Odprtokodni pogled

Opensource view

tuxmachines.org

Syndicate content
Your source for Linux and Open Source news, reviews, and howtos.
Posodobljeno: 49 min 6 sec nazaj

Most Secure Operating Systems, VPN for GNU/Linux, and Latest GNU/Linux FUD

Tor, 12/11/2018 - 10:57
  • What’s the most secure operating system?

    Linux has a family of different free versions (known as distributions, or distros) to choose from, based on users’ computer skills. If you’re just getting started, check out Mint or Ubuntu. And because Linux is open-source, users can make copies of modified systems and give them away to friends in need.

  • Choose the Right VPN for Linux in 2019
  • Cryptomining campaign pulls new ‘Linux Rabbit’ malware out of its black hat [Ed: No, it's not ‘Linux Rabbit’ but ‘Weak Password Rabbit’; calling it Linux is rather misleading, distracts from the real problem.]
  • Linux malware: is it so hard to get it right? [Ed: Recognising Catalin Cimpaun for what he really is (and has always been): a clickbaiting troll. For CBS to employ him for ZDNet says a lot about the agenda.]

    Once again, so-called security researchers and tech writers have combined to provide misinformation about trojanised SSH scripts which can be run on a Linux server after said server is compromised through a brute-force attack and root status attained. And they call it Linux malware!
    Security firm ESET and ZDNet writer Catalin Cimpanu have both got it wrong in the past — the latter on numerous occasions as he simply does not seem to understand anything about the Linux security model — but both continue to persist in trying to pursue the topic. ESET has gone in the wrong direction on torrent files and clients too.

    Arguably, there is reason to do so: Linux and malware in the same headline do still serve as some kind of clickbait.

    [...]

    Cimpanu was more descriptive, but again made the same fundamental mistake. Malware can be created for any operating system, but the crucial question is how do you get it onto that system?

    [...]

    Cimpanu's former employer, Bleeping Computer, was also prone to screw-ups of this nature. Here is the editor of Bleeping Computer, Lawrence Abrams, expounding on ransomware targeting Linux servers.

    But then Bleeping Computer is a relatively small operation. One would have thought that ZDNet, which has tons of resources, would have a little more editorial quality control.

read more

Now you can run nginx on Wasmjit on all POSIX systems

Tor, 12/11/2018 - 10:17

Wasmjit team announced last week that you can now run Nginx 1.15.3, a free and open source high-performance HTTP server and reverse proxy, in user-space on all POSIX system.

Wasmjit is a small embeddable WebAssembly runtime that can be easily ported to most environments. It primarily targets a Linux kernel module capable of hosting Emscripten-generated WebAssembly modules. It comes equipped with a host environment for running in user-space on POSIX systems. This allows you to run WebAssembly modules without having to run an entire browser. Getting Nginx to run had been a major goal for the wasmjit team ever since its first release in late July.

read more

Nextcloud 15 goes social, enforces 2FA and gives you a new generation real-time document editing

Tor, 12/11/2018 - 09:47

Nextcloud 2018 ends the year with a big announcement: Nextcloud 15 is here! This release marks a big step forward for communication and collaboration with others in a secure way, introducing...

read more

Winterize your Bash prompt in Linux

Tor, 12/11/2018 - 09:28

Hello once again for another installment of the Linux command-line toys advent calendar. If this is your first visit to the series, you might be asking yourself what a command-line toy even is? Really, we're keeping it pretty open-ended: It's anything that's a fun diversion at the terminal, and we're giving bonus points for anything holiday-themed.

Maybe you've seen some of these before, maybe you haven't. Either way, we hope you have fun.

read more

GNOME Devs Experiment with a Refreshed GTK & Icon Theme

Tor, 12/11/2018 - 09:27

Now, if you’re a regular reader of this site then may recall our post on a new GNOME icon theme back in July. At the time only a handful of core GNOME apps had been given newly redesigned icons.

Fast forward a season or so and not only is the give-core-apps-new-icons initiative well underway, but the redesign effort has extended to other parts of the desktop experience, including the default theme.

Modernising the look and feel of GNOME apps and the shell is a) a bit overdue and happening as part of a wider update to GNOME design guidelines. The idea is to give the desktop a distinct yet consistent appearance.

read more

Programming: Python, Mozilla and HowTos

Tor, 12/11/2018 - 09:03

read more

Open source autonomous driving project to build on 96Boards SBCs

Tor, 12/11/2018 - 08:54

Linaro, Tier IV, and Apex.AI have co-founded an Autoware Foundation to establish an open source platform for autonomous vehicles built around Tier IV’s Linux/ROS based Autoware stack and some future 96Boards SBCs.

Japan-based intelligent vehicle technology company Tier IV has joined with Arm-backed Linaro and autonomous driving software firm Apex-AI to launch the Autoware Foundation. The not-for-profit organization will develop open source hardware and software built around the Linux and ROS based Autoware software developed by Tier IV, which sells small electrical vehicles (EVs) that run Autoware.

read more

Events: KubeCon, The Spindle, Fedora 29 Release Party Novi Sad

Tor, 12/11/2018 - 08:50
  • Red Hat KubeCon Seattle 2018 Events & Demos

    Stop by the Red Hat booth D1 to explore 1:1 demos and speak with our open source specialists. We’ll be giving away Red Hat beanies, stickers, Command Line Hero coloring books and more, while supplies last.

  • Future Session #10 Open Innovation & Open Design

    On November 27th 2018, The Spindle, in collaboration with HumanityX, organised a Future Session about global technological developments and open innovation & open design. Participants to this meeting came from various organisations, sectors, and backgrounds, which provided fruitful input and discussions, especially during the workshop part of the session.

    The session was led by expert Diderik van Wingerden, who is an Open Source Innovation expert and pragmatic idealist. To find out more about Diderik and his work, visit www.think-innovation.com. You can find Diderik’s presentation and the material that he used for this session here.

    Introduction to Technological Trends

    Diderik started off by presenting a great selection of today’s technological trends and developments, among which virtual reality, big (open) data, artificial intelligence (AI), blockchain, 3D printing, open source & open design, internet of things and robots & drones.

  • Fedora 29 Release Party Novi Sad

    Fedora 29 Release Party was held at University of Novi Sad in Serbia like our previous events. Around 50 Fedorians were presents, and I am happy to report that I saw a lot of new faces.

read more

Security: Google+, Tails, Thunderbolt and More

Tor, 12/11/2018 - 08:32
  • Google to Shut Down Google+ 4 Months Earlier After Second Data Hack

    Google+ still hadn’t recovered from the data leak it suffered in October. And now it has to go through the same fortune yet again. The company today announced that a new security loophole found last month can impact 52.5 million users. The data of these users can be taken from the apps that use the API of Google+.

    The data of the 52.5 million users consists of their personal information like name, age, occupation, and email address. Even if the accounts are set on private, developers will be able to access the profile information due to the security bug. Even if the information was set to private, developers had easy access to the data of the users.

  • An evil Penguin grabs the persistence partition’s key of a friend’s Tails operating system
  • Pop the Box

    Let[s] talk a little about this box. In this HTB machine we will see only one port is open and that will be the http one , we will fireup the dirbuster to find the different files and directories inside that website. We will came to know about the phpbash file from where we will be getting code execution. After getting the ever shell we will enumerate more and will be able to find the way to escalate the privileges and became root. This time I have made two video[s] the first one will be on getting our first reverse shell on the box and the second one will be on how we will be able to escalate the privileges. Hope you guys will enjoy it. In last but not the least I have uploaded some file[s] from which you will be able to learn about bash scripting, python and you will learn about the cronjob working.

  • Linux 4.21 Will Better Protect Against Malicious Thunderbolt Devices

    Linux 4.21 is set to further improve the system security around potentially malicious Thunderbolt devices.

    The new protection with Linux 4.21 is the enabling of IOMMU-based direct memory access (DMA) protection from devices connected via Thunderbolt. PCI Express Address Translation Services (PCIe ATS) is also disabled to prevent possibly bypassing that IOMMU protection, per this pull.

read more

Server: Intel, Red Hat, Amazon, Google, Lenovo and SUSE

Tor, 12/11/2018 - 08:23
  • Intel Launches Open-Source Deep Learning Reference Stack Powered By Clear Linux & Kata

    The Intel Deep Learning Reference Stack is an integrated, performance-focused open-source stack built atop their Clear Linux distribution, utilizes their Kata Containers technology, the Intel Math Kernel Library, and supports TensorFlow and other machine learning frameworks.

  • Open Source's Evolution in Cloud-Native DevOps

    “Open source, and especially the open source community, are constantly coming up with new tools, approaches and best practices to solve business use cases in the cloud native world. Not a day goes by where we don’t see a new tool, library or framework seeing the light on GitHub that is solving key problems that adopters of cloud native run into as they start rolling out more applications through a DevOps delivery pipeline,” Andreas Grabner, a DevOps activist, for Dynatrace, said. “Thanks to the openness of the community and the willingness to share best practices with others, open source is a core building block of the cloud native movement. The flipside of this, however, is that many organizations are overwhelmed with the constant change in open source offerings.”

  • OpenShift & Kubernetes: Where We’ve Been and Where We’re Going Part 1

    As we approach the end of another year for Red Hat OpenShift and Kubernetes, and another Kubecon, which I believe will be even bigger than the last, it’s a great time to reflect on both where we’ve been and where we’re going. In this blog I will look back over the past 4+ years since Red Hat first got involved in the Kubernetes project, where we have focused our contributions and the key decisions that got us to this point. Then in Part II, I will look ahead at some of the areas we’re focusing on now and into the future.

  • Red Hat Satellite 6.4.1 is now generally available

    Red Hat Satellite 6.4.1 is now generally available. The main drivers for the 6.4.1 release are upgrade and stability fixes. Thirteen bugs have been addressed in this release - the complete list is at the end of the post. The most notable issue is compatibility with Red Hat Enterprise Linux 7.6.

    There is one erratum for the server and one for the hosts. The install ISOs will be updated soon, but customers registered via Red Hat Subscription Manager can update via `foreman-maintain` as described in the upgrade guide today.

  • How AWS Lambda Serverless Works

    Four years ago, Amazon Web Services (AWS) launched a revolution with the debut of its Lambda service. Rather than being an expansion of existing virtual machine services that provide cloud based servers, Lambda offered users a different promise - the promise of 'serverless' computing.

  • How Google Is Improving Kubernetes Container Security

    The open-source Kubernetes container orchestration project has become increasingly important in recent years as organizations rely on it to deploy applications. With the increased reliance has come increased scrutiny on security, especially at Google, which hosts a managed Kubernetes service called Google Kubernetes Engine (GKE).

    In a call with press ahead of the KubeCon conference that runs Dec. 11-13 in Seattle, Maya Kaczorowski, product manager, Security & Privacy, at Google, outlined the steps Google is taking to help secure Kubernetes now and into the future.

  • Cumulus Networks Partners with Lenovo to Deliver Networking Switches for the Open, Modern Data Center

    Together, Lenovo and Cumulus Networks provide operational efficiency with the robust Linux ecosystem, scalability with Ethernet VPN, and a simplified cloud-based operational model. Lenovo fulfills its promise of vendor flexibility, while at the same time delivering true open switch products that enable organizations to choose the OS best suited for its business.

  • SAP HANA Systemreplication Automation with SUSE HA on Alibaba Cloud
  • Red Hat collaborates with Google, SAP, IBM and others on Knative to deliver hybrid serverless workloads to the enterprise

read more

Games: Doom's' 25th Anniversary, Unvanquished, Star Ruler 2, Humble Indie Mega Week

Tor, 12/11/2018 - 08:18
  • Game Engine Black Book: DOOM

    Today is Doom's' 25th anniversary. To mark the occasion, Fabien Sanglard has written and released a book, Game Engine Black Book: DOOM.

  • DOOM Changed the Game 25 Years Ago Today

    Doom was one of the most influential video games of all time. It was state of the art in 1993, and it was literally a game changer.

    It’s hard to overstate just how much it changed the character of video gaming. Looking through the eyes of an action game’s hero was a novel experience, one first made possible by John Carmack and John Romero with their previous hit, Wolfenstein 3D.

    This game was everywhere. You couldn’t walk into a computer store in the 90s without seeing it on half a dozen screens. Shops would run it on their best, fastest computer to demonstrate how fast that computer was. The bigger and more powerful the computer got, the faster the game ran on the computer, and the top of the line 486 and Pentium computers could display the game full-screen at 30 frames per second—something that had mostly been impossible with a 3D game up until that point. People would buy new computers just to run that game; chances are it made more money for the hardware makers than it did for Id.

  • Cumulus Networks Partners with Lenovo, Unvanquished Game Announces First Alpha in Almost Three Years, KDE Frameworks 5.53.0 Released, Git v2.20.0 Is Now Available and Major Milestone WordPress Update

    Developers of the open-source game Unvanquished announce a new alpha release, Unvanquished Alpha 51 today, marking their first release in almost three years. According to Phoronix, the beta should drop soon as well. See the game's website for details.

  • Star Ruler 2 Now Available to Install via Snap in Ubuntu

    Star Ruler 2, a space 4X / RTS hybrid developed by Blind Mind Studios, now can easily installed in Ubuntu 16.04, Ubuntu 18.04 and higher via Snap package.

  • Humble are doing an 'Indie Mega Week' that's worth a look for some cheap Linux games

    Take the chill off with some toasty new games, now with money off in the Humble Indie Mega Week sale.

read more

Windows 10 Sends Your Activity History to Microsoft, Even if You Tell It Not To

Tor, 12/11/2018 - 08:13

Windows 10 collects an “Activity History” of applications you launch on your PC and sends it to Microsoft. Even if you disable or clear this, Microsoft’s Privacy Dashboard still shows an “Activity History” of applications you’ve launched on your PCs.

This problem was recently discussed on Reddit, and it’s pretty easy to confirm. Head to Settings > Privacy > Activity History and disable “Send my activity history to Microsoft.” It was already disabled on our PC, so it made this easy to test.

read more

today's howtos

Tor, 12/11/2018 - 07:45

read more

Rescue your Linux with Elinks text browser

Tor, 12/11/2018 - 07:38

I contemplated long and hard what title to use for this article, because the topic is somewhat convoluted. So let me explain. Say you have a Linux box that suddenly refused to boot into the desktop environment. For instance, you may have just installed graphics drivers, but they are not loading, and you don't get any graphical interface. Only a text shell. The old runlevel 3 stuff.

At this point, rescuing the system will usually require three things: skill, access to the Web, and some extra files, like updated drivers, new kernel, whatever. The first one comes with you, but the two other two, well, for most people, going about the Web is not doable without a browser, which means UI. Except, not really. You can use a text browser, and in this article, I'll show you how to use Elinks to search the Web, grab packages and drivers, and fix your box. After me.

read more

Adiantum File-System Encryption Support Ready For Linux 4.21

Tor, 12/11/2018 - 06:42

Adiantum, Google's newly developed crypto algorithm to replace their planned use of the controversial Speck, is ready to begin providing speedy file-system encryption support for low-end devices with the upcoming Linux 4.21 merge window.

Adiantum is intended to be eventually used by low-end Android Go devices where their limited SoCs don't provide any hardware crypto extensions. As covered back in November, Adiantum was added to the Linux kernel's crypto subsystem is staging it ahead of Linux 4.21.

read more

The PCLinuxOS Magazine Graphics Special Edition, Volume 1

Tor, 12/11/2018 - 05:45

The PCLinuxOS Magazine staff is pleased to announce the release of the Graphics Special Edition, Volume 1 of the PCLinuxOS Magazine. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw.

read more

today's leftovers

Pon, 12/10/2018 - 21:03
  • Mad Dog 21/21: Hat In Hand

    IBM’s acquisition of Red Hat is for Ginni Rometty as vital and significant as Lou Gerstner’s development of IBM’s services business in the 1990s. If IBM can properly integrate Red Hat, IBM’s legacy businesses and strategic initiatives will all be reinvigorated. This is not merely desirable, but absolutely necessary. Without the Red Hat acquisition, IBM is threatened with advancing torpidity and imminent decline. For IBM right now, it is Red Hat do or die.

    Red Hat’s Enterprise Linux operating system already contributes to the viability of IBM’s server offerings. But when an IBM hardware customer, let’s say a mainframe shop, installs RHEL it does so with other Linux alternatives on other platforms looming as contenders. Until now, those contenders could argue that IBM’s hardware is not the most prominent platform for RHEL, and therefore not the primary recipient of updates, security fixes and enhancements. That will no longer be the case. IBM will be able to assert its prominence in the Red Hat universe. A similar case can now be made for services arrangements that include the use of Red Hat products. When it comes to strategic initiatives, IBM will be able to combine its AI technologies including Watson related services, with Red Hat products and services. Basically, IBM’s position in competition with HP, Microsoft and Oracle will be enhanced, even if Red Hat continues to assert its independence and self-direction.

  • How Open Policy Agent Works to Secure Cloud-Native Workloads

    A core element of IT security is having proper policies in place that define what is and what isn't allowed for a given process or entity.

    In the cloud-native world, where there are multiple distributed elements that can live in different deployment modalities, the challenge of defining and implementing policy is nontrivial, but that's the challenge that the Open Policy Agent (OPA) project is looking to solve. In a session at the DockerCon Europe 2018 event in Barcelona, Spain, this week, Torin Sandall, software engineer at Strya, and Justin Cormack, software engineer at Docker, outlined how OPA can help to create and enforce security.

  • QtWS post (-scriptum)

    This week I was briefly in Berlin for the Qt World Summit, or QtWS for short. I was there to run the KDE booth as part of the exposition at the summit, rather than to do any talks (or, for that matter, watch any). First, a bunch of thanks are in order: to Sari and Milja from Moodboard for organising most of the things, to Katica from the Qt Company for doing PR on the show floor, to Kai and Roman from KDE for standing at the booth with me, and to the 700-or-so attendees for listening to us when we talk about KDE as a community, about KDE Frameworks and Plasma in laptops, tablets, phones and embedded. Thanks also to Paul and kde-promo for getting us some nice source material for stickers and shirts.

  • Fedora 30 To Finally Use GnuPG 2 As The Default

    While many Linux distributions have moved past GnuPG 1 and some no longer even packaging it, Fedora Linux continues using GnuPG 1 as the default gpg, but that is likely to change with Fedora 30.

  • Please test GnuTLS 3.6 in experimental

    GnuTLS 3.6.x has been marked stable with release 3.6.5. Binary packages are available in experimental. - Please test! FWIW I have rebuilt all reverse build-dependencies without finding GnuTLS-triggered build errors.

  • Two printers with one Rpi?

    Last time I tried printing with the raspberry pi I had only one machine to try with now I have two. Lets see if the Pi can handle two instances of AtCore and control two 3d printers at the same time. This is a follow up to AtCore takes to the pi. So please read that for more about the RPi setup. This post is in video form, please enjoy.

  • Arch Linux ARM on the Allwinner NanoPi A64

    I've obtained two NanoPi A64's a long while ago and recently thought of setting them up as a HA cluster as an exercise. Since setting it up with real hardware is a lot more fun then with VM's or containers. And I wanted to try out aarch64 and see how well that fares on mainline Linux.

  • Electron and the Decline of Native Apps
  • Phoronix Test Suite 8.4.1 Released For Better BSD Support, RHEL7 Bug Workaround

    Phoronix Test Suite 8.4.1 is now available as a minor but important update to last month's Phoronix Test Suite 8.4-Skiptvet release.

read more

OSS Leftovers

Pon, 12/10/2018 - 20:55
  • How Can We Bring FOSS to the Virtual World?

    Will the free and open-source revolution end when our most personal computing happens inside the walled gardens of proprietary AI VR, AR, MR, ML and XR companies? I ask, because that's the plan.

    [...]

    Buying all this is the cost of entry for chefs working in the kitchen, serving apps and experiences to customers paying to play inside Magic Leap's walled garden: a market Magic Leaps hopes will be massive, given an investment sum that now totals close to $2 billion.

    The experience it created for me, thanks to the work of one early developer, was with a school of digital fish swimming virtually in my physical world. Think of a hologram without a screen. I could walk through them, reach out and make them scatter, and otherwise interact with them. It was a nice demo, but far from anything I might crave.

    But I wondered, given Magic Leap's secretive and far-advanced tech, if it could eventually make me crave things. I ask because immersive doesn't cover what this tech does. A better adjective might be invasive.

  • Open source will be the next big thing for the channel

    With cloud vendors developing more industry-specific solutions, channel partners must also hone in on vertical industry knowledge to capitalise on these markets. 

    Flexibility will also be a key selling point which open source solutions provide: enterprises are seeking a hybrid-cloud approach to eliminate vendor lock-in, which means they’re likely to benefit from working with open source channel partners.

    With the rapid development and maturity that open source solutions provide, a shift toward higher adoptions rates in cloud workloads on Linux will become the new norm.

  • AI & data science: Open source makes NSE smart and secure

    National Stock Exchange of India (NSE which used V-SAT to transmit data securely in 1993, had shifted to Red Hat open source later. In the last few years it has been strengthening that partnership further with the integration of cloud infrastructure in its data systems to not simply improve data security, but also to implement Artificial Intelligence (AI) and data science in its systems. The implementation of cloud-based AI platform enables NSE to clock a daily turnover of Rs 3,00,000 crore with 1.2 billion daily transactions. It is the largest stock exchange in India in terms of market volume and market share.
    Says Yatrik R Vin, CFO, NSE India, “There are certain cases on which we use open source’s capabilities extensively. They are risk management at client and investor level, cost reductions and making our systems talk to the public without manual intervention.” He reminisces that during the financial crisis of 2008, not a single rupee was affected, because of the risk management capabilities of the eight-sigma level open source core systems that were in use at NSE India.

  • List of Twitters of Free Software Projects and Communities
  • OpenSMTPD proc filters & fc-rDNS

     

    I have committed full proc filtering support today, allowing a standalone filter to perform all kind of filtering on every single phase of an SMTP session.

  •  

  • TenFourFox FPR11 available

    TenFourFox Feature Parity Release 11 final is now available for testing (downloads, hashes, release notes). Issue 525 has stuck, so that's being shipped and we'll watch for site or add-on compatibility fallout (though if you're reporting a site or add-on that doesn't work with FPR11, or for that matter any release, please verify that it still worked with prior versions: particularly for websites, it's more likely the site changed than we did). There are no other changes other than bringing security fixes up to date. Assuming no problems, it will go live tomorrow evening as usual.

read more

Programming Leftovers

Pon, 12/10/2018 - 20:51
  • C Programming Language - Introduction

    This tutorial is the first part of a C programming language course on Linux. C is a procedural programming language that was designed by American computer scientist Dennis Ritchie. Please note that we'll be using Linux for all our examples and explanation. Specifically, we'll be using Ubuntu 18.04 LTS.

  • DSF 2019 Board Election Results

    I'm pleased to announce the winners of our 2019 DSF Board of Directors election.

    [...]

    This year we had 17 great candidates and while not everyone can get elected each year I hope they all consider running again in the 2020 election.

    Another item of note with this election is that our Board is now comprised of two thirds women, which is a first for the DSF.

  • coloured shell prompt
  • Create multiple threads to delete multiple files with python

read more

sfy39587f05