Feed aggregator

Unity Rolls Out Vulkan Renderer In Preview Form

Phoronix - Thu, 2016-09-29 16:30
Unity today rolled out their first public preview of their Vulkan renderer for this popular cross-platform game engine...

Minijail: Google’s Tool To Safely Run Untrusted Programs

Linux.com - Thu, 2016-09-29 16:30

Google’s Minijail sandboxing tool could be used by developers and sysadmins to run untrusted programs safely for debugging and security checks, according to Google Software Engineer Jorge Lucangeli Obes, who spoke last month at the Linux Security Summit. Obes is the platform security lead for Brillo, Google's Android-based operating system for Internet-connected devices.

Qubes OS 3.2 has been released!

TuxMachines - Thu, 2016-09-29 16:29

I’m happy to announce that today we’re releasing Qubes OS 3.2!

This is an incremental improvement over the 3.1 version that we released earlier this year. A lot of work went into making this release more polished, more stable and easier to use than our previous releases.

One major feature that we’ve improved upon in this release is our integrated management infrastructure, which was introduced in Qubes 3.1. Whereas before it was only possible to manage whole VMs, it is now possible to manage the insides of VMs as well.

read more

Red Hat claims headway in Asia, bets big on container and hybrid cloud

TuxMachines - Thu, 2016-09-29 16:26

While the smallest in terms of revenue contribution, Asia is Red Hat's fastest growing region and is likely to continue its upwards trajectory as emerging markets roll out new infrastructure.

Developing nations in the region were embarking on many net new infrastructure projects, rather than replacement for existing technology, and open source would be involved in a large share of such projects. The decisions on which technology to deploy would rarely be between proprietary or open source, but rather on which open source vendor to go with or to do so internally, said Red Hat President and CEO Jim Whitehurst.

read more

PostgreSQL 9.6 Officially Released With Parallel Query Support

Phoronix - Thu, 2016-09-29 16:26
The PostgreSQL 9.6 database server is now officially released as the project's latest feature release...

LibreOffice Office Suite Celebrates 6 Years of Activity with LibreOffice 5.2.2

TuxMachines - Thu, 2016-09-29 16:20

Today, September 29, 2016, Italo Vignoli from The Document Foundation informs Softpedia via an email announcement about the general availability of the first point release of the LibreOffice 5.2 open-source and cross-platform office suite.

On September 28, the LibreOffice project celebrated its 6th anniversary, and what better way to celebrate than to push a new update of the popular open source and cross-platform office suite used by millions of computer users worldwide. Therefore, we would like to inform our readers about the general availability of LibreOffice 5.2.2, which comes just three weeks after the release of LibreOffice 5.2.1.

"Just one day after the project 6th anniversary, The Document Foundation (TDF) announces the availability of LibreOffice 5.2.2, the second minor release of the LibreOffice 5.2 family," says Italo Vignoli. "LibreOffice 5.2.2, targeted at technology enthusiasts, early adopters and power users, provides a number of fixes over the major release announced in August."

read more

LibreOffice Office Suite Celebrates 6 Years of Activity with LibreOffice 5.2.2

LinuxToday - Thu, 2016-09-29 16:00

On September 28, the LibreOffice project celebrated its 6th anniversary, and what better way to celebrate than to push a new update

OSS Leftovers

TuxMachines - Thu, 2016-09-29 15:52
  • But is it safe? Uncork a bottle of vintage open-source FUD

    Most of the open source questioners come from larger organisations. Banks very rarely pop up here, and governments have long been hip to using open source. Both have ancient, proprietary systems in place here and there that are finally crumbling to dust and need replacing fast. Their concerns are more oft around risk management and picking the right projects.

    It’s usually organisations whose business is dealing with actual three dimensional objects that ask about open source. Manufacturing, industrials, oil and gas, mining, and others who have typically looked at IT as, at best, a helper for their business rather than a core product enabler.

    These industries are witnessing the lighting fast injection of software into their products - that whole “Internet of Things” jag we keep hearing about. Companies here are being forced to look at both using open source in their products and shipping open source as part of their business.

    The technical and pricing requirements for IoT scale software is a perfect fit for open source, especially that pricing bit. On the other end - peddling open source themselves - companies that are looking to build and sell software-driven “platforms” are finding that partners and developers are not so keen to join closed source ecosystems.

    These two pulls create some weird clunking in the heads of management at these companies who aren’t used to working with a sandles and rainbow frame of mind. They have a scepticism born of their inexperience with open source. Let’s address some of their trepidation.

  • Real business innovation begins with open practices

    To business leaders, "open source" often sounds too altruistic—and altruism is in short supply on the average balance sheet. But using and contributing to open source makes hard-nosed business sense, particularly as a way of increasing innovation.

    Today's firms all face increased competition and dynamic markets. Yesterday's big bang can easily become today's cautionary tale. Strategically, the only viable response to this disruption is constantly striving to serve customers better through sustained and continuous innovation. But delivering innovation is hard; the key is to embrace open and collaborative innovation across organizational walls—open innovation.

    Open source communities' values and practices generate open innovation, and working in open source is a practical, pragmatic way of delivering innovation. To avoid the all-too-real risk of buzzword bingo we can consider two definitions of "innovation":

    creating value (that serves customer needs) to sell for a profit; or
    reducing what a firm pays for services.

  • This Week In Servo 79

    In the last week, we landed 96 PRs in the Servo organization’s repositories.

    Promise support has arrived in Servo, thanks to hard work by jdm, dati91, and mmatyas! This does not fully implement microtasks, but unblocks the uses of Promises in many places (e.g., the WebBluetooth test suite).

    Emilio rewrote the bindings generation code for rust-bindgen, dramatically improving the flow of the code and output generated when producing Rust bindings for C and C++ code.

    The TPAC WebBluetooth standards meeting talked a bit about the great progress by the team at the University of Szeged in the context of Servo.

  • Servo Web Engine Now Supports Promises, Continues Churning Along

    It's been nearly two months since last writing about Mozilla's Servo web layout engine (in early August, back when WebRender2 landed) but development has kept up and they continue enabling more features for this next-generation alternative to Gecko.

    The latest is that Servo now supports JavaScript promises. If you are unfamiliar with the promise support, see this guide.

    The latest Servo code has improvements around its Rust binding generator for C and C++ code plus other changes.

  • Riak TS for time series analysis at scale

    Until recently, doing time series analysis at scale was expensive and almost exclusively the domain of large enterprises. What made time series a hard and expensive problem to tackle? Until the advent of the NoSQL database, scaling up to meet increasing velocity and volumes of data generally meant scaling hardware vertically by adding CPUs, memory, or additional hard drives. When combined with database licensing models that charged per processor core, the cost of scaling was simply out of reach for most.

    Fortunately, the open source community is democratising large scale data analysis rapidly, and I am lucky enough to work at a company making contributions in this space. In my talk at All Things Open this year, I'll introduce Riak TS, a key-value database optimized to store and retrieve time series data for massive data sets, and demonstrate how to use it in conjunction with three other open source tools—Python, Pandas, and Jupyter—to build a completely open source time series analysis platform. And it doesn't take all that long.

  • Free Software Directory meeting recap for September 23rd, 2016

read more

Security News

TuxMachines - Thu, 2016-09-29 15:50
  • security things in Linux v4.5
  • Time to Kill Security Questions—or Answer Them With Lies

    The notion of using robust, random passwords has become all but mainstream—by now anyone with an inkling of security sense knows that “password1” and “1234567” aren’t doing them any favors. But even as password security improves, there’s something even more problematic that underlies them: security questions.

    Last week Yahoo revealed that it had been massively hacked, with at least 500 million of its users’ data compromised by state sponsored intruders. And included in the company’s list of breached data weren’t just the usual hashed passwords and email addresses, but the security questions and answers that victims had chosen as a backup means of resetting their passwords—supposedly secret information like your favorite place to vacation or the street you grew up on. Yahoo’s data debacle highlights how those innocuous-seeming questions remain a weak link in our online authentication systems. Ask the security community about security questions, and they’ll tell you that they should be abolished—and that until they are, you should never answer them honestly.

    From their dangerous guessability to the difficulty of changing them after a major breach like Yahoo’s, security questions have proven to be deeply inadequate as contingency mechanisms for passwords. They’re meant to be a reliable last-ditch recovery feature: Even if you forget a complicated password, the thinking goes, you won’t forget your mother’s maiden name or the city you were born in. But by relying on factual data that was never meant to be kept secret in the first place—web and social media searches can often reveal where someone grew up or what the make of their first car was—the approach puts accounts at risk. And since your first pet’s name never changes, your answers to security questions can be instantly compromised across many digital services if they are revealed through digital snooping or a data breach.

  • LibreSSL and the latest OpenSSL security advisory

    Just a quick note that LibreSSL is not impacted by either of the issues mentioned in the latest OpenSSL security advisory - both of the issues exist in code that was added to OpenSSL in the last release, which is not present in LibreSSL.

  • Record-breaking DDoS reportedly delivered by >145k hacked cameras

    Last week, security news site KrebsOnSecurity went dark for more than 24 hours following what was believed to be a record 620 gigabit-per-second denial of service attack brought on by an ensemble of routers, security cameras, or other so-called Internet of Things devices. Now, there's word of a similar attack on a French Web host that peaked at a staggering 1.1 terabits per second, more than 60 percent bigger.

    The attacks were first reported on September 19 by Octave Klaba, the founder and CTO of OVH. The first one reached 1.1 Tbps while a follow-on was 901 Gbps. Then, last Friday, he reported more attacks that were in the same almost incomprehensible range. He said the distributed denial-of-service (DDoS) attacks were delivered through a collection of hacked Internet-connected cameras and digital video recorders. With each one having the ability to bombard targets with 1 Mbps to 30 Mbps, he estimated the botnet had a capacity of 1.5 Tbps.

    On Monday, Klaba reported that more than 6,800 new cameras had joined the botnet and said further that over the previous 48 hours the hosting service was subjected to dozens of attacks, some ranging from 100 Gbps to 800 Gbps. On Wednesday, he said more than 15,000 new devices had participated in attacks over the past 48 hours.

read more

Android Leftovers

TuxMachines - Thu, 2016-09-29 15:48

read more

GNU/Linux/FOSS Events

TuxMachines - Thu, 2016-09-29 15:42
  • PyCon 2016

    I come from a place where everyone worships competitive coding and thus cpp, so the experience of attending my first pycon was much awaited for me.

    This year’s PyCon India happened in Delhi and i along with a couple of my friends reached on 23rd September, the first day. We were a bit late but it was all right because, we didn’t miss anything.

  • What do you have to say? Share it at LibrePlanet 2017
  • LibrePlanet returns March 25-26, 2017, call for proposals for annual free software conference now open

    LibrePlanet is an annual conference for free software enthusiasts. The conference brings together software developers, policy experts, activists and computer users to learn skills, share accomplishments and face challenges to software freedom. Newcomers are always welcome, and LibrePlanet 2017 will feature programming for all ages and experience levels.

    This year, the theme of LibrePlanet is "The Roots of Freedom." This encompasses the historical "roots" of the free software movement -- the Four Freedoms, the GNU General Public License and copyleft, and a focus on strong security and privacy protections -- and the concept of roots as a strong foundation from which the movement grows.

    "LibrePlanet is an impactful, exciting free software conference. Attendance has grown each year, yet the community-minded atmosphere has grown even stronger," said John Sullivan, executive director of the FSF.

  • The Linux Foundation Announces Session Lineup for MesosCon Asia

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the schedule for MesosCon Asia, taking place November 18-19 in Hangzhou, China.

read more

Google’s Open Source Fuchsia OS: The Mystery Linux Distro

Linux.com - Thu, 2016-09-29 15:40

Few things are more tantalizing than a good mystery, and Google is making waves for an open source-centric mystery that may end up having profound implications. It all started in August when an extensive and unusual code repository for a new operating system called Fuchsia was discovered online, and now the growing source code set is on GitHub.

Node.js 6.x LTS coming to EPEL 7

LXer - Thu, 2016-09-29 15:37
What is Node.js? Node.js® is a JavaScript runtime built on Chrome’s V8 JavaScript engine. It uses an event-driven, non-blocking I/O model that makes it lightweight and efficient. Its package ecosystem, npm, is the largest ecosystem of open source libraries in the world.... Continue Reading →

Mesa Looks At Switching To Jemalloc For Faster Performance

Phoronix - Thu, 2016-09-29 15:15
Marek Olšák is looking at using the jemalloc memory allocator for faster GLSL compilation and ultimately could redirect all malloc/calloc/realloc/free calls in Mesa to using jemalloc...

Dig into DNS: Part 4

Linux.com - Thu, 2016-09-29 15:00
Title: Dig into DNS: Part 429 SepLearn more

More on Russia Moving to FOSS

TuxMachines - Thu, 2016-09-29 14:43
  • Moscow Drops Microsoft on Putin’s Call for Self-Sufficiency

    Moscow city will replace Microsoft Corp. programs with domestic software on thousands of computers in answer to President Vladimir Putin’s call for Russia’s authorities to reduce dependence on foreign technology amid tensions with the U.S. and Europe.

    The city will initially replace Microsoft’s Exchange Server and Outlook on 6,000 computers with an e-mail system installed by state-run carrier Rostelecom PJSC, Artem Yermolaev, head of information technology for Moscow, told reporters Tuesday. Moscow may expand deployment of the new software, developed by Russia’s New Cloud Technologies, to as many as 600,000 computers and servers, and may also consider replacing Windows and Office, Yermolaev said.

  • Why Microsoft is getting the cold shoulder from Moscow

    Since the German city of Munich decided to ditch Microsoft Windows and Office, a growing number of European agencies have followed suit - from France's national police force to the Italian military.

    The latest authority to turn its back on Microsoft is reportedly Moscow City Hall, which is transferring employee email from Microsoft Exchange Server and Outlook to the Russian-built MyOffice Mail.

    About 6,000 Moscow state employees will be switched over, including teachers, doctors and civil servants. If the move is a success, the city will consider shifting 600,000 PCs and servers away from Microsoft, and may also replace Windows and Office, according to Bloomberg.

  • Moscow will replace Microsoft's products with local offerings

    Microsoft might lose a whole city of customers in Russia. According to Bloomberg, Moscow will begin replacing Redmond's products with homegrown software as a result of Vladimir Putin's urging to stop depending on foreign tech. Artem Yermolaev, the city's head of information technology, told reporters that Moscow will begin by dropping Microsoft's Exchange Service and by replacing Outlook on 6,000 computers with state-run carrier Rostelecom PJSC's email system. Authorities are looking to deploy the email software to as many as 600,000 computers in the future. They might even replace Windows and the Office suite entirely, though there seems to be no solid plan for that at the moment.

read more

The Tiny Internet Project, Part I

LXer - Thu, 2016-09-29 14:40
As LJ readers well know, Linux drives many of thetechnologies we use every day, from smart TVs to Web servers. Linux iseverywhere—except most homes and classrooms.

Pages

Subscribe to LinuxInsight aggregator