Odprtokodni pogled

Opensource view


Security updates for Tuesday

LWN.net - Tor, 07/02/2019 - 15:38
Security updates have been issued by Arch Linux (firefox, firefox-developer-edition, libarchive, and vlc), CentOS (firefox, thunderbird, and vim), Debian (firefox-esr, openssl, and python-django), Fedora (glpi and xen), Mageia (thunderbird), openSUSE (ImageMagick, irssi, libheimdal, and phpMyAdmin), Red Hat (libssh2 and qemu-kvm), Scientific Linux (firefox, thunderbird, and vim), SUSE (389-ds, cf-cli, curl, dbus-1, dnsmasq, evolution, glib2, gnutls, graphviz, java-1_8_0-openjdk, and libxslt), and Ubuntu (python-django).

Fedora, CentOS and Red Hat Cloudwashing

tuxmachines.org - Tor, 07/02/2019 - 15:34
  • A Closer Look at Fedora Projects

    The Fedora Project is a community of people working together to build free and open source software platform and to collaborate on and share user-focused solutions built on that platform. It makes an operating system and make it easy for people to do useful stuff with it.
    Actually, they produce several operating systems, or editions. The one that new contributors are most likely to be interested in, and focused on, is Fedora Workstation. Fedora Workstation has a wide range of software that’s suitable for almost anyone. All of the software provided with Fedora is open source and free to download and use.

  • CWS : Complete guide to install CentOS Web Panel

    Centos Web Panel is a free web hosting tool that provides a GUI for quick & easy management of the of servers, both VPS & Dedicated, with minimum efforts. Its available to install & use on RPM based distributions, like CentOS, RHEL etc.

    Centos Web Panel comes with lots for features & services, it automatically installs LAMP stack along wth varnish cache. Some other features & services are ,

  • Introduction to cloud-native application environment architecture

    Cloud-native environment architecture can be challenging to understand. To help make sense of it for application developers and software/system architects,  I will attempt to explain the various parts and how they work together. Toward this end, I find it helpful to think about the architecture in four separate layers: application software development, service scaling, application network, and container orchestration platform.

    In this article, I will describe the first technology layer: application software development. I drew the following diagram to make these concepts easier to visualize.

read more

Programming Leftovers

tuxmachines.org - Tor, 07/02/2019 - 15:32
  • Jupyter Notebook 101

    Last year, I released a book entitled Jupyter Notebook 101. In celebration of a successful launch, I have decided to do a little contest.

  • Jupyter and data science in Fedora

    Most modern data scientists use Python. And an important part of their work is EDA (exploratory data analysis). EDA is a manual and interactive process that retrieves data, explores its features, searches for correlations, and uses plotted graphics to visualize and understand how data is shaped and prototypes predictive models.

    Jupyter is a web application perfect for this task. Jupyter works with Notebooks, documents that mix rich text including beautifully rendered math formulas (thanks to mathjax), blocks of code and code output, including graphics.

  • One CI/CD pipeline per product to rule them all

    When I joined the cloud ops team, responsible for cloud operations and engineering process streamlining, at WorkSafeBC, I shared my dream for one instrumented pipeline, with one continuous integration build and continuous deliveries for every product.

    According to Lukas Klose, flow (within the context of software engineering) is "the state of when a system produces value at a steady and predictable rate." I think it is one of the greatest challenges and opportunities, especially in the complex domain of emergent solutions. Strive towards a continuous and incremental delivery model with consistent, efficient, and quality solutions, building the right things and delighting our users. Find ways to break down our systems into smaller pieces that are valuable on their own, enabling teams to deliver value incrementally. This requires a change of mindset for both business and engineering.

  • What makes a good code review in DevOps?

    Improving the software development lifecycle, the speed we deliver software to customers, and the quality of that software are all great premises of DevOps. They are goals that the tools and techniques prescribed by the DevOps movement attempt to achieve. As a developer, I feel freer to make changes rapidly, not just to source code, but also to infrastructure and configuration code. As a DevOps practitioner, my goal is to balance that freedom with quality and security. How? One tool we can use is code reviews.

  • The DataFrame Object in Pandas

    DataFrame Object in Pandas is used to plot the data table as well as to keep the data for the later usage. Let us look at a few examples below.

    Hello and welcome back, in this article we will take a look at the DataFrame object and its usages. We will continue to look at the usage of other Objects before we will actually start to create this new web analytics project.

    Before anything, let us create the DataFrame object.

read more

Experience the Ubuntu system on the new tiny CHUWI MiniBook

tuxmachines.org - Tor, 07/02/2019 - 15:19

In just one week, the crowd-funding target of CHUWI MiniBook, launched by this chinese OEM manufacturer has went over the set goal by 1632% with the crowdfunding amount exceeding $410,000. It has been backed by 1,458 supporters and this number is still growing.

Since a lot of users are asking whether CHUWI MiniBook supports the Linux system. Today we will show you the experience of installing the Ubuntu system on this tiny laptop, which will help more UMPC enthusiasts make purchasing decisions.

read more

AMD Radeon Pro WX 3200 Announced As A Small Form Factor $199 USD Workstation Card

Phoronix - Tor, 07/02/2019 - 15:13
For those looking for a small form factor workstation-oriented graphics card or just a budget workstation GPU in general, AMD today announced the Radeon Pro WX 3200...

What are Symbolic Links in Linux and Why are They Used

tuxmachines.org - Tor, 07/02/2019 - 14:45

This detailed tutorial tells you what are symbolic links, how to create a symbolic links and other important things associated with symlinks.

read more

Backbox Linux Releases Update To Version 6.0

tuxmachines.org - Tor, 07/02/2019 - 14:27

While I was away last month I got an interesting email/request by Backbox Linux Community Staff to release an article covering the release of their latest version; upgraded to version 6.0. Before getting into that however, for those of you whom might be unfamiliar with the product, Backbox Linux is an increasingly popular ethical hacking and penetration testing Linux distro – complete with all of the most modern tools and programs utilized by professionals working in these fields. In fact, Backbox Linux made Rogue Security Labs list of the most popular/widely used hacking-based Operating Systems earlier this year after receiving a review of it from “Al1ne3737” – formerly of “Pryzraky.”

read more

NVIDIA Announces GeForce RTX 2060 / 2070 / 2080 SUPER GPUs

Phoronix - Tor, 07/02/2019 - 14:15
Following weeks of leaks and other rumors, NVIDIA today finally lifted the lid on their new "SUPER" line-up with the revised RTX 2060 / RTX 2070 / RTX 2080 graphics cards with more competitive value especially in light of AMD's Radeon RX 5700 series offerings coming to market next week...

Security and DRM Leftovers

tuxmachines.org - Tor, 07/02/2019 - 14:14
  • GNU Binutils Binary File Descriptor Library Heap-Based Buffer Over-Read Vulnerability [CVE-2019-12972]

    A vulnerability in the Binary File Descriptor (BFD) library, as distributed in GNU Binutils could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.The vulnerability is due to a heap-based buffer over-read condition that exists in the _brd_doprntfunction, as defined in the bfd.c source code file of the affected software. An attacker could exploit this vulnerability by submitting malicious executable and linkable format (ELF) input to the targeted system. A successful exploit could cause the affected software to stop responding or crash, resulting in a DoS condition.Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.The vendor has confirmed the vulnerability and released software updates.

  • enSilo Endpoint Security Platform 3.1 Product Review

    The collector installers were straightforward, but we found the server to be confusing. We had trouble getting all VMs to report back to the cloud server. Additionally, we were unable to get the Ubuntu machine installed and reporting correctly.

    We were able to get the CentOS machine online and connected, but when we went back and checked on it, it was in a disconnected state. The reasons for this were unclear to us, and, we concluded, the Linux offerings need some work.

  • Cleaning a broken GNUpg (gpg) key

    I've long said that the main tools in the Open Source security space, OpenSSL and GnuPG (gpg), are broken and only a complete re-write will solve this. And that is still pending as nobody came forward with the funding. It's not a sexy topic, so it has to get really bad before it'll get better.

    Gpg has a UI that is close to useless. That won't substantially change with more bolted-on improvements.

    Now Robert J. Hansen and Daniel Kahn Gillmor had somebody add ~50k signatures (read 1, 2, 3, 4 for the glory details) to their keys and - oops - they say that breaks gpg.

    But does it?

  • Multiple Facebook Pages Caught Spreading Remote Access Trojans Since 2014

    Researchers from cybersecurity firm Check Point have uncovered a Facebook campaign that has been spreading malware since 2014. The campaign was operating under the posts that discussed the political situation in Libya.

    Notorious Remote Access Trojans (RATs) like SpyNote, Houdini and Remcos were spread through Facebook pages and it is believed that the residents of Libya, the US, China, and Europe have been affected by it.

  • Microsoft is about to shut off its ebook DRM servers: "The books will stop working"

    "The books will stop working": That's the substance of the reminder that Microsoft sent to customers for their ebook store, reminding them that, as announced in April, the company is getting out of the ebook business because it wasn't profitable enough for them, and when they do, they're going to shut off their DRM servers, which will make the books stop working.

    Almost exactly fifteen years ago, I gave an influential, widely cited talk at Microsoft Research where I predicted this exact outcome. I don't feel good about the fact that I got it right. This is a fucking travesty.

  • Sony, Microsoft, Nintendo Say Trump Tariffs Will Make Game Consoles Hugely More Expensive [Ed: Those are just DRM boxes]

    If you hadn't noticed by now, Trump's efforts to use tariffs to somehow magically improve the country's standing in the world aren't based on much in the way of sound logic or economic theory. And companies who've been forced to reconfigure and relocate their entire supply chains (to countries like Taiwan) to avoid massive penalties are likely to just pass those costs on to American consumers, something said consumers haven't really fully grokked yet. Countless CEOs think the entire gambit is immeasurably stupid, but have been hesitant to be too pointed in their criticism for fear of upsetting administration regulators.

    As the actual bill comes due however, consumers are likely to wake up from their slumber. Maybe.

    Case in point: Microsoft, Sony, and Nintendo this week fired off a letter to the Office of the United States Trade Representative, warning the Trump administration's plan to bump Chinese tariffs from 10 to 25 percent will have a profoundly-negative impact on the game industry. With 96 percent of game consoles made in China last year, the act of reconfiguring their entire supply chains will have a massive impact on the sector's bottom line and the numerous connecting companies that tendril out from the big three gaming giants.

read more

AMD "GFX8" Hardware Now Has Expanded DCC Support With RADV Vulkan Driver

Phoronix - Tor, 07/02/2019 - 14:07
The latest work by Valve open-source Linux graphics driver contributor Samuel Pitoiset is on offering Delta Color Compression (DCC) support for layers with the Vulkan RADV driver...

Cinnamon 4.2 Early Testing

tuxmachines.org - Tor, 07/02/2019 - 13:39

it's been a while since posted a post here, but that's because of my work load which was way so hectic, so i didn't have time to post an update on Slackware or other things related to Slackware, but for today, i will make an exception since it's time to play with Cinnamon 4.2, the latest release of Cinnamon, which is yet to be announced, but the tarballs are already released on their github project page.

There's no news yet on their blog, but i'm guessing they will release it soon after they mark it as stable. It took several minor releases to ensure stability and compatibility in Cinnamon based on past track records. We had some minor issue dealing with cinnamon-settings-daemon for Slackware-Current since they moved to support newer UPower 0.99 API while in Slackware, we still use the old UPower 0.9.23. In the end, upstream patched a bit, but i'm not really sure the power management component works best since i haven't tried it yet on a laptop (desktop is fine).

Also new: Cinnamon 4.2.0

read more

Vlada in spletni piškotki: Dobre prakse informacijskega pooblaščenca so se ustalile

Slo-Tech - Tor, 07/02/2019 - 13:01
Vlada in spletni piškotki: Dobre prakse informacijskega pooblaščenca so se ustalile Slo-Tech - Vlada Republike Slovenije je včeraj predstavila prenovljeno osrednje spletno mesto državne uprave GOV.SI. Pol milijona evrov vredna spletna stran ima cilj uporabniku na prijaznejši način na enem mestu zagotoviti vsebino organov državne uprave. Več na Slo-Techu.

Mir 1.3 Released With Wayland Improvements, New AL Features

Phoronix - Tor, 07/02/2019 - 12:52
Mir 1.3 was released today as the newest version of Canonical's project making it easier to write desktop shells with Wayland support...

Games: GOG, Linux Gaming News Punch, Various New Games, New Valve Stats and Godot Engine 4.0 Updates

tuxmachines.org - Tor, 07/02/2019 - 12:47
  • Humble Store is doing a "DRM-Freedom" sale, GOG also has multiple themed sales going

    It's not just Steam doing a big event at the moment, as both Humble Store and GOG just released two new sales events.

    First up we have the DRM-Freedom Sale from Humble Store and as the name suggests, all games included have DRM-free builds available. For those of you who like to make sure you get a Steam key and a proper DRM-free backup, you can find some sweet Linux gaming deals inside like...

  • Linux Gaming News Punch - Episode 19

    Has it been a week already? Yes it has, Episode 19 of the Linux Gaming News Punch is here to help you keep track of a few interesting topics over the last week or so.

  • Rocket League turns 4, moves into the 2nd phase of the Radical Summer event with a Spike Rush game mode

    Not only has Rocket League moved onto the second phase of the Radical Summer event complete with a new time-limited game mode, it's also about to turn four.

    As the sequel to Supersonic Acrobatic Rocket-Powered Battle-Cars, Rocket League released on July 7th back in 2015, it later came to Linux in September 2016 and it continues to remain a very popular title regularly pulling in over fifty thousand players and that's just on Steam. When trying it earlier, over two hundred thousand players were in-game overall.

  • The former Paradox Interactive CEO thinks "platform holders" 30% cut is "outrageous"

    During Gamelab 2019 at a panel hosted by GamesIndustry.biz, Paradox Interactive's former CEO Fredrik Wester (now the Executive Chairman of the Board at Paradox Interactive) talked about the cut "platform holders" take from sales and they're not impressed.

    The one this always comes back to is Valve's store Steam, which has a standard 30% cut they take from developers. Although, they did tweak this for higher earning games in December last year so for games that earn $10 million it's reduced to 25% and 20% at $50 million.

  • Valve's Steam Survey Data Shows Linux Usage Pulling Back During June

    While Linux usage of Steam as a percentage has generally been flat or ticking up slightly each month since last year when Valve introduced Steam Play for allowing many Windows games to run gracefully on Linux, during June was the first time in a while seeing a decline.

  • Fantasy Strike, a really great fighting game is officially launching on July 25th

    Fantasy Strike is a fighting game that's designed to be streamlined and welcoming to new players, while also being great for veterans of the genre and it's launching soon.

    Developed by Sirlin Games, which includes David Sirlin who was previously the lead designer on Super Street Fighter II HD Remix (which was highly rated) so they certainly know their fighting games.

  • Dota 2's prize pool for The International 2019 has surpassed $25 million, breaking previous records

    The International 2019 tournament that starts in August just hit a recording-breaking prize pool sum.

    When players buy the Dota 2 Battle Pass, 25% of it goes towards the prize pool for the tournament while giving players a bunch of extras. Last year's prize pool was a total of around $25,532,177 which itself was record-breaking at the time. This year though, it's broken it yet again with it currently sitting at $25,654,923 and there's still quite a lot of time to go.

  • Godot Engine 4.0 Continues Working Towards Vulkan Support

    Godot lead developer Juan Linietsky has been spending much of his time working on porting their open-source game engine to Vulkan for the Godot 4.0 release to follow Godot 3.2. Good progress is being made in getting this increasingly popular game engine rendering with Vulkan.

    Linietsky notes the large amount of initialization code needed to get Vulkan going, preparations for rendering device abstraction in Godot 4, and other architectural changes compared to OpenGL.


    While the rest of the Godot contributors are focused on finalizing 3.2 for release, I'm almost exclusively dedicating myself to porting the engine to Vulkan, as part of the 4.0 release effort. This is so far an exciting adventure and I'm learning a lot about it.

read more

Walkman dopolnil 40 let

Slo-Tech - Tor, 07/02/2019 - 12:39
Walkman dopolnil 40 let Slo-Tech - Pred štiridesetimi leti je Sony spremenil način, kako poslušamo glasbo. Prenosi predvajalnik kaset Walkman, oziroma njegov model TPS-L2, je v ZDA stal 200 dolarjev. To ni bilo malo, a ljudje so ga vseeno vzljubili. Walkman ni bil prvi prenosni predvajalnik, bil pa je prvi brez možnosti snemanja. Dotlej so namreč prenosne predvajalnike oziroma diktafone uporabljali zlasti novinarji. Walkman je bil prvi, ki je osvojil ljudske množice, in bil je prvi, ki je bil namenjen poslušanju glasbe. Več na Slo-Techu.

NVIDIA 418.52.14 Linux Driver Brings Full-Screen Exclusive & Calibrated Timestamps

Phoronix - Tor, 07/02/2019 - 12:34
NVIDIA released update Vulkan beta drivers on Monday for both Windows and Linux...

Valve's Steam Survey Data Shows Linux Usage Pulling Back During June

Phoronix - Tor, 07/02/2019 - 11:28
While Linux usage of Steam as a percentage has generally been flat or ticking up slightly each month since last year when Valve introduced Steam Play for allowing many Windows games to run gracefully on Linux, during June was the first time in a while seeing a decline...

How to Install Ubuntu Linux as WSL in Windows 10

tuxmachines.org - Tor, 07/02/2019 - 09:35

You must have heard the news that Microsoft is working to bring full featured Linux distributions in Windows 10 which can be used without using VM. This is how you can get basic Ubuntu Linux in Windows 10.

read more

Syndicate content