Subscribe to TuxMachines feed
Your source for Linux and Open Source news, reviews, and howtos.
Updated: 29 min 52 sec ago

KDE: PIM Sprint 2018, Distributing Qt-based Software, Usability & Productivity

Sun, 2018-08-05 18:20
  • KDE PIM Sprint 2018

    Attending the yearly KDE Pim Sprint in April in Toulouse was nice. For me it is often leaving a cold rainy Germany and arriving warm, almost summer weather with a lot of sun. This time the weather in Germany was also sunny and warm when I left, but spring's always further in Toulouse. As only around ten people attended the sprint, it was also a time to get to know the people behind the nicknames. Unfortunately there were no new faces this time, but a new contributor joined the Pim team and attended remotely.

    As the trains from Germany to Toulouse take some time, for me, the sprint normally starts with entering the train and having time to hack. The first things I looked at, were some cleanups in the dependency chain in KDE Pim, by moving stuff around.

    Reaching Toulouse, David and I started to dig into the problem, that sometimes connections to remote servers stall and nothing goes back and forth without an error being triggered. This issue is only visible if the internet connection is not stable, like a connection while riding the train. Yes, it's a good thing that sometime developers have to face real world, to be able to reproduce bugs. To solve these issues we first had to reproduce them, which leads into the problem of how to reproduce an unstable internet connection. It took a while before we had a setup running to reproduce the issue and after a lot of trial and error, we finally managed to fix the issues we'd found.

  • Distributing Qt application using Qt Installer framework

    Qt installer framework is a collection of tools that can be used to make installers on Linux, Windows and Mac . You can either use pre-built versions or compile it from source.

    There are other softwares like NSIS, installBuilder that can be used to make installers but I wanted an open source & cross platform tool therefore I chose Qt installer framework and it’s also fun to try out new things.

  • This week in Usability & Productivity, part 30

    Akademy is next week (I will be there!), but that didn’t stop us from plugging away on the Usability and Productivity initiative!

read more

today's howtos

Sun, 2018-08-05 14:23
  • The template user with PAM and login(1)

    When you build a new service (or an appliance) you need your users to be able to configure it from the command line. To accomplish this you can create system accounts for all registered users in your service and assign them a special login shell which provides such limited functionality. This can be painful if you have a dynamic user database.

    Another challenge is authentication via remote services such as RADIUS. How can we implement services when we authenticate through it and log into it as a different user? Furthermore, imagine a scenario when RADIUS decides on which account we have the right to access by sending an additional attribute.

    To address these two problems we can use a "template" user. Any of the PAM modules can set the value of the PAM_USER item. The value of this item will be used to determine which account we want to login. Only the "template" user must exist on the local password database, but the credential check can be omitted by the module.

  • Pseudo-blank ("empty") records and fields
  • Elementary OS (Loki) Installation Steps for Laptop and Desktop
  • LibreOffice Impress: Change Default Template

read more

Wine: Staging, MoltenVK, DXVK

Sun, 2018-08-05 13:48
  • Wine-Staging 3.13.1 Released To Fix StarCraft 2

    With no Wine 3.14 release having shipped on their usual bi-weekly release cadence due to summer holidays, the Wine-Staging crew has opted to create a v3.13.1 release to ship their latest testing/experimental patches in the absence of a new Wine upstream Wine development release.

  • VKD3D Gets Patches For Offering Direct3D 12 On macOS Via MoltenVK

    Last month Wine introduced support for Vulkan-using Windows programs on macOS via the MoltenVK library for mapping Vulkan API calls to the Apple Metal API. Now the next logical step is available in patch form: getting VKD3D supported on macOS for allowing Direct3D 12 to begin working on Mac for Windows games/applications.

  • DXVK 0.64 Released With More Game Fixes

    For those making use of DXVK to enjoy greater performance of Direct3D 11 games under Wine thanks to this D3D11-to-Vulkan translation layer, DXVK 0.64 is now available as the latest update.

read more

Security: SSH, Alaska and the Use of Windows

Sun, 2018-08-05 08:07
  • The default OpenSSH key encryption is worse than plaintext

    There’s nothing wrong with the RSA key pair itself: it’s just the symmetric encryption of the private key. You can’t mount this attack from just a public key.

    How do you fix this? OpenSSH has a new key format that you should use. “New” means 2013. This format uses bcrypt_pbkdf, which is essentially bcrypt with fixed difficulty, operated in a PBKDF2 construction. Conveniently, you always get the new format when generating Ed25519 keys, because the old SSH key format doesn’t support newer key types. That’s a weird argument: you don’t really need your key format to define how Ed25519 serialization works since Ed25519 itself already defines how serialization works. But if that’s how we get good KDFs, that’s not the pedantic hill I want to die on. Hence, one answer is ssh-keygen -t ed25519. If, for compatibility reasons, you need to stick to RSA, you can use ssh-keygen -o. That will produce the new format, even for old key types. You can upgrade existing keys with ssh-keygen -p -o -f PRIVATEKEY. If your keys live on a Yubikey or a smart card, you don’t have this problem either.

  • Alaskan borough using typewriters after Windows ransomware attack

    A borough in Alaska, which has been reduced to using typewriters after a massive ransomware attack on its Windows machines, has begun a PR campaign to try and portray the dire situation it finds itself in as one that brings out the best in its people.

  • [Crackers] breached US electric utilities: analysts

    The [cracking] group has been penetrating targets in the United States, as well as the Middle East, Europe and East Asia, for at least a year, according to Dragos.

  • The DNC tells Democrats not to buy Huawei or ZTE devices ever
  • DNC warns candidates: Don't use ZTE or Huawei phones

    In February, top officials from the CIA, NSA, FBI and the Defense Intelligence Agency testified in front of the Senate Intelligence Committee that the Chinese smartphones makers posed a security threat to American customers.

read more

NSA’s Encryption Algorithm in Linux Kernel is Creating Unease in the Community

Sun, 2018-08-05 05:09

ISO rejected NSA’s weak encryption algorithm, Speck. But Google coded it for Linux Kernel and Linux Kernel 4.17 contains this controversial algorithm. Obviously, not everyone is happy with it.

read more

The August 2018 Issue of the PLCinuxOS Magazine

Sun, 2018-08-05 05:08

The PCLinuxOS Magazine staff is pleased to announce the release of the August 2018 issue. With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community.

read more

The August 2018 Issue of the PLCinuxOS Magazine

Sun, 2018-08-05 05:08

The PCLinuxOS Magazine staff is pleased to announce the release of the August 2018 issue. With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community.

read more

KDE: Akademy and KDE's KTextEditor

Sun, 2018-08-05 04:33
  • Going to Akademy!

    I will be attending my first Akademy this year and I am really excited about it. Thank you KDE e.V board for sponsoring me

  • KDE Free Qt Foundation at Akademy 2018

    I am really happy that this year, I am able to attend Akademy again.

    This enables me to set up a BOF session. It is intended for members of the KDE community who are interested in KDE’s collaboration with Qt. We will talk about the KDE Free Qt Foundation (legal setup; history and future; perspectives: What is important for the KDE community going forward?)

    A cordial invitation to all KDEers! – Tuesday, 14 August, 9:30

    It is great that many people from the Qt Company will also be at Akademy, so we will have a number of in-person meetings.

    And of course, I can personally report on our activities of the KDE Free Qt Foundation during the General Annual Meeting of KDE e.V. (Below you can also read our formal report for the past year.)

  • Porting KTextEditor to KSyntaxHighlighting – Folding

    After fixing some first porting bugs to KSyntaxHighlighting, code folding (non-indentation based) is back working, too.

    There is a still a lot to do (and e.g. the syntax colors are still kind of randomized), but already all KTextEditor original highlighting code is gone without ending up in an unusable state.

read more

Security: Election, ASUS, Telegram and Microsoft's Linkedin

Sun, 2018-08-05 04:31
  • Senate Democrats dissatisfied with White House's election security efforts

    The Democratic senators said in a joint statement that national security advisor John Bolton sent them a letter that fails to address their concerns about Russian meddling.

  • ASUS DSL-N12E_C1 Firmware version Vulnerable to Remote Command Execution
  • ASUS DSL-N12E_C1 Remote Command Execution
  • Virgil Security Slams Telegram’s New Passport Application For Poor Encryption & Brute Attack Vulnerability

    Just as the news of Telegram’s Passport service hit the newsstands, a blunt critique of the service came forward from the Chief Product Security Officer at Virgil Security, Inc., Alexey Ermishkin. Ermishkin shed light on “several key” faults in the Passport’s security highlighting the wish-washy encryption and password protection through a weak SHA-512 hashing algorithm. This heavy critique came as no surprise as Virgil Security specializes in end-to-end encryption with its Twilio’s End-to-End Encrypted messaging and its breach-proof password solutions Pythia and BrainKey.

    Telegram, a company known for its heavily encrypted and self-destructible messenger platform, recently announced the release of its newest service Telegram Passport which allows users to store all of their identification documents as well as important travel / financial statements and licenses in one place digitally. The application is built to store this information securely and then supply it to third party applications and services such as crypto wallets upon the user’s discretion.

  • Linkedin iOS application version 9.11.8592.4 Vulnerable to CPU Exhaustion

    A remotely exploitable vulnerability that was found to affect 600 million WhatsApp users in 2014 and even more off and on since then by causing remotely initiated system crashes has now resurfaced in a new form. The LinkedIn mobile application versions 9.11 and older for iOS have been found to contain a CPU resource exhaustion vulnerability that can be triggered by user-supplied input.

    The vulnerability arises from the fact that the mobile application’s filter of user-supplied input is unable to detect malicious or troublesome input. When a user sends such a message to another user on the LinkedIn application, upon viewing the message, the script is read and the code viewed prompts a CPU overhaul which causes an exhaustion crash.

read more

Best Health And Fitness Tools For Linux

Sat, 2018-08-04 21:00

No matter which type of profession you are in, a busy schedule might interfere with your fitness goal. Some professionals have to work beyond the scheduled time than 8AM to 5PM job. Moreover, some might have regular weekend and home assignments. This ever-growing group of workers today and their commitments and timetables made it difficult to maintain a proper schedule for dieting and focusing on some physical fitness exercises.

So living inside a busy schedule it has become a challenge to keep track of what we do, what we eat and how our heart works.

read more