Odprtokodni pogled

Opensource view

Tuja odprtokodna scena

Linux Begins Preparing For Intel's New "Lightning Mountain" SoC

Phoronix - Čet, 08/22/2019 - 11:46
Linux kernel development activity has shown light on a new Intel SoC we haven't anything about to date... Lightning Mountain...

Useful security software from the Snap Store

tuxmachines.org - Čet, 08/22/2019 - 11:34

Once upon a time, password management was a simple thing. There were few services around, the Internet was a fairly benign place, and we often used the same combo of username and password for many of them. But as the Internet grew and the threat landscape evolved, the habits changed.

In the modern Web landscape, there are thousands of online services, and many sites also require logins to allow you to use their full functionality. With data breaches a common phenomenon nowadays, tech-savvy users have adopted a healthier practice of avoiding credentials re-use. However, this also creates a massive administrative burden, as people now need to memorize hundreds of usernames and their associated passwords.

The solution to this fairly insurmountable challenge is the use of secure, encrypted digital password wallets, which allow you to keep track of your endless list of sites, services and their relevant credentials.

KeePassXC does exactly that. The program comes with a simple, fairly intuitive interface. On first run, you will be able to select your encryption settings, including the ability to use KeePassXC in conjunction with a YubiKey. Once the application is configured, you can then start adding entries, including usernames, passwords, any notes, links to websites, and even attachments. The contents are stored in a database file, which you can easily port or copy, so you also gain an element of extra flexibility – as well as the option to back up your important data.

Also: US Hangs Tough on Restricting Huawei’s Participation in Standards Development

read more

Raccoon – APK Downloader for Linux, MacOS, and Windows

tuxmachines.org - Čet, 08/22/2019 - 11:33

We’ve covered APK stories before in articles like the one about F-Droid and Google Play Downloader, but never have we covered an app as cool as this one with a name inspired by the North American mammal, Raccoon.

Raccoon is a free and modern open-source APK downloader application that enables you to safely download any Android app available on Google Play Store to your Linux, Windows, or Mac desktop.

The incentive of Raccoon is to enable users to install Android apps without sending any kind of information to Google. It also works to store APK files locally, use a “Split APK” format, bypass application region restrictions, and aims to improve your phone’s battery life.

read more

Phoronix Test Suite 9.0 Milestone 2 Released, OpenBenchmarking.org Serves 42 Millionth Download

Phoronix - Čet, 08/22/2019 - 11:29
The second development release of the forthcoming Phoronix Test Suite 9.0-Asker is now available for testing...

Games: MMO Path of Titans, Steam Play Milestone, Rocket Pass, Stay Safe: Labyrinth, OBS Studio

tuxmachines.org - Čet, 08/22/2019 - 11:23
  • Try the first demo of the dino MMO Path of Titans, we have some testing keys to give away

    After Alderon Games successful crowdfunding campaign on IndieGoGo for their dino themed survival MMO Path of Titans, the developer reached out to gather more Linux testers.

    They've released a first demo and it's currently quite limited with the character creation ability the only thing possible. However, once a month they will be deploying a big new feature for it like the ability to run around, AI, quests and so on.

  • Steam Play passes six thousand Windows games playable on Linux, according to ProtonDB

    On the day of Steam Play hitting the big one year anniversary (August 21st), it seems another milestone has been reached in terms of compatibility.

    According to ProtonDB, the handy (but unofficial) tracking website, over six thousand games are now working. At time of writing, exactly 6,023 "games work" against the 9,134 total of games that currently have user reports to see if they run or not. That's quite an impressive number!

    It's worth noting though, that with little over nine thousand games currently reported, Steam does host well over thirty thousand so there's a huge amount that hasn't yet been tested.

    How about a question for you to answer in the comments: What does Steam Play mean to you? I'll start.

  • Rocket Pass 4 is coming to Rocket League on August 28th, with a new rally-inspired Battle-Car

    The fourth Rocket Pass is due to arrive in Rocket League soon, along with the start of Competitive Season 12.

    For those of you wanting to rank up and ensure you get the best rewards possible, Season 11 is ending really soon on August 27th. A day later, Rocket Pass 4 is going to be released.

  • Roguelike Stay Safe: Labyrinth of the Mad now has a Linux beta, sounds quite unique

    Stay Safe: Labyrinth of the Mad from Yellowcake Games is a roguelike with plenty of random generation, including an interesting way of generating the world.

    When starting a new game, the developer said you can use files on your PC or a combination of keyboard/gamepad button presses to generate the dungeon, items and gems. That's not all that makes it somewhat unique, there's also another feature where you will come across a copy of other players. It's a single-player game, so you're not directly facing other people only a shadow of what they had. Although that feature is entirely optional.

  • OBS Studio has a fresh release candidate available for a major new version

    OBS Studio, the free and open source video livestreaming and recording software is my one and only stop for video capturing and it continues to mature.

    The upcoming 24.0 release has a first release candidate now available and it has some fun new features. For starters, you can now actually pause recordings to easily cut away parts you know you don't need. I've tested that and it works perfectly. It does need you to have separated encoders for streaming and recording though, so you can't have the recording encoder set to "same as stream".

read more

LWN: Spectre, Linux and Debian Development

tuxmachines.org - Čet, 08/22/2019 - 11:19
  • Grand Schemozzle: Spectre continues to haunt

    The Spectre v1 hardware vulnerability is often characterized as allowing array bounds checks to be bypassed via speculative execution. While that is true, it is not the full extent of the shenanigans allowed by this particular class of vulnerabilities. For a demonstration of that fact, one need look no further than the "SWAPGS vulnerability" known as CVE-2019-1125 to the wider world or as "Grand Schemozzle" to the select group of developers who addressed it in the Linux kernel.
    Segments are mostly an architectural relic from the earliest days of x86; to a great extent, they did not survive into the 64-bit era. That said, a few segments still exist for specific tasks; these include FS and GS. The most common use for GS in current Linux systems is for thread-local or CPU-local storage; in the kernel, the GS segment points into the per-CPU data area. User space is allowed to make its own use of GS; the arch_prctl() system call can be used to change its value.

    As one might expect, the kernel needs to take care to use its own GS pointer rather than something that user space came up with. The x86 architecture obligingly provides an instruction, SWAPGS, to make that relatively easy. On entry into the kernel, a SWAPGS instruction will exchange the current GS segment pointer with a known value (which is kept in a model-specific register); executing SWAPGS again before returning to user space will restore the user-space value. Some carefully placed SWAPGS instructions will thus prevent the kernel from ever running with anything other than its own GS pointer. Or so one would think.

  • Long-term get_user_pages() and truncate(): solved at last?

    Technologies like RDMA benefit from the ability to map file-backed pages into memory. This benefit extends to persistent-memory devices, where the backing store for the file can be mapped directly without the need to go through the kernel's page cache. There is a fundamental conflict, though, between mapping a file's backing store directly and letting the filesystem code modify that file's on-disk layout, especially when the mapping is held in place for a long time (as RDMA is wont to do). The problem seems intractable, but there may yet be a solution in the form of this patch set (marked "V1,000,002") from Ira Weiny.
    The problems raised by the intersection of mapping a file (via get_user_pages()), persistent memory, and layout changes by the filesystem were the topic of a contentious session at the 2019 Linux Storage, Filesystem, and Memory-Management Summit. The core question can be reduced to this: what should happen if one process calls truncate() while another has an active get_user_pages() mapping that pins some or all of that file's pages? If the filesystem actually truncates the file while leaving the pages mapped, data corruption will certainly ensue. The options discussed in the session were to either fail the truncate() call or to revoke the mapping, causing the process that mapped the pages to receive a SIGBUS signal if it tries to access them afterward. There were passionate proponents for both options, and no conclusion was reached.

    Weiny's new patch set resolves the question by causing an operation like truncate() to fail if long-term mappings exist on the file in question. But it also requires user space to jump through some hoops before such mappings can be created in the first place. This approach comes from the conclusion that, in the real world, there is no rational use case where somebody might want to truncate a file that has been pinned into place for use with RDMA, so there is no reason to make that operation work. There is ample reason, though, for preventing filesystem corruption and for informing an application that gets into such a situation that it has done something wrong.

  • Hardening the "file" utility for Debian

    In addition, he had already encountered problems with file running in environments with non-standard libraries that were loaded using the LD_PRELOAD environment variable. Those libraries can (and do) make system calls that the regular file binary does not make; the system calls were disallowed by the seccomp() filter.

    Building a Debian package often uses FakeRoot (or fakeroot) to run commands in a way that appears that they have root privileges for filesystem operations—without actually granting any extra privileges. That is done so that tarballs and the like can be created containing files with owners other than the user ID running the Debian packaging tools, for example. Fakeroot maintains a mapping of the "changes" made to owners, groups, and permissions for files so that it can report those to other tools that access them. It does so by interposing a library ahead of the GNU C library (glibc) to intercept file operations.

    In order to do its job, fakeroot spawns a daemon (faked) that is used to maintain the state of the changes that programs make inside of the fakeroot. The libfakeroot library that is loaded with LD_PRELOAD will then communicate to the daemon via either System V (sysv) interprocess communication (IPC) calls or by using TCP/IP. Biedl referred to a bug report in his message, where Helmut Grohne had reported a problem with running file inside a fakeroot.

read more

Flameshot is a brilliant screenshot tool for Linux

tuxmachines.org - Čet, 08/22/2019 - 11:07

The default screenshot tool in Ubuntu is alright for basic snips but if you want a really good one you need to install a third-party screenshot app.

Shutter is probably my favorite, but I decided to give Flameshot a try. Packages are available for various distributions including Ubuntu, Arch, openSuse and Debian. You find installation instructions on the official project website.

read more

IBM/Red Hat and Intel Leftovers

tuxmachines.org - Čet, 08/22/2019 - 10:55
  • Troubleshooting Red Hat OpenShift applications with throwaway containers

    Imagine this scenario: Your cool microservice works fine from your local machine but fails when deployed into your Red Hat OpenShift cluster. You cannot see anything wrong with the code or anything wrong in your services, configuration maps, secrets, and other resources. But, you know something is not right. How do you look at things from the same perspective as your containerized application? How do you compare the runtime environment from your local application with the one from your container?

    If you performed your due diligence, you wrote unit tests. There are no hard-coded configurations or hidden assumptions about the runtime environment. The cause should be related to the configuration your application receives inside OpenShift. Is it time to run your app under a step-by-step debugger or add tons of logging statements to your code?

    We’ll show how two features of the OpenShift command-line client can help: the oc run and oc debug commands.

  • What piece of advice had the greatest impact on your career?

    I love learning the what, why, and how of new open source projects, especially when they gain popularity in the DevOps space. Classification as a "DevOps technology" tends to mean scalable, collaborative systems that go across a broad range of challenges—from message bus to monitoring and back again. There is always something new to explore, install, spin up, and explore.

  • How DevOps is like auto racing

    When I talk about desired outcomes or answer a question about where to get started with any part of a DevOps initiative, I like to mention NASCAR or Formula 1 racing. Crew chiefs for these race teams have a goal: finish in the best place possible with the resources available while overcoming the adversity thrown at you. If the team feels capable, the goal gets moved up a series of levels to holding a trophy at the end of the race.

    To achieve their goals, race teams don’t think from start to finish; they flip the table to look at the race from the end goal to the beginning. They set a goal, a stretch goal, and then work backward from that goal to determine how to get there. Work is delegated to team members to push toward the objectives that will get the team to the desired outcome.

    [...]

    Race teams practice pit stops all week before the race. They do weight training and cardio programs to stay physically ready for the grueling conditions of race day. They are continually collaborating to address any issue that comes up. Software teams should also practice software releases often. If safety systems are in place and practice runs have been going well, they can release to production more frequently. Speed makes things safer in this mindset. It’s not about doing the “right” thing; it’s about addressing as many blockers to the desired outcome (goal) as possible and then collaborating and adjusting based on the real-time feedback that’s observed. Expecting anomalies and working to improve quality and minimize the impact of those anomalies is the expectation of everyone in a DevOps world.

  • Deep Learning Reference Stack v4.0 Now Available

    Artificial Intelligence (AI) continues to represent one of the biggest transformations underway, promising to impact everything from the devices we use to cloud technologies, and reshape infrastructure, even entire industries. Intel is committed to advancing the Deep Learning (DL) workloads that power AI by accelerating enterprise and ecosystem development.

    From our extensive work developing AI solutions, Intel understands how complex it is to create and deploy applications for deep learning workloads. That?s why we developed an integrated Deep Learning Reference Stack, optimized for Intel Xeon Scalable processor and released the companion Data Analytics Reference Stack.

    Today, we?re proud to announce the next Deep Learning Reference Stack release, incorporating customer feedback and delivering an enhanced user experience with support for expanded use cases.

  • Clear Linux Releases Deep Learning Reference Stack 4.0 For Better AI Performance

    Intel's Clear Linux team on Wednesday announced their Deep Learning Reference Stack 4.0 during the Linux Foundation's Open-Source Summit North America event taking place in San Diego.

    Clear Linux's Deep Learning Reference Stack continues to be engineered for showing off the most features and maximum performance for those interested in AI / deep learning and running on Intel Xeon Scalable CPUs. This optimized stack allows developers to more easily get going with a tuned deep learning stack that should already be offering near optimal performance.

read more

11 Best Linux Distro for hacking and programming

tuxmachines.org - Čet, 08/22/2019 - 10:55

When it comes to choosing a Linux distribution for hacking or programming, there are a number of points that you should keep in mind. The operating system should run smoothly on your system, and if you are installing one on your primary computer, you should always go for the one that you know how to use properly.

But using an operating system for more specific purposes like cybersecurity, which I have discussed here, isn’t that straightforward.

Kali Linux is one of the best cybersecurity operating systems, but there are many which offer more streamlined functionalities. I recommend you to try out at least a few of the most intriguing Kali Linux alternatives I have discussed here before you finally make your decision.
So that was my list of top 10 Kali Linux alternatives, that is worth your time. Do you have anything to add? Feel free to comment on the same down below.

read more

Linux Foundation Initiatives for or With Involvement of IBM and Intel

tuxmachines.org - Čet, 08/22/2019 - 10:51
  • IBM OpenPOWER to Join Open Source Linux Foundation

    IBM has announced it was contributing the instruction set (ISA) for its Power microprocessor and the designs for the Open Coherent Accelerator Processor.

  • IBM joins Linux Foundation AI to promote open source trusted AI workflows

    "AI, as it matures, needs to mature in a way that is something that the general public can put their confidence and trust in," Todd Moore, IBM's VP of Open Technology, told ZDNet. "Too often, what we hear is the AI is a black box, they don't understand how it got to its results, there's bias in the models, there needs to be more fairness... We've heard that loud and clear, and we felt it was time to help the industry move forward."

  • Intel, Microsoft, Red Hat Open Source Tools for 'Confidential Computing'

    Members of the Linux Foundation, including Arm, Baidu, Google Cloud, Intel, Microsoft, Red Hat, Swisscom and Tencent, will start promoting the use of Trusted Execution Environments (TEEs), also called secure enclaves, for both cloud computing and PC applications.

    The participants in the newly formed group, called the Confidential Computing Consortium, plan to make open source multiple projects related to securing data in use. Intel will open source the SDK for its Software Guard Extension (SGX) chip feature.
    The SGX solution protects sensitive code and data of an application from being stolen or modified by malicious actors that may have taken over the operating system or virtual machine. Applications such as the end-to-end encrypted messenger Signal use SGX for private contact discovery without the need for the server to store users’ contacts in plaintext and unprotected.
    Microsoft also contributed the Open Enclave SDK, a framework for building app enclaves that work across various Trusted Execution Environment (TEE) architectures to the CCC. Each application that uses the Open Enclave SDK can be split into two components, an untrusted one that runs on the untrusted operating systems and a trusted one that’s protected from operating system malware.

read more

Akaunting: a web-based accounting system

tuxmachines.org - Čet, 08/22/2019 - 10:41

One of these years, LWN will have a new accounting system based on free software. That transition has not yet happened, though, despite the expending of a fair amount of energy into researching alternatives. Your editor recently became aware of a system called Akaunting, so a look seemed worthwhile. This tool may have the features that some users want, but it seems clear that your editor's quest is not done yet.

As an aside, additional motivation for this effort came in the form of an essentially forced upgrade to QuickBooks 2019 — something that QuickBooks users have learned to expect and dread. There appear to be no new features of interest in this release, but it does offer a newly crippled data import mechanism and routine corruption of its database. If your editor didn't know better, he might just conclude that proprietary software is buggy, unreliable, and unfixable.

[...]

The system is written in PHP and JavaScript; the code is licensed under GPLv3. Akaunting is able to use MySQL, PostgreSQL, or SQLite to store the actual data. It is, as one might expect given the implementation languages, designed to run as a web application; one can install it on a handy machine, but Akaunting (the company) also offers to host accounts free of charge on its own servers. The company promises "we cover it, for free, forever" — a pretty big promise for a free-software startup with a minimal track record.

read more

GNOME 3.33.91 released

tuxmachines.org - Čet, 08/22/2019 - 10:35

Hi developers, GNOME 3.33.91 is now available. This is the second beta version towards 3.34. If you want to compile GNOME 3.33.3, you can use the official BuildStream project snapshot: https://download.gnome.org/teams/releng/3.33.91/gnome-3.33.91.tar.xz The list of updated modules and changes is available here: https://download.gnome.org/core/3.33/3.33.91/NEWS The source packages are available here: https://download.gnome.org/core/3.33/3.33.91/sources/ WARNING! -------- This release is a snapshot of development code. Although it is buildable and usable, it is primarily intended for testing and hacking purposes. GNOME uses odd minor version numbers to indicate development status. For more information about 3.33, and the full schedule, please see our 3.33 wiki page: https://www.gnome.org/start/unstable Cheers, Abderrahim Kitouni GNOME Release Team

Also: GNOME 3.34 Beta 2 Brings Last Minute Improvements To GNOME Shell, Mutter & Friends

read more

How To Share Files Anonymously And Securely: Linux Alternatives to Google Drive

tuxmachines.org - Čet, 08/22/2019 - 10:14

The ability to share files regardless of the physical distance and almost instantaneously is one of the greatest characteristics of the Internet. With 4.3 billion Internet users at the beginning of 2019, the amount of data transferred over the Web is almost unimaginable.

But not all file-sharing services are created equal. In the era where personal data is the most valuable currency we can spend, it is important to ensure we send files over the Internet in a secure and anonymous way.

Read to find out why mainstream file-sharing services are not your best bet and how to pick an alternative solution.

read more

The Release of Raspberry Pi 4: What Does It Mean to You

tuxmachines.org - Čet, 08/22/2019 - 10:11

The release of Raspberry Pi 4 has been met with much enthusiasm from developers and tech enthusiasts. Since it is a major upgrade from Raspberry Pi 3B+, some are already pronouncing the long-anticipated model as the greatest single-board computer (SBC) ever.

However, a lot of it has to do with hype, as the dazzling features of Raspberry Pi 4 have been available with other SBC boards for quite some time. Whether it is video HDMI, a powerful processor or USB 3.0 ports, it is clear that Raspberry Pi arrived pretty late on the scene.

read more

Audiocasts/Shows: mintCast, TLLTS, BSD Now, Choose Linux and Matt Layman

tuxmachines.org - Čet, 08/22/2019 - 10:07
  • mintCast 315.5 – On OggCamp with Les and Dan

    In the second half, we interview Dan and Les about OggCamp and get more than we bargained for.

    Then, in our security update, we talk about how Chrome’s Incognito mode can be detected.

    Finally, we share feedback and point out a few things we found interesting this fortnight.

  • The Linux Link Tech Show Episode 822
  • Why Package Managers | BSD Now 312

    Valuable research is often hindered or outright prevented by the inability to install software. This need not be the case.

  • PCLinuxOS + Hugo | Choose Linux 16

    We check out a great tool for learning web development basics, and Distrohoppers brings us mixed experiences.

    Plus which of the 10 commandments for Linux users we agree with.

  • Celery In A Shiv App - Building SaaS #31

    In this episode, we baked the Celery worker and beat scheduler tool into the Shiv app. This is one more step on the path to simplifying the set of tools on the production server.

    I started the stream by reviewing the refactoring that I did to conductor/main.py. The main file is used to dispatch to different tools with the Shiv bundle.

read more

How the Linux desktop has grown

tuxmachines.org - Čet, 08/22/2019 - 08:49

I first installed Linux in 1993. At that time, you really didn't have many options for installing the operating system. In those early days, many people simply copied a running image from someone else. Then someone had the neat idea to create a "distribution" of Linux that let you customize what software you wanted to install. That was the Softlanding Linux System (SLS) and my first introduction to Linux.

My '386 PC didn't have much memory, but it was enough. SLS 1.03 required 2MB of memory to run, or 4MB if you wanted to compile programs. If you wanted to run the X Window System, you needed a whopping 8MB of memory. And my PC had just enough memory to run X.

read more

Ubuntu Touch OTA-10 Released With Device Fixes, Support For Draft Messages

Phoronix - Čet, 08/22/2019 - 07:17
The UBports community that maintains the (currently 16.04 LTS derived) Ubuntu Touch have now shipped OTA-10 as their newest over-the-air feature update...
Syndicate content
sfy39587f05