Subscribe to TuxMachines feed
Your source for Linux and Open Source news, reviews, and howtos.
Updated: 38 min 30 sec ago

Security News

Mon, 2016-10-24 23:13

read more

Red Hat and Fedora

Mon, 2016-10-24 23:12
  • Diamanti and Red Hat Announce OpenShift Commons Webinar Revealing CI/CD DevOps Breakthroughs With Container Converged Infrastructure
  • UKCloud Creates an Open Source Alternative for UK Public Sector with Red Hat OpenStack Platform

    Red Hat, Inc. (NYSE:RHT), the world’s leading provider of open source solutions, today announced that UKCloud, the foremost public cloud provider for UK government, has standardized on Red Hat OpenStack Platform with Red Hat Ceph Storage to lead its public sector customers through their digital transformation journey. The Infrastructure-as-a-Service cloud platform is designed to enable UKCloud’s customers to deliver digital services directly to citizens by providing the required levels of scalability, performance and assurance.

  • Rackspace Enhances Private Cloud with Red Hat CloudForms

    Rackspace (NYSE: RAX) today announced support for Red Hat CloudForms, an enterprise management platform. With this new capability, enterprise customers can now use the power of Red Hat CloudForms in conjunction with Rackspace Private Cloud powered by Red Hat, which is managed and supported by two leading OpenStack vendors in the industry.

    This is an important milestone for Rackspace customers who want to deliver a complete private cloud solution to their users across multiple cloud platforms. For Rackspace and Red Hat, it is a continuation of the companies' commitment to empowering customers by enhancing capabilities in the core OpenStack project, while also integrating value-added software when appropriate.

  • Pay Close Attention To These Analyst Ratings: Red Hat, Inc. (NYSE:RHT), Facebook, Inc. (NASDAQ:FB)
  • The perils of long development cycles

    As for today, latest version of systemd is v231, released in July 2016. This is the version that will be in Fedora 25 (to be GA in three weeks). That's quite a long time between releases for systemd – we used to have a new version every two weeks.

    During the hackfest at systemd.conf 2016, I've tried to tackle three issues biting me with Fedora 24 (v229, released in February this year) and F25. The outcome was… unexpected.

  • Switchable / Hybrid Graphics support in Fedora 25

    Recently I've been working on improving hybrid graphics support for the upcoming Fedora 25 release. Although Fedora 25 Workstation will use Wayland by default for its GNOME 3 desktop, my work has been on hybrid gfx support under X11 (Xorg) as GNOME 3 on Wayland does not yet support hybrid gfx,

read more

Android Leftovers

Mon, 2016-10-24 23:11

read more

Tizen News

Mon, 2016-10-24 23:10
  • Samsung’s Quantum Dot SUHD named ‘TV of the Year’ in UK

    It is evident that Samsung has been having a hard time to gain back customers’ trust after the Note 7 disaster. However, not everything’s going wrong for the South Korean Electronics giant. The company’s Tizen Based Quantum DOT SUHD (2016) TV was named as the “2016 TV of the year” by some of the top IT magazines in the UK. Samsung’s Quantum DOT SUHD TVs bagged 5 out 5 points from “WHAT HI-FI” internet tech magazine which also obviously had to be the top score.

  • FootLOL – Crazy Football game for Tizen

    Last week lots of games were added to the Tizen store. Zombie Derby 2 is one of them by Herocraft Ltd. Today they added another game in the Tizen Store named FootLOL – Crazy Football.

  • Putin’s standard for IoT is the new 1984

    As the Internet of Things gets more popular new questions arise: which protocol will become the open standard for supporting IoT networks across a huge array of devices around the world? Today we start hearing some answers from Russia.

    Igor Shchyogolev, former Minister of Telecommunications between 2008 and 2012, is thinking about a service that involves both an Internet card and a City card for citizen to use the Internet, hence named “Internet + City card” or just “Internet + City”. Long story short, Russia is contemplating the hypothesis of domestic regulation, rather than an intergovernmental agreement between major countries involved. Testament to this intent are Russian focus towards cryptographic protection and the plan of the country to substain such autarchics drives with national production of chips and direct control of both analog and digital TV frequencies.

  • App: ASMR Sounds by Dreamroad Production is available on Tizen Store
  • Samsung’s Announces its First 8GB LPDDR4 DRAM Package

read more

GitHub open-sources tool to track and preview Puppet changes

Mon, 2016-10-24 22:30

If tweaks to your Puppet setups are causing breakage across your deployments, GitHub's Octocatalog-diff ensures that new Puppet settings don't wreck old ones

read more

The Linux Foundation Technical Advisory Board election

Mon, 2016-10-24 22:19

The Linux Foundation's Technical Advisory Board provides the development community (primarily the kernel development community) with a voice in the Foundation's decision-making process. Among other things, the TAB chair holds a seat on the Foundation's board of directors. The next TAB election will be held on November 2 at the Kernel Summit in Santa Fe, NM; five TAB members (½ of the total) will be selected there. The nomination process is open until voting begins; anybody interested in serving on the TAB is encouraged to throw their hat into the ring.

read more

Remote Linux Support Software: Top Picks for Linux Support

Mon, 2016-10-24 22:15

Having remote support for Linux work with one release, then completely stopping Linux support with the next application release is a frustrating experience. Sometime ago, we watched this happen with Splashtop. What's even lazier on their part, is that they can't be bothered to remove the obsolete Linux packages.

Then you had options like Mikogo. They went from supporting remote support for Linux users to acknowledging in a blog post that this is no longer the case. To be fair, the software is still available if you know where to look for it. However it's not a good idea to rely on unsupported software.

read more

From There to Here (But Not Back Again)

Mon, 2016-10-24 16:30

Red Hat Product Security recently celebrated our 15th anniversary this summer and while I cannot claim to have been with Red Hat for that long (although I’m coming up on 8 years myself), I’ve watched the changes from the “0day” of the Red Hat Security Response Team to today. In fact, our SRT was the basis for the security team that Mandrakesoft started back in the day.

In 1999, I started working for Mandrakesoft, primarily as a packager/maintainer. The offer came, I suspect, because of the amount of time I spent volunteering to maintain packages in the distribution. I also was writing articles for TechRepublic at the time, so I also ended up being responsible for some areas of documentation, contributing to the manual we shipped with every boxed set we sold (remember when you bought these things off the shelf?).

read more

Android Leftovers

Mon, 2016-10-24 14:52

read more

Intel Cache Allocation Technology / RDT Still Baking For Linux

Mon, 2016-10-24 13:56

Not mentioned in my earlier features you won't find in the Linux 4.9 mainline kernel is support for Intel's Cache Allocation Technology (CAT) but at least it was revised this weekend in still working towards mainline integration.

Also: Intel Sandy Bridge Graphics Haven't Gotten Faster In Recent Years

read more

Distributing encryption software may break the law

Mon, 2016-10-24 13:39

Developers, distributors, and users of Free and Open Source Software (FOSS) often face a host of legal issues which they need to keep in mind. Although areas of law such as copyright, trademark, and patents are frequently discussed, these are not the only legal concerns for FOSS. One area that often escapes notice is export controls. It may come as a surprise that sharing software that performs or uses cryptographic functions on a public website could be a violation of U.S. export control law.

Export controls is a term for the various legal rules which together have the effect of placing restrictions, conditions, or even wholesale prohibitions on certain types of export as a means to promote national security interests and foreign policy objectives. Export control has a long history in the United States that goes back to the Revolutionary War with an embargo of trade with Great Britain by the First Continental Congress. The modern United States export control regime includes the Department of State's regulations covering export of munitions, the Treasury Department's enforcement of United States' foreign embargoes and sanctions regimes, and the Department of Commerce's regulations applying to exports of "dual-use" items, i.e. items which have civil applications as well as terrorism, military, or weapons of mass destruction-related applications.

read more

Games for GNU/Linux

Mon, 2016-10-24 13:25

read more

What is the GRUB2 boot loader?

Mon, 2016-10-24 11:55

There are various things that make up an operating system. In any operating system, one of the most critical parts is powering on the machine. During this process, the computer will execute a small program in read-only memory (ROM) to begin initiating the startup process. This small program is known by many names, but most often called a boot loader. In almost every Linux distribution, including Fedora, GRUB2 (or GRand Unified Bootloader 2) is the default boot loader. Even though it is a critical piece of the operating system, many people aren’t aware of the boot loader, all that goes into it, or how it can be customized.

read more

openSUSE Tumbleweed Getting Linux Kernel 4.8.3 Soon, GNOME 3.22.1 Landed

Mon, 2016-10-24 11:51

openSUSE developer Dominique Leuenberger informs the openSUSE Tumbleweed community about the latest GNU/Linux technologies and Open Source software projects that landed in the stable repositories.

read more

KDE Applications 16.12 Software Suite Lands December 15 for KDE Plasma 5.8 LTS

Mon, 2016-10-24 11:50

KDE Plasma's KDE Applications 16.08 software suite series will receive just one more point release, namely KDE Applications 16.08.3, which lands November 10, so it's time for the next major branch.

read more

Android Leftovers

Mon, 2016-10-24 11:18

read more

Security News

Mon, 2016-10-24 11:17
  • How your DVR was hijacked to help epic cyberattack

    Technology experts warned for years that the millions of Internet-connected "smart" devices we use every day are weak, easily hijacked and could be turned against us.

    The massive siege on Dyn, a New Hampshire-based company that monitors and routes Internet traffic, shows those ominous predictions are now a reality.

    An unknown attacker intermittently knocked many popular websites offline for hours Friday, from Amazon to Twitter and Netflix to Etsy. How the breach occurred is a cautionary tale of the how the rush to make humdrum devices “smart” while sometimes leaving out crucial security can have major consequences.

  • Find Out If One of Your Devices Helped Break the Internet

    Security experts have been warning for years that the growing number of unsecured Internet of Things devices would bring a wave of unprecedented and catastrophic cyber attacks. Just last month, a hacker publicly released malware code used in a record-breaking attack that hijacked 1.5 million internet-connected security cameras, refrigerators, and other so-called “smart” devices that were using default usernames and passwords.

    On Friday, the shit finally hit the fan.

  • Once more, with passion: Fingerprints suck as passwords

    Fingerprints aren’t authentication.

    Fingerprints are identity. They are usernames.

    Fingerprints are something public, which is why it should really bother nobody with a sense of security that the FBI used them to unlock seized phones. You’re literally leaving your fingerprints on every object you touch. That makes for an abysmally awful authentication token.

  • Strengthen cyber-security with Linux

    Using open source software is a viable and proven method of combatting cyber-crime

    It’s encouraging to read that the government understands the seriousness of the loss of $81 million dollars via the hacking of Bangladesh Bank, and that a cyber-security agency is going to be formed to prevent further disasters. Currently, information security in each government department is up to the internal IT staff of that department.

  • Canonical announces live kernel patching for Ubuntu

    Canonical, the company behind the Ubuntu GNU/Linux distribution, has announced that it will provide a live kernel patching services for version 16.04 which was released in April.

  • Everything you know about security is wrong

    If I asked everyone to tell me what security is, what do you do about it, and why you do it. I wouldn't get two answers that were the same. I probably wouldn't even get two that are similar. Why is this? After recording Episode 9 of the Open Source Security Podcast I co-host, I started thinking about measuring a lot. It came up in the podcast in the context of bug bounties, which get exactly what they measure. But do they measure the right things? I don't know the answer, nor does it really matter. It's just important to keep this in mind as in any system, you will get exactly what you measure.


    If you have 2000 employees, 200 systems, 4 million lines of code, and 2 security people, that's clearly a disaster waiting to happen. If you have 20, there may be hope. I have no idea what the proper ratios should be, if you're willing to share ratios with me I'd love to start collecting data. As I said, I don't have scientific proof behind this, it's just something I suspect is true.

  • Home Automation: Coping with Insecurity in the IoT

    Reading Matthew Garret’s exposés of home automation IoT devices makes most engineers think “hell no!” or “over my dead body!”. However, there’s also the siren lure that the ability to program your home, or update its settings from anywhere in the world is phenomenally useful: for instance, the outside lights in my house used to depend on two timers (located about 50m from each other). They were old, loud (to the point the neighbours used to wonder what the buzzing was when they visited) and almost always wrongly set for turning the lights on at sunset. The final precipitating factor for me was the need to replace our thermostat, whose thermistor got so eccentric it started cooling in winter; so away went all the timers and their loud noises and in came a z-wave based home automation system, and the guilty pleasure of having an IoT based home automation system. Now the lights precisely and quietly turn on at sunset and off at 23:00 (adjusting themselves for daylight savings); the thermostat is accessible from my phone, meaning I can adjust it from wherever I happen to be (including Hong Kong airport when I realised I’d forgotten to set it to energy saving mode before we went on holiday). Finally, there’s waking up at 3am to realise your wife has fallen asleep over her book again and being able to turn off her reading light from your alarm clock without having to get out of bed … Automation bliss!

read more