TuxMachines

Subscribe to TuxMachines feed
Your source for Linux and Open Source news, reviews, and howtos.
Updated: 17 min 30 sec ago

today's leftovers

Tue, 2018-05-22 21:05

read more

Software: Grafana, Heaptrack, Vim

Tue, 2018-05-22 21:04
  • Grafana – An Open Source Software for Analytics and Monitoring

    Grafana is an open source, feature rich, powerful, elegant and highly-extensible analytics and monitoring software that runs on Linux, Windows and MacOS. It is a de facto software for data analytics, being used at Stack Overflow, eBay, PayPal, Uber and Digital Ocean – just to mention but a few.

    It supports 30+ open source as well as commercial databases/data sources including MySQL, PostgreSQL, Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB. It allows you to dig deeply into large volumes of real-time, operational data; visualize, query, set alerts and get insights from your metrics from differen

  • Heaptrack v1.1.0 release

    Better memory profiling on Linux

    After more than a year of work, I’m pleased to release another version of heaptrack, the Linux memory profiler! The new version 1.1.0 comes with some new features, significant performance improvements and – most importantly – much improved stability and correctness. If you have tried version v1.0 in the past and encountered problems, update to the new v1.1 and try again!

  • Ten Years of Vim

     

    The philosophy behind Vim takes a while to sink in: While other editors focus on writing as the central part of working with text, Vim thinks it's editing.

     

    You see, most of the time I don't spend writing new text; instead, I edit existing text.

  •  

read more

GNU/Linux: Parrot 4.0, Oregan, Containers and Linux 4.18 Plans

Tue, 2018-05-22 21:01
  • Parrot 4.0 is out

    Parrot 4.0 has been released. Parrot is a security-oriented distribution aimed at penetration tests and digital forensics analysis, with additional tools to preserve privacy.

  • Parrot 4.0 release notes
  • Oregan launches SparQ middleware for Linux and Android TV

    Oregan said that the open standards-based offering resolves the differences between the current security and performance requirements of modern-day TV services and the hardware capabilities of STBs that were deployed up to a decade ago.

  • Linux app support coming to older Chrome OS devices

    Linux apps on Chrome OS is one of the biggest developments for the OS since Android apps. Previous reports stated Chromebooks with certain kernel versions would be left in the dust, but the Chrome OS developers have older devices on the roadmap, too.

    When Google first broke silence on Linux app functionality, it was understood that Linux kernel 4.4 was required to run apps due to dependencies on newer kernel modules. Thanks to an issue found on Chromium’s public bugtracker, we have confirmation that containers won’t be limited to the handful of Chrome OS devices released with kernel 4.4.

  • Looking Ahead To The Linux 4.18 Kernel

    There still are several weeks to go until the Linux 4.17 kernel will be officially released and for that to initiate the Linux 4.18 merge window, but we already know some of the features coming to this next kernel cycle as well as an idea for some other work that may potentially land.

read more

Red Hat and Fedora Leftovers

Tue, 2018-05-22 19:44

read more

Canonical founder Mark Shuttleworth takes aim at VMware and Red Hat at OpenStack Summit

Tue, 2018-05-22 19:32

“Google, IBM, Microsoft [are] all investing and innovating to drive down the cost of infrastructure. Every single one of those companies engages with Canonical to deliver public services,” he said.

“Not one of them engages with VMware to offer those public services – they can’t afford to. Clearly they have the cash, but they have to compete – and so does your private cloud.”

To capitalise on this trend, the firm is in the throes of rolling out a migration service to help users shift from VMware to a “fully managed” version of Canonical’s Ubuntu OpenStack distribution, which Shuttleworth said costs half as much to run.

“When we take out VMware, and displace VMware, we are regularly told that a fully managed OpenStack solution costs half of the equivalent VMware estate [to run],” he added.

read more

Tidelift Backed by Former Red Hat Chairman and CEO Matthew Szulik

Tue, 2018-05-22 18:49
  • Open source startup Tidelift snags $15 mln Series A

    Boston-based Tidelift, an open source startup, has secured $15 million in Series A funding. General Catalyst, Foundry Group and former Red Hat Chairman and CEO Matthew Szulik led the round. In conjunction with the funding, Larry Bohn, managing director at General Catalyst, Ryan McIntyre, co-founder and managing director at Foundry Group and Szulik have all joined Tidelift’s board of directors.

  • Tidelift raises $15M to find paying gigs for open-source developers maintaining key projects

    Tidelift wants to give open-source developers a way to earn some money for contributing to important open-source projects and while helping the companies that are using those projects in key parts of their business, and it just raised $15 million to build those connections.

    General Catalyst, Foundry Group, and former Red Hat CEO Matthew Szulik co-led the Series A founding round into the Boston-based startup, the first time the 17-person company has taken financing, said Donald Fischer, co-founder and CEO of Tidelift. The other co-founders — Havoc Pennington, Jeremy Katz, and Luis Villa — share a wealth of open-source experience across companies like Red Hat and organizations like The Wikimedia Foundation and the Mozilla Foundation.

  • Tidelift Raises $15M Series A To Make Open Source Work Better--For Everyone

read more

Linux and CPU Security

Tue, 2018-05-22 18:05
  • 22 essential security commands for Linux

    There are many aspects to security on Linux systems – from setting up accounts to ensuring that legitimate users have no more privilege than they need to do their jobs. This is look at some of the most essential security commands for day-to-day work on Linux systems.

  • CVE-2018-3639: Spectre Variant 4 Vulnerability Affects the Linux Kernel

    A Spectre variant 4 vulnerability has been identified in the Linux kernel and represents a very dangerous threat to all affected machines. All system administrators are urged to apply the latest updates as soon as possible to mitigate any possible impact.

  • Spectre Number 4, STEP RIGHT UP!

    In the continuing saga of Meltdown and Spectre (tl;dr: G4/7400, G3 and likely earlier 60x PowerPCs don't seem vulnerable at all; G4/7450 and G5 are so far affected by Spectre while Meltdown has not been confirmed, but IBM documentation implies "big" POWER4 and up are vulnerable to both) is now Spectre variant 4. In this variant, the fundamental issue of getting the CPU to speculatively execute code it mistakenly predicts will be executed and observing the effects on cache timing is still present, but here the trick has to do with executing a downstream memory load operation speculatively before other store operations that the load does not depend on. If the CPU is convinced to speculatively execute down this victim path incorrectly, it will revert the stores and the register load when the mispredict is discovered, but the loaded address will remain in the L1 cache and be observable through means similar to those in other Spectre-type attacks.

read more

Microsoft EEE and FUD Against FOSS and GNU/Linux (or GPL)

Tue, 2018-05-22 17:53

read more

Mozilla: Framework, WebAssembly, Taskcluster

Tue, 2018-05-22 17:48
  • Mozilla uncovers ‘new conceptual framework’ for open source

    A report has been generated which claims to offers ‘a new conceptual framework’ of open source project archetypes.

    This research cover aspects of open source spanning business objectives, licensing, community standards, component coupling and project governance.

    It also contains some practical advice on how to use the framework (it actually is a working framework) and on how to set up projects.

  • Qt for WebAssembly – check out the examples!

    WebAssembly is now supported by all major web browsers as a binary format for allowing sand-boxed executable code in web pages that is nearly as fast as native machine code. Qt for WebAssembly makes it possible to run Qt applications on many web browsers without any download steps or special server requirements (other than serving the wasm file).

    To give you a closer look, we compiled some demos. For best performance, use Firefox.

  • Redeploying Taskcluster: Hosted vs. Shipped Software

    The Taskcluster team’s work on redeployability means switching from a hosted service to a shipped application.

    A hosted service is one where the authors of the software are also running the main instance of that software. Examples include Github, Facebook, and Mozillians. By contrast, a shipped application is deployed multiple times by people unrelated to the software’s authors. Examples of shipped applications include Gitlab, Joomla, and the Rust toolchain. And, of course, Firefox!

read more

Lenovo Accused of Being Enemy of GNU/Linux (Again)

Tue, 2018-05-22 17:41
  • Lenovo denies claims it chose Windows over Linux in second row over technology

    Lenovo Group has angrily denied claims it chose the popular Microsoft Windows system over a domestically-produced Linux operating system (OS) in a recent government procurement programme.

    The company branded the allegations as “slander” in a statement that follows an internet storm in China in recent weeks over the company’s decisions on domestic versus overseas technology.

    China’s largest personal computer (PC) maker insisted it had suggested using a domestically-produced Linux OS for both desktop and notebook PCs in a recent PC procurement meeting for suppliers organised by the Central Government Procurement Center, according to the company statement on Tuesday.

  • Lenovo denies on voting against preloading domestic operating systems: report

    Lenovo says the report about it voting against preloading domestic operating systems (O/S) are "deliberate slander," and the company "strongly condemns" the rumor, according to a report by qq.com late Monday.

    Lenovo claimed the suggestion it made was to use a separately made domestic Linux system solution, including in desktops and notebooks, adding that the advice has been submitted.

    The company has always supported the development of domestic O/S, Lenovo said.

    The response came after domestic news site guancha.cn reported earlier the same day that four leading computer manufacturers including Lenovo voted against preloading domestic O/S in personal computers in a poll organized by a government purchasing center on May 16.

read more

Qt Contributor’s Summit 2018 and GSoC 2018 for KDE

Tue, 2018-05-22 17:34
  • KDAB at Qt Contributor’s Summit 2018, Oslo

    KDAB is a major sponsor of this event and a key independent contributor to Qt as our blogs attest.

    Every year, dedicated Qt contributors gather at Qt Contributors’ Summit to share with their peers latest knowledge and best practices, ensuring that the Qt framework stays at the top of its game. Be a Contributor to Qt!

  • Krita 2018 Sprint Report

    This weekend, Krita developers and artists from all around the world came to the sleepy provincial town of Deventer to buy cheese — er, I mean, to discuss all things Krita related and do some good, hard work! After all, the best cheese shop in the Netherlands is located in Deventer. As are the Krita Foundation headquarters! We started on Thursday, and today the last people are leaving.

  • Back from Krita Sprint 2018

    Yesterday I came back from 3,5 days of Krita Sprint in Deventer. Even if nowadays I have less time for Krita with my work on GCompris, I’m always following what is happening and keep helping where I can, especially on icons, and a few other selected topics. And it’s always very nice to meet my old friends from the team, and the new ones!

  • GSoC 2018 Week #1 with KDE

    There were quite some implementations out of the pre-plans and were huge. They got me very nervous at first. Such changes meant big updation in the code base and lots of time to have everything in place and with no warnings/errors ( well I can’t say much about bugs as they always arise in some cases which I or others haven’t tried, but hopefully they will be much less ).

read more

Security and Bugs

Tue, 2018-05-22 10:40
  • After Meltdown and Spectre, Another Scary Chip Flaw Emerges

    At the same time, though, a larger concern was also looming: Spectre and Meltdown represented a whole new class of attack, and researchers anticipated they would eventually discover other, similar flaws. Now, one has arrived.

  • Email Might Be Impossible To Encrypt
  • Email Is Dangerous

    One week ago, a group of European security researchers warned that two obscure encryption schemes for email were deeply broken. Those schemes, called OpenPGP and S/MIME, are not the kinds of technologies you’re using but don’t know it. They are not part of the invisible and vital internet infrastructure we all rely on.

    This isn’t that kind of story.

    The exploit, called Efail by the researchers who released it, showed that encrypted (and therefore private and secure) email is not only hard to do, but might be impossible in any practical way, because of what email is at its core. But contained in the story of why these standards failed is the story of why email itself is the main way we get hacked, robbed, and violated online. The story of email is also the story of how we lost so much of our privacy, and how we might regain it.

  • Real Security Begins At Home (On Your Smartphone)

    When the FBI sued Apple a couple of years ago to compel Apple's help in cracking an iPhone 5c belonging to alleged terrorist Syed Rizwan Farook, the lines seemed clearly drawn. On the one hand, the U.S. government was asserting its right (under an 18th-century statutory provision called the All Writs Act) to force Apple to develop and implement technologies enabling the Bureau to gather all the evidence that might possibly be relevant in the San Bernardino terrorist-attack case. On the other, a leading tech company challenged the demand that it help crack the digital-security technologies it had painstakingly developed to protect users — a particularly pressing concern given that these days we often have more personal information on our handheld devices than we used to keep in our entire homes.

  • Software fault triggered Telstra mobile network outage

    The blackout was the third in May, with an outage to its triple-zero service occurring on 4 May after a cable between Bowral and Orange in NSW was cut due to lightning. On 1 May, the telco suffered an outage of its NBN services and 4G services.

read more

Advanced use of the less text file viewer in Linux

Tue, 2018-05-22 09:38

less is a very powerful program, and contrary to newer contenders in this space, such as most and moar, you are likely to find it on almost all the systems you use, just like vi. So, even if you use GUI viewers or editors, it's worth investing some time going through the less man page, at least to get a feeling of what's available. This way, when you need to do something that might be covered by existing functionality, you'll know to search the manual page or the internet to find what you need.

read more

KDE/Qt and Systemd Events

Tue, 2018-05-22 07:58

Server/OSS: Data Storage, OpenStack, Nextcloud, Puppet

Tue, 2018-05-22 07:55
  • Open Source Storage: 64 Applications for Data Storage

    As data storage needs continue to grow and many organizations move toward software-defined infrastructure, more enterprises are using open source software to meet some of their storage needs. Projects like Hadoop, Ceph, Gluster and others have become very common at large enterprises.

    Home users and small businesses can also benefit from open source storage software. These applications can make it possible to set up your own NAS or SAN device using industry-standard hardware without paying the high prices vendors charge for dedicated storage appliances. Open source software also offers users the option to set up a cloud storage solution where they have control over security and privacy, and it can also offer affordable options for backup and recovery.

  • OpenStack Moves Beyond the Cloud to Open Infrastructure

    The OpenStack Summit got underway on May 21, with a strong emphasis on the broader open-source cloud community beyond just the OpenStack cloud platform itself.

    At the summit, the OpenStack Foundation announced that it was making its open-source Zuul continuous development, continuous integration (CI/CD) technology a new top level standalone project. Zuul has been the underlying DevOps CI/CD system that has been used for the past six years, to develop and test the OpenStack cloud platform.

  • OpenStack makes Zuul continuous delivery tool its second indie project

    The OpenStack Foundation has launched its Zuul continuous delivery and integration tool as a discrete project.

    Zuul is therefore Foundation’s second project other than OpenStack itself. The first was Kata Containers. Making Zuul a standalone effort therefore advance’s the Foundation’s ambition to become a bit like the Linux and Apache Foundations, by nurturing multiple open source projects.

  • OpenStack spins out its Zuul open source CI/CD platform

    There are few open-source projects as complex as OpenStack, which essentially provides large companies with all the tools to run the equivalent of the core AWS services in their own data centers. To build OpenStack’s various systems the team also had to develop some of its own DevOps tools, and, in 2012, that meant developing Zuul, an open-source continuous integration and delivery (CI/CD) platform. Now, with the release of Zuul v3, the team decided to decouple Zuul from OpenStack and run it as an independent project. It’s not quite leaving the OpenStack ecosystem, though, as it will still be hosted by the OpenStack Foundation.

  • Nextcloud 13: How to Get Started and Why You Should

    In its simplest form, the Nextcloud server is "just" a personal, free software alternative to services like Dropbox or iCloud. You can set it up so your files are always accessible via the internet, from wherever you are, and share them with your friends. However, Nextcloud can do so much more.

    In this article, I first describe what the Nextcloud server is and how to install and set it up on GNU/Linux systems. Then I explain how to configure the optional Nextcloud features, which may be the first steps toward making Nextcloud the shell of a complete replacement for many proprietary platforms existing today, such as Dropbox, Facebook and Skype.

  • Why use Puppet for automation and orchestration

    Puppet the company bills Puppet the automation tool as the de facto standard for automating the delivery and ongoing operation of hybrid infrastructure. That was certainly true at one time: Puppet not only goes back to 2005, but also currently claims 40,000 organizations worldwide as users, including 75 percent of the Fortune 100. While Puppet is still a very strong product and has increased its speed and capabilities over the years, its competitors, in particular Chef, have narrowed the gap.

    As you might expect from the doyenne of the IT automation space, Puppet has a very large collection of modules, and covers the gamut from CI/CD to cloud-native infrastructure, though much of that functionality is provided through additional products. While Puppet is primarily a model-based system with agents, it supports push operations with Puppet Tasks. Puppet Enterprise is even available as a service on Amazon.

read more

Oregan unveils new middleware for Linux STBs and Android TV

Tue, 2018-05-22 07:39

Oregan Networks, a provider of digital TV software services, has announced the launch of a new set-top box client middleware product for pay-TV operators called SparQ. The software is designed to work on the most challenging and resource-limited STB platforms in the field, making it feasible to introduce new OTT content services and applications on customer devices that were deployed as part of the first wave of IPTV and hybrid broadcast deployments.

read more

Pages