Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 18 Oct 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Typesort icon Title Author Replies Last Post
Blog entry A Fishy Tale harshasrisri 01/05/2011 - 2:11pm
Blog entry storming srlinuxx 2 27/04/2011 - 6:05am
Blog entry Downtime srlinuxx 1 21/04/2011 - 10:28pm
Blog entry Gnome3 is a YES revdjenk 08/04/2011 - 12:27pm
Blog entry Mageia 1 Alpha2 -- A Status Report gfranken 27/03/2011 - 3:59am
Blog entry Looking for help to bring a new app to the world bigbearomaha 09/03/2011 - 1:35pm
Blog entry motherboard srlinuxx 2 06/03/2011 - 6:32pm
Blog entry More Hardware troubles srlinuxx 03/03/2011 - 9:19pm
Blog entry PCLinuxOS on the BBC Texstar 1 03/03/2011 - 9:51pm
Blog entry weirdness: puppy & wd-40 srlinuxx 09/06/2011 - 4:07am

Games: KeeperRL, 3 Minutes to Midnight, Shadow of Mordor

Filed under
Gaming
  • Roguelike dungeon simulator 'KeeperRL' expands modding and adds Steam Workshop support

    Sometimes you just want to be an evil wizard, build a dungeon and look after some imps. KeeperRL lets you do just that and it just had a big new update with much better modding support.

    With the introduction of Steam Workshop support, mods and retired dungeons can now be shared to it to allow others to easily download and try them out. As for the rest of the modding support lots more can now be tweaked. Items, building info, Z-level width, creature names and so on can be changed with mods now and creatures can also drop custom items.

  • The comedy adventure game 3 Minutes to Midnight is on Kickstarter with Linux support

    Scarecrow Studio are now crowdfunding to finish up their very colourful comedy adventure game 3 Minutes to Midnight.

    The Kickstarter campaign is now live, with a funding goal of €50,000 they need to reach by November 8. They've already amassed support with over €38,000 so it's likely it will be fully funded.

    Taking inspiration from the classics like The Secret of Monkey Island, Day of the Tentacle, and Sam & Max Hit the Road (where have I heard this before?), Scarecrow Studio said 3 Minutes to Midnight will take the point and click gameplay, blend in some humour and high-definition art with an intuitive interface and a "compelling mystery" to solve. They also say it has the "largest script in point-and-click history" and "over 1000 interactable objects" so they're setting the bar for themselves pretty damn high.

  • The Linux port of Shadow of Mordor from Feral Interactive has gained a Vulkan Beta, a massive difference

    This is quite a surprise! Early yesterday we were notified that Middle-earth: Shadow of Mordor, which Feral Interactive ported to Linux in 2015 has gained a Vulkan Beta.

    Since companies rarely make much money from older ports like this, it's quite fantastic to see it being given some love. Especially like this, giving it a big boost with a much newer graphics API. This is not long after Feral Interactive confirmed the Linux release date for Shadow of the Tomb Raider Definitive Edition and also announced Total War Saga: TROY for Linux too.

Proprietary Software and Security Issues

Filed under
OS
  • cPanel, Plesk or DirectAdmin: Analysis and Comparison

    Every OS differs in user interface, security, functionality, usability and pricing, and the final decision should be based on personal needs and expectations. cPanel, Plesk and DirectAdmin all offer a number of great services, functions and tools for successful and efficient VPS management and because of their differences, individual demands can be met, and situations resolved.

  • Netflix won’t ‘shy away from taking bold swings’ as streaming competition heats up

    This increase in subscriber growth this quarter came from an affluence of original content, including Stranger Things’ third season, which saw 64 million accounts watch the newest season in the first four weeks, according to the company. Netflix recently signed co-creators Matt and Ross Duffer to an overall deal with the streaming service, which will see them produce more TV shows and films for Netflix.

  • House panel pushes forward election security legislation

    The panel marked up and approved the SHIELD Act, which takes aim at foreign election interference by requiring U.S. campaigns to report “illicit offers” of election assistance from foreign governments or individuals to both the FBI and the Federal Election Commission (FEC).

    The legislation also takes steps to ensure that political advertisements on social media are subject to the same stricter rules as ads on television or radio.

  • New Voting Machines Will Be Used For Nov. 5 Municipal Elections

    The new system which cost the state about $52 million replaces the 15-year-old one previously used. Charleston County Board of Elections and Registration Director Joseph Debney said while the new system may not be more efficient, it offers more transparency than the previous one. Replacement provides the state with a dependable system for years to come and will greatly enhance the security of the election process. Having a paper record of each voter’s ballot will add an additional layer of security as it allows for audits of paper ballots to verify vote totals.

    The system works using a Ballot-Marking Device (BMD) that helps voters mark a paper ballot more accurately and efficiently. A voter’s choices are presented on a touch screen similar to the old voting machines. The BMD allows the voter to mark the choices on-screen and when the voter is done, prints the selections on paper ballots which then are either hand counted or counted using an optical scanner/tabulator, the second machine.

  • Chhattisgarh dumps EVMs, back to ballot paper

    Chhattisgarh would perhaps be the first state in the country to do away with EVMs in favour of ballot paper in the local body polls.

  • Andhra Pradesh Elections: Complaints of EVM glitches [sic] in nearly 50 booths

    Talking to reporters, the Chief Minister referred to technical glitches in EVMs and said he was demanding that ballot papers be re-introduced. "No developed country is using EVMs as they are prone to manipulation. We have hence been demanding that we revert to the ballot paper system," Naidu said.

  • Chhattisgarh may return to paper ballots for local bodies polls

    In a report submitted on Tuesday, cabinet sub-committee constituted by the Baghel government has recommended the use of paper ballots instead of EVMs in the upcoming urban local body elections.

    The recommendations by the cabinet sub-committee would be referred to the state cabinet headed by CM Baghel for approval.

  • Microsoft unveils two open-source projects for building cloud and edge applications [Ed: Microsoft: our 'clown computing' with NSA back doors is all proprietary software but to trap your work and your data we are openwashing the tools to put them there]

    The new projects include the Open Application Model, which is a specification for building cloud-native apps on Kubernetes, and Dapr, a portable event-driven runtime for building microservices-based apps that can run in the cloud and on edge devices.

  • Top Linux antivirus software

    The last several years have seen a startling increase in malware that targets Linux. Some estimates suggest that Linux malware account for more than a third of the known attacks. In 2019, for example, new Linux-specific attacks included the Silex worm, GoLang malware, the Zombieload side-channel attack, the Hiddenwasp Trojan, the EvilGnome spyware and Lilocked ransomware. The volume and severity of attacks against Linux are clearly on the rise.

    While Linux has some advantages when it comes to security, the Linux kernel is certainly not devoid of security vulnerabilities nor is it immune to attack. The worst thing you can do is to sit back and assume that Linux systems are safe simply because a larger number of desktops are running Windows.

    Tools are available to defend Linux systems from many types of attack, and quite a few of these are free and open source. These are some of the best tools that you can get for free or at modest cost.

Calamares Plans for Debian 11

Filed under
Debian

Before Debian 9 was released, I was preparing a release for a derivative of Debian that was a bit different than other Debian systems I’ve prepared for redistribution before. This was targeted at end-users, some of whom might have used Ubuntu before, but otherwise had no Debian related experience. I needed to find a way to make Debian really easy for them to install. Several options were explored, and I found that Calamares did a great job of making it easy for typical users to get up and running fast.

After Debian 9 was released, I learned that other Debian derivatives were also using Calamares or planning to do so. It started to make sense to package Calamares in Debian so that we don’t do duplicate work in all these projects. On its own, Calamares isn’t very useful, if you ran the pure upstream version in Debian it would crash before it starts to install anything. This is because Calamares needs some configuration and helpers depending on the distribution. Most notably in Debian’s case, this means setting the location of the squashfs image we want to copy over, and some scripts to either install grub-pc or grub-efi depending on how we boot. Since I already did most of the work to figure all of this out, I created a package called calamares-settings-debian, which contains enough configuration to install Debian using Calamares so that derivatives can easily copy and adapt it to their own calamares-settings-* packages for use in their systems.

Read more

Microsoft admits Android is the best operating system for mobile devices

Filed under
Android
Microsoft

At an event at Microsoft’s flagship store in London, Panos Panay, the chief product officer for the Microsoft Devices group, admitted that the company is using Android in its upcoming Surface Duo phone because, quite simply, the “best OS for this product is Android”.

It’s a noteworthy admission, as Google’s Android mobile operating system is one of Microsoft’s biggest rivals. In the past, the company has tried – and failed – to take on Android with its own operating system for mobile devices: Windows Mobile.

We’ve picked all the best 2-in-1 laptops of 2019
Black Friday laptop deals 2019: how to find the best laptop deals
How to buy a laptop on Black Friday and Cyber Monday

While Windows 10 Mobile is no more, it must have been tempting for Microsoft to revive the OS for its upcoming dual-screen handset, so it’s commendable that it has gone for the much more popular Android operating system – while being so frank about its reasons.

On one hand, it seems like Microsoft has acknowledged just how hard it is to compete with Android – which is currently the most-used operating system on the planet – a title Microsoft’s own Windows OS used to have. The failure of Windows 10 Mobile, and the Windows phones that ran the software, was likely a humbling experience that the company is in no rush to repeat.

Read more

Canonical releases Ubuntu Linux 19.10 Eoan Ermine with GNOME 3.34, light theme, and Raspberry Pi 4 support

Filed under
Ubuntu

Thank God for Linux. No, seriously, regardless of your beliefs, you should be thankful that we have the Linux kernel to provide us with a free alternative to Windows 10. Lately, Microsoft's operating system has been plagued by buggy updates, causing some Windows users to lose faith in it. Hell, even Dona Sarkar -- the now-former leader of the Windows Insider program -- has been relieved of her duties and transitioned to a new role within the company (read into that what you will).

While these are indeed dark times for Windows, Linux remains that shining beacon of light. When Windows becomes unbearable, you can simply use Chrome OS, Android, Fedora, Manjaro, or some other Linux distribution. Today, following the beta period, one of the best and most popular Linux-based desktop operating systems reaches a major milestone -- you can now download Ubuntu 19.10! Code-named "Eoan Ermine" (yes, I know, it's a terrible name), the distro is better and faster then ever.

Read more

Which Raspberry Pi OS should you use?

Filed under
OS
Linux

There are a wide range of different Raspberry Pi OS packages available and choosing the correct one for your hardware, application or project is not always easy. Here we compliled a list of popular operating systems for the Raspberry Pi range of single board computers, providing a quick insight into what you can expect from each and how you can use it to build a variety of different applications from games emulators. To fully functional desktop replacements using the powerful Raspberry Pi 4 mini PC, as well as as few more specialist Raspberry Pi OSes. Instructional videos are also included detailing how to install and setup the various OSes, allowing you to quickly choose which Raspberry Pi OS is best for your project.

If you are starting out with the Raspberry Pi and class yourself as a beginner then the NOOBS Raspberry Pi OS is a great place to start. A number of online stores sell affordable SD cards pre-installed with NOOBS, ready to use straight away. Although if you have any spare SD cards lying around you can also download the NOOBS distribution directly from the Raspberry Pi Foundation website.

Read more

Canonical Outs Linux Kernel Security Update for Ubuntu 19.04 to Patch 9 Flaws

Filed under
Linux
Security
Ubuntu

The new security update for Ubuntu 19.04 is here to patch a total of seven security flaws affecting the Linux 5.0 kernel used by the operating system, including an issue (CVE-2019-15902) discovered by Brad Spengler which could allow a local attacker to expose sensitive information as a Spectre mitigation was improperly implemented in the ptrace susbsystem.

It also fixes several flaws (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816) discovered by Wen Huang in the Marvell Wi-Fi device driver, which could allow local attacker to cause a denial of service or execute arbitrary code, as well as a flaw (CVE-2019-15504) discovered by Hui Peng and Mathias Payer in the 91x Wi-Fi driver, allowing a physically proximate attacker to crash the system.

Read more

Measuring the business value of open source communities

Filed under
OSS

It is still the early days of building a platform for bringing together these disparate data sources. The CHAOSS core of Augur and GrimoireLab currently supports over two dozen sources, and I’m excited to see what lies ahead for this project.

As the CHAOSS frameworks mature, I’m optimistic that teams and projects that implement these types of measurement will be able to make better real-world decisions that result in healthier and more productive software development lifecycles.

Read more

Ubuntu 19.10: What’s New? [Video]

Filed under
Ubuntu

Yes, I dusted off my old Canon T2i and pointed it at my trusty (if currently rather dusty) Ubuntu laptop to showcase the core changes and improvements that are on offer in the ‘Eoan Ermine’ (just don’t ask me how to pronounce the name).

In 3 minutes and 31 seconds (exactly) you’ll learn all that’s new, nascent and notable in this, the latest Ubuntu release. From the experimental ZFS install option to easy app folder creation, and the new ‘lighter’ Ubuntu GNOME Shell theme.

Read more

Happy 15th Birthday, Ubuntu!

Filed under
Ubuntu

Ubuntu has come a long way since its ‘Warty Warthog’ days. The distro is by far the most popular Linux flavor in the market right now. According to W3Techs.com, Ubuntu leads the pack with 37.4% of the market, while Debian is a close second at 21.2%.

This is a far cry from the 8.9% popularity that Ubuntu garnered when W3Techs.com first began tracking such data in January 2010. Ubuntu was the 5th most popular Linux distro back then, behind Debian, CentOS, Red Hat, and Fedora, respectively.

Not only is Ubuntu the favorite of many users, but it is also now in the workplace as well, World-wide. Many companies and individuals choose Ubuntu as their distro of choice. The top users of Ubuntu reside in the United States. However, there are also a significant number of Ubuntu users in the United Kingdom, Germany, Canada, India, and the Netherlands.

Since its birth almost 14 years ago, Ubuntu has spawned many successful forks such as Linux Mint, elementary OS, Zorin OS, Pop!_OS, and KDE neon. This list does not even include some of Ubuntu’s derivatives, including Lubuntu, Kubuntu, Xubuntu, Ubuntu MATE, and Ubuntu Budgie.

Read more

LWN on Kernel: pidfd, printk and security

Filed under
Linux
  • Adding the pidfd abstraction to the kernel

    One of the many changes in the 5.4 kernel is the completion (insofar as anything in the kernel is truly complete) of the pidfd API. Getting that work done has been "a wild ride so far", according to its author Christian Brauner during a session at the 2019 Kernel Recipes conference. He went on to describe the history of this work and some lessons for others interested in adding major new APIs to the Linux kernel.
    A pidfd, he began, is a file descriptor that refers to a process — or, more correctly, to a process's thread-group leader. There do not appear to be any use cases for pidfds that refer to an individual thread for now; such a feature could be added in the future if the need arises. Pidfds are stable (they always refer to the same process) and private to the owner of the file descriptor. Internally to the kernel, a pidfd refers to the pid structure for the target process. Other options (such as struct task_struct) were available, but that structure is too big to pin down indefinitely (which can be necessary, since a pidfd can be held open indefinitely).

    Why did the kernel need pidfds? The main driving force was the problem of process-ID (PID) recycling. A process ID is an integer, drawn from a (small by default) pool; when a process exits, its ID will eventually be recycled and assigned to an entirely unrelated process. This leads to a number of security issues when process-management applications don't notice in time that a process ID has been reused; he put up a list of CVE numbers (visible in his slides [SlideShare]) for vulnerabilities resulting from PID reuse. There have been macOS exploits as well. It is, he said, a real issue.

    Beyond that, Unix has long had a problem supporting libraries that need to create invisible helper processes. These processes, being subprocesses of the main application, can end up sending signals to that application or showing up in wait() calls, creating confusion. Pidfds are designed to allow the creation of this kind of hidden process, solving a persistent, difficult problem. They are also useful for process-management applications that want to delegate the handling of specific processes to a non-parent process; the Android low-memory killer daemon (LMKD) and systemd are a couple of examples. Pidfds can be transferred to other processes by the usual means, making this kind of delegation possible.

    Brauner said that a file-descriptor-based abstraction was chosen because it has been done before on other operating systems and shown to work. Dealing with file descriptors is a common pattern in Unix applications.

    There are, he said, quite a few user-space applications and libraries that are interested in using pidfds. They include D-Bus, Qt, systemd, checkpoint-restore in user space (CRIU), LMKD, bpftrace, and the Rust "mio" library.

  • Why printk() is so complicated (and how to fix it)

    The kernel's printk() function seems like it should be relatively simple; all it does is format a string and output it to the kernel logs. That simplicity hides a lot of underlying complexity, though, and that complexity is why kernel developers are still unhappy with printk() after 28 years. At the 2019 Linux Plumbers Conference, John Ogness explained where the complexity in printk() comes from and what is being done to improve the situation.
    The core problem, Ogness began, comes from the fact that kernel code must be able to call printk() from any context. Calls from atomic context prevent it from blocking; calls from non-maskable interrupts (NMIs) can even rule out the use of spinlocks. At the same time, output from printk() is crucial when the kernel runs into trouble; developers do not want to lose any printed messages even if the kernel is crashing or hanging. Those messages should appear on console devices, which may be attached to serial ports, graphic adapters, or network connections. Meanwhile, printk() cannot interfere with the normal operation of the system.

    In other words, he summarized, printk() is seemingly simple and definitely ubiquitous, but it has to be wired deeply into the system.

  • What to do about CVE numbers

    Common Vulnerability and Exposure (CVE) numbers have been used for many years as a way of uniquely identifying software vulnerabilities. It has become increasingly clear in recent years that there are problems with CVE numbers, though, and increasing numbers of vulnerabilities are not being assigned CVE numbers at all. At the 2019 Kernel Recipes event, Greg Kroah-Hartman delivered a "40-minute rant with an unsatisfactory conclusion" on CVE numbers and how the situation might be improved. The conclusion may be "unsatisfactory", but it seems destined to stir up some discussion regardless.
    CVE numbers, Kroah-Hartman began, were meant to be a single identifier for vulnerabilities. They are a string that one can "throw into a security bulletin and feel happy". CVE numbers were an improvement over what came before; it used to be impossible to effectively track bugs. This was especially true for the "embedded library in our product has an issue" situation. In other words, he said, CVE numbers are good for zlib, which is embedded in almost every product and has been a source of security bugs for the last fifteen years.

    Since CVE numbers are unique, somebody has to hand them out; there are now about 110 organizations that can do so. These include both companies and countries, he said, but not the kernel community, which has nobody handling that task. There also needs to be a unifying database behind these numbers; that is the National Vulnerability Database (NVD). The NVD provides a searchable database of vulnerabilities and assigns a score to each; it is updated slowly, when it is updated at all. The word "national" is interesting, he said; it really means "United States". Naturally, there is now a CNNVD maintained in China as well; it has more stuff and responds more quickly, but once an entry lands there it is never updated.

Work on and concerns about libinput in Linux

Filed under
Linux
  • An update on the input stack

    The input stack for Linux is an essential part of interacting with our systems, but it is also an area that is lacking in terms of developers. There has been progress over the last few years, however; Peter Hutterer from Red Hat came to the 2019 X.Org Developers Conference to talk about some of the work that has been done. He gave a status report on the input stack that covered development work that is going on now as well as things that have been completed in the last two years or so. Overall, things are looking pretty good for input on Linux, though the "bus factor" for the stack is alarmingly low.

    High-resolution mouse scrolling

    High-resolution mouse-wheel scrolling should be arriving in the next month or two, he said. It allows for a different event stream that provides more precision on the movement of the mouse wheel on capable devices. Instead of one event per 15-20° of movement, the mouse will send two or four events in that span. Two new event types were added to the 5.0 kernel (REL_WHEEL_HI_RES and REL_HWHEEL_HI_RES) to support the feature. The old and new event streams may not correlate exactly, so they probably should not be used together, he cautioned.

    Likewise, libinput has added a new event type (LIBINPUT_EVENT_POINTER_AXIS_WHEEL) for high-resolution scrolling; it should be handled with its own event stream as with the kernel events. That code is sitting on a branch; it works but it has not been merged into the master yet. For Wayland, a new event type was also added in a now-familiar pattern. He pointed to a mailing list post where all the gory details of high-resolution scrolling for Wayland was explained.

  • A Vast Majority Of Linux's Input Improvements Are Developed By One Individual

    While there is an ever increasing number of open-source developers focusing on the Linux graphics stack with the GPU drivers and related infrastructure, it's quite a different story when it comes to the Linux input side. It's basically one developer that has been working on the Linux input improvements for the past number of years.

    [...]

    As he has pointed out, should anything ever happen to him the libinput library would be in bad shape. While there have been 76 contributors in total to libinput in the past two years, only 24 of them have had more than one commit while only six contributors have had more than five commits. One would just need around 50 commits to become the second-from-the-top contributor to the project.

Devices Leftovers

Filed under
GNU
Linux
Hardware
  • Khadas VIM3L (Amlogic S905D3) Benchmarks, Settings & System Info

    Khadas VIM3L is the first Amlogic S905D3 SBC on the market and is sold as a lower-cost alternative to the company’s VIM3 board with a focus on the HTPC / media player market.

  • Semtech SX1302 LoRa Transceiver to Deliver Cheaper, More Efficient Gateways
  • In-vehicle computer supports new MaaS stack

    Axiomtek’s fanless, rugged “UST100-504-FL” automotive PC runs Ubuntu 18.04 or Windows on 6th or 7th Gen Intel chips, and offers SATA, HDMI, 2x GbE, 4x USB 3.0, 3x mini-PCIe, a slide-rail design, and the new AMS/AXView for MaaS discovery.

    Axiomtek announced a rugged in-vehicle PC that runs Ubuntu 18.04, Windows 10, or Windows 7 on Intel’s Skylake or Kaby Lake processors. The UST100-504-FL is aimed at “in-vehicle edge computing and video analytics applications,” and is especially suited for police and emergency vehicles, says Axiomtek. There’s also a new Agent MaaS Suite (AMS) IoT management suite available (see farther below).

  • Google Launches the Pixel 4 with Android 10, Astrophotography, and Motion Sense

    Google officially launched today the long rumored and leaked Pixel 4 smartphone, a much-needed upgrade to the Pixel 3 and 3a series with numerous enhancements and new features.

    The Pixel 4 smartphone is finally here, boasting upgraded camera with astrophotography capabilities so you can shoot the night sky and Milky Way without using a professional camera, a feature that will also be ported to the Pixel 3 and 3a devices with the latest camera app update, as well as Live HDR+ support for outstanding photo quality.

  • Repurposing A Toy Computer From The 1990s

    Our more youthful readers are fairly likely to have owned some incarnation of a VTech educational computer. From the mid-1980s and right up to the present day, VTech has been producing vaguely laptop shaped gadgets aimed at teaching everything from basic reading skills all the way up to world history. Hallmarks of these devices include a miserable monochrome LCD, and unpleasant membrane keyboard, and as [HotKey] found, occasionally a proper Z80 processor.

    [...]

    After more than a year of tinkering and talking to other hackers in the Z80 scene, [HotKey] has made some impressive headway. He’s not only created a custom cartridge that lets him load new code and connect to external devices, but he’s also added support for a few VTech machines to z88dk so that others can start writing their own C code for these machines. So far he’s created some very promising proof of concept programs such as a MIDI controller and serial terminal, but ultimately he hopes to create a DOS or CP/M like operating system that will elevate these vintage machines from simple toys to legitimate multi-purpose computers.

Audiocasts/Shows/Screencasts: FLOSS Weekly, Containers, Linux Headlines, Arch Linux Openbox Build and GhostBSD 19.09

Filed under
GNU
Linux
  • FLOSS Weekly 551: Kamailio

    Kamailio is an Open Source SIP Server released under GPL, able to handle thousands of call setups per second. Kamailio can be used to build large platforms for VoIP and realtime communications – presence, WebRTC, Instant messaging and other applications.

  • What is a Container? | Jupiter Extras 23

    Containers changed the way the IT world deploys software. We give you our take on technologies such as docker (including docker-compose), Kubernetes and highlight a few of our favorite containers.

  • 2019-10-16 | Linux Headlines

    WireGuard is kicked out of the Play Store, a new Docker worm is discovered, and Mozilla unveils upcoming changes to Firefox.

  • Showing off my Custom Arch Linux Openbox Build
  • GhostBSD 19.09 - Based on FreeBSD 12.0-STABLE and Using MATE Desktop 1.22

    GhostBSD 19.09 is the latest release of GhostBSD. This release based on FreeBSD 12.0-STABLE while also pulling in TrueOS packages, GhostBSD 19.09 also has an updated OpenRC init system, a lot of unnecessary software was removed, AMDGPU and Radeon KMS is now valid xconfig options and a variety of other improvements and fixes.

MX-19 Release Candidate 1 now available

Filed under
GNU
Linux
Debian

We are pleased to offer MX-19 RC 1 for testing purposes.

As usual, this iso includes the latest updates from debian 10.1 (buster), antiX and MX repos.

Read more

The Linux Mint 19.2 Gaming Report: Promising But Room For Improvement

Filed under
GNU
Linux
Gaming

When I started outlining the original Linux Gaming Report, I was still a fresh-faced Linux noob. I didn’t understand how fast the ecosystem advanced (particularly graphics drivers and Steam Proton development), and I set some lofty goals that I couldn’t accomplish given my schedule. Before I even got around to testing Ubuntu 18.10, for example, Ubuntu 19.04 was just around the corner! And since all the evaluation and benchmarking takes a considerable amount of time, I ended up well behind the curve. So I’ve streamlined the process a bit, while adding additional checkpoints such as out-of-the-box software availability and ease-of-installation for important gaming apps like Lutris and GameHub.

Read more

Something exciting is coming with Ubuntu 19.10

Filed under
Ubuntu

ZFS is a combined file system and logical volume manager that is scalable, supplying support for high storage capacity and a more efficient data compression, and includes snapshots and rollbacks, copy-on-write clones, continuous integrity checking, automatic repair, and much more.

So yeah, ZFS is a big deal, which includes some really great features. But out of those supported features, it's the snapshots and rollbacks that should have every Ubuntu user/admin overcome with a case of the feels.

Why? Imagine something has gone wrong. You've lost data or an installation of a piece of software has messed up the system. What do you do? If you have ZFS and you've created a snapshot, you can roll that system back to the snapshot where everything was working fine.

Although the concept isn't new to the world of computing, it's certainly not something Ubuntu has had by default. So this is big news.

Read more

Syndicate content

More in Tux Machines

Apache Rya matures open source triple store database

The open source Apache Rya database effort is continuing to move forward as it reaches a new level of project maturity and acceptance. Rya (pronounced "ree-uh") is an RDF (resource description framework) triple store database. The project started at the U.S. government's Laboratory for Telecommunication Sciences with an initial research paper published in 2012. The project joined the Apache Software Foundation (ASF) in 2015 as an incubated project, and in September 2019 achieved what is known as Top-Level Project status. The Top-Level status is an indication and validation of the project's maturity, code quality and community. The ASF is home to Hadoop, Spark and other widely used database and data management programs. Read more Also: Yahoo Groups is being prepared for shutdown, with all stored archives to be deleted on Dec 14

The Spectre Mitigation Impact For Intel Ice Lake With Core i7-1065G7

For those wondering if -- or how much -- of a performance impact mitigations still make regarding Spectre for Intel's long-awaited 10nm+ Ice Lake processors, here is the rundown on the mitigation state and the performance impact. One of the areas that Phoronix readers have requested testing on with the recent purchase of the Dell XPS 7390 with Core i7 1065G7 is regarding the mitigation state and performance. Ice Lake with its Sunny Cove microarchitecture -- similar to Cascade Lake -- is no longer affected by Meltdown, MDS, or L1TF / Foreshadow. Read more

Networking SBCs run Linux on quad -A53 and -A72 NXP LS chips

Forlinx’s sandwich-style OK1043A-C and OK1046A SBCs run Linux on NXP’s quad -A53 LS1043A and quad -A72 LS1046A SoCs, respectively, and offer a 10GbE port and up to 6x GbE ports with optional SFP. Forlinx has posted product pages for two similar COM Express modules and carrier boards that run Linux on NXP’s networking focused LS series processors. The FET1043A-C module taps the up to 1.6GHz, quad-core, Cortex-A53 LS1043A while the FET1046A-C uses the up to 1.8GHz, quad-core, Cortex-A72 LS1046A. All the processors are headless — without GPUs. Read more

Security: WireGuard, Birds and Updates

  • WireGuard Restored In Android's Google Play Store After Brief But Controversial Removal

    After Google dropped the open-source WireGuard app from their Play Store since it contained a donation link, the app has now been restored within Google's software store for Android users but without the donation option. The WireGuard app for Android makes it easy to setup the secure VPN tunnel software on mobile devices, similar to its port to iOS and other platforms. The WireGuard apps are free but have included a donation link to the WireGuard website should anyone wish to optionally make a donation to support the development of this very promising network tech.

  • Letting Birds scooters fly free

    At that point I had everything I need to write a simple app to unlock the scooters, and it worked! For about 2 minutes, at which point the network would notice that the scooter was unlocked when it should be locked and sent a lock command to force disable the scooter again. Ah well. So, what else could I do? The next thing I tried was just modifying some STM firmware and flashing it onto a board. It still booted, indicating that there was no sort of verified boot process. Remember what I mentioned about the throttle being hooked through the STM32's analogue to digital converters[3]? A bit of hacking later and I had a board that would appear to work normally, but about a minute after starting the ride would cut the throttle. Alternative options are left as an exercise for the reader. Finally, there was the component I hadn't really looked at yet. The Quectel modem actually contains its own application processor that runs Linux, making it significantly more powerful than any of the chips actually running the scooter application[4]. The STM communicates with the modem over serial, sending it an AT command asking it to make an SSL connection to a remote endpoint. It then uses further AT commands to send data over this SSL connection, allowing it to talk to the internet without having any sort of IP stack. Figuring out just what was going over this connection was made slightly difficult by virtue of all the debug functionality having been ripped out of the STM's firmware, so in the end I took a more brute force approach - I identified the address of the function that sends data to the modem, hooked up OpenOCD to the SWD pins on the STM, ran OpenOCD's gdb stub, attached gdb, set a breakpoint for that function and then dumped the arguments being passed to that function. A couple of minutes later and I had a full transaction between the scooter and the remote. The scooter authenticates against the remote endpoint by sending its serial number and IMEI. You need to send both, but the IMEI didn't seem to need to be associated with the serial number at all. New connections seemed to take precedence over existing connections, so it would be simple to just pretend to be every scooter and hijack all the connections, resulting in scooter unlock commands being sent to you rather than to the scooter or allowing someone to send fake GPS data and make it impossible for users to find scooters.

  • Security updates for Friday

    Security updates have been issued by Debian (poppler, sudo, and wordpress), Oracle (java-1.8.0-openjdk), Red Hat (java-1.8.0-openjdk), Scientific Linux (java-1.8.0-openjdk, java-11-openjdk, and kernel), and SUSE (kernel and postgresql10).