You are here

Site në gjuhë të huaj

Sebastian Kügler: Multisceen in Plasma: Improved tools and debugging

Planet UBUNTU - Mër, 24/08/2016 - 3:16md


Plasma 5.8 will be our first long-term supported release in the Plasma 5 series. We want to make this a release as polished and stable as possible. One area we weren’t quite happy with was our multi-screen user experience. While it works quite well for most of our users, there were a number of problems which made our multi-screen support sub-par.
Let’s take a step back to define what we’re talking about.

Multi-screen support means that connecting more than one screen to your computer. The following use cases give good examples of the scope:

  • Static workstation A desktop computer with more than one display connected, the desktop typically spans both screens to give more screen real estate.
  • Docking station A laptop computer that is hooked up to a docking station with additional displays connected. This is a more interesting case, since different configurations may be picked depending on whether the laptop’s lid is closed or not, and how the user switches between displays.
  • Projector The computer is connected to a projector or TV.

The idea is that the user plugs in or starts up with that configuration, if the user has already configured this hardware combination, this setup is restored. Otherwise, a reasonable guess is done to put the user to a good starting point to fine-tune the setup.


This is the job of KScreen. At a technical level, kscreen consists of three parts:

  • system settings module This can be reached through system settings
  • kscreen daemon Run in a background process, this component saves, restores and creates initial screen configurations.
  • libkscreen This is the library providing the screen setup reading and writing API. It has backends for X11, Wayland, and others that allow to talk to the exact same programming interface, independent of the display server in use.

At an architectural level, this is a sound design: the roles are clearly separated, the low-level bits are suitably abstracted to allow re-use of code, the API presents what matters to the user, implementation details are hidden. Most importantly, aside from a few bugs, it works as expected, and in principle, there’s no reason why it shouldn’t.

So much for the theory. In reality, we’re dealing with a huge amount of complexity. There are hardware events such as suspending, waking up with different configurations, the laptop’s lid may be closed or opened (and when that’s done, we don’t even get an event that it closed, displays come and go, depending on their connection, the same piece of hardware might support completely different resolutions, hardware comes with broken EDID information, display connectors come and go, so do display controllers (crtcs); and on top of all that: the only way we get to know what actually works in reality for the user is the “throw stuff against the wall and observe what sticks” tactic.

This is the fabric of nightmares. Since I prefer to not sleep, but hack at night, I seemed to be the right person to send into this battle. (Coincidentally, I was also “crowned” kscreen maintainer a few months ago, but let’s stick to drama here.)

So, anyway, as I already mentioned in an earlier blog entry, we had some problems restoring configurations. In certain situations, displays weren’t enabled or positioned unreliably, or kscreen failed to restore configurations altogether, making it “forget” settings.

Better tools

Debugging these issues is not entirely trivial. We need to figure out at which level they happen (for example in our xrandr implementation, in other parts of the library, or in the daemon. We also need to figure out what happens exactly, and when it does. A complex architecture like this brings a number of synchronization problems with it, and these are hard to debug when you have to figure out what exactly goes on across log files. In Plasma 5.8, kscreen will log its activity into one consolidated, categorized and time-stamped log. This rather simple change has already been a huge help in getting to know what’s really going on, and it has helped us identify a number of problems.

A tool which I’ve been working on is kscreen-doctor. On the one hand, I needed a debugging helper tool that can give system information useful for debugging. Perhaps more importantly I know I’d be missing a command-line tool to futz around with screen configurations from the command-line or from scripts as Wayland arrives. kscreen-doctor allows to change the screen configuration at runtime, like this:

Disable the hdmi output, enable the laptop panel and set it to a specific mode
$ kscreen-doctor output.HDMI-2.disable output.eDP-1.mode.1 output.eDP-1.enable

Position the hdmi monitor on the right of the laptop panel
$ kscreen-doctor output.HDMI-2.position.0,1280 output.eDP-1.position.0,0

Please note that kscreen-doctor is quite experimental. It’s a tool that allows to shoot yourself in the foot, so user discretion is advised. If you break things, you get to keep the pieces. I’d like to develop this into a more stable tool in kscreen, but for now: don’t complain if it doesn’t work or eat your hamster.

Another neat testing tool is Wayland. The video wall configuration you see in the screenshot is unfortunately not real hardware I have around here. What I’ve done instead is run a Wayland server with these “virtual displays” connected, which in turn allowed me to reproduce a configuration issue. I’ll spare you the details of what exactly went wrong, but this kind of tricks allows us to reproduce problems with much more hardware than I ever want or need in my office. It doesn’t stop there, I’ve added this hardware configuration to our unit-testing suite, so we can make sure that this case is covered and working in the future.

Facebook Is Testing Autoplaying Video With Sound

Slashdot.org - Mër, 24/08/2016 - 3:00md
An anonymous reader writes: Facebook is testing a "feature" that autoplays video clips on your feed with sound. It's not a very big test, but there's a possibility the company could roll it out to a larger group of users. The Next Web reports: "The company is currently trying two methods of getting people to watch video with sound in Australia: the aforementioned autoplaying, and an unmute button on the lower right corner of videos, like Vine videos on a desktop. The latter certainly sounds more reasonable; the last thing you want is to be checking Facebook quickly during a meeting or class, and suddenly have your phone blaring out an advert because you happened to stop on a video. Thankfully, you can disable the 'feature' from your settings, but the point is there's nothing wrong with the current opt-in approach, especially considering how many companies are embracing video captioning, and that Facebook even has its own auto-caption tool for advertisers." "We're running a small test in News Feed where people can choose whether they want to watch videos with sound on from the start," a Facebook spokesperson told Mashable Australia. "For people in this test who do not want sound to play, they can switch it off in Settings or directly on the video itself. This is one of several tests we're running as we work to improve the video experience for people on Facebook."

Read more of this story at Slashdot.

Microsoft Buys AI-Powered Scheduling App Genee

Slashdot.org - Mër, 24/08/2016 - 12:00md
An anonymous reader quotes a report from The Stack: Microsoft has announced that it has completed its acquisition of artificial intelligence-based scheduling app Genee for an undisclosed amount. The app, which was launched in beta last year, uses natural language processing tools and decision-making algorithms to allow users to schedule appointments without having to consult a calendar. Prior to the acquisition, Genee supported scheduling across Facebook, Twitter, Skype, email, and via SMS. From September 1, Genee will close its own service and will officially join Microsoft, supposedly the Office 365 team. Microsoft believes the addition will help it "further [its] ambition to bring intelligence into every digital experience."

Read more of this story at Slashdot.

7 Database Security Best Practices

LinuxSecurity.com - Mër, 24/08/2016 - 11:34pd
LinuxSecurity.com: Databases - by definition - contain data, and data such as credit card information is valuable to criminals. That means databases are an attractive target to hackers, and it's why database security is vitally important.

Wildfire ransomware code cracked: Victims can now unlock encrypted files for free

LinuxSecurity.com - Mër, 24/08/2016 - 11:31pd
LinuxSecurity.com: Victims of the Wildfire ransomware can get their encrypted files back without paying hackers for the privilege, after the No More Ransom initiative released a free decryption tool.

New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption

LinuxSecurity.com - Mër, 24/08/2016 - 10:38pd
LinuxSecurity.com: RC4 apparently is no longer the lone pariah among smaller cryptographic ciphers. Already broken and set for deprecation by the major browser and technology makers, RC4 could shortly have company in Triple-DES (3DES) and Blowfish.

David Tomaschik: Posting JSON with an HTML Form

Planet UBUNTU - Mër, 24/08/2016 - 9:00pd

A coworker and I were looking at an application today that, like so many other modern web applications, offers a RESTful API with JSON being used for serialization of requests/responses. She noted that the application didn’t include any sort of CSRF token and didn’t seem to use any of the headers (X-Requested-With, Referer, Origin, etc.) as a “poor man’s CSRF token”, but since it was posting JSON, was it really vulnerable to CSRF? Yes, yes, definitely yes!

The idea that the use of a particular encoding is a security boundary is, at worst, a completely wrong notion of security, and at best, a stopgap until W3C, browser vendors, or a clever attacker gets hold of your API. Let’s examine JSON encoding as a protection against CSRF and demonstrate a mini-PoC.

The Application

We have a basic application written in Go. Authentication checking is elided for post size, but this is not just an unauthenticated endpoint.

package main import ( "encoding/json" "fmt" "net/http" ) type Secrets struct { Secret int } var storage Secrets func handler(w http.ResponseWriter, r *http.Request) { if r.Method == "POST" { json.NewDecoder(r.Body).Decode(&storage) } fmt.Fprintf(w, "The secret is %d", storage.Secret) } func main() { http.HandleFunc("/", handler) http.ListenAndServe(":8080", nil) }

As you can see, it basically serves a secret number that can be updated via HTTP POST of a JSON object. If we attempt a URL-encoded or multipart POST, the JSON decoding fails miserably and the secret remains unchanged. We must POST JSON in order to get the secret value changed.

Exploring Options

So let’s explore our options here. The site can locally use AJAX via the XMLHTTPRequest API, but due to the Same-Origin Policy, an attacker’s site cannot use this. For most CSRF, the way to get around this is plain HTML forms, since form submission is not subject to the Same-Origin Policy. The W3C had a draft specification for JSON forms, but that has been abandoned since late 2015, and isn’t supported in any browsers. There are probably some techniques that can make use of Flash or other browser plugins (aren’t there always?) but it can even be done with basic forms, it just takes a little work.

JSON in Forms

Normally, if we try to POST JSON as, say, a form value, it ends up being URL encoded, not to mention including the field name.

<form method='POST'> <input name='json' value='{"foo": "bar"}'> <input type='submit'> </form>

Results in a POST body of:

json=%7B%22foo%22%3A+%22bar%22%7D

Good luck decoding that as JSON!

Doing it as the form field name doesn’t get any better.

%7B%22foo%22%3A+%22bar%22%7D=value

It turns out you can set the enctype of your form to text/plain and avoid the URL encoding on the form data. At this point, you’ll get something like:

json={"foo": "bar"}

Unfortunately, we still have to contend with the form field name and the separator (=). This is a simple matter of splitting our payload across both the field name and value, and sticking the equals sign in an unused field. (Or you can use it as part of your payload if you need one.)

Putting it All Together <body onload='document.forms[0].submit()'> <form method='POST' enctype='text/plain'> <input name='{"secret": 1337, "trash": "' value='"}'> </form> </body>

This results in a request body of:

{"secret": 1337, "trash": "="}

This parses just fine and updates our secret!

NASA Reconnects With 'Lost' STEREO-B Satellite

Slashdot.org - Mër, 24/08/2016 - 9:00pd
NASA lost contact with its STEREO-B spacecraft twenty-two months ago during a routine 72-hour test. On Sunday, the spacecraft reconnected with NASA roughly 189 million miles away from Earth. While that would seem like a cause for celebration, "the very hard and scary work is just the beginning, says Stereo project scientist Joe Gurman, as the agency has to turn on the computer to learn more about the current state of the spacecraft -- a process that may make the craft lose contact with them again. Slashdot user bongey writes: NASA may have only two minutes or less to fix a STEREO-B satellite before the computer causes it to lose contact again. NASA lost contact with their STEREO-B satellite nearly twenty-two months ago when performing a routine test. NASA scientists are afraid to turn on the computer at this point because it may cause them to lose contact again. A more detailed technical summary can be found here. "We have something like two minutes between when STEREO-B receives the command to boot up one of its computers and when it starts doing what we don't want it to do," Gurman said. Business Insider writes, "Making matters worse, it takes about 20 seconds to send commands to the spacecraft -- a data rate that makes a dial-up modem seem lightning fast."

Read more of this story at Slashdot.

Zlatan Todorić: Take that boredom

Planet Debian - Mër, 24/08/2016 - 7:45pd

While I was bored on Defcon, I took the smallest VPS in DO offering (512MB RAM, 20GB disk), configured nginx on it, bought domain zlatan.tech and cp'ed my blog data to blog.zlatan.tech. I thought it will just be out of boredom and tear it apart in a day or two but it is still there.

Not only that, the droplet came with Debian 8.5 but I just added unstable and experimental to it and upgraded. Just to experiment and see what time will I need to break it. To make it even more adventurous (and also force me to not take it too much serious, at least at this point) I did something on what Lars would scream - I did not enable backups!

While having fun with it I added letsencrypt certificate to it (wow, that was quite easy).

Then I installed and configured Tor. Ende up adding an .onion domain for it! It is: pvgbzphm622hv4bo.onion

My main blog is still going to be zgrimshell.github.io (for now at least) where I push my Nikola (static site generator written in python) generated content as git commits. To my other two domains (on my server) I just rsync the content now. Simple and efficient.

I must admit I like my blog layout. It is simple, easy to read, efficient and fast, I don't bother with comments and writing a blog in markdown (inside terminal as all good behaving hacker citizen) while compiling it with Nikola is breeze (and yes, I did choose Nikola because of Nikola Tesla and python). Also I must admit that nginx is pretty nice webserver, no need to explain the beauty of git but I can't recommend enough of rsync.

If anyone is interested in doing the same I am happy to talk about it but these tools are really simple (as I enjoy simple things and by simple I mean small tools, no complicated configs and easy execution).

20% of Scientific Papers On Genes Contain Conversion Errors Caused By Excel, Says Report

Slashdot.org - Mër, 24/08/2016 - 5:30pd
An anonymous reader writes from a report via WinBeta: A new report from scientists Mark Ziemann, Yotam Eren, and Assam El-Osta says that 20% of scientific papers on genes contain gene name conversion errors caused by Excel. In the scientific article, titled "Gene name errors are widespread in the scientific literature," article's abstract section, the scientists explain: "The spreadsheet software Microsoft Excel, when used with default settings, is known to convert gene names to dates and floating-point numbers. A programmatic scan of leading genomics journals reveals that approximately one-fifth of papers with supplementary Excel gene lists contain erroneous gene name conversions." It's easy to see why Excel might have problems with certain gene names when you see the "gene symbols" that the scientists use as examples: "For example, gene symbols such as SEPT2 (Septin 2) and MARCH1 [Membrane-Associated Ring Finger (C3HC4) 1, E3 Ubiquitin Protein Ligase] are converted by default to '2-Sep' and '1-Mar', respectively. Furthermore, RIKEN identifiers were described to be automatically converted to floating point numbers (i.e. from accession '2310009E13' to '2.31E+13'). Since that report, we have uncovered further instances where gene symbols were converted to dates in supplementary data of recently published papers (e.g. 'SEPT2' converted to '2006/09/02'). This suggests that gene name errors continue to be a problem in supplementary files accompanying articles. Inadvertent gene symbol conversion is problematic because these supplementary files are an important resource in the genomics community that are frequently reused. Our aim here is to raise awareness of the problem." You can view the scientific paper in its entirety here.

Read more of this story at Slashdot.

Microsoft Details Its 24-Core 'Holographic Processor' Used In HoloLens

Slashdot.org - Mër, 24/08/2016 - 3:45pd
The processor powering Microsoft's HoloLens augmented reality headset has been a mystery -- until now. During the annual Hot Chips conference in Cupertino, California, Microsoft revealed some juicy details about the secretive chip. PCWorld reports: "The HoloLens' HPU is a custom 28nm coprocessor designed by TSMC, The Register reports. The chip packs 24 Tensilica digital signal processor (DSP) cores. As opposed to more general-purpose CPU cores, DSPs are a specialized technology designed for rapidly processing data flowing in from the world -- a no doubt invaluable asset while rendering augmented reality environments in real time. Microsoft's HPU also contains roughly 65 million logic gates, 8MB of SDRAM, and 1GB of traditional DDR3 RAM. It draws less than 10W of power, and features PCIe and standard serial interfaces. The HPU's dedicated hardware is up to 200 times faster than performing the same calculations via software on the less-specialized 14nm Intel Cherry Trail CPU. Microsoft added custom instructions to the DSP cores that allow the HPU to churn through HoloLens-specific tasks even faster, The Register reports. The HPU can perform roughly 1 trillion calculations per second, and the data it passes to the CPU requires little additional processing."

Read more of this story at Slashdot.

Pinterest Acquires Instapaper

Slashdot.org - Mër, 24/08/2016 - 3:15pd
An anonymous reader quotes a report from The Verge: Instapaper, a pioneering app for saving articles to read later, has been acquired -- again. The app, which was created by developer Marco Arment and sold to Betaworks in 2013, has found a new home at Pinterest. The goal is "to accelerate discovering and saving articles on Pinterest," the company said in a statement. It will continue to operate as a standalone app, and the Instapaper team will work on both that app and on Pinterest generally. Terms of the deal were not disclosed. As a visual search engine, Pinterest isn't often thought of as a place to bookmark written content. But in 2013 the company introduced article pins, a format that creates rich bookmarks complete with a photo and a preview of the text. The acquisition of Instapaper suggests the company believes there is more to be done there -- although it's not certain how valuable that will be for Pinterest. Instapaper can be used for free or in a $30-a-year premium version; the company has never said how many subscribers it has.

Read more of this story at Slashdot.

Sony Tries To Remove News Articles About PlayStation 4 Slim Leak From The Internet

Slashdot.org - Mër, 24/08/2016 - 2:45pd
Sony is expected to announce two new PlayStation 4 consoles at a scheduled event on September 7th in New York City, but as that date nears more leaks of the consoles have emerged. The most recent leak appears to show the upcoming PlayStation 4 Slim, which Sony is trying to remove from the internet by taking down news articles from social media accounts about the leak. Erik Kain via @erikkain on Twitter tweeted (Tweet no longer exists): "Sony issued a takedown and had this post removed from my Facebook page: https://t.co/fIjP0buTdY (Warning: may be paywalled)." Techdirt reports: "[The Forbes post] references the work Eurogamer did in visiting the leaker of the image to confirm the console is for real (it is), as well as generating its own image and even video of the console working for its story on the leak. But if you go today to the Eurogamer post about the leak, the video has been replaced by the following update. UPDATE, 7.30pm: Upon taking legal advice, we have removed the video previously referenced in this article. Left unsaid is whether or not any contact had been made by Sony with Eurogamer, thus prompting this 'legal advice,' but one can imagine that being the case, particularly given Sony's threats to social media users sharing images and reporting of Sony leaks and, more to the point, threats against any media that might report on those leaks."

Read more of this story at Slashdot.

US Trade Judge Clears Fitbit of Stealing Jawbone's Trade Secrets

Slashdot.org - Mër, 24/08/2016 - 2:05pd
An anonymous reader quotes a report from Reuters: Fitbit did not steal rival Jawbone's trade secrets, a U.S. International Trade Commission judge ruled on Tuesday, dashing Jawbone's hopes of securing an import ban against Fitbit's wearable fitness tracking devices. The judge, Dee Lord, said that there had been no violation of the Tariff Act, which gives the commission the power to block products that infringe U.S. intellectual property, because "no party has been shown to have misappropriated any trade secret." The ruling means Jawbone comes away with nothing from a complaint it filed with the trade agency in July 2015, accusing Fitbit of infringing six patents and poaching employees who took with them confidential data about Jawbone's business, such as plans, supply chains and technical details. Jawbone first sued Fitbit last year over trade secret violations in California state court, where the case is still pending. The companies, both based in San Francisco, are also litigating over patents in federal court.

Read more of this story at Slashdot.

Google Search Removes 'Mobile-Friendly' Label, Will Tackle Interstitials Next

Slashdot.org - Mër, 24/08/2016 - 1:20pd
An anonymous reader quotes a report from VentureBeat: Google today announced two updates to mobile search results: an aesthetic one rolling out now and an algorithmic one coming next year. The former consists of removing the "mobile-friendly" label in search results and the latter will punish mobile sites that use interstitials. The goal is to "make finding content easier for users," though as always, the company didn't share exactly how much of an impact users and webmasters can expect. The report adds: "If your site is in the 15 percent group, here's a quick recap. A webpage is considered 'mobile friendly' if it meets the following criteria, as detected in real time by Googlebot: Avoids software that is not common on mobile devices, like Flash; Uses text that is readable without zooming; Sizes content to the screen so users don't have to scroll horizontally or zoom; Places links far enough apart so that the correct one can be easily tapped. The company now wants to tackle 'intrusive interstitials' as they 'provide a poorer experience to users than other pages where content is immediately accessible.' After January 10, 2017, pages where content is not easily accessible when coming from mobile search results 'may not rank as highly.' Interstitials that Google doesn't like include showing a popup that covers the main content (immediately or delayed), displaying a standalone interstitial that the user has to dismiss before accessing the main content, and using a layout where the above-the-fold portion is similar to a standalone interstitial but the original content is inlined underneath. Interstitials that Google deems OK include legal obligations (cookie usage or for age verification), login dialogs on sites where content is not publicly indexable, and banners that use a reasonable amount of screen space and are easily dismissible."

Read more of this story at Slashdot.

FBI Authorized Informants To Break The Law 22,800 Times In 4 Years

Slashdot.org - Mër, 24/08/2016 - 12:40pd
blottsie quotes a report from the Daily Dot: Over a four-year period, the FBI authorized informants to break the law more than 22,800 times, according to newly reviewed documents. Official records obtained by the Daily Dot under the Freedom of Information Act show the Federal Bureau of Investigation gave informants permission at least 5,649 times in 2013 to engage in activity that would otherwise be considered a crime. In 2014, authorization was given 5,577 times, the records show. USA Today previously revealed confidential informants engaged in "otherwise illegal activity," as the bureau calls it, 5,658 times in 2011. The figure was at 5,939 the year before, according to documents acquired by the Huffington Post. In total, records obtained by reporters confirm the FBI authorized at least 22,823 crimes between 2011 and 2014. Unfortunately, many of those crimes can have serious and unintended consequences. One of the examples mentioned in the Daily Dot's report was of an FBI informant who "was responsible for facilitating the 2011 breach of Stratfor in one of the most high-profile cyberattacks of the last decade. While a handful of informants ultimately brought down the principal hacker responsible, the sting also caused Stratfor, an American intelligence firm, millions of dollars in damages and left and estimated 700,000 credit card holders vulnerable to fraud."

Read more of this story at Slashdot.

Ashley Madison Security Protocols Violated Canada, Austrialia Privacy Laws

Slashdot.org - Mër, 24/08/2016 - 12:00pd
The Office of the Privacy Commissioner of Canada said Tuesday that the Canada-based online dating and social networking service Ashely Madison used inadequate privacy and security technology while marketing itself as a discreet and secure way for consenting adults to have affairs. CBC.ca reports: "In a report Tuesday, the privacy watchdog says the Toronto-based company violated numerous privacy laws in Canada and abroad in the era before a massive data breach exposed confidential information from their clients to hackers. The hack stole correspondence, identifying details and even credit card information from millions of the site's users. The resulting scandal cost the company about a quarter of its annual revenues from irate customers who demanded refunds and cancelled their accounts. Working with a similar agency in Australia, the privacy group says the company knew that its security protocols were lacking but didn't do enough to guard against being hacked. The company even adorned its website with the logo of a 'trusted security award' -- a claim the company admits it fabricated." The report found that "poor habits such as inadequate authentication processes and sub-par key and password management practices were rampant at the company" and that "much of the company's efforts to monitor its own security were 'focused on detecting system performance issues and unusual employee requests for decryption of sensitive user data.'" What's more is that Ashley Madison continued to store personal information of its users even after some of which had deleted or deactivated their account(s). These people then had their information included in databases published online after the hack.

Read more of this story at Slashdot.

WikiLeaks Published Rape Victims' Names, Credit Cards, Medical Data

Slashdot.org - Mar, 23/08/2016 - 11:20md
Joe Mullin, writing for ArsTechnica: Even as WikiLeaks founder Julian Assange sits trapped in the Ecuadorean embassy, the WikiLeaks website continues to publish the secrets of various governments worldwide. But that's not all it's publishing. A report today by the Associated Press highlights citizens who had "sensitive family, financial or identity records" published by the site. "They published everything: my phone, address, name, details," said one Saudi man whose paternity dispute was revealed in documents published by the site. "If the family of my wife saw this... Publishing personal stuff like that could destroy people." One document dump, from Saudi diplomatic cables, held at least 124 medical files. The files named sick children, refugees, and patients with psychiatric conditions. In one case, the cables included the name of a Saudi who was arrested for being gay. In Saudi Arabia, homosexuality is punishable by death. In two other cases, WikiLeaks published the names of teenage rape victims. "This has nothing to do with politics or corruption," said Dr. Nayef al-Fayez, who had a patient with brain cancer whose personal details were published.

Read more of this story at Slashdot.

Aaron Honeycutt: Razer Hardware on Linux

Planet UBUNTU - Mar, 23/08/2016 - 10:40md

One of the things that stopped me from moving to Ubuntu Linux full time on my desktop was the lack of support for my Razer Blackwidow Chroma. For those who do not know about it: pretty link . It is a very pretty keyboard with every key programmable to be a different color or effect. I found a super cool program on github to make it work on Ubuntu/Linux Mint, Debian and a few others maybe since the source is available here: source link

Here is what the application looks like:

It even has a tray applet to change the colors, and effects quickly.

Tesla Unveils New Model S, Its Quickest Production Car

Slashdot.org - Mar, 23/08/2016 - 10:40md
Electric car maker Tesla said Tuesday that it is launching a 100-kilowatt-hour (kWh) battery for its Model S and Model X cars. A report on Bloomberg says: Tesla is adding versions of its Model S sedan and Model X sport utility vehicle with a more powerful battery pack that the company said makes the Model S the world's quickest production car and gives it range of 315 miles on a single charge. Chief Executive Officer Elon Musk is trying to appeal to sports car enthusiasts with the new Model S P100D with a 100 kilowatt-hour battery, which with Ludicrous mode can go from a standstill to 60 miles per hour in 2.5 seconds, compared with 2.8 seconds for the P90D Ludicrous version. The P100D Ludicrous upgrade costs $10,000 for customers who have ordered a P90D Ludicrous but haven't taken delivery, or $20,000 for owners who already have that vehicle type.

Read more of this story at Slashdot.

Faqet

Subscribe to AlbLinux agreguesi - Site në gjuhë të huaj