Put your tuxedo on

Getting better over time?

SUSAN created this site a very long time ago, more than a decade and a half in the past. Susan did a spectacular job. With regular news updates she managed to grow the site in terms of pages, screenshots, reviews, readers, and contributors. We are eternally thankful to her.

Rianne and I have run the site since 2013. 2020 is around the corner (just over 3 weeks left!) and that makes another new decade. In terms of site traffic we continue to grow. Other than Rianne and I posting news updates 'around the clock' there's already a systems administrator who volunteered to help keep the site chugging along. We are very thankful to him. He prefers to remain unnamed. So Tux Machines is basically not a one-person operation. It is basically a team of three people now (in addition to various people who add posts/links). Rianne (based in the UK) usually takes the lead with breaking stories, I tend to post summaries or clusters of related links and system integrity/uptime is assured from Scandinavia. The hypervisor is physically in the United States. We're a sort of international team with no income source (other than our jobs).

If you enjoy the site and find it handy, maybe you wish to drop us a tip for Christmas as a token of gratitude. Anything helps, even a cup of coffee's worth. Coffee helps keep us awake to post more links. █

Kali Linux for android devices under ten minutes in just few steps.
Kali Linux for android

Watching videos/photos of Koalas being rescued from a charred/burning forests in Australia is heart-breaking and devastating. More than 350 Koalas are reported being dead and these numbers are growing. Those who live far from Australia (just like me) can't help physically rescue them, but a small amount of money/donation to sustain the hospital/facilities, volunteers and rescuers is of great help. Koala is just one of the many species that perish from the bushfire and they need our help, so please donate through the GoFundMe page and through other legitimate websites. Help those who support animal welfare. █

YAY! It's Tux Machines' 130 thousandth post! (node) █

THE site Tux Machines is and has been online for over 15 years. It has not suffered security-related incidents. The same is true for Techrights, which soon turns 13. Tux Machines uses Gallery and Drupal, whereas Techrights uses MediaWiki, WordPress and Drupal. WordPress is its most important component as it contains over 26,000 posts. Tux Machines has about 130,000 nodes in Drupal. We don't use a CDN as we have a reasonably powerful server that can cope with the load on its own. For security we use best practices and keep critical issues plugged. I was recently asked for advice on these matters and explained things as follows.

There are mainly two types of attacks (maybe three if one includes social engineering, e.g. tricking a citizen journalist/blogger/administrator into a trap):

1) capacity-based, e.g. DDOS attack

2) exploiting vulnerabilities to degrade/compromise site's quality of service (similar to (1) above but not the same), access site data (confidential), spy on people (writers/staff/visitors) without them being aware.

WordPress runs lots of stuff and powers a lot of the Web, maybe 20% (or more) of today's Web sites. It's regularly checked for security issues and bugs are regularly fixed. Updates can be set to automatic, which means they happen in the background without user intervention. I check the site for updates several times per day, e.g. this one from yesterday.

I've used WordPress for 15 years as an early adopter and developer.

What's known as the "core" of WordPress is generally secure if kept up to date, manually or automatically (for large sites it might make sense to apply patches manually to reduce risk of unnoticed incidents and enable quality control, patch assessment etc). It's also important to keep the underlying operating system and pertinent packages like PHP (programming language), mysql/psql (WordPress and Drupal typically use MariaDB or MySQL as the database, but PostgreSQL should be possible too) and Apache (there are simpler alternatives e.g. NGINX for Web server) up to date.

If we get to keep everything up to date, and moreover we don't install WordPress extensions that cannot be trusted or are no longer maintained (or scarcely maintained), we should be OK. The social engineering part involves stuff such as phishing, e.g. someone sending out an E-mail in an attempt to obtain passwords of privileged users.

If you use a CDN for content distribution, e.g. CloudFlare, then availability will be mostly down to the CDN company. WordPress generates pages on the fly (dynamic), but it has caching mechanisms that can be further improved with extensions. The CDN likely obviates the need for those. So, if the site is receiving 'too many' requests, the CDN can probably scale to deal with that (maybe a more expensive protection plan).

I peronsally would never use CloudFlare (for a lot of reasons), but to many people it's the only CDN that 'counts' or exists. Brand recognition perhaps. █

About 8 months ago we had the chance to meet Meng Meng (above) and Jiao Qing, the female and male pandas on loan to Berlin Zoo in Germany. I took lots of photos with them and we stayed in their Pagoda sanctuary a little longer. Seeing them eating, napping and wandering inside their secured place brings joy to my heart. I don't really like seeing animals in the zoo, but if this is the only way to keep and protect them from any harm or from becoming extinct, then so be it. Today, in the news (video) the two adorable pandas became parents as they were having twins; this is good news and I'm so happy for them both. To Meng Meng and Jiao Qing (and also to Berlin Zoo), congratulations! █

Daylight Linux (Web site) version 4 has just been released.

The Linux kernel is now upgraded to the 5.3 version for the AMD64 live version and Kernel 4.19.68 for the Raspberry Pi version.

All packages are upgraded to the Debian 10 version or to the cutting-edge version (experimental) for all current software packages.

Added compatibility for the Raspberry Pi 4. █

By Hamdy Abou El Anein
Founder / Linux system engineer

Everything Microsoft touched has died. Remember Nokia, Yahoo and Novell? What happened to these companies and where are they now? This is exactly what Microsoft wants to do to Linux because they don't innovate and they can't compete; so they infiltrate. Sooner or later Linux will be part of those latter companies. Something to watch out for. █

TUX MACHINES turned 15 almost exactly two months ago. The site has operational costs, as one can expect, mostly the hardware and bandwidth. We've thankfully had these resources very kindly donated to us last year, basically saving us the massive burden of bills somewhere around $10,000. Running a site with a lot of traffic isn't cheap and it isn't getting cheaper, either. As an overhead or addition to server maintenance (uptime requires habitual work on repairing databases, managing backups, patching of software and agonising system upgrades once in a few years) it takes a lot of time to compose new material and moderate to keep spam out.

A lot of the mainstream media is bashing Linux Journal right now. It makes it seem like its demise is a problem with GNU/Linux itself. These are villainous lies from self-serving foes of Linux, sometimes people who are aligned with Microsoft or salaried by Microsoft (we don't want to link to their provocative clickbait). But anyway, the bottom line is that keeping Linux Journal online may be costly and people should prepare for the possibility of Linux Journal becoming unavailable (offline) some time soon. I try very hard to prevent this (today and yesterday). "There is a real (and ever-growing) danger that a massive trove of GNU/Linux and Free software history will vanish unless urgent action is taken right now," I said. There are ways to avoid this (writers of that site need to unite in a union-like sense). I also secure my own sites from such a fate, having reached almost 13 years in Techrights. This week the site is experiencing all-time traffic records.

I've decided to contact Rick Falkvinge (Dick Greger Augustsson), founder of the Swedish Pirate Party and head of privacy at Private Internet Access, which owns Linux Journal. Bear in mind he used to work for Microsoft. We're still friendly online (we've exchanged some messages over the years) and he probably has sufficient clout at Private Internet Access to sway their decisions. In case they plan to shut down the site, we must act fast. Please contact him; as per his Web site, his E-mail address is x1bpsas66na001@sneakemail.com and any message he receives he can relay to other high-level people at the company. I don't personally know anyone else at that company, so that's the only contact I'm able to provide. █

Summary: A very old cartoon/column (half a century old) rewritten to explain where Microsoft stands when it comes to "loving" Linux

Access full album

2005

2010

2012

2013

Late 2013

2014

2015

2019

Summary: Anniversary of Tux Machines is today, a special anniversary too

Today Tux Machines is celebrating its 15^th year of existing. When we bought the website it was about 10 years old, so kudos to Susan Linton who devoted time to make and keep the site on pace. We promise to keep the website up to date with lots of insightful OSS/FOSS/Linux/Android-related articles. We hope to continue the job well into the distant future. █

Cake on the way...

THE MEDIA online is dying. It's no secret. Not all sorts of media are dying but traditional media struggles to survive. Causes for these have been explained for years if not more than a decade. This won't be the subject of this post.

Tux Machines does not produce a lot of original material. Susan used to publish GNU/Linux reviews (with galleries of screenshots), but other than that we mostly cluster and syndicate news. This has been the case for nearly 15 years (our anniversary is next month).

Each year it feels like mainstream media produces a lot less stories (not just about GNU/Linux but about anything, in general terms). So we're 'mining' more and more RSS feeds, typically of blogs. Do you have a GNU/Linux blog or know one/s you wish to recommend? Let us know in the IRC channel because we always hunt for more news sources, no matter if they're 'mainstream' or not as long as they're credible, reliable, and on topic. █

1. Thou shalt not host a FOSS project outside GitHub (otherwise it won’t ‘count’)
2. Thou shalt not edit code without Visual Studio (which now has an “open” — albeit spying and malicious — component for openwashing purposes)
3. Thou shalt not code without .NET (or Mono)
4. Thou shalt not use a voting machine without Windows (we have just announced some openwashing component to make up for the NSA back doors that compromise elections worldwide)
5. Thou shalt not boot GNU/Linux as a standalone operating system (UEFI might not permit this anyway, unless we sign for approval)
6. Thou shalt not get get a GNU/Linux distribution outside our Store
7. Thou shalt not buy a computer without Windows preinstalled; those are “naked PCs” and everyone who buys such PCs is a “pirate”
8. Thou shalt not disparage or even publicly criticise our staff (that would be in violation of GitHub rules, a Code of Conduct, T&C and so on)
9. Thou shalt not report back doors in our software or leak NSA tools that take advantage of these (there’s a prison sentence for doing so)
10. Thou shalt not write in mass media things that refute our narrative (proving that we are chronic liars); we would bribe the publication using advertising money and have you sacked
11. Thou shalt not use open formats such as OpenDocument except inside Microsoft Office, which is incompatible with all other software (by design)
12. Thou shalt not distribute Linux without paying Microsoft for patents; we’re still suing companies (in 2019) for having the audacity to do so
13. Thou shalt not host a site or a service outside Azure; we'd sic patent trolls at you
14. Thou shalt not oppose Microsoft’s lock-in and proprietary software shims inside Linux; we’d send our media partners (Condé Nast) to oust you, at least for a month if not permanently
15. Thou shalt not report our crimes to the authorities; doing so would make you a “toxic”, “intolerant” person
16. Thou shalt not use the GPL unless all other options have been exhausted
17. Thou shalt not adopt a Web browser other than MSIE or our rebranded Chrome, also known as Edge; we’d occasionally tinker with your computer’s settings to remind you to quit using other browsers or refuse the download of such “malware”

NOT many Internet enterprises or even protocols outlast the Web. IRC is under attack, E-mail is being hijacked by large corporations (the business model of spying), and copyright monopolies compel ISPs to disconnect from USENET. Even without the Web there's a similar problem; not many sites last a decade; some last a few years until interest is lost or life-changing events cause stagnation and ultimately shutdown (it's not cheap to keep a domain registered and it can be technically difficult to keep a host going). Some sites or blogs remain active only for days, weeks, months. Not many sites have lasted 2 decades. Some become dormant and shelved. Some suffer the "Google Plus effect" (host decides it's not viable to carry on hosting, mostly for selfish "business reasons").

Tux Machines remains very active. Every day, almost every hour. Even when we're on holiday (or abroad) we still log in and post the more crucial news. We never wink or lose a heartbeat. Dedication like this becomes almost addictive.

In less than a couple of months the site will turn 15. We're planning to celebrate locally somehow (a little party), knowing that it's a rare event and seeing how the Web becomes just "apps" and "social media" it's hard to guarantee we'll reach 20 (we sure hope so). Over the years we've considered modernising the site (CMS overhaul), but such novelty may entail bloat, speed losses, 'UX' erosion, and a lack of 'traditional' feel, maybe even issues associated with navigation, user familiarity, backward compatibility of URLs (we still use node numbers!) and so on. █

I like "Freedo" (a symbol for freedom) better

THE meaning of words can change over time, along with connotations that accompany these words. A little cat, for example, we can no longer call "pussy" and the word "gay" rarely means happy (colloquially). What about "Slack"?

Once upon a time I knew Slack as a solid, freedom-respecting distribution (GNU/Linux distro), whereas nowadays it is something to be stubbornly avoided as it threatens my freedom. It's technically spyware. It is a threat to everybody's freedom because of the network effect. When we use it we participate in a viral campaign of unwanted societal dependency. We help it spread exponentially. Like disease amongst anti-vaxxers. Richard Stallman had spoken about it in the context of Skype long before Microsoft entered the fray/picture. That's just common sense. The requirement of opening a Slack account to interact with other people is like the equivalent of an employer demanding the applicant has a Facebook account (despite all that is known about Facebook's incredible abuses). It can harm our neighbours, colleagues, family and friends as much as it harms ourselves.

As a little bit of background/context/polite remarks on this, I had been writing about Slack (the spyware, not the distro) for several years -- years before the prospects of actually using it. I never ever used it, but I know about it technically, from various angles (not just the shallow, user-centric end). Slack is proprietary at the front end and the back end. Only Slack employees know for sure what it does (and may do in the foreseeable future, as per secret roadmaps). They cannot speak out about it, for fear of retribution (so they're inherently gagged by fear over mortgage etc. or self-restraint that defies logic/ethics). Stallman has long warned about the morality of such circumstances and the ideology they breed. It was recently discovered that Facebook had targeted its critics (a huge number of them), subjecting them to Stasi-like treatment not for any government but for a private corporation, namely Facebook. It had been 'hunting' people using dubious and shallow justifications/pretexts. Nobody has yet been held accountable. Negative press has been the only cost/toll, so they got away with it with barely even a slap on the wrist. Others may imitate them, seeing that there are no fines, no arrests, no sanctions.

A colleague told me several months ago that someone at our company wanted to experiment with Slack; there was no final decision about it, so I assumed it was like our RT/OTRS 'dance' (choice of ticketing system half a decade ago). Sometimes we explore FOSS options/alternatives, which is a good thing! He sent me an invite, but he wasn't assertive about me joining as it was still an experimental thing (as I understood it back then, based on what I was told; I'll come to that in a moment). I thought we would, if it got adopted, still have options (duality). One colleague (at least) wasn't even sent an invite, so I took that as a sign of the adoption's semi-hearted nature (at the time). My colleagues never mentioned it since, except one person (who apparently liked Slack). Another colleague wondered why nobody had told her about it; as if she was left out, but she's happily using Kopete on KDE, so on she went with Jabber.

I've long been writing about Slack, maybe about 15 years (even when the name referred to a Live GNU/Linux distro, well before the name got 'hijacked'; it's Debian-based, it still has regular releases a few months apart, not the same as Slackware despite the names' similarity; BoycottNovell made a Slack-based distro called SUEME Linux 12 years ago); Tux Machines publishes announcements of Slack releases several times a year, but it's always about the distro. It's a European distro with pedigree; but I digress..

Nowadays "Slack" means something different; in a technical context, people no longer recognise it as the distro's name; Slack is now the darling of corporate media; myself and others could never quite explain why (we were rather baffled as it did not seem particularly innovative and we thus attributed most/all the press coverage to good marketing/PR); the name collision also raised legal questions because Slack is a well-known distro and the name is strictly used in the domain of software; it has been used for decades. Now the distro's development team needs to explain to people what came first and how this confusion came about.

OK, so now Slack is enjoying a valuation at $billions (as per very recent news headlines), with IPO rumours floated as well (making it easier to buy/subvert). Slack is relatively new a player/contender; it goes about 3-4 years back (in the mainstream), around the time we were in Alton Towers. I still remember that based on other events. Privacy activists had been warning about it and recently I kept seeing (also publicly writing about) more red flags. Slack, the company, is getting more invasive over time. It's like Facebook. Facebook for business. LinkedIn got picked by Microsoft, along with all that data (NSA PRISM comes to mind). Personal messages, passwords, social graphs, employment records and so on. Even location (picked every 60 seconds or so from one's phone through the 'app'). Same for Skype, which Microsoft added to PRISM just months after buying it (Microsoft was first in PRISM, based on Snowden's leaks -- it was one among the first stories to come out/emanate). Far less opinionated people than myself have blasted Slack for a variety of reasons. Some tweets of mine about it go ~3 years back (warning for 'opinionatedness'... I don't mince words much).

I still remember having to install Skype on an old phone for one company meeting. Back then the mere installation (for one hour, then deleted) meant sending Microsoft entire address books, entire call history and more. This phone of my wife is 7+ years old, so that's a lot of data, going a long way back. That's their business model. I'm usually apprehensive because some of my sources, e.g. for exclusive articles in Techrights (I published my 25,000^th article last week in Techrights!), are named in files on my system. I'm no Free software 'purist' per se (I use proprietary drivers sometimes), but "Slack would be the surveillance capitalism competitor to Jabber," to quote something I read yesterday. They digest information, including corporate communications. There's a certain risk associated with this, including competitive risk. As a Free software-based company I think it's important to demonstrate that every piece of proprietary framework can be swapped with FOSS. There are quite a few Slack equivalents that are FOSS; a colleague told me that another colleague had brought some of these up. We might examine these soon, maybe test and adopt these. Time will tell. Maybe I'll write about some of these.

I am also reading about bridges between protocols that enable access to Slack, but yesterday when researching it I found that Slack is gradually burning these bridges/gateways. Not entirely surprising, as once they get to a certain point/market share they up/boost the lockin. Naturally. More so if they have obligations to shareholders. Twitter did this last August, shutting out all third-party apps/APIs for the first time ever (in the company's entire existence). Many of us were devastated because we had built interaction tools, custom-made around these APIs). So, basically, whatever a centralised platform gets adopted, we can always lose control as they can change everything they want at any time. Even, at worst, some company can just buy them for the data; they can start charging a lot, they can shut down, change ToS etc.

The bottom line is, Slack ought to be avoided. It's worse than proprietary because it's all centralised, even the data. There's no concept such as "private" or "privacy". These are only illusions. █

"The first IRC server, tolsun.oulu.fi, a Sun-3 server on display near the University of Oulu computer centre." Credit/licence: CC BY 2.5, Urpo Lankinen

TUX MACHINES reached all-time record traffic in the past couple of weeks. This (raw) traffic now stands at about 4 million hits/week, with 3,970,777 hits in the past 6 days and 4,289,540 hits last week (predating these 6 days). It's just a shame that interaction with readers became hard; the forums had a severe spam issue, as did comments and submissions (by new registrants, always, more so at a later stage) -- to the point where it became impractical to allow any new registrations (except adding people manually upon request). The open/incognito registrants would overrun the site within minutes (we tried several times over the years and saw the effect immediately).

So we've decided to try IRC and have added "IRC" to the menu at the top with an applet (JavaScript) to make life easier for those who aren't familiar with IRC clients.

Here's how to join us. This is still experimental. Real-time updates with posts (as they are posted) will in due course be shown in the channel and we can all casually chat in real-time, too. We are also still working on our Android app these days. █

Tux Machines is turning 15 this summer and as we noted over the weekend, many people now access the site using mobile devices, for which the site provides a subpar experience due to legacy. RSS feeds are therefore recommended. There's our RSS feed for news, RSS feed for Tux Machines Blogs and another for Techrights, where I write my original articles.

Most readers, however, do not use RSS feeds. Consider the 700 followers of our Twitter account, the 2,365 followers of our Diaspora account, 1,080 followers of our Mastodon account, and 63 followers of our Pleroma account (so about 4,000 in total). Those are dependent on third parties (we do not self-host these platforms). Even if "apps" are used for access to these social media platforms/sites, the links would lead to Tux Machines Web pages, which don't render particularly well on small screens (phones). So we've made this simple "app" for the site, but we're still testing it. If anyone out there can try it on an Android device and report back to us, we'll appreciate it greatly and use the feedback to improve it. █