Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 21 Nov 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Audiocasts/Shows: BSD Now and The Linux Link Tech Show (TLLTS)

Filed under
GNU
Linux
BSD

Security-Oriented Container Linux Gets Patched Against Latest Intel CPU Flaws

Filed under
GNU
Linux
Security

The security-oriented Container Linux by CoreOS GNU/Linux distribution has been updated this week with all the necessary patches to mitigate the latest Intel CPU microarchitecture vulnerabilities.

CoreOS Container Linux 2247.7.0 is here as the latest stable version of the security-oriented, minimal operating system for running containerized workloads securely and at scale, which was acquired by Red Hat last year and will soon become Fedora CoreOS. This release includes fixes for the CVE-2019-11135 and CVE-2018-12207 security vulnerabilities affecting Intel CPUs.

According to the release notes, CoreOS Container Linux 2247.7.0 fixes Intel CPU disclosure of memory to user process, but the complete mitigation requires manually disabling TSX or SMT on affected processors. Additionally, is also fixes Intel CPU denial of service by a malicious guest VM, and a CFS scheduler bug throttling highly-threaded I/O-bound applications.

Read more

Kernel: Control Flow Integrity (CFI) and WireGuard in Linux 5.6

Filed under
Linux
  • experimenting with Clang CFI on upstream Linux

    While much of the work on kernel Control Flow Integrity (CFI) is focused on arm64 (since kernel CFI is available on Android), a significant portion is in the core kernel itself (and especially the build system). Recently I got a sane build and boot on x86 with everything enabled, and I’ve been picking through some of the remaining pieces. I figured now would be a good time to document everything I do to get a build working in case other people want to play with it and find stuff that needs fixing.

    First, everything is based on Sami Tolvanen’s upstream port of Clang’s forward-edge CFI, which includes his Link Time Optimization (LTO) work, which CFI requires. This tree also includes his backward-edge CFI work on arm64 with Clang’s Shadow Call Stack (SCS).

  • WireGuard secure network tunnel
    RFC Note:
      This is a RFC for folks who want to play with this early, because
      Herbert's cryptodev-2.6 tree hasn't yet made it into net-next. I'll
      repost this as a v1 (possibly with feedback incorporated) once the
      various trees are in the right place. This compiles on top of the
      Frankenzinc patchset from Ard, though it hasn't yet received suitable
      testing there for me to call it v1 just yet. Preliminary testing with
      the usual netns.sh test suite on x86 indicates it's at least mostly
      functional, but I'll be giving things further scrutiny in the days to
      come.
    
    WireGuard is a layer 3 secure networking tunnel made specifically for
    the kernel, that aims to be much simpler and easier to audit than IPsec.
    Extensive documentation and description of the protocol and
    considerations, along with formal proofs of the cryptography, are
    available at:
    
      * https://www.wireguard.com/
      * https://www.wireguard.com/papers/wireguard.pdf
    
    This commit implements WireGuard as a simple network device driver,
    accessible in the usual RTNL way used by virtual network drivers. It
    makes use of the udp_tunnel APIs, GRO, GSO, NAPI, and the usual set of
    networking subsystem APIs. It has a somewhat novel multicore queueing
    system designed for maximum throughput and minimal latency of encryption
    operations, but it is implemented modestly using workqueues and NAPI.
    Configuration is done via generic Netlink, and following a review from
    the Netlink maintainer a year ago, several high profile userspace
    have already implemented the API.
    
    This commit also comes with several different tests, both in-kernel
    tests and out-of-kernel tests based on network namespaces, taking profit
    of the fact that sockets used by WireGuard intentionally stay in the
    namespace the WireGuard interface was originally created, exactly like
    the semantics of userspace tun devices. See wireguard.com/netns/ for
    pictures and examples.
    
    The source code is fairly short, but rather than combining everything
    into a single file, WireGuard is developed as cleanly separable files,
    making auditing and comprehension easier. Things are laid out as
    follows:
    
      * noise.[ch], cookie.[ch], messages.h: These implement the bulk of the
        cryptographic aspects of the protocol, and are mostly data-only in
        nature, taking in buffers of bytes and spitting out buffers of
        bytes. They also handle reference counting for their various shared
        pieces of data, like keys and key lists.
    
      * ratelimiter.[ch]: Used as an integral part of cookie.[ch] for
        ratelimiting certain types of cryptographic operations in accordance
        with particular WireGuard semantics.
    
      * allowedips.[ch], peerlookup.[ch]: The main lookup structures of
        WireGuard, the former being trie-like with particular semantics, an
        integral part of the design of the protocol, and the latter just
        being nice helper functions around the various hashtables we use.
    
      * device.[ch]: Implementation of functions for the netdevice and for
        rtnl, responsible for maintaining the life of a given interface and
        wiring it up to the rest of WireGuard.
    
      * peer.[ch]: Each interface has a list of peers, with helper functions
        available here for creation, destruction, and reference counting.
    
      * socket.[ch]: Implementation of functions related to udp_socket and
        the general set of kernel socket APIs, for sending and receiving
        ciphertext UDP packets, and taking care of WireGuard-specific sticky
        socket routing semantics for the automatic roaming.
    
      * netlink.[ch]: Userspace API entry point for configuring WireGuard
        peers and devices. The API has been implemented by several userspace
        tools and network management utility, and the WireGuard project
        distributes the basic wg(8) tool.
    
      * queueing.[ch]: Shared function on the rx and tx path for handling
        the various queues used in the multicore algorithms.
    
      * send.c: Handles encrypting outgoing packets in parallel on
        multiple cores, before sending them in order on a single core, via
        workqueues and ring buffers. Also handles sending handshake and cookie
        messages as part of the protocol, in parallel.
    
      * receive.c: Handles decrypting incoming packets in parallel on
        multiple cores, before passing them off in order to be ingested via
        the rest of the networking subsystem with GRO via the typical NAPI
        poll function. Also handles receiving handshake and cookie messages
        as part of the protocol, in parallel.
    
      * timers.[ch]: Uses the timer wheel to implement protocol particular
        event timeouts, and gives a set of very simple event-driven entry
        point functions for callers.
    
      * main.c, version.h: Initialization and deinitialization of the module.
    
      * selftest/*.h: Runtime unit tests for some of the most security
        sensitive functions.
    
      * tools/testing/selftests/wireguard/netns.sh: Aforementioned testing
        script using network namespaces.
    
    This commit aims to be as self-contained as possible, implementing
    WireGuard as a standalone module not needing much special handling or
    coordination from the network subsystem. I expect for future
    optimizations to the network stack to positively improve WireGuard, and
    vice-versa, but for the time being, this exists as intentionally
    standalone.
    
    We introduce a menu option for CONFIG_WIREGUARD, as well as providing a
    verbose debug log and self-tests via CONFIG_WIREGUARD_DEBUG.
    
    
  • Latest WireGuard Patch Out For Review With It Looking Like It Will Land For Linux 5.6

    The long-awaited WireGuard secure VPN tunnel functionality looks like it will land with the Linux 5.6 kernel cycle happening in early 2020. Linux 5.5 is kicking off next week but the necessary crypto subsystem changes have yet to take place as well as a final sign-off on the new WireGuard code.

    The blocker for the past long while on getting WireGuard merged into the Linux kernel was over its Zync cryptography code and needing to get that mainlined, which was proving difficult. While WireGuard was ready to fold and adopt to Linux's existing crypto API, in the interim crypto subsystem improvements making use of some Zinc design improvements materialized. It's those crypto improvements now expected to land soon in the Crypto development tree that in turn open the door for the WireGuard networking code itself to merge.

Graphics: AMD, Mesa and "IGC" Graphics Compiler

Filed under
Graphics/Benchmarks
  • AMD Promotes Navi 14 Linux Support Out Of "Experimental" + Fixes For Raven Ridge

    With the initial Navi 14 support to be found in the Linux 5.4 kernel releasing this weekend the GPU ASIC (along with Navi 12) have been marked as experimental and thus not enabled by default unless passing a special module parameter to the kernel. But now at the last minute this support has been deemed non-experimental for Navi 14.

    After the original Navi 12/14 open-source driver support was published, it was then marked as experimental. Under that experimental state, the hardware initialization only happens if amdgpu.exp_hw_support=1 is set as a parameter for the AMDGPU kernel driver.

  • mesa 19.3.0-rc4
    Hi list,
    
    I'd like to announce mesa 19.3.0-rc4 is now available. We're starting to slow
    down a bit in terms of the number of patches being backported, but there's still
    a fair number of opened bugs in the release tracker:
    https://gitlab.freedesktop.org/mesa/mesa/-/milestones/5.
    As such I'm predicting at least one more -rc will be required before the 19.3
    release, I'll update the calendar accordingly.
    
    Among the changes in this release aco dominates, with anv and freedreno no far
    behind. We've reverted an underspeced egl extension that was causing
    regressions, as well as stopped modifying Khronos headers. There's also so fixes
    to i965, core mesa, llvmpipe and st/mesa.
    
    Dylan
    
  • Mesa 19.3.0 Not Expected Until December - RC4 Released With ACO Fixes

    Mesa 19.3 had been expected for release next week per their original release calendar, but as we are used to seeing for these quarterly feature releases, at least one if not more weekly release candidates tend to be needed for ironing out bugs. As such, Mesa 19.3.0 is now solidly looking like at least an early December release while Mesa 19.3-RC4 shipped on Wednesday.

  • Intel Graphics Compiler Update Adds 16-Bit Atomics For Tiger Lake, Other New Features

    Wednesday marked the v1.0.2878 update to Intel's "IGC" Graphics Compiler that is used by their graphics hardware compute stack.

Khadas VIM3 NPU ToolKit Release & Video Demo

Filed under
GNU
Linux
Hardware

The toolkit works in host PCs running Ubuntu 16.04 or 18.04 with Tensorflow framework, and inference can run on both Linux and Android OS in Khadas VIM3/3L board. It includes an Inception v3 sample with 299×299 sample photos, among other demos. You’ll find documentation to get started with model conversion and inference in Linux on Khadas Wiki.

Read more

Games: Prison Architect, Rocket League, Unrailed!, Dwarrows, Streets of Rogue

Filed under
Gaming
  • Psych Ward: Warden's Edition the first PC expansion for Prison Architect is out with a big free update

    Now that Paradox Interactive own the rights to Prison Architect, with Double Eleven handling the development they've released the first PC DLC with Psych Ward: Warden's Edition.

    This is an upgraded version of a DLC pack that consoles had for a while, so it's good to see it actually land for PC players too.

  • Psyonix give some details on the item shop coming to Rocket League

    One of the last pieces of the pie to replace their current loot box system in Rocket League is the Item Shop, which Psyonix have now talked about.

    The item shop will be joined alongside their new Blueprint system to finally get rid of loot box gambling in an update due next month. It's a nice step, as loot boxes are a terrible system but this also comes with its own set of issues.

    Firstly, the Item Shop is going to be replacing the Showroom, the place where you can view DLC in-game. With it, you will be able to pick a specific item and purchase it with Credits. You will be able to buy Credits in bundles from 500-6500 with a price from $4.99 to $49.99.

  • Chaotic track building game Unrailed! now has a Beta for Linux

    Developer Indoor Astronaut announced yesterday that their amusing and chaotic track building game Unrailed! now has a Beta available for Linux players to try out.

  • Dwarrows, a 3rd person adventure and town-building game will be released for Linux

    After a successful Kickstarter campaign way back in 2016, Lithic Entertainment have been progressing well with their 3rd person adventure and town-building game Dwarrows.

    Seems like this was one we entirely missed too, even though during their crowdfunding campaign it was announced that it will have Linux support. It's not yet released though, they're expecting to launch sometime in Q1 2020. However, they're currently running a Beta for backers and in August the first Linux build arrived.

  • Streets of Rogue now has a Level Editor and Steam Workshop in Beta, along with an update released

    Streets of Rogue, the incredibly fun rogue-lite from Matt Dabrowski has a new update out. This includes a playable version of the Level Editor and Steam Workshop support in Beta, with new content also available for everyone.

Translation Workshop in Indonesia this Weekend

Filed under
KDE

The KDE Indonesia Community will once again hold a Kopdar (local term for BoF). This meeting is the second meeting after the successful meeting in 2018. The activity will be held this weekend with talks and activities about translating KDE software into Indonesian. The main event is for KDE fans in particular and Linux in general to collaborate in KDE translation.

Read more

Python Programming Leftovers

Filed under
Development
  • Python Bytes Episode #157: Oh hai Pandas, hold my hand?

    Data validation and settings management using python type annotations.

  • Simulate gravity in your Python game

    The real world is full of movement and life. The thing that makes the real world so busy and dynamic is physics. Physics is the way matter moves through space. Since a video game world has no matter, it also has no physics, so game programmers have to simulate physics.

    In terms of most video games, there are basically only two aspects of physics that are important: gravity and collision.

    You implemented some collision detection when you added an enemy to your game, but this article adds more because gravity requires collision detection. Think about why gravity might involve collisions. If you can't think of any reasons, don't worry—it'll become apparent as you work through the sample code.

    Gravity in the real world is the tendency for objects with mass to be drawn toward one another. The larger the object, the more gravitational influence it exerts. In video game physics, you don't have to create objects with mass great enough to justify a gravitational pull; you can just program a tendency for objects to fall toward the presumed largest object in the video game world: the world itself.

  • How to document Python code with Sphinx

    Python code can include documentation right inside its source code. The default way of doing so relies on docstrings, which are defined in a triple quote format. While the value of documentation is well... documented, it seems all too common to not document code sufficiently. Let's walk through a scenario on the power of great documentation.

    After one too many whiteboard tech interviews that ask you to implement the Fibonacci sequence, you have had enough. You go home and write a reusable Fibonacci calculator in Python that uses floating-point tricks to get to O(1).

What Linux Distributions Are Lightweight For Laptop And PC?

Filed under
GNU
Linux

The answer is different. from the default Ubuntu package there are several default applications that come installed when using GNOME (ubuntu desktop environment now).

When I use Xubuntu, I don't find some default applications from GNOME like those installed on Ubuntu. But we can still install and use GNOME applications, except for applications that relate to display settings, some features that exist in GNOME cannot be implemented on the Xubuntu desktop.

Xubuntu has a different display management application than GNOME. So, each desktop environment has different display settings

You can choose several desktop environments that are lighter than GNOME such as Xfce, Lxde, LXQt, KDE or can also use Window Manager that is lighter than the desktop environment.

Read more

today's leftovers

Filed under
Misc
  • The Fridge: Ubuntu Weekly Newsletter Issue 605

    Welcome to the Ubuntu Weekly Newsletter, Issue 605 for the week of November 10 – 16, 2019. The full version of this issue is available here.

  • And the Collabora family keeps growing!

    As we begin winding down 2019, it's time to take a moment to celebrate the new Collaborans who joined our various engineering and administrative teams in Q2 & Q3 this year!

    Comprised of some of the most motivated and active Open Source contributors and maintainers around the world, Collaborans share an enduring passion for technology and Open Source, and these 14 new joiners are no different.

  • Security updates for Wednesday

    Security updates have been issued by Debian (redmine), Fedora (libidn2), Mageia (clamav, ghostscript, kernel, kernel-linus, libexif, libjpeg, mariadb, microcode, and systemd), and openSUSE (libjpeg-turbo).

  • EFF, Antivirus Companies, and Human Rights Groups Launch Coalition to Combat Stalkerware

    San Francisco—The Electronic Frontier Foundation (EFF), Kaspersky, Operation Safe Escape and seven other organizations today launched the Coalition Against Stalkerware to unite and mobilize security software companies and advocates for domestic abuse victims in actions to combat and shut down malicious stalkerware apps.Stalkerware, a type of commercially-available surveillance software, is installed on phones without device owners’ knowledge or consent to secretly spy on them. The apps track victims’ locations and allow abusers to read their text messages, monitor phone calls, see photos, videos, and web browsing, and much more. It’s being used all over the world to intimidate, harass, and harm victims, and is a favorite tool for stalkers and abusive spouses or ex-partners.Groups supporting targets of domestic abuse are seeing a growing number of victims seeking help about stalkerware. According to Kaspersky, the number of its antivirus users finding stalkerware on their devices rose by 35%, from 27,798 in 2018 to 37,532 in 2019. The threat landscape for stalkerware has also widened, as Kaspersky has detected 380 various forms of stalkerware in the wild in 2019—31% more than a year ago.The Coalition Against Stalkerware aims to provide help for victims and bring leaders in antivirus technology together to establish best practices for ethical software development.

  • CloudFormation gets open source CLI to automate external resource creation

    AWS has updated its infrastructure as code product CloudFormation, fitting it with an open source CLI and a registry to get started with custom resource providers. The refresh is meant to let users automate the creation of non-AWS resources and improve resource coverage, both of which seem to have been requested a lot in the past months.

    CloudFormation CLI comes with sample code and documentation facilitating the creation of resource providers. To build one, users first have to describe their resource, including attributes and properties, in a schema which conforms to AWS’ Resource Provider Definition Schema. Once that is done, they’ll have to write a handler in Java or Go that defines the core operations create, read, update, delete, and list for the resource.

  • Open Source Community Connects Global 5G Cloud Native Network

    LF Networking (LFN), which facilitates collaboration and operational excellence across open networking projects, today demonstrated an end-to-end, global, 5G, cloud native network live on-stage at KubeCon + CloudNativeCon North America. As a thought leader in generating technology from multiple sources based on telecom 5G requirements, LFN’s OPNFV community shepherded the cutting-edge Proof-of-Concept (PoC), which illustrates how to build, connect, and manage a global 5G network – including on-prem, cloud, and edge operations – on open architecture running network services using Kubernetes.

    As global communications providers gear up to deliver high-speed connectivity to support new services and use cases (e.g. autonomous vehicles, smart cities, specialized applications, IoT, AR/VR, and more), the need for low-latency, high-bandwidth, scalable networks is more important than ever. Conventional communications and connectivity hardware will not sustain next-generation mobile technology, so the need for cloud native architectures is essential for delivering the performance, capabilities, and automation that 5G requires.

    The LF Networking community, comprised of major projects such as ONAP, OPNFV, OpenDaylight, FD.io, Tungsten Fabric and more — account for more than 70 percent of the world’s mobile subscribers through participating carriers. It serves as the de facto open source umbrella for helping telcos evolve.

  • JCC Erratum Impact On Skylake Xeon Scalable Plus The Patched Assembler

    Last week ago we provided a number of benchmarks looking at the performance impact from Intel's Jump Conditional Code (JCC) Erratum that required a CPU microcode update to mitigate but that comes with a performance hit. At least Intel has pending GNU Assembler patches to help offset that performance hit. In time for last week's articles I didn't have a chance to perform Skylake Xeon Scalable (1st Gen) benchmarks but now here are some metrics alongside Cascade Lake.

  • Ceph RGW dynamic bucket sharding: performance investigation and guidance

    If we know how many objects the application would store in a single bucket, pre-sharding the bucket generally helps with overall performance. On the flip side, if the object count is not known in advance, the dynamic bucket re-sharding feature of Ceph RGW really helps to avoid degraded performance associated with overloaded buckets.

    In the next post we will learn how the performance of RHCS 3.3 has improved since RHCS 2.0 and what all performance benefits BlueStore OSD backend brings with it.

OSS CMS: Converting ikiwiki to Hugo and WP Maintanance Plugin

Filed under
OSS
  • Birger Schacht: Converting ikiwiki to hugo

    Sometimes I play around with Tails and on rare occasions I also build a Tails image myself. One thing that makes the build of Tails a bit tedious is that it a also builds the Tails Website, which contains the whole documentation (which is really cool, because that way users have the most up to date documentation on their desktop!). The problem is, that the website takes a looooong time to build- on my Laptop (i7-5600U) it takes around 11 minutes.

    I was curious if it was possible to convert the whole website, which is based on ikiwiki, to the hugo static site generator which is known to be pretty fast (”with its amazing speed and flexibility, Hugo makes building websites fun again” as the hugo website puts it Wink). I did some research if there was some tooling to do so- the Hugo website lists some migration tools but nothing for ikiwiki, but I stumbled upon anarcat’s conversion notes which has a lot of information and also links to the write up jak did on his conversion. Anarcat also published a python script to convert ikiwiki to hugo which I tried, but there were some important parts missing.

  • WP Maintanance Plugin Vulnerable To CSRF & XSS

    If you have installed WP Maintenance plugin on your WordPress site or blog, this article is for you. Recently Wordfence team discovered CSRF vulnerability in WP Maintenance plugin that is used to put the website on maintenance mode during maintenance.

    The plugin allows webmasters to customize the maintenance page and show it to all website visitors during maintenance.

    Wordfence team discovered CSRF vulnerability in the plugin that can also allow an attacker to inject malicious code into the website and can redirect all site visitors to another malicious website.

Free Software and Proprietary Software

Filed under
Software
  • [ProtonVPN] Release notes for Linux client version 2.0

    We’re proud to release version 2.0 of the ProtonVPN Linux client. Entirely rewritten in Python, the new version of the client is lighter, faster, and more stable. Version 2.0 also includes the Kill Switch feature, which keeps your data private, even if your VPN connection is interrupted.

  • LibreOffice community at Czech free software events

    Like every year, we would like to say few words about our impressions and experiences from our Czech free and open source software (FOSS) conferences in autumn. As in the last year, we participate with our LibreOffice booth at LinuxDays in Prague (me and Zdeněk Crhonek), and at OpenAlt in Brno (Petr Valach and Zdeněk Crhonek).

  • Google's Stadia Game Streaming Service Arrives To A Collective 'Meh'

    As we noted last week, there's a laundry list of potential issues plaguing Google's attempted entry into the game streaming space via Google Stadia, not least of which is the US' substandard broadband networks and arbitrary broadband caps. Stadia eliminates the physical home game console and instead moves all game processing to the cloud. And while it's clear that this is the inevitable path forward and somebody is going to eventually dominate the space, there's no solid indication yet that it's going to be Google.

  • Security lessons from a Mac-only fintech company

    Apple remains a highly secure choice for enterprise professionals, but security threats remain and the environment requires sophisticated endpoint management tools, according to Build America Mutual (BAM) CTO David McIntyre.

  • Trump is lying about the ‘new’ ‘Apple’ factory

    This is not true for a couple reasons — one of them nitpicky and one of them a lot more serious. The nitpicky problem is that Apple isn’t actually building a manufacturing plant. The company is building a new campus in Austin, but it’s miles away from the factory and the jobs are going to be very similar to the kind of white-collar design and engineering work that Apple does in Cupertino. Apple doesn’t do its own manufacturing, and the plant Trump is standing in belongs to a contractor called Flex Ltd (formerly Flextronics).

    But the bigger problem is that what Flex is doing isn’t anything new. This particular factory has been manufacturing Mac Pros since 2013, when Cook first announced it would assemble them in the United States. That’s before Trump took office. So the idea that we’re seeing the beginning of something, or that Trump has done something during his presidency to bring about this particular instance of US manufacturing, just doesn’t hold water.

    Trump is talking as if Apple has created a brand-new factory in Texas to build Mac Pros. If all you saw was a five-second clip on the news, that’s probably the impression you would get — but it just isn’t true.

  • SecureCRT 8.7 and SecureFX 8.7 Beta Releases from VanDyke Software Introduce New Enhancements for Increased Efficiency and Streamlined Workflow

    The new releases also introduce macOS Dark Mode, local Proxy command firewall, new algorithms, and support for Ubuntu 19.x and macOS Catalina.

  • SaltStack adds automatic vulnerability remediation tool to portfolio

    IT automation tool provider SaltStack has kicked off its SecOps division by announcing the general availability of SaltStack Protect.

    Protect is meant to make the “massive amount of coordination and work required to actually fix thousands of infrastructure security vulnerabilities” less daunting, by throwing some automation into the mix.

    To do that, the product ingests vendor CVE advisories and delivers scans and remediation workflows as a service to SaltStack customers. Automatic prioritisation of which issues to tackle first can be realised by feeding the system with real-time data on the configuration state of all assets in a SaltStack environment, which ties it in with the rest of the SaltStack portfolio.

today's howtos

Filed under
HowTos
  • NMCLI Command To Show Available WiFi Networks, Signal Strength on Linux!
  • Looping Through a File that Contains Spaces (for Loop)
  • Zsync HTTP-based File Transfer Utility Transfers Large Files Efficiently
  • How to open a PSD file without Photoshop

    It stands to reason that with the PSD file being a photo-editing file, the best ways to open PSD image files without Photoshop are going to be other photo editing programs. GIMP, which stands for Gnu Image Manipulation Program is an excellent and free image editor alternative to Photoshop. GIMP works on Linux, Mac OS, and Microsoft Windows powered devices and is open source software, meaning it is developed voluntarily by developers all over the world.

    GIMP offers professional level features, which include being able to open and indeed edit PSD files. Many professional photographers and graphic designers use GIMP for their jobs, and many contribute towards developing new features. If you want to have complete control over the Photoshop file you’re trying to open without Photoshop, then GIMP is the tool you’re looking for. You can download GIMP by pressing the download button below. Then, once you’ve installed it, you can open a PSD file as you would open any other file type.

Devices: Librem 5, Raspberry Pi, TPC-DCM

Filed under
Development
Hardware
  • Librem 5 Birch Shipping update — delay of just a few days.

    We want to give everyone a super quick update on shipping of the current batch of Librem 5 smartphones.

    There’s a delay. But, never fear, it’s only a delay of just a couple days.

    We had hoped, and expected, that the resistor issue (mentioned in this post last week) wouldn’t delay shipping, but it turns out it has caused a few days’ delay.

    We have just received official word that final parts for Birch are shipping to us as we speak — and we expect to have them on Tuesday, November 26 (next week). At which point we will be shipping phones out those receiving this batch of Librem 5’s next week. (There is always a chance the final parts will be delivered early, but the tracking currently says November 26.)

  • Exploring the interface of ecology, mathematics, and digital making | Hello World #11

    In Hello World issue 11, Pen Holland and Sarah Wyse discuss how educators and students can get closer to the natural world while honing maths and computing skills. Using a Raspberry Pi, you too can join this citizen science collaboration.

  • AiO touch-panel systems tap Intel’s Whiskey Lake

    Full specs have yet to be posted, and there’s no mention of OS support. However, the earlier TPC-DCM supports Linux distros including Ubuntu, Debian, and Mageia, as well as various Windows flavors.

Microsoft restores services after it experienced a large global outage across numerous platforms

Filed under
Microsoft

Microsoft says it first addressed the issue at about 8:15 p.m. ET. As of 9:30 p.m. ET, the company said it identified access issues with the Microsoft 365 Admin Center, Exchange Online, SharePoint Online, Microsoft Teams, Skype for Business, and Yammer.

The company said in a tweet that it "identified and reverted a networking build that caused user traffic from the internet to Microsoft 365 services to intermittently fail."

Read more

Ubuntu's Canonical Intros Charmed OSM - Pure Upstream Open Source MANO (OSM) Distribution

Filed under
OSS
Ubuntu

Canonical, the publishers of Ubuntu, this week announced Charmed OSM – a pure upstream Open Source MANO (OSM) distribution designed for production-grade, highly available and scalable deployments.

Charmed OSM provides telecommunications service providers (TSPs) with a generic approach to network functions management and orchestration, allowing them to benefit from cost reduction resulting from the adoption of network functions virtualisation (NFV) technology.

Charmed OSM is a pure upstream OSM distribution. Telcos are assured of a predictable release cadence and upgrade path as Charmed OSM will be released within two weeks of the upstream, enabling them to benefit from the latest features. Charmed OSM is supported under Ubuntu Advantage to provide critical security patches, 24/7 support and production-grade SLAs for maximum uptime and stability.

Read more

Three-course professional specialization aims to close the gap between the use and understanding of open source in business

Filed under
Interviews
OSS

Even though open source software (OSS) is pervasive in IT, many people in business don't understand what open source is and how it differs from proprietary software. According to Brandeis University, "open source software now accounts for between 78% and 98% of all core digital infrastructure, yet few organizational managers understand the business behind it."

In an effort to close the gap between open source usage and understanding, Brandeis and the Open Source Initiative (OSI) have launched a three-course specialization in Open Source Technology Management. After attending an information session about the new program at All Things Open 2019, I was eager to learn more about it and how it will be delivered and assessed, so I reached out to the leadership at Brandeis and the OSI over email for more information. (The interview has been slightly edited for length and clarity.)

Read more

Mozilla: Firefox Extension Spotlight and Rust in Purism and Rav1e

Filed under
Moz/FF
  • Firefox Extension Spotlight: Image Search Options

    Let’s say you stumble upon an interesting image on the web and you want to learn more about it, like… where did it come from? Who are the people in it? Is there a backstory? Are there others like it?

    There are a number of dedicated image search engines that can help you learn more, but if you do a lot of reverse image searching (dubbed “reverse” because instead of using text to search images, you start this search process with an image), it quickly becomes cumbersome to always copy the image, navigate to your preferred image search site, paste in the pic, sift through results, etc. Naturally, there are browser extensions designed to streamline this distinct form of search. One of the most capable is Image Search Options.

    It makes reverse image searching simple and fast. Once installed on Firefox, just right-click on any image you find to pull up a context menu offering 11 image search engines. That search engine variety should be enough to satisfy most folks, but if not, Image Search Options allows you to customize the list of search providers by adding your own or removing others. You can even set it to automatically search across multiple engines simultaneously.

  • Oxidizing Squeekboard

    The experiment relies entirely on Squeekboard as the subject. It has been chosen due to the need to redesign it for a new process (X.org to Wayland), and due to being relatively easy to separate.

    Because Rust is an element belonging to the programming language group, this analysis ignores all other constituents of Squeekboard. Squeekboard’s programming languages are almost exclusively Rust and C, with some shell and Meson impurities, which are subsequently ignored, as replacing them with Rust is not expected to yield useful results.

    [...]

    Oxidation is a process of adding oxygen to a chemical compound. Some examples are burning, and rusting. This experiment concerns the Rusting of a compound called Squeekboard: a derivative of Eekboard, originally containing high quantities of C, and reacting eagerly with GObject, GTK, and the X windowing system.

    The goal of the ongoing experiment is to measure properties of Rust and the consequences of its application in real-world conditions. Due to safety and time concerns, the widely popular approach of Rewrite it in Rust (RiiR) was dismissed in favor of a gradual oxidation process.

  • Rav1e Squeezes Out More Performance For This Rust-Written AV1 Encoder

    Intel's SVT-AV1 video encoder for AV1 is currently the fastest AV1 CPU-based encoder we have seen but it's looking like in due time Rav1e could be closing in on it if they continue with their current trajectory.

    Recently we've seen this Rust-written AV1 encoder making impressive gains in performance. There has been x86 hand-tuned Assembly and more instruction set extensions now being exploited by rav1e and other performance improvements. It's been enough that earlier this month marked the first release of rav1e.

Syndicate content

More in Tux Machines

Graphics: AMD, Mesa and "IGC" Graphics Compiler

  • AMD Promotes Navi 14 Linux Support Out Of "Experimental" + Fixes For Raven Ridge

    With the initial Navi 14 support to be found in the Linux 5.4 kernel releasing this weekend the GPU ASIC (along with Navi 12) have been marked as experimental and thus not enabled by default unless passing a special module parameter to the kernel. But now at the last minute this support has been deemed non-experimental for Navi 14. After the original Navi 12/14 open-source driver support was published, it was then marked as experimental. Under that experimental state, the hardware initialization only happens if amdgpu.exp_hw_support=1 is set as a parameter for the AMDGPU kernel driver.

  • mesa 19.3.0-rc4
    Hi list,
    
    I'd like to announce mesa 19.3.0-rc4 is now available. We're starting to slow
    down a bit in terms of the number of patches being backported, but there's still
    a fair number of opened bugs in the release tracker:
    https://gitlab.freedesktop.org/mesa/mesa/-/milestones/5.
    As such I'm predicting at least one more -rc will be required before the 19.3
    release, I'll update the calendar accordingly.
    
    Among the changes in this release aco dominates, with anv and freedreno no far
    behind. We've reverted an underspeced egl extension that was causing
    regressions, as well as stopped modifying Khronos headers. There's also so fixes
    to i965, core mesa, llvmpipe and st/mesa.
    
    Dylan
    
  • Mesa 19.3.0 Not Expected Until December - RC4 Released With ACO Fixes

    Mesa 19.3 had been expected for release next week per their original release calendar, but as we are used to seeing for these quarterly feature releases, at least one if not more weekly release candidates tend to be needed for ironing out bugs. As such, Mesa 19.3.0 is now solidly looking like at least an early December release while Mesa 19.3-RC4 shipped on Wednesday.

  • Intel Graphics Compiler Update Adds 16-Bit Atomics For Tiger Lake, Other New Features

    Wednesday marked the v1.0.2878 update to Intel's "IGC" Graphics Compiler that is used by their graphics hardware compute stack.

Khadas VIM3 NPU ToolKit Release & Video Demo

The toolkit works in host PCs running Ubuntu 16.04 or 18.04 with Tensorflow framework, and inference can run on both Linux and Android OS in Khadas VIM3/3L board. It includes an Inception v3 sample with 299×299 sample photos, among other demos. You’ll find documentation to get started with model conversion and inference in Linux on Khadas Wiki. Read more

Games: Prison Architect, Rocket League, Unrailed!, Dwarrows, Streets of Rogue

  • Psych Ward: Warden's Edition the first PC expansion for Prison Architect is out with a big free update

    Now that Paradox Interactive own the rights to Prison Architect, with Double Eleven handling the development they've released the first PC DLC with Psych Ward: Warden's Edition. This is an upgraded version of a DLC pack that consoles had for a while, so it's good to see it actually land for PC players too.

  • Psyonix give some details on the item shop coming to Rocket League

    One of the last pieces of the pie to replace their current loot box system in Rocket League is the Item Shop, which Psyonix have now talked about. The item shop will be joined alongside their new Blueprint system to finally get rid of loot box gambling in an update due next month. It's a nice step, as loot boxes are a terrible system but this also comes with its own set of issues. Firstly, the Item Shop is going to be replacing the Showroom, the place where you can view DLC in-game. With it, you will be able to pick a specific item and purchase it with Credits. You will be able to buy Credits in bundles from 500-6500 with a price from $4.99 to $49.99.

  • Chaotic track building game Unrailed! now has a Beta for Linux

    Developer Indoor Astronaut announced yesterday that their amusing and chaotic track building game Unrailed! now has a Beta available for Linux players to try out.

  • Dwarrows, a 3rd person adventure and town-building game will be released for Linux

    After a successful Kickstarter campaign way back in 2016, Lithic Entertainment have been progressing well with their 3rd person adventure and town-building game Dwarrows. Seems like this was one we entirely missed too, even though during their crowdfunding campaign it was announced that it will have Linux support. It's not yet released though, they're expecting to launch sometime in Q1 2020. However, they're currently running a Beta for backers and in August the first Linux build arrived.

  • Streets of Rogue now has a Level Editor and Steam Workshop in Beta, along with an update released

    Streets of Rogue, the incredibly fun rogue-lite from Matt Dabrowski has a new update out. This includes a playable version of the Level Editor and Steam Workshop support in Beta, with new content also available for everyone.

Translation Workshop in Indonesia this Weekend

The KDE Indonesia Community will once again hold a Kopdar (local term for BoF). This meeting is the second meeting after the successful meeting in 2018. The activity will be held this weekend with talks and activities about translating KDE software into Indonesian. The main event is for KDE fans in particular and Linux in general to collaborate in KDE translation. Read more