Feed aggregator

Couchbase and the future of NoSQL databases

LXer - Thu, 2016-10-13 12:00
Couchbase is a NoSQL, document-oriented database for building interactive applications. Trends in the open source database industry show positive growth as NoSQL is used for web, mobile, and the Internet of Things (IoT).read more

OpenStack: Newton, OpenStack Day, and Contributors

TuxMachines - Thu, 2016-10-13 11:24
  • OpenStack Newton promises better resiliency, scalability and security

    OpenStack has released the latest edition of its popular open-source Infrastructure-as-a-Service (IaaS) cloud: Newton. With broad industry support from more than 200 vendors — including Cisco, Dell, HP Enterprise, IBM, Intel, Oracle, Rackspace, Red Hat, SUSE and VMware — this version should quickly see wide deployment.

    This release features numerous new features. Perhaps the most important is simply making OpenStack easier to use. OpenStack is powerful, but it’s notoriously hard to master. While OpenStack classes are becoming more common, even with help, mastering OpenStack isn’t easy.

  • Lessons learned as an OpenStack Day organizer
  • Recognizing OpenStack Cloud Contributors--Including Those Who Don't Code

    Although it is still a very young cloud computing platform, each week there is more evidence of how entrenched OpenStack has become in enterprises and even in smaller companies. In fact, just this week, we reported on findings that show OpenStack adoption in the telecom industry to be widespread.

    Contributors are a big part of what has driven OpenStack's success, and as the OpenStack Summit approaches, there are several new initiatives being put in place to serve up recognition for meaningful contributors. Notably, the recognition is going to partially go to those who actually contribute code, but there will also be recognition of other forms of giving to OpenStack.

read more

KDE Leftovers

TuxMachines - Thu, 2016-10-13 11:12
  • How to make animated videos with Krita

    There are lots of different kinds of animation: hand-drawn, stop motion, cut-out, 3D, rotoscoping, pixilation, machinima, ASCII, and probably more. Animation isn't easy, by any means; it's a complex process requiring patience and dedication, but the good news is open source supplies plenty of high-quality animation tools.

    Over the next three months I'll highlight three open source applications that are reliable, stable, and efficient in enabling users to create animated movies of their own. I'll concentrate on three of the most essential disciplines in animation: hand-drawn cel animation, digitally tweened animation, and stop motion. Although the tools are fairly specific to the task, these principles apply to other styles of animation as well.

    You can read about some of the more technical details about animation in Animation Basics by Nikhil Sukul.

  • Kdenlive 16.08.2 Open-Source Video Editor Released with Over 35 Improvements

    Today, October 13, 2016, Kdenlive developer Farid Abdelnour announced the release and immediate availability of the second maintenance update to the Kdenlive 16.08 open-source video editor software project.

    Distributed as part of the soon-to-be-released KDE Applications 16.08.2 software suite for the latest KDE Plasma 5.8 LTS desktop environment, Kdenlive 16.08.2 is here five weeks after the release of the previous maintenance version with no less than 36 improvements and bug fixes, addressing keyframe, UI, workflow, compilation, and proxy clip rendering related issues reported by users.

  • Qt 5.6.2 Toolkit Officially Released with Almost 900 Improvements and Bug Fixes

    Today, October 12, 2016, the Qt Company, through Tuukka Turunen, announced the general availability of the second maintenance release to the long-term supported Qt 5.6 open-source and cross-platform GUI toolkit.

    Qt 5.6.2 is here four months after the release of the first maintenance version, Qt 5.6.1, bringing approximately 900 improvements and bug fixes to keep Qt 5.6 a stable and reliable release for Qt application developers on GNU/Linux, Mac OS X, and Microsoft Windows operating systems.

    "This is the second patch release to the long-term supported Qt 5.6, and there will still be more patch releases to come. While a patch release does not bring new features, it contains security fixes, error corrections and general improvements," says Tuukka Turunen in today's announcement.

read more

Linux Graphics

TuxMachines - Thu, 2016-10-13 11:04

read more

Games for GNU/Linux

TuxMachines - Thu, 2016-10-13 11:03

read more

KDE Plasma 5.8 LTS Gets Its First Point Release with Many Wayland Improvements

LXer - Thu, 2016-10-13 10:51
The KDE Project proudly announced the general availability of the first point release of the KDE Plasma 5.8 LTS desktop environment, versioned 5.8.1.

Authorities Opening Up

TuxMachines - Thu, 2016-10-13 09:47
  • NL Parliament makes open standards mandatory

    The use of open standards will be made mandatory for public administrations. A law proposal by MP Astrid Oosenbrug was adopted by the Parliament’s lower house yesterday. According to the MP, the open standards requirement will be one of several changes to the country’s administrative law, introduced next year. “The minister has earlier agreed to make open standards mandatory”, she said. “The parliament is making sure this actually happens.”

    The first public administration that should improve its use of open standards, is the Parliament’s lower house itself, MP Oosenbrug said. “Ironically, lower house published the adopted law on its website by providing a download link to a document in a proprietary format.”

  • France adds source code to list of documents covered by freedom of information laws

    French freedom of information law now treats source code as disclosable in the same way as other government records.

    The new "Digital Republic" law took effect Saturday, with its publication in France's Official Journal.

    It adds source code to the long list of government document types that must be released in certain circumstances: dossiers, reports, studies, minutes, transcripts, statistics, instructions, memoranda, ministerial replies, correspondence, opinions, forecasts and decisions.

    But it also adds a new exception to existing rules on access to administrative documents and reuse of public information, giving officials plenty of reasons to refuse to release code on demand.

    These rules already allow officials to block the publication of documents they believe threaten national security, foreign policy, personal safety, or matters before court or under police investigation, among things.

    Now they can oppose publication if they believe it threatens the security of government information systems.

  • CMPD launches 'Open Source Data' page to share police info with public

    Charlotte-Mecklenburg Police announced Wednesday the launch of its “Open Source Data” page on the department’s website.

    Police say the information source is a step forward in how they share information with the public and is an “opportunity for even greater accountability and transparency” with the Charlotte community. The department faced criticism in the wake of the Keith Scott shooting as protesters said CMPD should have been more transparent during their investigation of the incident.

read more

Android and Tizen Leftovers

TuxMachines - Thu, 2016-10-13 09:44

read more

Huawei Linux Devices

TuxMachines - Thu, 2016-10-13 09:43
  • Huawei Mate 9 leaked in flat and curved-screen variants

    Evan Blass has leaked renders of two variants of the upcoming Huawei Mate 9: a flat-screened and dual curved screen version that looks an awful lot like the Galaxy Note 7. While the wrapping will come off the new phone/s on November 3 in Munich, these renders are apparently the real deal and Blass’ sources have confirmed that the previously leaked Mate 9 specs are legit.

  • Huawei launches Honor 8 in India, along with Honor 8 Smart
  • Huawei Teases Honor S1 smartwatch, No mention of Android Wear

    Huawei is currently teasing their new smartwatch which is to be released under the Honor brand named as the Honor S1. The Chinese manufacturer has an event scheduled for October 18 at which we expect the S1 to be unveiled. But could it be running Tizen ? Huawei are already known as stating they will not release anymore Android wear smartwatches for the remainder of this year, so this leaves either Tizen or some other proprietary OS. According to a report in the JoongAng Ilbo newspaper Huawei are currently working with Samsung to deploy the Tizen operating system in its next smartwatches.

TripleO QuickStart KSM vs instack-virt-setup deploying RDO Newton HA Overcloud

LXer - Thu, 2016-10-13 09:43
Posting below is supposed to demonstrate KSM implementation on QuickStart providing significant relief on 32 GB VIRTHOST vs quite the same deployment described in previous draft .

Security News

TuxMachines - Thu, 2016-10-13 09:41
  • Just Too Much Administration – Breaking JEA, PowerShell’s New Security Barrier

    Just Enough Administration (JEA) is a new Windows 10/Server 2016 feature to create granular least privilege policies by granting specific administrative privileges to users, defined by built-in and script-defined PowerShell cmdlets. Microsoft's documentation claimed JEA was a security boundary so effective you did not need to worry about an attacker stealing and misusing the credentials of a JEA user.

    But every JEA role capability example I found Microsoft had published had vulnerabilities that could be exploited to obtain complete system administrative rights, most of them immediately, reliably, and without requiring any special configuration. I find it hard to believe most custom role capabilities created by system administrators in the wild are going to be more secure than these, given the track record of the functionally similar features in Linux, the non-obvious nature of vulnerabilities, and the importance of dangerous cmdlets to routine system troubleshooting and maintenance.

    I recommended Microsoft invert what their JEA articles and documentation said about security. Instead of leading with statements that JEA was a security barrier, users with JEA rights should not be considered administrators, and their credentials do not need to be protected like real administrators with a note that this may not be the case if you are not careful; Microsoft's JEA documentation should lead with statements that JEA should not be treated like a security barrier and users with JEA rights and their credentials should be tightly controlled exactly like normal administrators unless the role capabilities have been strictly audited by security professionals. Additionally, the README files and comments of their example role capabilities should start with stern reminders of this.

  • Thousands of internet-connected devices are a security disaster in the making

    The first problem: many IoT devices, like those cameras, are consumer-oriented, which means their owners don't have a security-conscious IT department. "Individuals do not have the purchasing power of a large corporation," says John Dickson, principal of Denim Group, "so they cannot demand security features or privacy protections that a large corporation can of an a product or software vendor."

    PC Pitstop Vice President of Cyber Security Dodi Glenn points out that many IoT purchasers neglect basic security measures, failing to change passwords from obvious defaults. And even if they did want to secure their devices, there are limits to what they can do: "You can't secure these devices with antivirus applications."

  • A SSHowDowN in security: IoT devices enslaved through 12 year old flaw

    In what researchers call the "Internet of Unpatchable Things," a 12-year-old security flaw is being exploited by attackers in a recent spate of SSHowDowN Proxy attacks.

    The Internet of Things (IoT) is an emerging market full of Wi-Fi and networked devices including routers, home security systems, and lighting products. While the idea of making your home more efficient and automating processes is an appealing one, unfortunately, vendors en masse are considering security as an afterthought for thousands of devices now in our homes, leaving our data vulnerable.

  • Microsoft was unable to meaningfully improve the software

    Documents in a class-action lawsuit against Ford and its original MyFord Touch in-vehicle infotainment (IVI) system reveal that the company's engineers and even its top executive were frustrated with the problematic technology.

    The documents from the 2013 lawsuit show Ford engineers believed the IVI, which was powered by the SYNC operating system launched in 2010, might be "unsaleable" and even described a later upgrade as a "polished turd," according to a report in the Detroit News, which was confirmed by Computerworld.

    The SYNC OS was originally powered by Microsoft software. Microsoft continued releasing software revisions it knew were defective, according to the lawsuit.

    "In the spring of 2011, Ford hired Microsoft to oversee revisions, and hopefully the improvement, of the [software]. But ... Microsoft was unable to meaningfully improve the software, and Ford continued releasing revised software that it knew was still defective," the lawsuit states.

    Last week, a U.S. District Court judge certified the case as a class action.

  • Senator wants nationwide, all-mail voting to counter election hacks

    "It's not a question of if you're going to get hacked—it's when you're going to get hacked."

    Those were the words of Verizon CEO Lowell McAdam as he sought to assure investors last week that the company is still interested in purchasing Yahoo despite the massive data breach of Yahoo consumer accounts.

    Whether McAdam's words ring true for the hodgepodge of election systems across the US is anybody's guess. But in the wake of the Obama administration's announcement that the Russian government directed hacks on the Democratic National Committee and other institutions to influence US elections, a senator from Oregon says the nation should conduct its elections like his home state does: all-mail voting.

  • SourceClear Adds Atlassian Stack to Its Open Source Security Platform

    Open source security company SourceClear said it is integrating Atlassian’s suite of developer tools including Bitbucket Pipelines, JIRA Server, JIRA Cloud, and Bamboo into the company’s open source platform. The integration will result in automated security checks being a part of the developer workflow before they ship code.

read more

Why You Should Seriously Care About SSH User Keys

LXer - Thu, 2016-10-13 08:34
A recent film chronicled the downfall of the US subprime home loan market, and its parallels to the current state of Secure Shell (SSH) protocol and SSH user keys were astonishing. The first parallel is the understanding of the problem - or lack thereof.

Video: How to configure keyboard layouts in Cinnamon 2 and 3

LinuxToday - Thu, 2016-10-13 08:00

 DarkDuck: Learn the process of changing the default keyboard layout in Cinnamon Desktop Environment versions 2 and 3.


Subscribe to LinuxInsight aggregator