Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 27 Jan 20 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Repliessort icon Last Post
Story Diamonds are a girl's best friend srlinuxx 10/04/2005 - 11:45pm
Story AMD not out of the Race yet srlinuxx 10/04/2005 - 11:53pm
Story techiemoe rants: srlinuxx 10/08/2009 - 7:01pm
Story More BS from the Evil One. srlinuxx 10/04/2005 - 11:27pm
Story Doom3 for those with little or no PC! srlinuxx 11/04/2005 - 12:49am
Story Linux leaders at open-source summit srlinuxx 10/04/2005 - 11:35pm
Story This months Cosmo srlinuxx 06/02/2005 - 4:03am
Story Mandrake's Clustering Again srlinuxx 11/04/2005 - 4:58pm
Story No Case - No Problem srlinuxx 11/04/2005 - 5:35am
Story ATI has released 64-Bit drivers srlinuxx 10/04/2005 - 11:38pm

Deepin Music – a beautiful and simple music player

Filed under
Software
Reviews
HowTos

I’ve reviewed a smorgasbord of open source music players. But there’s still quite a few I’ve yet to put through their paces. For this review, I’m looking at Deepin Music. The software bills itself as a “beautiful and simple music player that plays local audio. It supports viewing lyrics during playback, playing lossless audio, and playlist customization”.

While the music player is designed for the Deepin Desktop Environment, it’s not tied to that environment. If you’re curious about Deepin Desktop Environment, it was featured in the survey of Best Linux Desktop Environments: Strong and Stable.

Read more

List Of Top 7 Best Linux Firewall Software In 2020

Filed under
Linux
Software

Despite of being secure operating system, Linux still needs some mechanism to strength it’s security system. One of the mechanism is firewall which protects Linux system from unauthorized network traffic or access.

Basically, A firewall is a security system which monitors and controls incoming and outgoing network traffic. Firewall can be considered as a set of rules which monitors the data packets movement. It’s a wall between trusted network and untrusted network.

Read more

Managing processes on Linux with kill and killall

Filed under
Linux

In Linux, every program and daemon is a "process." Most processes represent a single running program. Other programs can fork off other processes, such as processes to listen for certain things to happen and then respond to them. And each process requires a certain amount of memory and processing power. The more processes you have running, the more memory and CPU cycles you'll need. On older systems, like my seven-year-old laptop, or smaller computers, like the Raspberry Pi, you can get the most out of your system if you keep an eye on what processes you have running in the background.

You can get a list of running processes with the ps command. You'll usually want to give ps some options to show more information in its output. I like to use the -e option to see every process running on my system, and the -f option to get full details about each process. Here are some examples...

Read more

Missing documentation and the reproduction problem

Filed under
GNU

I recently took some criticism over the fact that reposurgeon has no documentation that is an easy introduction for beginners.

After contemplating the undeniable truth of this criticism for a while, I realized that I might have something useful to say about the process and problems of documentation in general – something I didn’t already bring out in How to write narrative documentation. If you haven’t read that yet, doing so before you read the rest of this mini-essay would be a good idea.

“Why doesn’t reposurgeon have easy introductory documentation” would normally have a simple answer: because the author, like all too many programmers, hates writing documentation, has never gotten very good at it, and will evade frantically when under pressure to try. But in my case none of that description is even slightly true. Like Donald Knuth, I consider writing good documentation an integral and enjoyable part of the art of software engineering. If you don’t learn to do it well you are short-changing not just your users but yourself.

So, with all that said, “Why doesn’t reposurgeon have easy introductory documentation” actually becomes a much more interesting question. I knew there was some good reason I’d never tried to write any, but until I read Elijah Newren’s critique I never bothered to analyze for the reason. He incidentally said something very useful by mentioning gdb (the GNU symbolic debugger), and that started me thinking, and now think I understand something general.

If you go looking for gdb intro documentation, you’ll find it’s also pretty terrible. Examples of a few basic commands is all they can do; you never get an entire worked example of using gdb to identify and fix a failure point. And why is this?

The gdb maintainers probably aren’t very self-aware about this, but I think at bottom it’s because the attempt would be futile. Yes, you could include a session capture of someone diagnosing and debugging a simple problem with gdb, but the reader couldn’t reliably reproduce it. How would you the user go about generating a binary on which the replicating the same commands produced the same results?

For an extremely opposite example, consider the documentation for an image editor such as GIMP. It can have excellent documentation precisely because including worked examples that the reader can easily understand and reproduce is almost trivial to arrange.

Read more

Andrew Tridgell and Genevieve Bell awarded Australia Day honors

Filed under
Linux

Dr Andrew James Tridgell - know in the open source commmunity as 'Tridge' - has been awarded a medal in the general division of the Order of Australia (OAM).

[...]

RSync is a powerful and ubiquitous file synchronisation utility that is an essential part of any Linux sysadmin's toolkit, in part because it only synchs files that have changed and therefore makes it possible to sync without using unnecessary network resources,

Samba is a free implementation of Server Message Block that underpins Windows networking. Samba runs on Unix-like systems and its mere existence was a huge factor in the rise of Linux as it allowed the open source OS to more easily integrate with Windows servers.

Both RSync and Samba are very, very, widely used - it's not a stretch to say they're both crucial underpinnings of modern computing.

Read more

Review of FuryBSD 12.0

Filed under
BSD

FuryBSD is the most recent addition to the DistroWatch database and provides a live desktop operating system based on FreeBSD. FuryBSD is not entirely different in its goals from NomadBSD, which we discussed recently. I wanted to take this FreeBSD-based project for a test drive and see how it compares to NomadBSD and other desktop-oriented projects in the FreeBSD family.

FuryBSD supplies hybrid ISO/USB images which can be used to run a live desktop. There are two desktop editions currently, both for 64-bit (x86_64) machines: Xfce and KDE Plasma. The Xfce edition is 1.4GB in size and is the flavour I downloaded. The KDE Plasma edition is about 3.0GB in size.

Booting from the live media brings up the Xfce 4.14 desktop environment. Along the bottom of the screen is a panel which holds the application menu, task switcher and system tray. Icons on the desktop open the Thunar file manager, launch the system installer, and provide quick access to a Getting Started document. There are two more icons for accessing X.Org configuration options and showing system information. The Getting Started document is a quick reference text file containing command line instructions for setting up networking and installing video drivers. The System Information icon opens the Firefox web browser and displays a locally generated page which contains general information about our computer and its resource usage.

Read more

DebConf20: offer to speak in Palestine censored

Filed under
Debian

On 20 December 2019, a Debian Developer posted the message below to the debian-project mailing list, offering to give the same talk at both DebConf20 in Haifa, Israel and again in Palestine.

The message never appeared in the list and can't be found in the list archive for December.

Alexander Wirt (formorer) has previously declared that he will censor messages about Israel due to anti-semitism. Yet the message below doesn't include anything against Israel and doesn't mention the boycott campaign. It is simply a volunteer offering to give up more of his time to help a population in Palestine who suffer from extraordinary discrimination.

Is Wirt really fighting anti-semitism, or could the DebConf20 organizers simply be afraid of any discussion that may deter wealthy Israeli sponsors?

Read more

Shows and Screencasts: Linux Action News, Open Source Security Podcast, GNU World Order and More

  • Linux Action News 142

    The real reason Rocket League is dropping support for Linux, Wine has a massive release, and the potential for Canonical's new Android in the cloud service.

    Plus, our take on the FSF's Upcycle Windows 7 campaign, and the clever Chrome OS strategy upgrade for education in 2020.

  • Open Source Security Podcast: Episode 180 - A Tale of Two Vulnerabilities

    Josh and Kurt talk about two recent vulnerabilities that have had very different outcomes. One was the Citrix remote code execution flaw. While the flaw is bad, the handling of the flaw was possibly worse than the flaw itself. The other was the Microsoft ECC encryption flaw. It was well handled even though it was hard to understand and it is a pretty big deal. As all these things go, fixing and disclosing vulnerabilities is hard.

  • GNU World Order 337

    The **acct** command from the Slackware **ap** software series.

  • Podcast.__init__: Simplifying Social Login For Your Web Applications

    A standard feature in most modern web applications is the ability to log in or register using accounts that you already own on other sites such as Google, Facebook, or Twitter. Building your own integrations for each service can be complex and time consuming, distracting you from the features that you and your users actually care about. Fortunately the Python social auth library makes it easy to support third party authentication with a large and growing number of services with minimal effort. In this episode Matías Aguirre discusses his motivation for creating the library, how he has designed it to allow for flexibility and ease of use, and the benefits of delegating identity and authentication to third parties rather than managing passwords yourself.

  • Solus 4.1 Budgie Run Through

    In this video, we are looking at Solus 4.1 Budgie.

Linux 5.5

Filed under
Linux

So this last week was pretty quiet, and while we had a late network
update with some (mainly iwl wireless) network driver and netfilter
module loading fixes, David didn't think that warranted another -rc.
And outside of that, it's really been very quiet indeed - there's a
panfrost driver update too, but again it didn't really seem to make
sense to delay the final release by another week.

Outside of those, it's all really tiny, even if some of those tiny
changes touched some core files.

So despite the slight worry that the holidays might have affected the
schedule, 5.5 ended up with the regular rc cadence and is out now.

That means that the merge window for 5.6 will open tomorrow, and I
already have a couple of pull requests pending. The timing for this
next merge window isn't optimal for me - I have some travel and other
things going on during the same two weeks, but hopefully it won't be
all that noticeable.  But there might be random timezones, odd hours,
and random delays because of that. I try to avoid scheduling things
during the merge window, but hey, it doesn't always work out, and I'd
have to delay things by two weeks to avoid the conflicts, which just
doesn't seem worth it.

Particularly since it's not necessarily going to be a problem to begin
with. We'll see.

Anyway. Go out and test 5.5, and start sending me those pull requests
for all the new development that is ready,

                    Linus

Read more

Also: Linux 5.5 Released With Many Hardware Support Improvements

Distrowatch is NOT a Measure for Distributions Popularity

Filed under
OSS

Another alternative could be releasing the hit statistics for the official distribution’s repositories. Almost every user may need to download a certain package or an update from the repositories at least once every few weeks, so if we could access the logs of how many unique IP addresses are accessing the distribution’s repositories mirrors per month for example, we may gain a good vision on how popular that distribution is.

While this alternative is theoretically good, the issue about it is that it won’t count offline installations. People from both sides can argue with strong reasons why offline installations are important or not important, but it leaves us in an issue anyway. Additionally, this would count Linux Mint users, Kubuntu users and Ubuntu MATE users all as Ubuntu users, simply because they are using Ubuntu’s official repositories, which is not a nice thing to have.

At the end, it sounds like each methodology has its own issues, but some are way more better than the other. Still, do not get tricked by people who try to use Distrowatch’s visitor statistics to rank all the Linux distributions out there.

Read more

today's leftovers

Filed under
Misc
  • The Dracut Initramfs Generator Is Slow - Could Be Much Faster As Shown By Distri's Minitrd

    Dracut that is used for generating the initramfs image on Linux distributions like Fedora / RHEL, Debian, openSUSE, and many other distributions could be much faster.

    Former Debian developer Michael Stapelberg recently demonstrated that Dracut is quite slow and could be much faster. Stapelberg was researching the initramfs generation speed by Dracut as part of his work on Distri, the experimental Linux distribution project researching fast package management. Distri remains just a research project for constructing a simple and fast package management system for constructing a Linux distribution built off Stapelberg's frustrations with Debian.

  • What's your favorite Linux distribution?

    What's your favorite Linux distribution? Take our 7th annual poll. Some have come and gone, but there are hundreds of Linux distributions alive and well today. The combination of distribution, package manager, and desktop creates an endless amount of customized environments for Linux users.

    We asked the community of writers what their favorite is and why. While there were some commonalities (Fedora and Ubuntu were popular choices for a variety of reasons), we heard a few surprises as well. Here are a few of their responses:

    "I use the Fedora distro! I love the community of people who work together to make an awesome operating system that showcases the greatest innovations in the free and open source software world." — Matthew Miller

    "I use Arch at home. As a gamer, I want easy access to the latest Wine versions and GFX drivers, as well as large amounts of control over my OS. Give me a rolling-release distro with every package at bleeding-edge." —Aimi Hobson

    "NixOS, with nothing coming close in the hobbyist niche." —Alexander Sosedkin

    "I have used every Fedora version as my primary work OS. Meaning, I started with the first one. Early on, I asked myself if there would ever come a time when I couldn't remember which number I was on. That time has arrived. What year is it, anyway?" —Hugh Brock

  • Manjaro KDE 19.0 pre3 Run Through

    In this video, we are looking at Manjaro KDE 19.0 pre3.

  • Noodlings | Kontact Solaar through a VPN

    The killer feature of the Plasma Desktop has been the KDE Personal Information Manager, Kontact. I have been using it since 2004 time frame and although we have had a tenuous relationship over the years, specifically the switch to the Akonadi and the pain that came with it in the early years. I actively use Kontact on multiple machines for the feature richness of it and haven’t found anything in existence that I like better. I also exclusively use Kontact on openSUSE Tumbleweed with the Plasma Desktop Environment.

    I have decided to publish my reference concerning the maintenance it requires. I could be an edge case since I have five mail accounts and multiple calendar accounts as well. Historically, I have had issues where losing network connection, regaining it, suspending and resuming my machine over a period of time would cause the thing to have fits. So, here are my fixes, whenever the need arises.

    You know those stories of people that have these crazy habit ts that don’t make sense, things they do that don’t really help or solve a problem like making sure the spoons are organized in just the right fashion? Yeah, well that could be what this whole post is and my obsessive-compulsive tenancies are in full expression. So, take all that into account should you choose to use any of these references.

  • Snøhetta Selected to Design the New Visual Identity for the Open-Source Platform Wikipedia

    The Wikimedia Foundation selected multidisciplinary firm Snøhetta to develop the new brand identity for Wikipedia, its free open platform. Aiming to create visuals that push forward Wikimedia’s international commitment to “setting knowledge free”, the process will be entirely documented.

Open Hardware and OSS Leftovers

Filed under
Hardware
OSS

Security Leftovers

Filed under
Security
  • Does Your Domain Have a Registry Lock?

    Dijkxhoorn said one security precaution his company had not taken with their domain prior to the fraudulent transfer was a “registry lock,” a more stringent, manual (and sometimes offline) process that effectively neutralizes any attempts by fraudsters to social engineer your domain registrar.

    With a registry lock in place, your registrar cannot move your domain to another registrar on its own. Doing so requires manual contact verification by the appropriate domain registry, such as Verisign — which is the authoritative registry for all domains ending in .com, .net, .name, .cc, .tv, .edu, .gov and .jobs. Other registries handle locks for specific top-level or country-code domains, including Nominet (for .co.uk or .uk domains), EURID (for .eu domains), CNNIC for (for .cn) domains, and so on.

  • Cisco Warns of Critical Network Security Tool Flaw

    The flaw exists in the web-based management interface of the Cisco Firepower Management Center (FMC), which is its platform for managing Cisco network security solutions, like firewalls or its advanced malware protection service. Cisco has released patches for the vulnerability (CVE-2019-16028), which has a score of 9.8 out of 10 on the CVSS scale, making it critical in severity.

  • No big deal, Rogers, your internal source code and keys are only on the open web. Don't hurry to take it down

    Source code, internal user names and passwords, and private keys, for the website and online account systems of Canadian telecoms giant Rogers have been found sitting on the open internet.

    The leaked software, seemingly uploaded to GitHub by a Rogers engineer before they left the telco, is written in Java and powered various components of Rogers.com. The materials are marked "closed source" and copyright Rogers, yet can be found on the web if you know where to look. Details of and credentials for services and systems on the ISP's internal networks are included.

    This kind of information, along with source code to skim for security bugs, is a boon for miscreants casing the telco to compromise it. These details may have already been exploited by criminals, or may prove useful for future attacks. It's also a reminder that engineers and management must take all precautions to avoid pushing private company code to public repositories.

    It should be noted that no customer information nor account details – beyond the names, passwords, and email addresses of some members of the ISP's web development team – are present in the public code repository. The web app blueprints date back to 2015, so just how much of this code remains in production is unclear. One hopes the passwords and keys have been replaced over the past five years, at least.

    With any luck, this may well be more of an embarrassment to one of Canada's biggest broadband'n'telly telcos than anything else.

  • Rogers’ internal passwords and source code found open on GitHub

    Sensitive data of another major Canadian firm has been found sitting open on the GitHub developers platform.

    Security researcher Jason Coulls said he recently discovered two open accounts with application source code, internal user names and passwords, and private keys for Rogers Communications. No customer data was found.

    He suspects the code belonged to a developer who has left the telco.

    Coulls, who works in the IT department of a Toronto firm and has his own security consultancy, initially told The Register of the discovery, after which the news site contacted Rogers.

    One problem is the code he saw describes data payloads and how it goes between databases and web services.

    “You can use that to get to the stuff that people [thieves] would go after,” he explained.

  • How to patch your open source software vulnerabilities

    Software vulnerabilities are a fact of life. Researchers -- if not hackers -- constantly discover new ways to compromise popular software libraries. It's up to enterprises to quickly deploy patches to secure software before hackers get in.

    Consider the Equifax breach, in which a hacker exposed the data of more than 145 million users, resulting in $575 million in fines for the credit rating agency. A U.S. Senate investigation identified a backlog of over 8,500 unpatched vulnerabilities at Equifax -- the hacker gained access through just one of those unpatched systems.

    Vulnerability backlogs are especially prevalent within enterprises that rely on open source components. Nearly all applications make use of some open source components that take the place of either mundane or arcane coding tasks. An open source project often has an active community to maintain and augment it, but that's not always the case. Ultimately, open source software requires a leap of faith from the user that what they're adopting is secure and effective.

Entrapment and Digital Prisons (Microsoft GitHub and Sonos)

  • Microsoft open-sources ONNX Runtime model to speed up Google’s BERT

    This is the most recent leap forward in natural language for Microsoft, but not its first attempt to make Google’s BERT better. About a year ago, Microsoft AI researchers also released MT-DNN, a Transformer-based model that set new high performance standards for the GLUE language model performance benchmark.

  • GitHub now uses AI to recommend open issues in project repositories [Ed: Microsoft now uses mindless buzzwords like "HEY HI!!!" (AI) to market its proprietary software trap]
  • AVSystem Releases a New Version of Open-Source Anjay LwM2M SDK

    AVSystem is pleased to announce that an open-source version of Anjay 2.2.1 has just been released on GitHub.

  • See you later, Sonos: Meet the open-source audio system that would perhaps perhaps no longer ever die

    This week, Sonos launched — after which therefore retracted — that it would perhaps perchance ruin-of-life a assortment of popular audio streaming products made by the corporate at some level of its first 10 years in alternate.

    Sonos had made up our minds to complete improve on yarn of these first-skills products lack sufficient processing vitality and storage to accommodate contemporary aspects.

    Regardless that there delight in been many enhancements in presents, miniaturization, and general efficiency, loudspeaker skills has no longer fundamentally changed since its introduction in the 1920s. Offered that they’re no longer inclined outside their efficiency specifications, the drivers and cones can closing a long time. Diverse elements inner speakers encompass magnets constituted of ferrous and uncommon earth presents that attain no longer expire.

  • So long, Sonos: Meet the open-source audio system that will never die

    Sonos had decided to end support because these first-generation products lack sufficient processing power and storage to accommodate new features.

    Although there have been many improvements in materials, miniaturization, and overall performance, loudspeaker technology has not fundamentally changed since its introduction in the 1920s. Provided that they aren't used outside their performance specifications, the drivers and cones can last decades. Other components inside speakers include magnets made out of ferrous and rare earth materials that do not expire.

    In addition to solid-state MOSFET-based signal amplifiers, self-powered speakers also contain transformers, which are made of solid cores of metal wound with fine conductive wire. Updates to transformer technology in recent years include Gallium Nitride (GaN), which reduces heat and overall footprint. These components, particularly MOSFETs do not "go bad" unless they are abused, such as being subjected to high temperatures, very high voltages, or transient power spikes, which can be mitigated by a simple surge suppressor or power conditioner.

FUD and Openwashing Leftovers

Filed under
OSS
  • Kevin Owocki on Gitcoin, Controversy and the Future of Open Source Funding

    Some of that controversy has been from outside the Ethereum community, pointing to Consensys and Ethereum Foundation support as an example of centralization. Some of the controversy has come from within, as debates rage about what is or isn’t an acceptable use of “public” resources.

  • Sonatype: Secure code with less hassle

    Software development has changed drastically over the past decade. Take a 22-year-old graduate with a degree in computer science. At one time, they would start off testing code, then start to write code line-by-line. Today, 80% of applications are developed using open source software. Instead of laboriously worrying over each caret and comma, code is grabbed and assembled. This can make for quick iterations and rapid project completion.

  • Lyft's open source asset tracking tool simplifies security

    The modern map -- in fact, any map since the Age of Sail -- serves an important purpose in navigation. Exploration feats, such as Magellan's circumnavigation of the globe, Lewis and Clark's American expedition, or more recent excursions to the Earth's polar regions, would not have been possible without mapping knowledge and ability.

    A cursory look at ancient or medieval history shows that early maps, prior to their use for navigation, served a different purpose entirely. The map in the 15th century manuscript La Fleur des Histoires was by no means intended to be geographically accurate. Instead, it was designed to convey a concept or idea -- in this case, the separation of ruling powers by region. However, the real power of mapmaking -- that is, for navigation -- would not be realized for generations.

  • vChain, the Makers of the CodeNotary Open Source Code Trust Solution With Over 9 Million Monthly Customer Integrity Verifications Raises $7 Million in Series A to Secure Today’s DevOps Process

    vChain, the leading trust and integrity company, announces the close of a $7M Series A investment round. Elaia, a leading European tech venture fund, led the new investment round which includes also other notable investors such as Swiss-based Bluwat and Acequia Capital (Seattle, USA). vChain was founded in late 2018 and released its first product in April 2019.

  • Open source licence series - WhiteSource: permissive is winning, but is there a hurt factor?
  • Open source licence series - Instaclustr: Is open core a rotten deal?

    Ideally, open source software should be, well, free and open.

  • Open source licence series - Percona: is the battle won, or is this a different war?

    Recently, the Cryptographic Autonomy License (CAL) was submitted for OSI consideration. As Holo’s co-founder Arthur Brock explains in his blog post, his goal is to protect end-user privacy and autonomy. Restrictions in this case focus not on whom, but how the software should be used.

    While many on the OSI board seem to support the licence, Bruce Perens, OSI co-founder and the person who drafted the original Open Source Definition (OSD), resigned from OSI saying, “… it seems to me that the organisation is rather enthusiastically headed toward accepting a licence that isn’t freedom-respecting. Fine, do it without me, please.”

  • Open Source Wood Innovation Award Given to an Active Member
  • Open Source Plant Material And Intellectual Property

    Today we hear the term “open source” more and more. It is a term that is most commonly identified with software and firmware development out of the Silicon Valley. However, the term is becoming common in the plant industry.

  • Garadget review: Open your garage door with open-source technology

    There’s no scheduling system nor (surprisingly) a logging system built into Garadget, but it does support Alexa, Google Assistant, SmartThings, IFTTT, and a whole host of lesser-known third-party tools, but all of that will invariably force you into the system’s forums again. For example, there are two Garadget Alexa skills, one for if you want to say “smart garage” and one for if you want to say “Garadget” to invoke the skill. Setting up a connection to SmartThings requires using Samsung’s developer tools.

Linux Foundation: CHIPS Alliance, Cloud Foundry Foundation, Kubernetes News

Filed under
Hardware
OSS
  • Intel joins CHIPS Alliance to promote Advanced Interface Bus (AIB) as an open standard

    CHIPS Alliance, the leading consortium advancing common and open hardware for interfaces, processors and systems, today announced industry leading chipmaker Intel as its newest member. Intel is contributing the Advanced Interface Bus (AIB) to CHIPS Alliance to foster broad adoption.

  • Intel Joins CHIPS Alliance, Contributes Advanced Interface Bus

    Intel this week became a member of CHIPS Alliance, an industry consortium that is working to accelerate the development of open source SoCs (and SiPs) for various applications. As part of their membership, Intel has also contributed its Advanced Interface Bus to the group, giving developers access to the bus and thus the means to interoperate with Intel (and other) chips that will be using it.

    Designed for use with system-in-packages (SiPs) devices, Intel’s AIB is a high-bandwidth, low-power, die-to-die PHY level standard that uses a clock forwarded parallel data transfer mechanism (akin that used by modern DDR DRAM interfaces). The technology is agnostic to manufacturing processes and packaging technology, so it can be used to connect a wide variety of chips/chiplets using different types of packages, including Intel’s own EMIB, TSMC’s CoWoS, or other 2.5D technologies from numerous vendors.

    Intel’s AIB has been available to third parties on a royalty-free basis for a while now, so contributing the technology to CHIPS Alliance is the next step for Intel in increasing its adoption. By making AIB available to a very broad group of chip designers, Intel is encouraging development of an ecosystem of chiplets that can later be used with its own CPUs, GPUs, FPGAs, and other components to build special-purpose multi-die SiPs.

  • Cloud Foundry Foundation Announces 2020 Summits in North America and Europe

    Cloud Foundry Foundation, home to open source projects helping build the future of cloud applications, today announced Cloud Foundry Summits for North America and Europe, now co-located with the Linux Foundation's Open Source Summits. Cloud Foundry NA Summit will take place on Thursday, June 25, 2020, in Austin, Texas and Cloud Foundry EU Summit will take place on Thursday, October 29, 2020, in Dublin, Ireland. Early bird registration for Cloud Foundry NA Summit is now open.

  • Octarine Open Sources the Kubernetes Common Configuration Scoring System and kube-scan

    Octarine, the continuous Kubernetes security company that simplifies DevSecOps, today announced the release of two new open source projects: the Kubernetes Common Configuration Scoring System (KCCSS), a new framework for rating security risks associated with misconfigurations, and kube-scan, a workload and assessment tool that scans Kubernetes configurations and settings to identify and rank potential vulnerabilities in applications within minutes.

  • Octarine releases open-source security scanning tools for Kubernetes

    Octarine, a startup that helps automate security of Kubernetes workloads, released an open-source scanning tool today. The tool, which is called Kube-scan, is designed to help developers understand the level of security risk in their Kubernetes clusters.

    The company is also open-sourcing a second tool called The Kubernetes Common Configuration Scoring System, or KCCSS for short, which is the underlying configuration framework used in Kube-scan.

    As Ocatrine’s head of product Julien Sobrier points out, there are 30 security settings in Kubernetes, and Kube-scan can help you see where you might be vulnerable on any one of them, measured on a scale of 0-10, with 10 being extremely vulnerable.

  • SReview kubernetes update

    About a week and a half ago, I mentioned that I'd been working on making SReview, my AGPLv3 video review and transcode system work from inside a Kubernetes cluster. I noted at the time that while I'd made it work inside minikube, it couldn't actually be run from within a real Kubernetes cluster yet, mostly because I misunderstood how Kubernetes works, and assumed you could just mount the same Kubernetes volume from multiple pods, and share data that way (answer: no you can't).

    The way to fix that is to share the data not through volumes, but through something else. That would require that the individual job containers download and upload files somehow.

    I had a look at how the Net::Amazon::S3 perl module works (answer: it's very simple really) and whether it would be doable to add a transparent file access layer to SReview which would access files either on the local file system, or an S3 service (answer: yes).

Syndicate content

More in Tux Machines

Managing processes on Linux with kill and killall

In Linux, every program and daemon is a "process." Most processes represent a single running program. Other programs can fork off other processes, such as processes to listen for certain things to happen and then respond to them. And each process requires a certain amount of memory and processing power. The more processes you have running, the more memory and CPU cycles you'll need. On older systems, like my seven-year-old laptop, or smaller computers, like the Raspberry Pi, you can get the most out of your system if you keep an eye on what processes you have running in the background. You can get a list of running processes with the ps command. You'll usually want to give ps some options to show more information in its output. I like to use the -e option to see every process running on my system, and the -f option to get full details about each process. Here are some examples... Read more

Missing documentation and the reproduction problem

I recently took some criticism over the fact that reposurgeon has no documentation that is an easy introduction for beginners. After contemplating the undeniable truth of this criticism for a while, I realized that I might have something useful to say about the process and problems of documentation in general – something I didn’t already bring out in How to write narrative documentation. If you haven’t read that yet, doing so before you read the rest of this mini-essay would be a good idea. “Why doesn’t reposurgeon have easy introductory documentation” would normally have a simple answer: because the author, like all too many programmers, hates writing documentation, has never gotten very good at it, and will evade frantically when under pressure to try. But in my case none of that description is even slightly true. Like Donald Knuth, I consider writing good documentation an integral and enjoyable part of the art of software engineering. If you don’t learn to do it well you are short-changing not just your users but yourself. So, with all that said, “Why doesn’t reposurgeon have easy introductory documentation” actually becomes a much more interesting question. I knew there was some good reason I’d never tried to write any, but until I read Elijah Newren’s critique I never bothered to analyze for the reason. He incidentally said something very useful by mentioning gdb (the GNU symbolic debugger), and that started me thinking, and now think I understand something general. If you go looking for gdb intro documentation, you’ll find it’s also pretty terrible. Examples of a few basic commands is all they can do; you never get an entire worked example of using gdb to identify and fix a failure point. And why is this? The gdb maintainers probably aren’t very self-aware about this, but I think at bottom it’s because the attempt would be futile. Yes, you could include a session capture of someone diagnosing and debugging a simple problem with gdb, but the reader couldn’t reliably reproduce it. How would you the user go about generating a binary on which the replicating the same commands produced the same results? For an extremely opposite example, consider the documentation for an image editor such as GIMP. It can have excellent documentation precisely because including worked examples that the reader can easily understand and reproduce is almost trivial to arrange. Read more

today's howtos

Andrew Tridgell and Genevieve Bell awarded Australia Day honors

Dr Andrew James Tridgell - know in the open source commmunity as 'Tridge' - has been awarded a medal in the general division of the Order of Australia (OAM). [...] RSync is a powerful and ubiquitous file synchronisation utility that is an essential part of any Linux sysadmin's toolkit, in part because it only synchs files that have changed and therefore makes it possible to sync without using unnecessary network resources, Samba is a free implementation of Server Message Block that underpins Windows networking. Samba runs on Unix-like systems and its mere existence was a huge factor in the rise of Linux as it allowed the open source OS to more easily integrate with Windows servers. Both RSync and Samba are very, very, widely used - it's not a stretch to say they're both crucial underpinnings of modern computing. Read more