Language Selection

English French German Italian Portuguese Spanish

January 2020

OPNsense 20.1 “Keen Kingfisher” and OPNsense 19.7.10 Released

Filed under
OS
Security
BSD

  • OPNsense 20.1 “Keen Kingfisher” released

    For over 5 years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.

    20.1, nicknamed "Keen Kingfisher", is a subtle improvement on sustainable firewall experience. This release adds VXLAN and additional loopback device support, IPsec public key authentication and elliptic curve TLS certificate creation amongst others. Third party software has been updated to their latest versions. The logging frontend was rewritten for MVC with seamless API support. On the far side the documentation increased in quality as well as quantity and now presents itself in a familiar menu layout.

    Download links, an installation guide[1] and the checksums for the images can be found below as well.

  • OPNsense 19.7.10 released

    Hey hey,

    As Thursday nears the last preparations for 20.1 are underway. As a quick
    relief here is the End-Of-Life release of the 19.7 series with a tiny number
    of updates.

    Remember that when 20.1 is available it will take up to a day before we
    release the hotfix with the major upgrade path enabled. Please be patient
    as we simply want to ensure that upgrades will not be bumpy affair.

    Here are the full patch notes:

    o firewall: fix a typo in CARP validation
    o firmware: revoke 19.1 fingerprint
    o ipsec: add configurable dpdaction (contributed by Marcel Menzel)
    o mvc: BaseListField ignoring empty selected field
    o plugins: os-haproxy 2.20[1]
    o plugins: os-mail-backup 1.1[2]
    o plugins: os-nrpe 1.0 (contributed by Michael Muenz)
    o plugins: os-theme-rebellion 1.8.3 (contributed by Team Rebellion)
    o plugins: os-vnstat 1.2[3]
    o plugins: zabbix4-proxy 1.2[4]
    o ports: ca_root_nss 3.49.1
    o ports: curl 7.68.0[5]
    o ports: urllib3 1.27.7[6]
    o ports: isc-dhcp 4.4.2[7]

    Stay safe,
    Your OPNsense team

Libiquity Wi-Fri ND2H Wi-Fi card now FSF-certified to Respect Your Freedom

Filed under
GNU
Hardware

The Free Software Foundation (FSF) today awarded Respects Your Freedom (RYF) certification to the Libiquity dual-band 802.11a/b/g/n Wi-Fi card, from Libiquity LLC. The RYF certification mark means that Libiquity's distribution of this device meets the FSF's standards in regard to users' freedom, control over the product, and privacy.

Libiquity currently sells this device as part of its previously-certified Taurinus X200 laptop. Technoethical also offers the same hardware with their RYF-certified Technoethical N300DB Dual Band Wireless Card. With today's certification, Libiquity is able to sell the Libiquity Wi-Fri ND2H Wi-Fi card as a stand-alone product for the first time, and now has two RYF-certified devices available.

"In the years since first joining the RYF program, we at Libiquity have worked to improve and expand our catalog. For anyone looking to join distant or congested 2.4-GHz or 5-GHz wireless networks, the Wi-Fri ND2H is a great internal Wi-Fi card for laptops, desktops, servers, single-board computers, and more. Most importantly, in an era when more and more hardware disrespects your freedom, we're proud to offer a Wi-Fi card branded with the RYF logo on the product itself, as a trusted symbol of its compatibility with free software such as GNU Linux-libre," said Patrick McDermott, Founder and CEO, Libiquity LLC.

With this certification, the total number of RYF-certified wireless adapters grows to thirteen. The Libiquity Wi-Fri ND2H Wi-Fi card enables users to have wireless connectivity without having to rely on nonfree drivers or firmware.

Read more

Announcing Rust 1.41.0

Filed under
Development
Moz/FF

The Rust team is happy to announce a new version of Rust, 1.41.0. Rust is a programming language that is empowering everyone to build reliable and efficient software.

Read more

Also: Google's OpenSK Offers An Open-Source Rust-Written Security Key Implementation

Remembering Lucy Wayland

Filed under
Debian

The Cambridgeshire coroner recently held a final hearing into the death of Lucy Wayland. Wayland died almost immediately after the Debian 2018 Christmas lynchings.

Before getting into where Debian has gone wrong, it is important to emphasize consideration for Wayland's family at this time. Speculation about the details of Wayland's death is both distressing for people and un-necessary when considering the problems in the Debian environment.

The purpose of this blog is not to focus on Wayland, rather, it is about the issues.

[...]

At the time Wayland passed away, she was at the lowest tier of the Debian hierarcy, a Debian Contributor. When I resigned from my role in the GSoC team citing extraordinary personaly circumstances, Chris Lamb, Enrico Zini and other ruthless individuals had decided to "demote" me to this same lowly tier. It was a deliberate and malicious attempt to humiliate me, but it also served to humiliate other people, like Wayland, at the same tier. None of them knew the pain my family was going through at that time. Their callous behaviour only made it worse.

When any organization goes through restructuring, it impacts everybody.

As noted in the blog about enforcers, all the witnesses to shaming suffer just as much, if not more, than the victims. How would Lucy Wayland feel seeing other experienced volunteers being subjected to cruel demotions at Christmas?

[...]

When I saw what Chris Lamb, Molly de Blanc and their underlings did to Dr Preining in Christmas 2018, I couldn't help feeling outrage. If the supposedly ruthless merchant banks of London didn't dare to violate Christmas, how could Debian, an organization constituted on volunteering, do so?

Yet it only got worse.

The more questions I asked, the more evidence of corruption emerged. For example, developers sending veiled threats to interns, behind the backs of the mentors. It reminded me of the case where a manager walked out on a plum job in Canary Wharf when HR sent communications behind his back.

Read more

Games: AMD, FTL: Faster Than Light, Little Racers STREET and Dota Underlords

Filed under
Gaming
  • AMD Doesn’t Work Great for Gaming on Linux Desktop PCs

    AMD has been getting a lot of attention lately, especially with its great performance-over-price graphics cards and processors. However, that love story sounds limited when it comes to desktop PCs working on Linux, and with gaming.

    We wrote few months ago about how great AMD is performing on laptops on Linux comparing to Windows. You can even get 10-20 FPS higher on Linux than on Windows using your integrated graphics card. We still stand on our experiments that we did on AMD-powered laptops, however, desktops is another issue. AMD on desktop PCs perform extremely lower on Linux than on Windows for gaming, and not just by a little bit, but by an extremely huge margin, that can sometimes reach 100 FPS between the two.

    Our average hardware combination of the famous Ryzen 5 1600 CPU and the AMD RX 580 GPU is performing horribly on Linux comparing to Windows. While this setup is considered an on-budget one, and may not reflect all AMD’s cards, we think most people would consider it for their feature desktop PC, and we believed its important for you to know what you are about to enter if you plan to do Linux gaming on the same combination.

  • FTL: Faster Than Light now has Steam Achievements over seven years after release

    Subset Games today released a small update to FTL: Faster Than Light, finally giving it some Steam Achievements after the original release in 2012.

    FTL did already have its own built-in achievements but now it's all nicely hooked up with the Steam API so you can show off how good you are. Not me though, I think I only ever had one successful run of it. Absolutely brilliant game though, a real devil with your time as you just want one more run.

  • Little Racers STREET gains a brand new Linux (and macOS) port using FNA

    Ethan Lee is back with another game port, this time it's a little different. Little Racers STREET already had a Linux version but it's been remade.

    Why? Well, Little Racers STREET is an older game now first released back in 2014. Milkstone Studios gave it same-day Linux support but it's suffered from various severe issues, with many not able to actually play it anymore without digging into workarounds. So today, Ethan announced the new port that's been completely redone with FNA.

    Going into further details, Ethan mentioned this is their 60th Linux port which is a crazy milestone. Ethan has given Linux some fantastic games like Rogue Legacy, Salt & Sanctuary, Pyre, Dust: An Elysian Tail and so on. They also did the port for free, as it's so old and unlikely to make a profit but you can support Ethan's porting work and FNA/FAudio using GitHub Sponsors on their page and if you're a game developer you can hire Ethan to do porting work.

  • Valve announce Dota Underlords releasing on February 25 - new Underlord up today

    Today, Valve announced that Dota Underlords will be leaving Early Access and officially releasing on February 25.

    On top of that, the Underlord named Enno has officially joined the cast today. Enno is a ranged Underlord, who "leaps around the board poisoning enemies and generally wreaking havoc". Hold on a hot second, poison? Yup, that's in now too as a new status effect causing 15 physical damage per second and reduced healing—poison can stuck up to 5 times.

DXVK 1.5.3 Released

Filed under
Graphics/Benchmarks
Software
Gaming
  • DXVK 1.5.3 Released - Helps Games Like Skyrim + Mafia II, Direct3D 9 Fixes

    Succeeding last week's DXVK 1.5.2 is now a version 1.5.3 release with various fixes.

    Leading to this quick DXVK 1.5.3 release is a fix for a potentially critical Direct3D 9 regression introduced in the previous release. There is also a fix for Vulkan validation errors with D3D9 and on the plus side better GPU-limited D3D9 performance with some Vulkan drivers.

  • Vulkan translation layer DXVK 1.5.3 is out fixing up a 'potentially' critical D3D9 regression

    A small but needed release of the Direct 3D 9/10/11 to Vulkan translation layer has been put out today fixing up some issues.

    DXVK 1.5.3 has a rather important fix in as the headliner here, as 1.5.2 had a potential "critical D3D9 regression". Additionally there's some fixed up Vulkan validation errors, improved GPU-limited D3D9 performance on some drivers, and the HUD will now properly show D3D10 when it's used rather than D3D11.

    For game specific fixes Mafia II, Skyrim and Torchlight were all mentioned so each should have a better experience under Wine with DXVK and so Proton too whenever Valve/CodeWeavers update it.

Lars Kurth RIP

Filed under
Obits
  • Lars Kurth RIP

    Ian Jackson posted a note to the xen-announce mailing list with the sad news that Xen community manager and project advisory board member Lars Kurth has died.

  • Lars Kurth
    I'm very sad to inform you that Lars Kurth passed away earlier this
    week.  Many of us regarded Lars as a personal friend, and his loss is a
    great loss to the Xen Project.
    
    We plan to have a tribute to Lars on the XenProject blog in the near
    future.  Those who are attending FOSDEM may wish to attend the short
    tribute we plan for Sunday morning:
      https://fosdem.org/2020/schedule/event/vai_memory_of_lars_kurth/
    
    For the moment, Lars's mail aliases @xenproject.org, and the
    community.manager@xenproject alias, will be forwarded to myself
    and/or George Dunlap.
    
    Ian Jackson.
    

MeX Linux Is Now Based on Ubuntu 20.04 LTS, Features Cinnamon and Linux 5.5

Filed under
Linux
Ubuntu

Arne Exton has released today a new version of his MeX Linux distribution to give users a Cinnamon flavored Ubuntu 20.04 LTS based operating system running the recently released Linux 5.5 kernel series.

This is Arne Exton’s second GNU/Linux distribution to be based on the upcoming Ubuntu 20.04 LTS (Focal Fossa) operating system, after ExTiX 20.2 announced earlier this week. Just like ExTiX 20.2, MeX Linux now also ships with Linux kernel 5.5, but not the final version released by Linus Torvalds on January 27th, 2020.

Shipping with Linux 5.5 means that even if you don’t plan to use MeX Linux as your daily driver, you can still use the live ISO to check if the new kernel supports your hardware that wasn’t supported by previous kernels.

Read more

More in Tux Machines

Security Leftovers

Devices: Arduino Nano, HarmonyOS,and Pi

  • Arduino Nano Floppy Emulator For When Your Disk Is Not Accessible | Hackaday

    Among the plethora of obsolete removable media there are some which are lamented, but it can be difficult to find those who regret the passing of the floppy disk. These flexible magnetic disks in hard plastic covers were a staple of computing until some time in the early 2000s, and their drives could be found by the crateload in any spares box. But what about today, when there’s a need for a real floppy drive and none is to be found? Enter [Acemi Elektronikci], with an Arduino Nano based floppy emulator, that plugs into the floppy port of a PC old enough to have one, and allows the easy use of virtual floppy disks.

  •  
  • HarmonyOS development board shows up for $11

    Last year, we noted the Hisilicon Hi3861 based HiSpark WiFi IoT development board with supports LiteOS and HarmonyOS that was available in China for just under $10, or as part of a devkit with baseboard and modules for around $60. Although not very practical, buying from Taobao was possible, but there’s now what appears to be a new revision of the Hi3861V100 based HarmonyOS development board in a wider form factor on Banggood for $10.99.

  •   
  • Raspberry Pi CM4 handheld console looks like a Nintendo Switch Lite - CNX Software

    StonedEge and Dmcke5 have come up with an incredibly well-designed Raspberry Pi CM4 handheld console that looks like a Nintendo Switch Lite “clone”, and that can run Dreamcast and PSP emulators at full speed using RetroPie. The RetroLite CM4 The design includes a 5-inch display, speakers, all buttons, joysticks, and D-PAD controlled via a custom Arduino board, a micro HDMI port to connect an external display, and a 4000 mAh LiPo battery charged over the USB Type-C port, and it seems to work, albeit we are told there’s still some more work to do.

  • Lilbits: TCL’s concept smart glasses, PineNote E Ink tablet, and using the Raspberry Pi 400 as a keyboard
  • “Industrial Pi” Use Cases with Ubuntu and AMD

    DFI’s GHF51 mini industrial-grade motherboard, and the EC90A-GH mini fanless industrial computer, are the world’s first industrial computer products that have passed the Ubuntu IoT hardware certification and are equipped with high-performance AMD processors. The 1.8-inch motherboard of the Ryzen R1000 processor has the same small size as the Raspberry Pi but brings unprecedented powerful computing performance, powerful expansion capabilities, and durability tailored for industrial applications. Combining the online update mechanism of the Ubuntu Certified Hardware and the online application store, the breakthrough development of “Industrial Pi” will redefine the future of the Industrial Internet of Things. 

Audiocasts/Shows: WordPress, Linux Action News, Scams, and Fake Security

  • WP Briefing: Episode 18: The Economics of WordPress

    In episode 18 of WP Briefing, Josepha Haden Chomphosy reflects on a recent lecture that she gave to students at Hendrix College in which she explored the economics of WordPress and the principles that sustain the project’s ecosystem.

  • Linux Action News 211

    We cover what's special about Plasma's 25th-anniversary edition, chat with CloudLinux's CEO, and detail why Apple supporting Blender is good for all of us.

  • These Open Source SCAMMERS are getting out of control! - Invidious

    No, Inkscape isn't a scam. In fact, it's the best vector illustration tool on the planet. But, much like Krita just a few weeks ago, scammers have registered official-looking domains that are meant to trick people into downloading and installing ransomware. It's sad to see and I can't think of many ways we can combat this besides raising awareness.

  • Josh Bressers: Episode 293 – Scoring OpenSSF Security Scoring

    Josh and Kurt talk about the release of OpenSSF Security Scorecards version 3. This is a great project that will probably make a huge difference. Most of the things the scorecards are measuring are no brainier activities. We go through the list of metrics being measured. There are only a few that we don’t think are fantastic.

IBM/Red Hat Leftovers

  • Use and contribute to a new Open Source Cloud Guide

    Today, at All Things Open, IBM is releasing the Open Source Cloud Guide, which highlights various use cases that are important in hybrid cloud environments, features the important open source projects in those areas, and discusses how various clouds are using open source in their offerings. By open sourcing the guide, developers are able to both use and contribute to the learnings and use cases

  • Announcing Cryostat 2.0: JDK Flight Recorder for containers

    Cryostat is a container-native JVM application that provides a secure API for profiling and monitoring containers with JDK Flight Recorder (JFR). JDK Flight Recorder collects profiling and diagnostic data from applications using JFR events stored in binary flight recordings. When requested, Cryostat can retrieve, store, and analyze flight recordings from containerized Java virtual machines (JVMs) to assess overall application health. Users can download recording files and upload them to JDK Mission Control (JMC) or Grafana for further analysis. This article introduces Cryostat and shares new features in the 2.0 release, including example use cases, tips for getting started, and additional release notes. For more information about Cryostat fundamentals, visit Introduction to Cryostat: JDK Flight Recorder for containers.

  • Kafka Monthly Digest: September 2021

    Welcome to the 44th edition of the Kafka Monthly Digest. In this edition, I'll cover what happened in the Apache Kafka community in September 2021. For last month’s digest, see Kafka Monthly Digest: August 2021 on IBM Developer.

  • Sensitive information detection using the NVIDIA Morpheus AI framework

    The growth of cloud-native applications has driven an explosion of east-west network traffic within a datacenter where applications can create hundreds of thousands of network connections among virtual machines and containers. As a consequence, the ability to track, monitor, and secure a datacenter in a timely manner has risen above that of any individual or team, thus requiring the help of AI and machine learning (AI/ML) to enable ITOps, infrastructure security, and DevSecOps teams to manage the complexity of modern cloud-native applications and the underlying platforms. Red Hat and NVIDIA have been working together to bring the security analytics capabilities of the NVIDIA Morpheus AI application framework to Red Hat infrastructure platforms for cybersecurity developers. This article provides a set of configuration instructions to Red Hat developers working on applications that use the NVIDIA Morpheus AI application framework and NVIDIA BlueField data processing units (DPUs) to secure interservice communication.

  • DevSecOps: 11 questions to ask about your security strategy now

    It’s the fourth and final quarter of 2021, believe it or not. That makes it time for IT leaders to review and evaluate how things are going – and plan for 2022. Security sometimes gets left out of those conversations. We’re here to make sure that doesn’t happen, with an extensive list of questions worth asking as you assess your security posture and look for ways to improve. We’ll start with a series of topics that are particularly relevant for teams that are considering or already implementing a DevSecOps strategy, then we’ll cover a series of fundamental questions worth asking in any organization – especially those currently struggling to modernize their security approach.

  • How Podman runs on Macs and other container FAQs | Enable Sysadmin

    As the Podman machine function becomes more used—particularly on Macs—there have been many questions about how this all works. Some of what is tossed around on the internet is pure speculation, so this article aims to eliminate any speculation. Many people do not realize that containers are really Linux. As such, Linux containers cannot run natively on macOS. Therefore, the containers must run in a Linux virtual machine (VM), and a Podman client interacts with that VM. This is in line with all solutions for running containers on macOS.