Language Selection

English French German Italian Portuguese Spanish

November 2017

System76 will disable Intel Management engine on its Linux laptops

Filed under
GNU
Linux
Security

System76 is one a handful of companies that sells computers that run Linux software out of the box. But like most PCs that have shipped with Intel’s Core processors in the past few years, System76 laptops include Intel’s Management Engine firmware.

Intel recently confirmed a major security vulnerability affecting those chips and it’s working with PC makers to patch that vulnerability.

But System76 is taking another approach: it’s going to roll out a firmware update for its recent laptops that disables the Intel Management Engine altogether.

Read more

KDE: Qt 3D Studio 1.0 Released, KDE's Goals for 2018 and Beyond

Filed under
KDE
  • Qt 3D Studio 1.0 Released

    We are happy to announce that Qt 3D Studio 1.0 has now been released. Qt 3D Studio provides a 3D user interface authoring system that caters for both software developers and graphic designers.

  • Qt 3D Studio 1.0 Released, Powered By NVIDIA's Open-Source Code

    The Qt Company is today shipping Qt 3D Studio, its new 3D user-interface authoring system for both developers and designers.

    Qt 3D Studio 1.0 has a Studio Editor for creating interactive 3D presentations and applications, the Qt 3D Studio Viewer for testing new 3D designs in action, and is supported across Windows / macOS / Linux.

    Of course, this new 3D Studio is powered by the Qt5 tool-kit. This new software package is made possible and based upon NVIDIA's huge code contribution to Qt earlier this year of opening the NVIDIA DRIVE Design Studio that became the basis for Qt 3D Studio.

  • KDE's Goals for 2018 and Beyond
  • KDE's Goals for 2018 and Beyond

    The KDE community has spoken and it has chosen the proposals which will define the general direction of the KDE project over the next three or four years.

    How does the KDE community decide where it wants to take the project? Well, every once in a while, we hold a Request for Proposals, if you will. All members of the community are encouraged to submit their grand ideas which will lay out long-term targets. Proposals are voted on democratically, again, by the community. This ensures it is truly the community that guides the KDE project to wherever the community wants it to go.

How Open Source Will Enable Smart Cities

Filed under
OSS

Go back a hundred years and services like electricity and running water — let alone phones — would have all been considered luxuries. Now, we see these services as critical infrastructure that could cause a serious threat to life and societal order if they were to break down.

As the Internet of Things (IoT) is becoming a bigger part of our world, creating a marriage of software and hardware that ranges from the exceedingly useful to the overly creepy, it is also finding its way into many of the utilities that we depend on for modern living.

What we define as infrastructure is being rapidly altered by the growth of IoT and the move towards smart cities. We depend on traffic lights, security cameras and garbage removal to keep our cities livable, and we would quickly take notice if these services faltered.

As these devices and systems start to get brains, they become vulnerable to attacks like Mirai or the one that targeted the Ukrainian power grid. There is the added challenge of how to protect smart infrastructure, recognizing that it has major differences from the way that we defend power plants.

Historically, critical infrastructure projects have been tougher targets for hackers as their operational technologies (OT) relied on legacy systems that were not widely connected to the internet. As cases such as Stuxnet and more recent cyberattacks on electrical power systems have shown, these systems are vulnerable to external hackers, despite their supposedly high level of security and regulation.

Read more

Security: Uber, Amazon, Updates, Reproducible Builds, Mirai and Tizi

Filed under
Security

Open Source Operating Systems: FreeRTOS and Genode OS

Filed under
OS
OSS
  • Announcing FreeRTOS Kernel Version 10

    The number of connected IoT devices worldwide is in the billions and growing rapidly. Many of these edge devices – from fitness trackers to sensors to washing machines to automotive transmissions – use low-cost, low-powered microcontrollers with extremely limited memory and compute capability. For some IoT use cases, very predictable response times can also be critical (think: automotive). A standard operating system won’t work here: you need a real-time operating system (RTOS) that works in very constrained systems.

  • Release notes for the Genode OS Framework 17.11

    In contrast to most releases, which are focused on one or two major themes, the development during the release cycle of version 17.11 was almost entirely driven by the practical use of Genode as a day-to-day OS by the entire staff of Genode Labs. The basis of this endeavor is an evolving general-purpose system scenario - dubbed "sculpt" - that is planned as an official feature for the next release 18.02. The name "sculpt" hints at the approach to start with a minimalistic generic live system that can be interactively shaped into a desktop scenario by the user without any reboot. This is made possible by combining Genode's unique dynamic reconfiguration concept with the recently introduced package management, our custom GUI stack, and the many ready-to-use device-driver components that we developed over the past years.

  • Genode OS 17.11 Reworks Its "Nitpicker" GUI Server

    Genode is the open-source operating system framework designed for "highly secure" special-purpose operating systems from embedded platforms to desktops while subscribing to a Unix philosophy and going for an L4 micro-kernel approach. The Genode OS 17.11 represents another quarter's worth of changes.

    A lot of the work represented by Genode OS 17.11 is on beating the operating system platform into shape to be a day-to-day OS. Among the changes to find is its GUI stack being reworked, scroll-wheel emulation and pointer acceleration finally, other input handling improvements, all x86 micro-kernels now using the GRUB2 boot-loader, Nim programming language usage, and more.

Kernel: Linux 4.14.3, 4.9.66, 4.4.103, 3.18.85 and Linux Foundation Pieces

Filed under
Linux
  • Linux 4.14.3
  • Linux 4.9.66
  • Linux 4.4.103
  • Linux 3.18.85
  • Four new stable kernels

    Greg Kroah-Hartman has announced the release of the 4.14.3, 4.9.66, 4.4.103, and 3.18.85 stable kernels. As usual, they contain fixes throughout the tree; users of those series should upgrade.

  • A Closed-Source Apple File-System APFS Driver For Linux Announced

    With macOS High Sierra finally ditching the HFS+ file-system and switching all macOS users over to Apple's new file-system, APFS, you may find the need to read a APFS file-system from another non-macOS device. Now it's possible with an APFS Linux file-system driver, but it's closed-source and doesn't yet have write capabilities.

    Paragon Software who has also developed a commercial Microsoft ReFS Linux file-system driver as well as an EXT4 driver for Windows has now developed an Apple File-System (APFS) driver for Linux systems.

  • What OPNFV Makes Possible in Open Source

    OPNFV provides both tangible and intangible benefits to end users. Tangible benefits include those that directly impact business metrics, whereas the intangibles include benefits that speed up the overall NFV transformation journey but are harder to measure. The nature of the OPNFV project, where it primarily focuses on integration and testing of upstream projects and adds carrier-grade features to these upstream projects, can make it difficult to understand these benefits.

    To understand this more clearly, let’s go back to the era before OPNFV. Open source projects do not, as a matter of routine, perform integration and testing with other open source projects. So, the burden of taking multiple disparate projects and making the stack work for NFV primarily fell on Communications Service Providers (CSPs), although in some cases vendors shouldered part of the burden. For CSPs or vendors to do the same integration and testing didn’t make sense.

  • The Evolving Developer Advocate Role — A Conversation with Google’s Kim Bannerman

    At this year’s Cloud Foundry Summit Europe, the story was about developers as the heroes. They’re the ones who make the platforms. They are akin to the engineers who played such a pivotal role in designing the railroads, or in modern times made the smartphone possible. This means a more important role for developer advocates who, at organizations such as Google, are spending a lot more time with customers. These are the subject matter experts helping developers build out their platforms. They are gathering data to develop feedback loops that flow back into open source communities for ongoing development.

Faulty Graphics Driver From NVIDIA

Filed under
Graphics/Benchmarks
Linux
  • NVIDIA Confirms Linux Driver Performance Regression, To Be Fixed In 390 Series

    If you think recent NVIDIA Linux driver releases have been slowing down your games, you are not alone, especially if you are running with a GeForce graphics card having a more conservative vRAM capacity by today's standards.

    Long time ago Nouveau contributor turned NVIDIA Linux engineer Arthur Huillet confirmed there is a bug in their memory management introduced since their 378 driver series that is still present in the latest 387 releases.

  • NVIDIA has confirmed a driver bug resulting in a loss of performance on Linux

    It seems there's a performance bug in recent NVIDIA drivers that has been causing a loss of performance across likely all GPUs. Not only that, but it seems to end up using more VRAM than previous drivers too.

    User HeavyHDx started a thread on the official NVIDIA forum, to describe quite a big drop in performance since the 375 driver series. So all driver updates since then would have been affected by this.

Linux-Based Sailfish OS: Slush update from Jolla CEO

Filed under
Linux
  • Slush update from Jolla CEO

    It’s been busy and productive times with Sailfish OS in the past months and it is time for an update from the cockpit. It is also an exciting week here in Helsinki, Finland as we have Europe’s biggest tech conference Slush 2017 once again going on and we’re looking forward to see and discuss a lot of new innovations during these two days.

    [....]

    In this collaboration Jolla will be offering the Sailfish X as a core development environment, and Zipper develops and offers the blockchain platform for it. The platform will have its own currency ZIP to fuel the community and platform development. We are also preparing a tailored community program for developing new blockchain related applications and features to Sailfish OS, and further, our intention is to use ZIP tokens to spur community growth and contributions. We will come back to this program later on. Stay tuned!

  • Jolla's CEO Provides An End of Year Update On Sailfish OS

    Jolla CEO and co-founder Sami Pienimäki has provided an update about the company's ongoing efforts around their Sailfish OS Linux mobile operating system.

Games: MAME, GOG, Godot, and Rich Geldreich

Filed under
Gaming
  • MAME Emulator Now Supports Oriental Legend 2 and Knights of Valour 2 New Legend

    MAME, the open-source and cross-platform computer emulator software, has been updated this week to version 0.192, a release that incorporates support for new systems and games.

    One of the most important changes of the MAME 0.192 release appears to be the progress done so far for the IGS PGM2 software, which will excite lots of arcade fans. This was possible thanks to a newly built FPGA-based rig that allowed the devs to dump the internal programs from the ARM CPUs for the Knights of Valour 2 New Legend and Oriental Legend 2 games.

  • GOG now have Epic Pinball and the platformer Jazz Jackrabbit with Linux support

    GOG have revived some more classic games today as they have released Epic Pinball: The Complete Collection and Jazz Jackrabbit Collection which have Linux support.

  • Godot 3.0 Game Engine Reaches Beta

    Development on the Godot 3.0 game engine has been happening for the better part of two years while today it reached its much anticipated beta milestone that also marks the feature freeze for this open-source game engine release.

  • Dev snapshot: Godot 3.0 beta 1

    Godot 3.0's development officially entered the beta stage last week, which coincides for us with what we name the feature freeze: from now on, no new features will be merged in the master branch, as the focus will be fully on fixing existing issues to stabilize the current feature set. Don't worry though, Godot 3.1 will arrive soon after the 3.0 release to bring all the nice features that contributors are already working on.

  • Rich Geldreich On The Concerns Of Open-Sourcing In The Game Industry

    Former Valve developer Rich Geldreich who was responsible for a lot of the Linux/OpenGL work at Valve in the earlier days of Linux gaming and who has also spent time at Unity, Microsoft, and other companies before starting his own consulting firm, has second thoughts about open-sourcing in the game industry.

Red Hat News

Filed under
Red Hat

More in Tux Machines

today's howtos and leftovers

  • Making Sink(ed) contacts accessible to Plasma-Phonebook App
  • How to Delete MySQL Users Accounts
  • How to sync Google Contacts with Thunderbird
  • How to set the GNOME idle delay from the command line
  • Four Apollo Lake Pico-ITX SBCs start at $245 in single units

    Logic Supply has launched four Ubuntu-ready “EPM16x” Pico-ITX SBCs with Apollo Lake SoCs starting at $245. The $426 and up EPM163 has a Pentium N4200, 4GB LPDDR4, 64GB eMMC, mSATA, mini-PCIe, and 2x each of GbE, DP, and USB 3.0. We’ve reported on over a dozen Linux-friendly Pico-ITX boards with Intel Apollo Lake processors over the last few years, including most recently, Axiomtek’s PICO319 and IEI’s Hyper-AL. Yet, as some of our readers have complained, they are rarely announced with ship dates or prices, and if they are, they usually list only volume pricing.

  • Huawei Covers Android Gap with IoT OS

    If you’ve been watching the smartphone world, you may know of Huawei’s problems with the United States. Huawei has had a spotty history of spying on American technology, to the point where Huawei products have been banned from being sold in the US. Huawei responded by saying they would very much like to continue relations with Android and have been hoping they get a second chance with the technology giant. They have stated, however, that if they are officially cut off from Android, they would make their own OS.

  • Gaurav Agrawal: Google Summer of Code 2019 FINAL REPORT

    My Google Summer of Code (GSOC) project was focused on “Implementing split view” in gnome-gitg. This blog posts serves as my final submission to my Google Summer of Code project.

  • Command Line Heroes season 3, episode 5: The Infrastructure Effect: COBOL and Go

    Languages used for IT infrastructure don't have expiration dates. COBOL's been around for 60 years - and isn't going anywhere anytime soon. We maintain billions of lines of classic code for mainframes. But we're also building new infrastructures for the cloud in languages like Go.

  • Ubuntu Podcast from the UK LoCo: S12E20 – Outrun

    This week we’ve been experimenting with lean podcasting and playing Roguelikes. We discuss what goes on at a Canonical Roadmap Sprint, bring you some command line love and go over all your feedback. It’s Season 12 Episode 20 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Stuart Langridge are connected and speaking to your brain.

OSS Leftovers

  • Open-Source Project Unveils Detailed Road Map for New Mainnet

    An open-source project that aims to create a smart economy based on blockchain technology has unveiled a new program designed to fuel its ecosystem’s growth — while setting out a detailed road map for its new mainnet. Neo says its EcoBoost scheme has been designed to support developers and projects that are already in its ecosystem, as well as those that wish to join. A total of $100 million has been allocated to the initiative — and in the first phase, the firm is seeking to establish long-term partnerships that will fuel the organic growth of its network. Media outlets, exchanges, decentralized application (DApp) distribution platforms and other blockchain infrastructures are being encouraged to express an interest in becoming an EcoBoost Partner, and Neo says it has already received numerous applications from “leading institutions and projects in the industry.”

  • Square Crypto Hires Blockstream Co-Founder, Open Source Bitcoin Dev

    Square Crypto announced on Twitter that they have hired Matt Corallo, Bitcoin software developer and co-founder of Blockstream.

  • 5 Arenas Where Open Source is the Undisputed Champion

    Open source software has come of age. It has now reached a level of maturity and capability where it simply cannot be ignored. Recent research[1] suggests that 82 percent of large organizations are more receptive to open source than they were five years ago and that C-level IT executives are now most likely to prefer an open source solution over proprietary alternatives. Over the years, everyone’s confidence and trust in open source software has been steadily growing. We’ve now reached the point where open source is the dominant player in many of the key technology trends shaping our world. [...] It’s widely acknowledged that Linux is the power behind the vast majority of public internet servers and that Unix-like operating systems are being used by about 70 percent of all web servers, with Linux taking the lion’s share. Why is that important?  Because even though we pay them little thought or attention, web and internet servers are responsible for stitching together the digital fabric that most of us rely on for communications and services every day. [...] There’s no denying that open source is here to stay.  I’ve been working with open source for almost a decade now and over that time I’ve seen how quickly open source solutions have taken off, gained acceptance and become the front runner is so many areas.

  • U-Boot Has Been Seeing Better x86 Support, EFI Improvements

    Google's Simon Glass who is part of the Chromium / Chrome OS team presented at this week's Embedded Linux Conference in San Diego on U-Boot.  U-Boot continues making good progress particularly on the embedded front for where this bootloader is most well known, but it's also been seeing increasing x86 support. Currently U-Boot supports around 10 different Intel SoCs and can handle booting from Coreboot on most boards. Intel Apollolake support is forthcoming to U-Boot. Additionally, FSP2 support for the newer version of Intel's firmware support package is being worked on for U-Boot. Also new on U-Boot's x86 front is slimbootloader support. 

  • Dustin J. Mitchell: Outreachy Round 20

    Outreachy is a program that provides paid internships working on FOSS (Free and Open Source Software) to applicants from around the world. Internships are three months long and involve deep, technical work on a mentor-selected project, guided by mentors and other developers working on the FOSS application. At Mozilla, projects include work on Firefox itself, development of associated services and sites like Taskcluster and Treeherder, and analysis of Firefox telemetry data from a data-science perspective. The program has an explicit focus on diversity: “Anyone who faces under-representation, systemic bias, or discrimination in the technology industry of their country is invited to apply.” It’s a small but very effective step in achieving better representation in this field. One of the interesting side-effects is that the program sees a number of career-changing participants. These people bring a wealth of interesting and valuable perspectives, but face challenges in a field where many have been programming since they were young.

  • AI open source leader H2O.ai secures funding worth $72.5 million

    Over the past couple of years, the Silicone-based company has raised a total of $147 million. Since its founding, H2O.ai has gone through a series of funding including its seed round in 2013. In 2017, it saw one of its biggest growth after a Series C funding that raised $75 million. Wells Fargo and NVIDIA led the funding with their $40 million investment. Other participants included Crane Venture Partners, New York Life, Transamerica Ventures, and Nexus Venture Partners.

Security Leftovers

  • Cryptojacking Code Found in 11 Open Libraries, Thousands Infected

    A cryptojacking code was found in 11 open-source code libraries written in Ruby, which have been downloaded thousands of times. Hackers downloaded the software, infected it with malware, and subsequently reposted it on the RubyGems platform, industry news outlet Decrypt reported on Aug. 21.

  • Malicious cryptojacking code found in 11 Ruby libraries

    Cryptojacking software has been found in 11 code libraries for the programming language Ruby—exposing thousands of people. The latest heist, discovered yesterday on code repository Github made use of a package manager called RubyGems, a popular program that allows developers to upload and share improvements on existing pieces of software.

  • Cryptojacking Scripts Found in 11 Open-Source Code Libraries

    According to a Decrypt report, the malware was discovered on Tuesday inside Github code repository, infecting the language manager called RubyGems.

  • First‑of‑its‑kind spyware sneaks into Google Play
  • Open-source spyware bypasses Google Play defenses — twice

    Radio Balouch — the app in question — is a legitimate radio application serving Balouchi music enthusiasts, except that it also included AhMyth, a remote access espionage tool that has been available on GitHub as an open-source project since late 2017. Lukas Stefanko, ESET researcher who uncovered the campaign, said the app was uploaded twice on Google Play — once on July 2 and a second time on July 13 — only to be swiftly removed by Google within 24 hours upon being alerted by the security team. It continues to be available on third-party app stores. While the service’s dedicated website “radiobalouch.com” is no longer accessible, the attackers also seem to have promoted the app on Instagram and YouTube. The app, in total, attracted over 100 installs.

  • 61 impacted versions of Apache Struts left off security advisories

    Security researchers have reviewed security advisories for Apache Struts and found that two dozen of them inaccurately listed affected versions for the open-source development framework. The advisories have since been updated to reflect vulnerabilities in an additional 61 unique versions of Struts that were affected by at least one previously disclosed vulnerability but left off the security advisories for those vulnerabilities.

  • Sectigo Sponsors Automated Certificate Issuance and Renewal in Electronic Frontier Foundation’s Certbot Open Source Software Tool

    Sectigo, the world’s largest commercial Certificate Authority (CA) and a provider of purpose-built and automated PKI management solutions, today announced its sponsorship of Electronic Frontier Foundation’s (EFF) free, open source software tool, Certbot, to support efforts to encrypt the entire internet and build a network that is more structurally private, safe, and protected against censorship.

GNU Parallel 20190822 ('Jesper Svarre') released [stable]

GNU Parallel 20190822 ('Jesper Svarre') [stable] has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/ No new functionality was introduced so this is a good candidate for a stable release. GNU Parallel is 10 years old next year on 2020-04-22. You are here by invited to a reception on Friday 2020-04-17. Read more