Language Selection

English French German Italian Portuguese Spanish

BSD

Can You Use FreeBSD for a Developer Machine in 2020?

Filed under
Advertisement
BSD

I’ve been considering moving my blog back to a FreeBSD web server. I’d hosted it that way for years and recently switched it to a Linux machine so I could make Octopress work properly. It uses some old, outdated Ruby gems, and it just seemed easier.

But with a new redesign coming and a new Hugo back-end, I’ll be bringing my hosting machine back to FreeBSD.

I recently read FreeBSD is an amazing operating system, which got me thinking:

Can FreeBSD be a viable desktop operating system for developers in 2020?

Read more

Discussing Past, Present and Future of FreeBSD Project

Filed under
Interviews
BSD

FreeBSD is one of the most popular BSD distributions. It is used on desktop, servers and embedded devices for more than two decades.

We talked to Deb Goodkin, executive director, FreeBSD Foundation and discussed the past, present and future of FreeBSD project.

Read more

Audiocasts/Shows: Choose Linux, BSD Now and TLLTS

Filed under
GNU
Linux
BSD

NetBSD 9.0 available!

Filed under
BSD

Sixth months after the start of the release engineering process, NetBSD 9.0 is now available.

Since the start of the release process a lot of improvements went into the branch - over 700 pullups were processed!

This includes usbnet (a common framework for usb ethernet drivers), aarch64 stability enhancements and lots of new hardware support, installer/sysinst fixes and changes to the NVMM (hardware virtualization) interface.

We hope this will lead to the best NetBSD release ever (only to be topped by NetBSD 10 - hopefully later this year).

Read more

Also: NetBSD 9.0 Debuts As The "Best NetBSD Release Ever"

OpenSSH 8.2 was released on 2020-02-14.

Filed under
Security
BSD

It is now possible[1] to perform chosen-prefix attacks against the SHA-1 hash algorithm for less than USD$50K. For this reason, we will be disabling the "ssh-rsa" public key signature algorithm that depends on SHA-1 by default in a near-future release.

This algorithm is unfortunately still used widely despite the existence of better alternatives, being the only remaining public key signature algorithm specified by the original SSH RFCs.

Read more

Also: DragonFlyBSD Improves Its TMPFS Implementation For Better Throughput Performance

Audiocasts/Shows: Command Line Heroes, BSD Now and Linux Headlines

Filed under
GNU
Linux
BSD
  • Command Line Heroes season 4 episode 2: Mainframes

    The story of a small team of rebel employees at General Electric who built a mainframe that pushed computing from a niche market to the mainstream.

  • Kubernetes on bhyve | BSD Now 337

    Happinesses and stresses of full-time FOSS work, building a FreeBSD fileserver, Kubernetes on FreeBSD bhyve, NetBSD 9 RC1 available, OPNSense 20.1 is here, HardenedBSD’s idealistic future, and more.

  • 2020-02-13 | Linux Headlines

    IBM brings Kubernetes to the mainframe, PeerTube 2.1 is packed with polish, lazy image loading is slowly coming to Firefox, and find out which podcast was awarded Podcast of the Year.

Second (final) release candidate for NetBSD 9.0 available!

Filed under
BSD

Sixth months after the start of the release engineering process for 9.0, the second (and most likely final) release candidate is now available.

Shortly after the first release candidate had been published and feedback came it, it became clear that this was not going to be the final state of 9.0. In the end a lot of fixes were done, but we used the opportunity to also incorporate more hardware support (Pinebook Pro) and update a few components (dhcpcd, openssl).

We will be very restrictive with further changes and expect a quick and smooth release from this point on. Tentative release date is February 14, 2020.

Since the start of the release process a lot of improvements went into the branch - nearly 700 pullups were processed!

This includes usbnet (a common framework for usb ethernet drivers), aarch64 stability enhancements and lots of new hardware support, installer/sysinst fixes and changes to the NVMM (hardware virtualization) interface.

We hope this will lead to the best NetBSD release ever (only to be topped by NetBSD 10 - hopefully later this year).

Read more

Also: NetBSD 9.0 Coming Soon With 64-bit ARM, Updated ZFS, Hardware-Accelerated Virtualization

GhostBSD 20 - When there's something wrong with your Tux

Filed under
Reviews
BSD

In the Linux world, Arch is the great noob equalizer. But there's an ever more frightening beast in the forest. It's BSD, and even invoking its name can send the lesser man into despair. The simple truth of the matter is, throughout the nerdy circles of the world, BSD holds a respectable place as a stable, reliable workhorse. But it's never distinguished itself as a viable desktop alternative.

Over the years, I've dabbled in BSD quite some - you can check my UNIX reviews to figure out what gives. Sometimes, there would be this or that BSD flavor that surprised with its simplicity, but things would usually unravel at some point, whether it's hardware compatibility, disk-greedy partitioning, or perhaps the ease of everyday use. Then, recently, I came across GhostBSD, and it looks pretty and inviting. So let's see what gives.

Read more

BSD: HardenedBSD and AsiaBSDCon

Filed under
BSD
  • HardenedBSD Tor Onion Service v3 Nodes

    I've been working today on deploying Tor Onion Service v3 nodes across our build infrastructure. I'm happy to announce that the public portion of this is now completed. Below you will find various onion service hostnames and their match to our infrastructure.

  • The MWL 2020 Asia Tour

    Why do this trip, when I loathe travel? Over the last twenty years, I’ve promised several folks that I would one day attend AsiaBSDCon. I keep my promises. I’m looking forward to being there, but not to getting there. The Bangalore trip is serendipitous. Presenting technology is how I built my career. Bangalore is a technology center and obviously a place I should present in. HasGeek asked if I would be interested, I said “if you could put an event by AsiaBSDCon,” and those folks actually went and did it. I’m simultaneously amazed and honored that they’ve gone to such trouble.

BSD: HAMMER2 and First FreeBSD Conference in Australia

Filed under
BSD
  • HAMMER2 questions

    Still, my recommendation is that for anything that fits on one drive no mirroring or RAID should be used. Make discrete backups to another drive on a regular schedule instead. RAIDs are not actually any more reliable than non-RAID on small systems in terms of machine uptime. For larger many-drive arrays HAMMER2 just isn't the right solution (not yet) and I would recommend running ZFS on FreeBSD instead. But for any single-drive solution (even a large one), HAMMER2 gives premium performance and has a number of extremely useful features built-in such as automatic de-duplication (when copying a large file or tree), and compression. I use HAMMER2 on a bunch of 4TB HDDs and SSDs myself and it works flawlessly.

  • The first FreeBSD conference in Australia

    While there are many prominant Australian FreeBSD contributers, sysadmins, and users, we’ve always had to venture overseas for conferences. We’re always told Australians are among the most ardent travellers, but I always wondered if we could do a domestic event as well.

    And on Tuesday, we did! Deb Goodkin and the FreeBSD Foundation graciously organised and chaired a dedicated FreeBSD miniconf at the long-running linux.conf.au event held each year in a different city in Australia and New Zealand.

Syndicate content

More in Tux Machines

Planet Changes and Cilium

  • Planet Arch Linux migration

    The software behind planet.archlinux.org was implemented in Python 2 and is no longer maintained upstream. This functionality has now been implemented in archlinux.org's archweb backend which is actively maintained but offers a slightly different experience.

  • Cilium drops 1.7 release, upping insight and manageability

    Network and API connectivity project Cilium has been released in version 1.7, providing users with a UI for observability platform Hubble and the option to apply cluster-wide network policies. Cilium is an open source project developed by US startup Isovalent to provide and secure network connectivity and load balancing for workloads such as application containers or processes. It is based on a virtual machine-like construct called Berkeley Packet Filter (BPF) which can be found in the Linux kernel.

OSS and Development

  • Someone is selling the free, open source Playnite launcher on Steam for $100

    Playnite is a free open source PC application designed to be an all-in-one answer to the growing number of game launchers we've all got on our desktops. In other words, it combines libraries from the likes of Steam, Epic Games Store, Uplay and GOG Galaxy, and then lets you organise them however you see fit. Jody tried it last year and came away impressed. I should emphasise the "free" above: it is available straight from the source here and, according to the site, "no features are locked behind a paywall and the complete source code is available under the MIT license". The MIT license basically surrenders the software to any kind of use with no restrictions, including resales.

  • uGet is an open source download manager for Windows and Linux that also supports Torrents and Video downloads

    The GUI has four panes, a menu bar and a toolbar. The Status pane in the top left corner displays all downloads and the ones which are Active, Queuing, Finished, and Recycled (deleted). The total number of downloads for each category is displayed next to its name, and you can click on any of these to see the list of items contained. Switch to the Category pane to jump between the default and the ones you have created. You can use the Category menu to add new sorting options, set the default download folder for each category, maximum active downloads, and also the maximum upload and download speeds. The pane below the toolbar is the download list pane; anything that you select in the status pane is displayed here. It shows the name, the file size of the download that has been completed, the total size, the progression percentage, time left to complete the download, and the upload/download speeds of each file. The View menu can be used to customize the columns that are displayed in the list pane, and the other visual elements of the program. Highlighting an item in the download list brings up its summary on the bottom pane.

  • Open Source Music Tagger Picard 2.3 Released With Custom MP4 Tags Support

    Free and Open source MusicBrainz announced the point release of Picard 2.3 with major changes to the user interface, tag, and desktop integration support. MusicBrainz stores all the metadata of the music and Picard is the official tag editor that helps in identifying and organizing the digital audio recording.

  • For Square Crypto, the Way to Bitcoin Mass Adoption Is Open Source

    When Jack Dorsey founded Square in February 2009, Bitcoin was all of one month old. In fact, Satoshi Nakamoto and Dorsey were likely laying the groundwork for their respective creations concurrently in the year prior. Ten years later, the two would converge in what now seems like an inevitable collision. Square launched its Venmo-like payment service, Cash App, in 2013. The application features common stock investing, and i

  • Gold-nuggeting: Machine learning tool simplifies target discovery for pen testers

    Recognizing this analogy with the precious metals industry, researchers at Delve Labs have developed Batea, an open source tool that leverages machine learning to find valuable information in network device data.

  • ’Second Revolution’ In Electronic Bond Trading

    Sri Ambati, chief executive and founder at H2O.ai, told Markets Media that the firm’s open source platform can perform one billion regressions in less than five seconds.

  • Google ‘AutoFlip’ can resize video using AI

    The way we consume video has changed a lot over the course of the last decade. We now watch videos on our mobile devices from anywhere and because of this, video content comes in a wide variety of formats. Google recognizes this shift and so last week their AI team announced ‘AutoFlip’ an open-source framework for “intelligent video reframing.”

  • This open-source framework, ‘AutoFlip’, can do automated video cropping using AI

    Many times when we see a video on mobile devices is badly cropped, it is not much you can do about it. Understanding this problem, Google’s AI’s team has built an open-source solution on top of MediaPipe, Autoflip, which can reframe a video that fits any device or dimension (landscape, portrait, etc.). AutoFlip works in three phases. The first phase includes scene detection; the second is the video content analysis, and the third is reframing. For this tool, if a video and a target dimension are given, it analyzes the video content. Later it develops optimal tracking and cropping strategies, which finally enables it to create an output video at the same time limit in the desired aspect ratio.

  • Tech Events in Africa: Nerds Unite, Open Source Festival and #CodeZone

    It’s a new week and another opportunity to meet up with like-minded people, become better in your chosen field and seal those deals for your startup. And we at TechNext want to help with a list of tech events happening around you this week.

  • An unofficial version of Brave browser brings native ARM64 support

    Privacy-focused Brave browser launched late last year after almost four years of being in the works. The browser is based on the Chromium open-source project and joins the likes of Microsoft Edge that is built on that platform. However, while Mozilla Firefox and Microsoft’s offering currently support ARM64 PCs natively in the stable channels, Brave does not. That might change, as Windows Insider MVP Jeremy Sinclair was able to compile an unofficial build of the open-source Brave browser that natively supports ARM64 PCs. The recompiled build (version 1.6.33) uses Microsoft’s ARM64 Chromium libraries and can run natively on those PCs like the Surface Pro X. Samsung Galaxy Book S. Native support results in improved performance and efficiency since the browser will not have to run in emulation.

  • The Brave web browser is taking on Google Chrome: Is it safe?

    The creator of Brave, Brendan Eich, also created JavaScript and co-founded the Mozilla Project that led to the development of the Firefox browser. Brave is based on the open-source Chromium browser that’s also the basis for Google’s Chrome, Opera and most recently Microsoft’s Chromium Edge browser. Open-source means that anyone can take the source code and build whatever they’d like out of it, but it doesn’t mean that all the browsers are the same. In the case of Brave, they chose to focus on user privacy by blocking trackers, scripts and ads by default. The natural by-product of blocking all this activity that usually goes unnoticed by the average user is faster load times. Brave can also make use of the wide variety of extensions for Chromium-based browsers via the Chrome Web Store at chrome.google.com.

  • This new tool could improve economic analysis of sub-national climate policies in the US

    Empowered by the Paris Agreement and a lack of national leadership on climate policy in the United States, state and local governments are leading on their own climate initiatives. California, New York and Colorado have set ambitious greenhouse gas emission and renewable energy targets for 2030. Just last week, Massachusetts introduced sweeping climate legislation targeting net zero emissions by 2050. As these environmental and energy policies move ahead, experts need to invest in economic data and tools that allow them to conduct robust economic analysis, to better inform policymakers, stakeholders and the public on how to design robust alternative climate and energy policies.

  • 2020 Open Access Award Finalists Named

    The Benjamin Franklin Award for Open Access in the Life Sciences is a humanitarian/bioethics award presented annually by Bioinformatics.org to an individual who has, in his or her practice, promoted free and open access to the materials and methods used in the life sciences.

  • Are we having fund yet, npm? CTO calls for patience after devs complain promised donations platform has stalled

    At the end of August, JavaScript package registry NPM Inc said it intended "to finalize and launch an Open Source funding platform by the end of 2019." But instead of a platform, what's available at the moment might be better referred to as a feature of the npm command-line interface (CLI). The announcement was received with some skepticism at the time and the project hasn't managed to defy that expectation: There was a minor milestone last November with the addition of the "fund" command to npm v6.13.0. But not much has changed since then.

  • RcppSimdJson 0.0.2: First Update!

    RcppSimdJson wraps the fantastic simdjson library by Daniel Lemire which truly impressive. Via some very clever algorithmic engineering to obtain largely branch-free code, coupled with modern C++ and newer compiler instructions, it results in persing gigabytes of JSON parsed per second which is quite mindboggling. I highly recommend the video of the recent talk by Daniel Lemire at QCon (which was also voted best talk). The best-case performance is ‘faster than CPU speed’ as use of parallel SIMD instructions and careful branch avoidance can lead to less than one cpu cycle use per byte parsed. This release syncs the simdjson headers with upstream, and polishes the build a little by conditioning on actually having a C++17 compiler rather than just suggesting it. The NEWS entry follows.

  • Nvidia Blames ‘Misunderstanding’ for Activision Faux Pas

    When Nvidia Corp. abruptly dropped Activision Blizzard Inc. games from its new GeForce Now service earlier this week, it left customers wondering what happened. Nvidia said on Tuesday that Activision had asked to have its titles removed from GeForce, but didn’t explain why. It turns out that the video-game giant wanted a commercial agreement with Nvidia before they proceeded -- and the situation stemmed from a simple misunderstanding, Nvidia said on Thursday.

Web Standards

  • Inrupt, Tim Berners-Lee's Solid, and Me

    All of this is a long-winded way of saying that I have joined a company called Inrupt that is working to bring Tim Berners-Lee's distributed data ownership model that is Solid into the mainstream. (I think of Inrupt basically as the Red Hat of Solid.) I joined the Inrupt team last summer as its Chief of Security Architecture, and have been in stealth mode until now.

    The idea behind Solid is both simple and extraordinarily powerful. Your data lives in a pod that is controlled by you. Data generated by your things -- your computer, your phone, your IoT whatever -- is written to your pod. You authorize granular access to that pod to whoever you want for whatever reason you want. Your data is no longer in a bazillion places on the Internet, controlled by you-have-no-idea-who. It's yours. If you want your insurance company to have access to your fitness data, you grant it through your pod. If you want your friends to have access to your vacation photos, you grant it through your pod. If you want your thermostat to share data with your air conditioner, you give both of them access through your pod.

  • World wide web founder scales up efforts to reshape internet
  • Sir Tim Berners-Lee's Inrupt is Redesigning the way the web is to Work and Apple is working with them on their Data Transfer Project

    Inrupt, the start-up company founded by Sir Tim Berners-Lee to redesign the way the web works, is expanding its operational team and launching pilot projects in its quest to develop a "massively scalable, production-quality technology platform."

  • Inconsistent user-experiences with native lazy-loading images

    The specification for web browser native support for lazy-loading images landed in the HTML Living Standard a week ago. This new feature lets web developers tell the browser to defer loading an image until it is scrolled into view, or it’s about to be scrolled into view. Images account for 49 % of the median webpage’s byte size, according to the HTTP Archive. Lazy image loading can help reduce these images’ impact on page load performance. It can also help lower data costs by clients that never scroll down to images far down on a page. Historically, lazy-loading was implemented by responding to changes in the scroll position and tracking the image element’s offset from the top of the page. This could degrade page-scrolling performance. Comparatively, the new native lazy loading for images is easier to implement and doesn’t degrade scrolling performance.

Security and Scare for Sale

  • Malware Attack Takes ISS World's Systems Offline

    Founded in 1901, the Copenhagen, Denmark-based company provides cleaning, support, property, catering, security, and facility management services for offices, factories, airports, hospitals, and other locations all around the world.

    At the moment, the company’s employees don’t have access to corporate systems, as they were taken offline following a malware attack earlier this week.

  • The rise and rise of ransomware [iophk: Windows TCO]
  • Security flaws belatedly fixed in open source SuiteCRM software

    According to Romano, a second-order PHP object injection vulnerability (CVE-2020-8800) in SuiteCRM could be “exploited to inject arbitrary PHP objects into the application scope, allowing an attacker to perform a variety of attacks, such as executing arbitrary PHP code”. SuiteCRM versions 7.11.11 and below are said to be vulnerable. [...] “We have put a notice on our open source community channels and advice via social media. We have a dedicated community that works around the clock to spot vulnerabilities and produce suitable fixes, which is one of the key benefits for a business when choosing to use open source software.”

  • With the rise of third-party code, zero-trust is key

    The surface area of website and web application attacks keeps growing. One reason for this is the prevalence of third-party code. When businesses build web apps, they use code from many sources, including both commercial and open-source projects, often created and maintained by both professional and amateur developers. Web application creators take advantage of third-party code because it allows them to build their websites and apps quickly. For example, companies are likely to add a third-party chat widget to their site, instead of building one from scratch. But third-party code can leave websites vulnerable. Consider the July 2018 Magecart attack on Ticketmaster. In this data breach, hackers were able to gain access to sensitive customer information on Ticketmaster's website by compromising a third-party script used to provide chatbot functionality. The challenge is that this third-party functionality runs directly on the customer's browser, and the browser is built to simply render the code sent down from a web server. It assumes that all code, whether first-party or third-party, is good.

  • New company BluBracket takes on software supply chain code security
  • BluBracket scores $6.5M seed to help secure code in distributed environments

    BluBracket, a new security startup from the folks who brought you Vera, came out of stealth today and announced a $6.5 million seed investment. Unusual Ventures led the round with participation by Point72 Ventures, SignalFire and Firebolt Ventures.