Subscribe to TuxMachines feed
Your source for Linux and Open Source news, reviews, and howtos.
Updated: 26 min 41 sec ago

Programming: Java, GNOME Builder, Python

Mon, 2018-08-06 03:01
  • Starting Java Programming in Linux Mint

    This tutorial gives a brief example how to install and setup things to develop Java on Linux Mint system. We will use Geany as the text editor and OpenJDK as the tools. You will also try to create first Java program and run it. I intended this tutorial to help students and beginners who use GNU/Linux with their first days in learning Java.

  • Cross-compilation made easy for GNOME Builder

    GNOME Builder is an Integrated Development Environment designed for the GNOME ecosystem. It most notably features a deep integration to the Git version control system, allow to debug applications quickly using the GNU Debugger and allow in-line documentation viewing using Gtk-Doc.

    By being very powerful and versatile, GNOME Builder is starting to take a prominent place in the IDE world. But many developers building GNOME applications for an embedded platform need an IDE that handles the very specific requirements of embedded systems development.

  • Python Bags 1st Position In IEEE Spectrum Programming Language Rankings

    ython is once again the top programming language, according to IEEE Spectrum’s fifth interactive ranking for leading languages that was released recently.

    Spectrum ranks the languages by weighting and combining 11 metrics from 9 sources. The main feature of this ranking is that it is interactive and offers 5 ranking for 4 different platforms.

read more

The State Of Debian Linux On Various Mobile Devices

Mon, 2018-08-06 02:58

At this past week's DebConf18 Debian conference was an update on running Debian GNU/Linux on various mobile / ultra-portable devices.

Among the mobile devices covered for being able to run Debian in 2018 include:

- The Purism Librem 5 smartphone is expected to support Debian GNU/Linux, especially with Purism's "PureOS" being Debian-based. Purism still hopes to ship their first smartphone in early 2019.

read more

DebConf18 closes in Hsinchu and DebConf19 dates announced

Mon, 2018-08-06 02:46

Today, Sunday 5 August 2018, the annual Debian Developers and Contributors Conference came to a close. With over 306 people attending from all over the world, and 137 events including 100 talks, 25 discussion sessions or BoFs, 5 workshops and 7 other activities, DebConf18 has been hailed as a success.

Highlights included DebCamp with more than 90 participants, the Open Day, where events of interest to a broader audience were offered, plenaries like the traditional Bits from the DPL, a Questions and Answers session with Minister Audrey Tang, a panel discussion about "Ignoring negativity" with Bdale Garbee, Chris Lamb, Enrico Zini and Steve McIntyre, the talk "That's a free software issue!!" given by Molly de Blanc and Karen Sandler, lightning talks and live demos and the announcement of next year's DebConf (DebConf19 in Curitiba, Brazil).

The schedule has been updated every day, including 27 ad-hoc new activities, planned by attendees during the whole conference.

Also: My Debian Activities in July 2018

read more

Screenshots/Screencasts: Linux Mint 19 Cinnamon Edition and Linux Lite 4.0

Mon, 2018-08-06 02:44
  • What’s New in Linux Mint 19 Cinnamon Edition
  • What’s New in Linux Lite 4.0

    Linux Lite 4.0 codename “Diamond” is the latest release of Linux Lite, based on Ubuntu 18.04 LTS and powered by Linux Kernel 4.15 series. Also, comes with a brand new icon and system theme, namely Papirus and Adapta. Timeshift app by default for system backups, and new, in-house built Lite applications.

    Among the new Lite applications, we can mention the Lite Desktop, which manages application icons and other objects on the desktop, and Lite Sounds, a tool designed to help users manage system-wide sounds. Also, Linux Lite 4.0 ships with the MenuLibre tool to help you easily edit application menu entries. help manual has been majorly updated. All content and images have been updated.

read more

Pinguy OS 18.04.1 Point Release

Mon, 2018-08-06 02:42

If you are running 18.04 no need to update to the 18.04.1 point release. This is just an updated version of that.

read more

Netrunner Rolling 2018.08 released

Mon, 2018-08-06 02:39

Despite the hot summer in most of Europe, the Netrunner Team is happy to announce the immediate availability of Netrunner Rolling 2018.08 – 64bit ISO.

Also: LibreELEC 9.0 Alpha Released for Generic x86 PCs and Raspberry Pi

read more

Moving Beyond Themes

Mon, 2018-08-06 02:30

FreeDesktop platforms have come a long way in terms of usability and as we strive to make them better platforms for application developers, I think it’s time to shed one more shackle that slows that down: themes.

Now, coming from me that view may be a surprise (because of all those themes that I call personal projects) but I do feel it’s necessary mainly because the level of visual customisation that is being done at the distribution level has led to widespread visual fragmentation which impacts both user- and developer-friendliness.

read more

Linux 4.18-rc8

Sun, 2018-08-05 23:51

So as already mentioned a couple of times in some of the relevant
threads, this last week wasn't entirely painless, and 4.18 ended up
being one of those releases that gets an extra week of rc testing
before release.

The original impetus for this was the continued VM worries - although
it looks like we finally root-caused all the issues and got it all in
shape on Wednesday. Still, that is somewhat late, and merits another
rc for final testing.

That said, if it had been _only_ that silly VM issue that turned out
to not be so annoying as it could have been, I might have reconsidered
and done a final release anyway, but we had some last-minute
networking noise too, and there's actually a pending (old) VFS issue
too. So while I may prefer to keep our regular release cadence, but
this time around we are just going to see that extra week.

Also: Linux 4.18-rc8 Kernel Released, Final Pushed Back To Next Weekend

read more

Security: Killing Flash, Voting and Cisco

Sun, 2018-08-05 18:24
  • [Older] Senator calls on US Government to start killing Flash now

    Oregon senator Ron Wyden highlighted the issue this week with a letter he wrote to government agencies responsible for federal cybersecurity. In it, he called on the Department of Homeland Security (DHS), NSA, and NIST to work together to end the U.S. government’s use of Adobe Flash before it’s too late:


    Wyden, backed by respected privacy researcher and activist Chris Soghoian who works as the senator’s senior advisor for privacy & cybersecurity, finished the letter by calling for the following three actions to be taken

  • The 8-year-olds hacking [sic] our voting machines

    The contest will include children, ages 8 to 16, who will be tasked with penetrating replicas of the websites that secretaries of state across the country use to publish election results. They’ll vie for $2,500 in prize money, $500 of which will come from the DNC and be awarded to the child who comes up with the best defensive strategy for states around the country.

    The eye-popping reason that the Democrats have turned to children to hack them? “State election sites are so deeply flawed, Braun says, no adult hackers would be interested in cracking them. ‘The hackers would laugh us off the stage if we asked them to do this.’”

  • Kids to try hacking [sic] US election systems in new DNC contest
  • Trump officials look to neutralize cyber threats in supply chain

    Supply chain security is an issue that has also been on the FCC's radar. In April, Republican FCC Commissioner Michael O’Rielly issued a notice of proposed rulemaking to crack down on security risks.

    His proposal would prohibit the use of Universal Service Fund money to purchase telecom equipment or services "identified as posing a national security risk to communications networks or the communications supply chain.”

  • The Evolution of Networking and Security: Cisco Announces Intent to Acquire Duo

read more

KDE: PIM Sprint 2018, Distributing Qt-based Software, Usability & Productivity

Sun, 2018-08-05 18:20
  • KDE PIM Sprint 2018

    Attending the yearly KDE Pim Sprint in April in Toulouse was nice. For me it is often leaving a cold rainy Germany and arriving warm, almost summer weather with a lot of sun. This time the weather in Germany was also sunny and warm when I left, but spring's always further in Toulouse. As only around ten people attended the sprint, it was also a time to get to know the people behind the nicknames. Unfortunately there were no new faces this time, but a new contributor joined the Pim team and attended remotely.

    As the trains from Germany to Toulouse take some time, for me, the sprint normally starts with entering the train and having time to hack. The first things I looked at, were some cleanups in the dependency chain in KDE Pim, by moving stuff around.

    Reaching Toulouse, David and I started to dig into the problem, that sometimes connections to remote servers stall and nothing goes back and forth without an error being triggered. This issue is only visible if the internet connection is not stable, like a connection while riding the train. Yes, it's a good thing that sometime developers have to face real world, to be able to reproduce bugs. To solve these issues we first had to reproduce them, which leads into the problem of how to reproduce an unstable internet connection. It took a while before we had a setup running to reproduce the issue and after a lot of trial and error, we finally managed to fix the issues we'd found.

  • Distributing Qt application using Qt Installer framework

    Qt installer framework is a collection of tools that can be used to make installers on Linux, Windows and Mac . You can either use pre-built versions or compile it from source.

    There are other softwares like NSIS, installBuilder that can be used to make installers but I wanted an open source & cross platform tool therefore I chose Qt installer framework and it’s also fun to try out new things.

  • This week in Usability & Productivity, part 30

    Akademy is next week (I will be there!), but that didn’t stop us from plugging away on the Usability and Productivity initiative!

read more

today's howtos

Sun, 2018-08-05 14:23
  • The template user with PAM and login(1)

    When you build a new service (or an appliance) you need your users to be able to configure it from the command line. To accomplish this you can create system accounts for all registered users in your service and assign them a special login shell which provides such limited functionality. This can be painful if you have a dynamic user database.

    Another challenge is authentication via remote services such as RADIUS. How can we implement services when we authenticate through it and log into it as a different user? Furthermore, imagine a scenario when RADIUS decides on which account we have the right to access by sending an additional attribute.

    To address these two problems we can use a "template" user. Any of the PAM modules can set the value of the PAM_USER item. The value of this item will be used to determine which account we want to login. Only the "template" user must exist on the local password database, but the credential check can be omitted by the module.

  • Pseudo-blank ("empty") records and fields
  • Elementary OS (Loki) Installation Steps for Laptop and Desktop
  • LibreOffice Impress: Change Default Template

read more

Wine: Staging, MoltenVK, DXVK

Sun, 2018-08-05 13:48
  • Wine-Staging 3.13.1 Released To Fix StarCraft 2

    With no Wine 3.14 release having shipped on their usual bi-weekly release cadence due to summer holidays, the Wine-Staging crew has opted to create a v3.13.1 release to ship their latest testing/experimental patches in the absence of a new Wine upstream Wine development release.

  • VKD3D Gets Patches For Offering Direct3D 12 On macOS Via MoltenVK

    Last month Wine introduced support for Vulkan-using Windows programs on macOS via the MoltenVK library for mapping Vulkan API calls to the Apple Metal API. Now the next logical step is available in patch form: getting VKD3D supported on macOS for allowing Direct3D 12 to begin working on Mac for Windows games/applications.

  • DXVK 0.64 Released With More Game Fixes

    For those making use of DXVK to enjoy greater performance of Direct3D 11 games under Wine thanks to this D3D11-to-Vulkan translation layer, DXVK 0.64 is now available as the latest update.

read more

Security: SSH, Alaska and the Use of Windows

Sun, 2018-08-05 08:07
  • The default OpenSSH key encryption is worse than plaintext

    There’s nothing wrong with the RSA key pair itself: it’s just the symmetric encryption of the private key. You can’t mount this attack from just a public key.

    How do you fix this? OpenSSH has a new key format that you should use. “New” means 2013. This format uses bcrypt_pbkdf, which is essentially bcrypt with fixed difficulty, operated in a PBKDF2 construction. Conveniently, you always get the new format when generating Ed25519 keys, because the old SSH key format doesn’t support newer key types. That’s a weird argument: you don’t really need your key format to define how Ed25519 serialization works since Ed25519 itself already defines how serialization works. But if that’s how we get good KDFs, that’s not the pedantic hill I want to die on. Hence, one answer is ssh-keygen -t ed25519. If, for compatibility reasons, you need to stick to RSA, you can use ssh-keygen -o. That will produce the new format, even for old key types. You can upgrade existing keys with ssh-keygen -p -o -f PRIVATEKEY. If your keys live on a Yubikey or a smart card, you don’t have this problem either.

  • Alaskan borough using typewriters after Windows ransomware attack

    A borough in Alaska, which has been reduced to using typewriters after a massive ransomware attack on its Windows machines, has begun a PR campaign to try and portray the dire situation it finds itself in as one that brings out the best in its people.

  • [Crackers] breached US electric utilities: analysts

    The [cracking] group has been penetrating targets in the United States, as well as the Middle East, Europe and East Asia, for at least a year, according to Dragos.

  • The DNC tells Democrats not to buy Huawei or ZTE devices ever
  • DNC warns candidates: Don't use ZTE or Huawei phones

    In February, top officials from the CIA, NSA, FBI and the Defense Intelligence Agency testified in front of the Senate Intelligence Committee that the Chinese smartphones makers posed a security threat to American customers.

read more

NSA’s Encryption Algorithm in Linux Kernel is Creating Unease in the Community

Sun, 2018-08-05 05:09

ISO rejected NSA’s weak encryption algorithm, Speck. But Google coded it for Linux Kernel and Linux Kernel 4.17 contains this controversial algorithm. Obviously, not everyone is happy with it.

read more

The August 2018 Issue of the PLCinuxOS Magazine

Sun, 2018-08-05 05:08

The PCLinuxOS Magazine staff is pleased to announce the release of the August 2018 issue. With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community.

read more

The August 2018 Issue of the PLCinuxOS Magazine

Sun, 2018-08-05 05:08

The PCLinuxOS Magazine staff is pleased to announce the release of the August 2018 issue. With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community.

read more

KDE: Akademy and KDE's KTextEditor

Sun, 2018-08-05 04:33
  • Going to Akademy!

    I will be attending my first Akademy this year and I am really excited about it. Thank you KDE e.V board for sponsoring me

  • KDE Free Qt Foundation at Akademy 2018

    I am really happy that this year, I am able to attend Akademy again.

    This enables me to set up a BOF session. It is intended for members of the KDE community who are interested in KDE’s collaboration with Qt. We will talk about the KDE Free Qt Foundation (legal setup; history and future; perspectives: What is important for the KDE community going forward?)

    A cordial invitation to all KDEers! – Tuesday, 14 August, 9:30

    It is great that many people from the Qt Company will also be at Akademy, so we will have a number of in-person meetings.

    And of course, I can personally report on our activities of the KDE Free Qt Foundation during the General Annual Meeting of KDE e.V. (Below you can also read our formal report for the past year.)

  • Porting KTextEditor to KSyntaxHighlighting – Folding

    After fixing some first porting bugs to KSyntaxHighlighting, code folding (non-indentation based) is back working, too.

    There is a still a lot to do (and e.g. the syntax colors are still kind of randomized), but already all KTextEditor original highlighting code is gone without ending up in an unusable state.

read more

Security: Election, ASUS, Telegram and Microsoft's Linkedin

Sun, 2018-08-05 04:31
  • Senate Democrats dissatisfied with White House's election security efforts

    The Democratic senators said in a joint statement that national security advisor John Bolton sent them a letter that fails to address their concerns about Russian meddling.

  • ASUS DSL-N12E_C1 Firmware version Vulnerable to Remote Command Execution
  • ASUS DSL-N12E_C1 Remote Command Execution
  • Virgil Security Slams Telegram’s New Passport Application For Poor Encryption & Brute Attack Vulnerability

    Just as the news of Telegram’s Passport service hit the newsstands, a blunt critique of the service came forward from the Chief Product Security Officer at Virgil Security, Inc., Alexey Ermishkin. Ermishkin shed light on “several key” faults in the Passport’s security highlighting the wish-washy encryption and password protection through a weak SHA-512 hashing algorithm. This heavy critique came as no surprise as Virgil Security specializes in end-to-end encryption with its Twilio’s End-to-End Encrypted messaging and its breach-proof password solutions Pythia and BrainKey.

    Telegram, a company known for its heavily encrypted and self-destructible messenger platform, recently announced the release of its newest service Telegram Passport which allows users to store all of their identification documents as well as important travel / financial statements and licenses in one place digitally. The application is built to store this information securely and then supply it to third party applications and services such as crypto wallets upon the user’s discretion.

  • Linkedin iOS application version 9.11.8592.4 Vulnerable to CPU Exhaustion

    A remotely exploitable vulnerability that was found to affect 600 million WhatsApp users in 2014 and even more off and on since then by causing remotely initiated system crashes has now resurfaced in a new form. The LinkedIn mobile application versions 9.11 and older for iOS have been found to contain a CPU resource exhaustion vulnerability that can be triggered by user-supplied input.

    The vulnerability arises from the fact that the mobile application’s filter of user-supplied input is unable to detect malicious or troublesome input. When a user sends such a message to another user on the LinkedIn application, upon viewing the message, the script is read and the code viewed prompts a CPU overhaul which causes an exhaustion crash.

read more