was happy to announce today, May 31, 2017, the release and immediate availability for download of Qt 5.9.0 stable and long-term supported (LTS) series of the open-source and cross-platform application framework.

  • Qt 5.9 LTS Released With Its OpenVG Back-End & Much More

    Lars Knoll has just announced the availability of Qt 5.9. Qt 5.9 has big improvements around performance and stability as noted by Lars, which is good given this series' LTS state. Qt LTS releases are supported for a period of three years.

  • Qt 5.9 released

    I’m happy to let you all know that Qt 5.9.0 has just been released. A lot of work has been put into it, making Qt 5.9 the best Qt version we have developed so far.

Tizen Spreading in Homes

Filed under
Linux

Mutt An Open Source Text Based Email Client For Linux

​Mutt is an email client but with a different approach. It is fully based on the terminal when it comes to work. Mutt is a very simple email client easy to configure and use. It was really awesome to use it and now it is the default email client on my PC. Let us see more about mutt and see how to install mutt on our Linux box.

Read<br />
more

Containers: Cisco, CoreOS, Blocks of Containers, and Kubernetes

Filed under
Server
OSS
  • Cisco Advances OpenStack and Container Networking Efforts

    Cisco is working on multiple efforts to help improve the state of both OpenStack and container networking. In a video interview, Lew Tucker, Vice President and CTO, Cloud Computing, provides insight ino the current and future state of networking for OpenStack and container environments.

  • CoreOS Fleet Fades Away in Favor of Kubernetes and Tectonic

    When container vendor CoreOS first got started, among its primary innovations was the Fleet cluster management system. Now in 2017, Fleet is on its way out, as CoreOS has standardized on Kubernetes as the basis for its commercial aspirations with the Tectonic platform.

    At the core of Fleet is the open-source etcd distributed key-value store that CoreOS developed, which has now also become the cornerstone of Kubernetes. In a 2014 interview with ServerWatch, Brandon Philips, CTO of CoreOS, explained that Fleet was the natural step after developing etcd.

  • Building Blocks of Containers

    This article series previews the new Containers Fundamentals training course from The Linux Foundation, which is designed for those who are new to container technologies. In previous excerpts, we talked about what containers are and what they're not and explained a little of their history. In this last post of the series, we will look at the building blocks for containers, specifically, namespaces, control groups, and UnionFS.

  • The folks who brought you Kubernetes now want to make it easier to use

    Kubernetes is quickly becoming something of a standard for software container orchestration, but in the grand scheme of things, it’s still very much an early adopter’s product. A new open-source project from Heptio and others hopes to change that.

EUPL Becomes GPLv3-compatible, GPL Defended by Courts

Filed under
GNU
Legal
  • European Commission updates EUPL open source licence

    The European Commission has updated the European Union Public Licence (EUPL). Version 1.2 has a wider coverage, making it easier to use the licence to publish data, documents, technical specifications and standards, as well as software source code. In addition, the new licence is compatible with a wider range of other free and open source software licences, including the GNU Public Licence v3.

  • 100 Million Reasons For Open Source Compliance

    CoKinetic Systems Corporation filed suit against Panasonic Avionics Corporation, seeking damages in excess of $100 million, in part, for violation of the GPL v2 open source license. CoKinetic alleged that Panasonic blocked competitors from having the ability to develop software for Panasonic’s In-flight Entertainment (IFE) hardware by refusing to distribute the source code for its open-source Linux based operating system. CoKinetic alleged that this software controls the basic functions of Panasonic IFE hardware systems. According to CoKinetic, this is a willful violation of the GPL License, exposing Panasonic as a willful infringer of the copyrights of thousands of software developers that have contributed to Linux. The suit includes other very interesting legal claims, detailed below.

  • Artifex v. Hancom: Open Source is Now an Enforceable Contract

    Today, as much as 50 percent of the code used in all software (including Internet of Things devices) is comprised of open source software. While open source provides a convenient short cut for software developers to be more agile and efficient – there’s also a hidden risk: The law. While open source components are by definition free and available for anyone to use – there are limitations and most open source components have licensing obligations that developers must comply with.

More in Tux Machines

Security: Linux, Docker and Guix

  • Unpatched Linux bug may open devices to serious attacks over Wi-Fi

    The flaw is located in the RTLWIFI driver, which is used to support Realtek Wi-Fi chips in Linux devices. The vulnerability triggers a buffer overflow in the Linux kernel when a machine with a Realtek Wi-Fi chip is within radio range of a malicious device. At a minimum, exploits would cause an operating-system crash and could possibly allow a hacker to gain complete control of the computer. The flaw dates back to version 3.10.1 of the Linux kernel released in 2013.

  • Docker Attack Worm Mines for Monero
  • Insecure permissions on profile directory (CVE-2019-18192)

    We have become aware of a security issue for Guix on multi-user systems that we have just fixed (CVE-2019-18192). Anyone running Guix on a multi-user system is encouraged to upgrade guix-daemon—see below for instructions. Context The default user profile, ~/.guix-profile, points to /var/guix/profiles/per-user/$USER. Until now, /var/guix/profiles/per-user was world-writable, allowing the guix command to create the $USER sub-directory. On a multi-user system, this allowed a malicious user to create and populate that $USER sub-directory for another user that had not yet logged in. Since /var/…/$USER is in $PATH, the target user could end up running attacker-provided code. See the bug report for more information. This issue was initially reported by Michael Orlitzky for Nix (CVE-2019-17365).

In 2019, multiple open source companies changed course—is it the right move?

Free and open source software enables the world as we know it in 2019. From Web servers to kiosks to the big data algorithms mining your Facebook feed, nearly every computer system you interact with runs, at least in part, on free software. And in the larger tech industry, free software has given rise to a galaxy of startups and enabled the largest software acquisition in the history of the world. Free software is a gift, a gift that made the world as we know it possible. And from the start, it seemed like an astounding gift to give. So astounding in fact that it initially made businesses unaccustomed to this kind of generosity uncomfortable. These companies weren't unwilling to use free software, it was simply too radical and by extension too political. It had to be renamed: "open source." Once that happened, open source software took over the world. Recently, though, there's been a disturbance in the open source force. Within the last year, companies like Redis Labs, MongoDB, and Confluent all changed their software licenses, moving away from open source licenses to more restrictive terms that limit what can be done with the software, making it no longer open source software. Read more Also: Network Time Foundation Joins Open Source Initiative

Red Hat: OpenShift, RHEL, Dependency Analytics, vDPA and More

  • Red Hat Expands the Kubernetes Developer Experience with Newest Version of Red Hat OpenShift 4

    Red Hat, Inc., the world's leading provider of open source solutions, today announced Red Hat OpenShift 4.2, the latest version of Red Hat’s trusted enterprise Kubernetes platform designed to deliver a more powerful developer experience. Red Hat OpenShift 4.2 extends Red Hat’s commitment to simplifying and automating enterprise-grade services across the hybrid cloud while empowering developers to innovate and enhance business value through cloud-native applications.

  • RHEL and Insights combo illuminates threats and spotlights performance for Red Hat systems

    When Red Hat Inc. officially rolled out its Red Hat Enterprise Linux 8, or RHEL 8, operating system in May, the open-source software company also included Red Hat Insights with every subscription for the new release. Based on data supplied by one of the company’s top executives, that has proven to be a wise decision. Insights is a software as a service product that works from a rules-based engine to offer continuous connected analysis of registered Red Hat-based systems. “We’ve seen an 87% increase since May in the number of systems that are linked in,” said Stefanie Chiras (pictured), vice president and general manager of the RHEL Business Unit at Red Hat. “We’re seeing a 33% increase in coverage of rules-based and a 152% increase in customers who are using it. That creates a community of people using and getting value from it, but also giving value back because the more data we have the better the rules get.”

  • What’s new in Red Hat Dependency Analytics

    We are excited to announce a new release of Red Hat Dependency Analytics, a solution that enables developers to create better applications by evaluating and adding high-quality open source components, directly from their IDE. Red Hat Dependency Analytics helps your development team avoid security and licensing issues when building your applications. It plugs into the developer’s IDE, automatically analyzes your software composition, and provides recommendations to address security holes and licensing problems that your team may be missing. Without further ado, let’s jump into the new capabilities offered in this release. This release includes a new version of the IDE plugin and the server-side analysis service hosted by Red Hat.

  • Breaking cloud native network performance barriers

    Up until now we have covered virtio-networking and its usage in VMs. We started with the original vhost-net/virtio-net architecture, moved on to the vhost-user/virito-pmd architecture and continued to vDPA (vHost Data Path Acceleration) where the virtio ring layout was pushed all the way into the NIC providing wiresspeed/wirelatency to VMs. We now turn our attention to using vDPA for providing wirespeed/wirelatency L2 interfaces to containers leveraging kubernetes to orchestrate the overall solution. We will demonstrate how Containerized Network Functions (CNFs) can be accelerated using a combination of vDPA interfaces and DPDK libraries. The vDPA interfaces are added as a secondary interface to containers using the Multus CNI plugin. This post is a high level solution overview describing the main building blocks and how they fit together. We assume that the reader has an overall understanding of Kubernetes, the Container Network Interface (CNI) and NFV terminology such as VNFs and CNFs.

  • Top 5 stress reliefs for sysadmins

Purism shows off more pictures of Librem 5 Phone and PureOS UI

As the first batch of the Librem 5 phones starts reaching its respectful owners, we can now have a better look at the product from its pictures taken by the customers. Before we check them out, let’s get to know a bit more about these phones. The Librem 5 smartphones are powered by PureOS, which is a Linux-based mobile operating system. The brains behind this product, namely Purism, have made it their top priority to offer such phones that provide security, privacy, and freedom to the customers. Accordingly, this product has been made for people who want to have complete control over their phones. You should check out this article if you want to know more about the Librem 5 smartphones. Now coming back to the news, people who have ordered this phone are in for a treat as the Librem 5 comes with a black anodized aluminum case. Not only it’s stylish, but it also maintains high radio reception quality – thanks to its non-metal backing. It accompanies easier-to-slide, flush hardware kill switches. Read more Also: Nathan Wolf: New Life to Rock Candy Gamepad for PS3 | Another Repair