Language Selection

English French German Italian Portuguese Spanish

Recent comments

  • GNOME Foundation is Being Sued Because of Shotwell Photo Manager   5 hours 32 min ago
    • Patent Attacks Against Open Source Intensify!

      We previously reported on how popular open source has been under attack from patent assertion entities. The attacks continue. The GNOME Foundation recently acknowledged that it was sued for patent infringement by Rothschild Patent Imaging LLC. The allegedly infringing product is Shotwell, a free and open source personal photo manager. Neil McGovern, Executive Director for the GNOME Foundation says “We have retained legal counsel and intend to vigorously defend against this baseless suit.” The suit alleges infringement of a single patent 9,936,086 titled “Wireless Image Distribution System and Method.”

      This suit is noteworthy in that it is not targeted at users of the open source product, but rather the entity that oversees the development. In the prior lawsuits we reported, the targets were typically companies using the open source.

      One of the potentially interesting issues that could be addressed if the case goes the distance is the request for injunctive relief. Rothschild seeks as part of its relief: “an Order Enjoining Defendant, its agents, officers, servants, employees, attorneys, and all persons in active concert or participation with Defendant who receive notice of the order from further infringement of United States Patent No. 9,936,086.” Shotwell is licensed under GNU Lesser General Public License version 2.1 (LPGL). This license permits licensees to copy and redistribute Shotwell to others. If somehow Rothschild obtains an injunction, will it apply just to the GNOME Foundation or downstream users as well? One of the novel underlying legal questions that would need to be addressed is whether licensees who redistribute an open source program are “in active concert or participation with Defendant.”

  • Linux security hole: Much sudo about nothing   5 hours 38 min ago
    • Big security flaw in Linux sudo command

      Apple security researcher Joe Vennix has found a security bug in the important sudo command in Linux.

      The sudo command, which is short for “super user do”, is widely used in various Linux distributions to separate administrator-level permissions from ordinary system users.

      When installing programs, for instance, you would typically use the sudo command. Using sudo in front of any command or program causes it to be run as the administrator, or “root” user.

  • Python 3.8 Released   6 hours 18 min ago
    • Test and Code: 91: Python 3.8 - what's new

      Python 3.8.0 final is live and ready to download.

      On todays episode, we're going to run through what's new, picking out the bits that I think are the most interesting and affect the most people, including

      new language features
      standard library changes
      optimizations in 3.8
      porting to 3.8

  • Overview to Ubuntu 19.10 Eoan Ermine   6 hours 18 min ago
    • Ubuntu 19.10 Release Date, Major Updates Revealed

      Ubuntu 19.10 development is almost complete. One of the biggest changes in Ubuntu 19.10 is the decision to include NVIDIA drivers on the ISO install image. So, this is going to make things easier for Ubuntu users who have NVIDIA hardware to install the proprietary drives for their graphics card alongside the system.

      The other big change in the release is support for installing Ubuntu using the ZFS file system. The film system is considered to be experimental. Ubuntu is the first desktop Linux distro to offer native support for ZFS out of the box.

      Ubuntu developers have worked really hard to make sure that the distro has a working 32-but userspace for legacy apps and software, including Steam and WINE. It also contains the best GNOME 3.34 features. Now, it is possible to drag and drop applications in the Application Overview in order to create app folders. There is also a refreshed set of the main apps that include Document Scanner, Todo, and Files.

  • Databricks brings its Delta Lake project to the Linux Foundation   6 hours 33 min ago
    • The Delta Lake Project Turns to Linux Foundation to Become the Open Standard for Data Lakes

      Amsterdam and San Francisco, October 16, 2019 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced that it will host Delta Lake, a project focusing on improving the reliability, quality and performance of data lakes. Delta Lake, announced by Databricks earlier this year, has been adopted by thousands of organizations and has a thriving ecosystem of supporters, including Intel, Alibaba and Booz Allen Hamilton. To further drive adoption and contributions, Delta Lake will become a Linux Foundation project and use an open governance model.

      Every organization aspires to get more value from data through data science, machine learning and analytics, but they are massively hindered by the lack of data reliability within data lakes. Delta Lake addresses data reliability challenges by making transactions ACID compliant enabling concurrent reads and writes. Its schema enforcement capability helps to ensure that the data lake is free of corrupt and not-conformant data. Since its launch in October 2017, Delta Lake has been adopted by over 4,000 organizations and processes over two exabytes of data each month.

  • Python 3.8 Released   11 hours 57 min ago
  • Python 3.8 Released   12 hours 12 min ago
    • Python 3.8 is now available with walrus operator, positional-only parameters support for Vectorcall, and more

      Python 3.8 has a new walrus operator := that assigns values to variables as part of a larger expression. It is useful when matching regular expressions where match objects are needed twice. It can also be used with while-loops that compute a value to test loop termination and then need that same value again in the body of the loop. It can also be used in list comprehensions where a value computed in a filtering condition is also needed in the expression body.

      The walrus operator was proposed in PEP 572 (Assignment Expressions) by Chris Angelico, Tim Peters, and Guido van Rossum last year. Since then it has been heavily discussed in the Python community with many questioning whether it is a needed improvement. Others are excited as the operator does make the code more readable.

      One user commented on HN, “The “walrus operator” will occasionally be useful, but I doubt I will find many effective uses for it. Same with the forced positional/keyword arguments and the “self-documenting” f-string expressions. Even when they have a use, it’s usually just to save one line of code or a few extra characters.”

  • Linux security hole: Much sudo about nothing   12 hours 16 min ago
    • One of Linux's most important commands had a glaring security flaw
    • Sudo Vulnerability

      ‘sudo’ is one of the most useful Linux/UNIX commands that allows users without root privileges to manage administrative tasks. However, a new vulnerability was discovered in sudo package that gives users root privileges.

      “When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295,” according to the sudo advisory.

    • Linux/Unix exploit allows some restricted commands to be run as root without clearance

      The 'sudo' keyword in Unix and Linux allows users to execute certain commands with special-access privileges that cannot otherwise run on a given machine by a user with a lower level of clearance. Unsurprisingly, it is one of the most important commands in the entire Linux/Unix ecosystem, one that can substantially compromise the device's security if it is exploited.

      One such exploit/bug was discovered by Joe Vennix from Apple Information Security. The vulnerability has been titled CVE-2019-14287 in the Common Vulnerabilities and Exposure database. As stated before, 'sudo' lets you run commands that cannot otherwise be run by normal users on the machine. With CVE-2019-14287, you could circumvent this by simply changing the user ID to -1 or 4294967295 with the 'sudo' command. That means that by spoofing their identity, any user could execute restricted commands on the machine.

  • Python 3.8 Released   12 hours 50 min ago
    • Python 3.8.0 : New release of python development.

      Good news from the python development area with the new release of python development:
      Python 3.7.5 Oct. 15, 2019 and Python 3.8.0 Oct. 14, 2019

      Now you can use the new python version 3.8.0 from the official webpage.

  • Plasma 5.17.0   12 hours 53 min ago
  • Events and Communities: SUSE, Ubuntu and WordPress   13 hours 2 min ago
    • openSUSE.Asia Summit 2019, Bali, Indonesia

      I was at openSUSE.Asia summit 5-6 Oct 2019 at Udayana University, Bali, Indonesia . It was a great experience to be there. I got the opportunity to meet Douglas DeMaio openSUSE project Manager, Dr. Gerald Pfeifer, Chairman openSUSE. It was really great to meet Neil McGovern and Rosanna Yuen, from GNOME Foundation. Rosanna shared GNOME stickers that I will share with my students back in India. I would like to congratulate openSUSE.Asia summit local organizing team. They had really done a great job. It was a nice combination of quality talks and keynotes. I also presented my proposal at the conference for openSUSE.Asia 2020 to happen in India next year. It is been more than six year that I am an open source practitioner and promoter. It has been memorable Journey till date..

  • Python 3.8 Released   13 hours 4 min ago
    • Python 3.7.5 is now available

      Note that the next feature release of Python 3, Python 3.8.0, is also now available. Python 3.8 contains many new features and optimizations. You should consider upgrading to it. We plan to continue regular bugfix releases of Python 3.7.x through mid-year 2020 and provide security fixes for it until mid-year 2023. More details are available in PEP 537, the Python 3.7 Release Schedule (https://www.python.org/dev/peps/pep-0537/).

  • Devices/Embedded: Win Enterprises and Raspberry Pi 4   13 hours 29 min ago
  • GNU Debugger and the FSF Coup   13 hours 52 min ago
  • Canonical/Ubuntu: Design and Web Team, Ubuntu ZFS Support, Weekly Newsletter   14 hours 33 min ago
    • Ubuntu's ZFS Trajectory Is Going From Exciting To Even More Exciting

      While it is already exciting to have the Ubuntu 19.10 desktop easily support installations to a root ZFS file-system, moving ahead with their original Zsys effort it should be even more exciting for Ubuntu storage possibilities on both the desktop and server.

      With Ubuntu 19.10 due for release on Thursday and the ZFS support now plumbed through Ubiquity and ready for the release, Canonical's Didier Roche wrote about this Ubuntu 19.10 ZFS support.

  • Linux security hole: Much sudo about nothing   14 hours 41 min ago
    • Linux Sudo bug opens root access to unauthorized users

      Sudo, the main command in Linux that allows users to run tasks, has been found to have a vulnerability that allows unauthorized users to execute commands as a root user.

      The vulnerability, known as CVE-2019-14287, does require a nonstandard configuration but nonetheless does open the door to unauthorized users.

      The vulnerability allows users to bypass the nonroot restriction by simply using -u#-1 in the command line. As The Hacker News described it Monday, the sudo security policy bypass issue allows “a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the ‘sudoers configuration’ explicitly disallows the root access.”

  • Plasma 5.17.0   14 hours 43 min ago
    • KDE Plasma 5 – Slackware October release

      I had already finished compiling KDE-5_19.10 and was waiting for the Plasma 5.17 public release announcement, when Pat upgraded libdvdread in slackware-current. That could mean trouble because of the dreaded ‘Shared library .so-version bump‘ message.
      But he added the older libdvdread.so.4 library to aaa_elflibs so that the k3b program in Plasma5 does not break, and hopefully it remains in there until after I recompile k3b (which ultimately happens for the Plasma5 November release).

      Unfortunately the earlier update of the ‘icu4c’ package broke some other stuff in Plasma5 as well. Be sure to install my ‘icu4c-compat‘ package, which contains the libraries from several older icu4c packages. Read my older article on ‘shared library .so version bumps‘ if you have not already done so, to understand the causes for this breakage.

      The packages for KDE-5_19.10 are available for download from my ‘ktown‘ repository. As always, these packages are meant to be installed on a full installation of Slackware-current which has had its KDE4 removed first. These packages will not work on Slackware 14.2.

  • Games: The Universim, POSTAL 4: No Regerts, RPCS3, Shadow of the Tomb Raider, Games Archive and X-Plane   15 hours 3 min ago
    • Shadow of the Tomb Raider Arrives for Linux and macOS on November 5th

      UK-based video games publisher Feral Interactive announced today that the Shadow of the Tomb Raider video game will arrive for Linux and macOS platforms on November 5th, 2019.

      Developed by Crystal Dynamics and Eidos-Montréal, Shadow of the Tomb Raider was launched on September 14, 2018, as the last instalment in the spectacular and thrilling action-adventure puzzle game Tomb Raider origins trilogy. It's also the twelfth title in the Tomb Raider series featuring the famous character Lara Croft. In this game, players will adventure into a Maya apocalypse world where they need shape Lara's destiny to become the Tomb Raider.

    • Shadow of the Tomb Raider Coming To Linux On 5 November

      Feral Interactive revealed today that Shadow of the Tomb Raider will be released for Linux on 5 November.

      While Shadow of the Tomb Raider already works quite well under Steam Play, Feral Interactive has been porting Shadow of the Tomb Raider Definitive Edition over to macOS and Linux. They now revealed 5 November is the launch date for this AAA game.

      The Linux system requirements have yet to be revealed but it is another Vulkan exclusive Linux game port.

  • Games: The Universim, POSTAL 4: No Regerts, RPCS3, Shadow of the Tomb Raider, Games Archive and X-Plane   15 hours 21 min ago
    • Google have confirmed the Stadia launch date is November 19

      Stadia, Google's new fancy Linux-powered game streaming service is officially set to launch on November 19, that is if you forked out for the expensive Stadia Founder's Edition.

      In the blog post over on Google, written by John Justice the "Vice President of Product, Stadia", they mention that the Founder's Edition should start arriving on doorsteps on November 19. From then, you will be able to buy and play games beginning at 4PM UTC and it will work across devices right away (so you don't need to use that fancy Chromecast Ultra). As long as your Linux PC has a Chrome browser installed, it should work fine.

      However, there's an important note included to say that they will be shipped out "in the same order that pre-orders were received". So if your country still had them available yesterday and you ordered, you're probably in for a wait. Justice said once your package ships, you will then get an email and sometime shortly after a code to activate it all.

  • Plasma 5.17.0   21 hours 33 min ago
  • Linux security hole: Much sudo about nothing   21 hours 46 min ago
    • Potential bypass of Runas user restrictions

      When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295.

      This can be used by a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access as long as the ALL keyword is listed first in the Runas specification.

      Log entries for commands run this way will list the target user as 4294967295 instead of root. In addition, PAM session modules will not be run for the command.

  • Games: The Universim, POSTAL 4: No Regerts, RPCS3, Shadow of the Tomb Raider, Games Archive and X-Plane   21 hours 55 min ago
  • Coffee Lake embedded PC has six USB 3.0 ports and GbE with BMC   22 hours 47 min ago
    • [Old] The Definitive Guide: Ceph Cluster on Raspberry Pi

      A Ceph cluster on Raspberry Pi is an awesome way to create a RADOS home storage solution (NAS) that is highly redundant and low power usage. It’s also a low cost way to get into Ceph, which may or may not be the future of storage (software defined storage definitely is as a whole). Ceph on ARM is an interesting idea in and of itself. I built one of these as a development environment (playground) for home. It can be done on a relatively small budget. Since this was a spur of the moment idea, I purchased everything locally. I opted for the Raspberry Pi 2 B (for the 4 cores and 1GB of RAM). I’d really recommend going with the Pi 2 B, so you have one core and 256MB RAM for each USB port (potential OSD). In this guide I will outline the parts, software I used and some options that you can use for achieving better performance. This guide assumes you have access to a Linux PC with an SD card reader. It also assumes you have a working knowledge of Linux in general and a passing familiarity with Ceph.

  • Plasma 5.17.0   23 hours 13 min ago
    • KDE Plasma 5.17 Arrives Packed Full of New Features

      Well, Plasma 5.17 boasts a native “night light” feature (dubbed ‘night color’) to help protect eye from blue light.

      This feature, which was previously available in Wayland but now supported in X11 sessions, is something all major desktop operating systems offer, including Ubuntu, macOS and Windows 10.

  • Plasma 5.17.0   23 hours 22 min ago
    • Plasma 5.17 is out!

      Plasma 5.17 is the version where the desktop anticipates your needs. Among many new features and improvements, your desktop now starts up faster; Night Color, the color-grading system that relaxes your eyes when the sun sets, has landed for X11; your Plasma desktop recognizes when you are giving a presentation, and stops messages popping up in the middle of your slideshows; and, if you are using Wayland, Plasma now comes with fractional scaling, which means that you can adjust the size of all your desktop elements, windows, fonts and panels perfectly to your HiDPI monitor.

    • KDE Plasma 5.17 Desktop Environment Officially Released, Here's What's New

      KDE Plasma 5.17 brings numerous new features and enhancements, such as Night Color support on X11, multi-screen and HiDPI improvements, fractional scaling on Wayland, support for managing and configuring Thunderbolt devices in System Settings, much-improved notifications with automatic detection of presentations, as well as Breeze GTK theme support for Google Chrome and Chromium web browsers.

    • KDE Plasma 5.17 Released With Wayland Improvements, Better HiDPI

      Plasma 5.17.0 is out as the newest desktop feature release from the KDE project.

      KDE Plasma 5.17 is another significant release with ongoing improvements for Wayland, ongoing work as well for better HiDPI handling, faster start-up performance, slight RGB hinting for font rendering is enabled by default, better Thunderbolt device integration, settings improvements, and many small feature additions.

      Notable on the Wayland front is that KWin now supports fractional scaling but there are also many fixes and other Wayland improvements too.

More in Tux Machines

Google: Replacing Google Chrome, AMP and Titan Security Keys

  • The top 5 alternatives to Google Chrome

    Google Chrome is the most popular web browser on the market. It provides a user-friendly, easy-to-use interface, with a simple appearance featuring a combined address and search bar with a small space for extensions. Chrome also offers excellent interconnectivity on different devices and easy syncing that means that once a user installs the browser on different devices, all their settings, bookmarks and search history come along with it. Virtually all a user does on Google chrome is backed up to Google Cloud. Chrome also offers easy connectivity to other Google products, such as Docs, Drive, and YouTube via an “Apps” menu on the bookmarks bar, located just below the address/search bar. Google Translate, one of the best translation applications currently available on the internet, is also included.

  • Google unplugs AMP, hooks it into OpenJS Foundation after critics turn up the volume [Ed: Microsoft Tim on Google passing a bunch of EEE to a foundation headed by a Microsoft ‘mole’, 'open'JS ]

    AMP – which originally stood for Accelerated Mobile Pages though not any more – was launched in 2015, ostensibly to speed up page loading on smartphones. The technology includes AMP HTML, which is a set of performance-optimized web components, and the AMP Cache, which serves validated AMP pages. Most AMP pages are served by Google’s AMP Cache.

  • Google USB-C Titan Security Keys Begin Shipping Tomorrow

    Google announced their new USB-C Titan Security Key will begin shipping tomorrow for offering two-factor authentication support with not only Android devices but all the major operating systems as well. The USB-C Titan Security Key is being manufactured by well known 2FA key provider Yubico. This new security key is using the same chip and firmware currently used by Google's existing USB-A/NFC and Bluetooth/NFC/USB Titan Security Key models.

Manjaro | Review from an openSUSE User

There are many flavors of Linux, we call them distributions but in a way, I think “flavor” is a good word for it as some some are a sweet and delightful experience while with others a lingering, foul taste remains. Manjaro has not left a foul taste in any way. In full disclosure, I am not a fan of Arch based Linux distributions. I appreciate the idea of this one-step-removed Gentoo and for those that really like to get into the nitty-gritty bits Arch is good for that. My problem with Arch is the lack of quality assurance. The official repository on Arch Wiki describes the process of how core packages need to be signed off by developers before they are allowed to move from staging into the official repositories. With the rate at which packages come in, it is almost an impossibility that through manual testing software will continue to work well with other software as some dependencies may change. Admittedly, I don’t use it daily, outside of VMs for testing nor do I have a lot of software installed so this is not going to be a problem I am likely to experience. Manjaro, from my less than professional opinion, is a slightly slower rolling Arch that seems to do more testing and the process, from what I understand, is similar. Developers have to approve the packages before they are moved into the official repositories. I also understand that there isn’t any automated QA to perform any testing so this is all reliant on user or community testing, which, seemingly, Manjaro is doing a good job of it. My dance with Manjaro is as part of a BigDaddyLinuxLive Community challenge, to give it a fair shake and share your experience. This is my review of Manjaro with the Plasma Desktop. Bottom Line Up Front, this is quite possibly the safest and most stable route if you like the Arch model. In the time I ran it, I didn’t have any issues with it. The default Plasma Desktop is quite nice, and the default themes are also top notch. The graphical package manager works fantastically well and you do have Snap support right out of the gate. It’s truly a great experience. Was it good enough to push me from my precious openSUSE? No, but it has made for a contender and something about which to think. Read more

Android Leftovers

Open source interior design with Sweet Home 3D

Historically, I practiced the little-known fourth principle: don't have furniture. However, since I became a remote worker, I've found that a home office needs conveniences like a desk and a chair, a bookshelf for reference books and tech manuals, and so on. Therefore, I have been formulating a plan to populate my living and working space with actual furniture, made of actual wood rather than milk crates (or glue and sawdust, for that matter), with an emphasis on plan. The last thing I want is to bring home a great find from a garage sale to discover that it doesn't fit through the door or that it's oversized compared to another item of furniture. Read more