As part of the SUSE Developer Engagement, we recently kicked off the activity to automatically produce and validate Vagrant boxes for the openSUSE Tumbleweed distribution. The creation of Vagrant boxes for SUSE Linux Enterprise Server is currently work in progress. We will update you as soon as they are available for consumption. But for now, we are happy to announce that the infrastructure to automatically build, version and validate Vagrant box images is ready to use – and we are already producing Vagrant boxes for libvirt and Virtualbox – for openSUSE Tumbleweed.
Have you heard that Python is not good for writing concurrent asynchronous code? This is generally a misconception. But there is one class of parallel computing that Python is not good at: CPU bound work running the Python layer.
What's the main problem? It's Python's GIL or Global Interpreter Lock of course. Yet, the fix for this restriction may have been hiding inside CPython since version 1.5: subinterpreters.
‘5G’ is a new buzzword floating around every corner of the internet. But what exactly is this hyped-up cellular network, often referred to as the next technological evolution in mobile internet communications? Will it really be 100 times faster than what we have now? What will it make possible that has never been possible before? Who will reap the benefits? And, who will get left behind?
Mike Thelander at Signals Research Group imagines the wild ways 5G might change our lives in the near future. Rhiannon Williams hits the street and takes a new 5G network out for a test drive. Amy France lives in a very rural part of Kansas — she dreams of the day that true, fast internet could come to her farm (but isn’t holding her breath). Larry Irving explains why technology has never been provided equally to everyone, and why he fears 5G will leave too many people out. Shireen Santosham, though, is doing what she can to leverage 5G deployment in order to bridge the digital divide in her city of San Jose.
With the increasing role of software in our world there has been an accompanying focus on teaching people to program. There are numerous approaches that have been attempted to achieve this goal with varying levels of success. Nicholas Tollervey has begun a new effort that blends the approach adopted by musicians and martial artists that uses a series of grades to provide recognition for the achievements of students. In this episode he explains how he has structured the study groups, syllabus, and evaluations to help learners build projects based on their interests and guide their own education while incorporating useful skills that are necessary for a career in software. If you are interested in learning to program, teach others, or act as a mentor then give this a listen and then get in touch with Nicholas to help make this endeavor a success.
I'm announcing the release of the 4.9.189 kernel.
All users of the 4.9 kernel series must upgrade.
The updated 4.9.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
Sway and WLROOTS creator Drew DeVault on top of his several open-source projects has also been working on improving the VR infrastructure support on Wayland as part of contract work for Status.im. The secure communication company is looking to build a Wayland-driven VR workspace but for that the VR headset support on Wayland needs to be improved.
One of the areas DeVault has been focusing on improving/implementing has been around DRM leasing support on Wayland, similar to the DRM leasing work done by Keith Packard a few years back when initially plumbing better VR head-mounted display support on the X.Org side for Valve. Drew recently proposed a new Vulkan extension for acquiring a Wayland display, similar to the existing Xlib display extension.
It was just yesterday that Vulkan 1.1.118 was released with two new extensions while now this Monday morning Vulkan 1.1.119 was released as a third extension was accidentally left out of yesterday's weekly revision.
With last week's dramatic EPYC "Rome" launch where AMD has blown past Intel Xeon "Cascadelake" performance in a majority of server benchmarks, helping the successful launch of these Zen 2 server processors has been Intel's repeated delays of 10nm/Icelake CPUs and also the Spectre / Meltdown / Zombieload / Foreshadow mitigations. Out of curiosity, I've run some unmitigated benchmarks for the various relevant CPU speculative execution vulnerabilities on both the Intel Xeon Platinum 8280 Cascadelake and AMD EPYC 7742 Rome processors for seeing how the performance differs.
As a reminder, both Cascadelake and Rome offer up different hardware architectural improvements for mitigating against their respective mitigations. Cascadelake no longer requires software mitigations for L1TF/Foreshadow, MDS, Meltdown, and some Spectre variants. But for Spectre V1 it still requires the __user pointer santisifcation, Spectre V4 "speculative store bypass" has mitigations for SSB via Seccomp and Prctl, and Spectre V2 has some hardware protections but still needs IBRS IBPB with conditional return stack buffer (RSB) filling.
One month ago we were told that AMD released a BIOS fix to their motherboard partners for addressing the systemd boot issue with Ryzen 3000 series processors that stems from an RdRand instruction issue. Finally over the past week we've seen motherboard vendors pushing out BIOS updates for the prominent motherboards and indeed this takes care of the issue.
With the likes of the ASUS ROG CROSSHAIR VIII HERO WiFi and many other motherboards, since the start of August the updated BIOS releases have begun appearing. In the case of at least ASUS, they are also explicitly mentioning the fix as "Supports Ubuntu 19.04 and other Linux distros."
The LXD team is very excited to announce the release of LXD 3.16!
This release includes a number of new features, configuration options and improvements to the command line tool.
Behind the scenes, a lot of work has gone into reworking the infrastructure used for container devices with the nic, infiniband and proxy devices having switched over to the new logic. This should result in much cleaner code that is easier to debug, better tests and more thorough error handling and configuration validation.
Enjoy!
The lack of data security is something that has recently affected some municipal governments in a negative way. Atlanta in 2018 was attacked with a ransomware and demanded $51,000 before they would unlock it. Baltimore was hit a second time this past May [2019]. I am not a security expert but in my non-expert opinion, just keeping regular backups of your data would have prevented needing to spend a ransom to get your data back. It would also help to run openSUSE Linux or one of the many other Linux options on the desktop to reduce the impact of a user induced damage due to wayward link-clicking.
If you are interested in keeping your personal data ?safe,? offline backups are an absolute requirement. Relying only on Google Drive, Dropbox, Nextcloud or whatever it may be is just not not adequate. Those are a synchronizing solution and can be a part of your data-safekeeping strategy but not the entirety of it.
I have been using Back In Time as my backup strategy, in this time, I have only had to restore a backup once but that was an elected procedure. Back In Time is great because it is a Qt based application so it looks good in KDE Plasma
Duplicati is full-featured, open source backup software, which can run on Linux, MacOS, Windows and Synology. It allows you to back up local files and directories to the cloud (such as Amazon S3, Dropbox, Google Drive, OneDrive, etc) in encrypted form and schedule automated backups. This tutorial is going to show you how to install and use Duplicati on Debian, Ubuntu and Linux Mint.
Plotting tool refers to computer software, which helps to represent a data set in a scientific nature. It is an essential tool for academics, scientists, and engineers as well. Besides this, you can use these applications to prepare presentations. Fortunately, like the other platforms, Linux is also enriched with a lot of plotting tools. Most of the applications we listed in this article are open source. Also, you will get them for free. They offer some advanced features through the paid version.
At the dawn of [microcomputing] time came the Altair 8800. This 65 pound behemoth of a computing system was essentially the very first personal microcomputer. Based on the Intel 8080 CPU, the Altair was designed and sold by MITS (Micro Instrumentation and Telemetry Systems), an electronics company from Albuquerque, New Mexico, in 1974. The original computer was sold as a build-it-yourself kit and piqued the interest of many hobbyists worldwide. Most notably, it caught the attention of a young William Gates and Paul Allen. It was the Altair that allowed both aspiring businessmen to not only build a minimal version of the BASIC programming language for the machine but to also start Microsoft.
The Altair was nothing more than a box. No display. No keyboard. Just a series of switches and LEDs fixed to its front panel. It didn?t do much of anything until hobbyists found things to do with it. They expanded on the original design and added floppy disk systems, teletypes, they wrote software, and more.
While the Underworld Ascendant team didn't manage to hit their previous release estimates for the Linux version, it looks like it's finally there.
As an update to an article we posted recently about Valve seeming to need confirmation of release date changes on Steam, Valve have now confirmed this.
If you're not keeping up and to save you a quick click: Some developers were constantly changing their release date, even if they had no intention of releasing on that new date. It affected pages like the upcoming releases list and made their games always show up near the top.
After launching on itch.io with a hybrid Early Access/Crowdfunding model, the hard sci-fi space sim Rings of Saturn (full name—ÃâV: Rings of Saturn) is now available with Linux support on Steam in Early Access.
After 4 years and 5 months of development, Xfce 4.14 was finally released today. Xfce 4.14 sees all core components ported to Gtk3 and GDBus, most components received GObject Introspection support.
It’s been in development for over 4 years, but this weekend finally saw the long-awaited release of Xfce 4.14.
Xfce 4.14 is the latest stable version of this lightweight desktop environment, and sees all core components ported to GTK3, most gain GObject introspection support, and everything else benefit from refinement and bug fixes.
For instance, the window manager xfwm4 now supports Vsync, works better with HIDPI monitors, and leverages XInput2. It also boasts better integration with proprietary Nvidia drivers, and sports a new default theme.
There’s an improved tasklist plugin available for the Xfce panel utility, now sporting grouped window indicator. This joins a new per-panel “icon-size” setting and a new default clock format.
Officially, on Friday the 2019 Krita Sprint was over. However, most people stayed until Saturday… It’s been a huge sprint! Almost a complete convention, a meeting of developers and artists.
Contributors of Uyuni Project have released a new version of Uyuni 4.0.2, which is an open-source infrastructure management solution tailored for software-defined infrastructure.
Uyuni, a fork of the Spacewalk project, modernizing Spacewalk with SaltStack, provides more operating systems support and better scalability capabilities. Uyuni is now the upstream for SUSE Manager.
With this release, Uyuni provides powerful new features such as monitoring, content lifecycle management and virtual machine management.
As you certainly know, there are more snapshots tested than we release in the end. In the last two weeks, for example, we tested 9 snapshots. Of those, only 4 made it to the mirrors and to you ? the users. During the last two weeks, these were snapshots 0726, 0730, 0805 and 0806.
Only well-funded corporate sponsored Linux distributions (Fedora, Ubuntu, OpenSUSE) have all categories checked. That doesn’t mean that anyone is getting paid. I believe this means that employees are probably the chief contributors and that means there are more people putting in resources to help.
Some distributions are “Pat’s distribution”. Pat’s group owns it and Pat doesn’t want a steering committee or any other say in how the distro works. Though contributions by means of bug reports may be accepted.
A few distributions “outsource” resources to other distributions. Elementary allows Stack Exchange to provide their forum. Parrot Linux refers users to the Debian wiki. Mint suggests that you put in bug reports with the upstream provider unless it is a specific Mint create application.
There are a few Linux distributions that leave me scratching my head. How is this in the top 20 distros on distrowatch? There’s nothing here and the forum, if there is one, is nearly empty. Who uses this?
One of those distributions there is a lot of buzz about and I have mostly ignored for a significant number of years has been Zorin OS. I just shrugged my shoulders and kind of ignored its existence. None of the spoken or written selling points really stuck with me, like a warm springtime rain trickling off of a ducks back, I ignored it.
I think that was a mistake.
Instead of just acting like I know something about it, I made the time to noodle around in this rather nice Linux distribution. My review on Zorin OS is from the perspective of a deeply entrenched, biased openSUSE user. I won?t pretend that this is going to be completely objective, as it absolutely is not. So take that for what it?s worth.
Bottom line up front and to give you a quick escape from the rest of this blathering, I was pleasantly surprised by the Zorin OS experience. It is a highly polished experience molded with the Gnome Desktop Environment. It is such a nicely customized and smooth experience, I had to check twice to verify that it was indeed Gnome I was using. Although I am exceptionally satisfied with using openSUSE Tumbleweed with the Plasma desktop, the finely crafted distribution gave me pause and much to think about. So much so, I had to think about some of my life decisions. This was such an incredibly seamless and pleasant experience and I could easily recommend this for anyone that is curious about Linux but doesn?t have a lot of technical experience. I would put this right up next to Mint as an approachable introduction to the Linux world.
Linux is a fun thing and trying out other distributions can result in a myriad of experiences. Some distributions concentrate on user experience or mostly the technical underpinnings. Some distributions put their own feel while others minimize their modifications. I am a long time openSUSE user and am perfectly content with all that it has to offer, not just as a distribution but as a project in its totality. As a part of the Big Daddy Linux Community, there is an optional weekly challenge to try out a Linux distribution. My process for this is to put it in a VM first and then go to ?bare metal? for further testing if my initial experience is compelling enough and I have the time.
The latest challenge is Bodhi Linux it is built on the Ubuntu 18.04 LTS but targeting machines with fewer resources. The Bodi Linux Project offers forums for help and advice, they have a wiki to help with configurating the system, and offer a live chat through Discord to get help or just get to know members of the community. Unfortunately, I didn?t notice any IRC options. I downloaded the ISO from here. There are few different options from which to choose. I went with the ?AppPack? ISO as it has more applications bundled in it. For more information on choosing the correct ISO for you, see here.
Bottom Line Up Front, Bodhi Linux is well put together and the Moksha Desktop is a crisp, low resource, animated (almost excessively) environment that is worthy of giving it a spin. This distribution is certainly worth the time, especially if you have an older system you want to keep going a little longer. The Moksha Desktop looks good and is more functional than GNOME so that is already a leg up on many distributions.
In this video, we look at Voyager 10 Debian Buster. Enjoy!
Gentoo's AArch64/ARM64 support for 64-bit ARM should now be in good shape.
The Gentoo project announced this morning that all of their ARM64 profiles are now considered stable.
There was an important discussion opened up in the Fedora developer mailing list on 22 July 2019 about x86-64 micro-architecture update.
Fedora currently uses the original K8 micro-architecture (without 3DNow! and other AMD-specific parts) as the baseline for its x86_64 architecture.
This is updated a decade back and last updated on 2003. Due to this, performance of Fedora is not as good as it could be on current CPUs.
So, they are planning to rebuild Fedora packages using modern CPU micro-architecture to something more recent.
The Fedora Project is planning to add this features starting from Fedora 32.
After preliminary discussions with CPU vendors, they came to the conclusion to use AVX2 as the new baseline. AVX2 support was introduced into CPUs from 2013 to 2015.
Along with AVX2, it makes sense to enable certain other CPU features which are not strictly implied by AVX2, such as CMPXCHG16B, FMA, and earlier vector extensions such as SSE 4.2.
Mythic Beasts is a UK-based “no-nonsense” hosting provider who provide managed and un-managed co-location, dedicated servers, VPS and shared hosting. They are also conveniently based in Cambridge where I live, and very nice people to have a coffee or beer with, particularly if you enjoy talking about IPv6 and how many web services you can run on a rack full of Raspberry Pis. The “heart” of Flathub is a physical machine donated by them which originally ran everything in separate VMs – buildbot, frontend, repo master – and they have subsequently increased their donation with several VMs hosted elsewhere within their network. We also benefit from huge amounts of free bandwidth, backup/storage, monitoring, management and their expertise and advice at scaling up the service.
Starting with everything running on one box in 2017 we quickly ran into scaling bottlenecks as traffic started to pick up. With Mythic’s advice and a healthy donation of 100s of GB / month more of bandwidth, we set up two caching frontend servers running in virtual machines in two different London data centres to cache the commonly-accessed objects, shift the load away from the master server, and take advantage of the physical redundancy offered by the Mythic network.
As load increased and we brought a CDN online to bring the content closer to the user, we also moved the Buildbot (and it’s associated Postgres database) to a VM hosted at Mythic in order to offload as much IO bandwidth from the repo server, to keep up sustained HTTP throughput during update operations. This helped significantly but we are in discussions with them about a yet larger box with a mixture of disks and SSDs to handle the concurrent read and write load that we need.
Even after all of these changes, we keep the repo master on one, big, physical machine with directly attached storage because repo update and delta computations are hugely IO intensive operations, and our OSTree repos contain over 9 million inodes which get accessed randomly during this process. We also have a physical HSM (a YubiKey) which stores the GPG repo signing key for Flathub, and it’s really hard to plug a USB key into a cloud instance, and know where it is and that it’s physically secure.
Julia is an open source, high-level, general-purpose, dynamic programming language designed for numerical analysis and computational science, launched in 2012. It solves the “two language” problem: developers can use Julia for both computational and interactive work, instead of needing to work with two different languages which can often slow down development times. Use cases include machine learning and other branches of artificial intelligence. Julia’s Jeff Bezanson was at the 2019 Snapcraft Summit in Montreal and told us about Julia’s involvement with snaps and other package managers.
Packages are an important part of the integrated environment that Julia offers with ease of integration and performance optimisation being key features. An invitation to the Snapcraft Summit was how Jeff discovered snaps which corresponded to a key goal for Julia of using standard distribution channels and multiple Linux distributions. Snaps offered a solution to the problems that arose when using the package managers of different distributions, because of Julia’s numerous dependencies on specific versions of other software. “Snaps seemed like exactly the answer as it lets us use whatever dependencies we need. It’s a perfect distribution mechanism for us,” Jeff states.
Canonical is expanding Ubuntu's support for ZFS, an advanced file system originally developed by Sun Microsystems.
Ubuntu's support is based on the ZFS on Linux project, which itself is based on code ported from OpenSolaris, Sun's open-source operating system. It is licensed under Sun's Common Development and Distribution License (CDDL).
Ubuntu Eoan (19.10, due in October) will ship with ZFS on Linux 0.8.1. Features include data integrity checks, built-in RAID, vast capacity thanks to being 128-bit, built-in encryption, deduplication and copy-on-write cloning, built-in compression, and efficient checkpoints which let you snapshot a storage pool and recover it later. There is also TRIM support for SSDs.
In order to make the basic and advanced concepts of ZFS easily accessible and transparent to users, Ubuntu is developing a new user space daemon, called zsys, which is a ZFS system tool. It will allow multiple ZFS systems to run in parallel on the same machine, and have other advantages like automated snapshots, separating user data from system and persistent data to manage complex zfs dataset layouts.
Ubuntu is designing the system in such a way that people with little knowledge of ZFS will also be able to use it flexibly. Zsys’s cooperation with GRUB and ZFS on Linux initramfs will yield advanced features which will be made official by Ubuntu, later on.
Major update improves loading and saving times for complex documents, improves compatibility with Microsoft Office formats and adds new features
LibreOffice, the open source alternative to Microsoft Office, has improved file loading times and added new features in the major version 6.3 release.
The project, which began in 2010 as a fork of OpenOffice, is developed by The Document Foundation and now aims to release major updates every six months, with the last coming in February. Version 6.2 introduced a tabbed ribbon-like interface option.
Two of the suite’s components, Writer and Calc, now load and save files significantly faster, and a security issue that could have allowed documents to auto-run arbitrary system commands has been fixed.
Developers targeted files known to present performance problems, such as Writer ODT files with large numbers of bookmarks and documents with large tables or embedded fonts, and performance on these has now been improved.
Dear most patient SDR community to ever expect a release,
Witness me!
Tonight, we release GNU Radio 3.8.0.0.
It's the first minor release version since more than six years, not without
pride this community stands to face the brightest future SDR on general purpose
hardware ever had.
Since we've not been documenting changes in the shape of a Changelog for the
whole of the development that happened since GNU Radio 3.7.0, I'm afraid that
these release notes will be more of a GLTL;DR (git log too long; didn't read)
than a detailed account of what has changed.
This week we welcome Raphael Pierzina (@hackebrot) as our PyDev of the Week! Raphael is a core developer of pytest, a popular testing framework for Python.
Your environment is everything, especially when you're coding. Decisions about what text editor or IDE you'll be using are critical to productivity. But what about your environment beyond the screen?
With the right tools and a supportive team, you can code anywhere. Are you the type that needs a souped-up desk with multiple monitors? Your favorite workstation could either be in the comfort of your own home, or you need to commute to an office or co-working space. On the contrary, you are a minimalist nomad, thriving off your laptop and the hope for the battery to outlast your focus.
Even with an optimal stationary set-up, it is nice to have a change of scenery to get the creative juices (or coffee) flowing. Do you have a favorite cafe with the perfect coder-friendly environment? No purchase necessary at the nearest library, train station, or park shelter. When the internet connection is strong enough, do you ever code outdoors?
In this article, we will create a function which will take in a string and then change the word within that string to either all uppercases if most of the words within that string are uppercase or all lowercases if most of those words are either lowercase or the word counts for the uppercase word and lowercase word are equal.
We have seen Intel's compiler gurus contributing new enablement patches for Tiger Lake support with GCC 10 due out next year while now they have also landed their initial Tiger Lake support into the LLVM Clang 10 code compiler also due out in H1'2020.
With the newest LLVM/Clang compiler code as of overnight, -march=tigerlake is now supported for targeting this Icelake successor to be manufactured on a 10nm+ process.
The GNU toolchain crew released today GCC 9.2 as the newest stable release to their compiler stack.
GCC 9.2 offers up just bug/regression fixes over the original GCC9 (GCC 9.1) stable release from back in May. One notable item back-ported though from GCC 10 are the AMD Zen 2 improvements for the "-march=znver2" with the new scheduler model and updated cost table for yielding more performant binaries when targeting for these latest-generation EPYC/Ryzen processors.
The GNU project and the GCC developers are pleased to announce the release of GCC 9.2.
This release is a bug-fix release, containing fixes for regressions in GCC 9.1 relative to previous releases of GCC.
In this post we will learn how to carry out repeated measures Analysis of Variance (ANOVA) in R and Python. To be specific, we will use the R package afex and the Python package pingouin to carry out one-way and two-way ANOVA f or within subject’s design. The structure of the following data analysis tutorial is as follows; a brief introduction to (repeated measures) ANOVA, carrying out within-subjects ANOVA in R using afex and in Python using pingouin. In the end, there will be a comparison of the results and the pros and cons using R or Python for data analysis (i.e., ANOVA).
The design of returning the functions’ first argument is sometimes questioned by users wondering about its purpose–see for example strcpy() return value, or C: Why does strcpy return its argument? The simple answer is that it’s due to a historical accident. The first subset of the functions was introduced in the Seventh Edition of UNIX in 1979 and consisted of strcat, strncat, strcpy, and strncpy. Even though all four functions were used in the implementation of UNIX, some extensively, none of their calls made use of their return value. The functions could have just as easily, and as it turns out, far more usefully, been defined to return a pointer to the last copied character, or just past it.
The optimal complexity of concatenating two or more strings is linear in the number of characters. But, as mentioned above, having the functions return the destination pointer leads to the operation being significantly less than optimally efficient. The functions traverse the source and destination sequences and obtain the pointers to the end of both. The pointers point either at or just past the terminating NUL ('\0') character that the functions (with the exception of strncpy) append to the destination. However, by returning a pointer to the first character rather than the last (or one just past it), the position of the NUL character is lost and must be computed again when it’s needed. This inefficiency can be illustrated on an example concatenating two strings, s1 and s2, into the destination buffer d. The idiomatic (though far from ideal) way to append two strings is by calling the strcpy and strcat functions as follows.
If you’re like most Python users, including me, then you probably started your Python journey by learning about print(). It helped you write your very own hello world one-liner. You can use it to display formatted messages onto the screen and perhaps find some bugs. But if you think that’s all there is to know about Python’s print() function, then you’re missing out on a lot!
Keep reading to take full advantage of this seemingly boring and unappreciated little function. This tutorial will get you up to speed with using Python print() effectively. However, prepare for a deep dive as you go through the sections. You may be surprised how much print() has to offer!
Greta Thunberg, at age 16, has quickly become one of the most visible climate activists in the world. Her detractors increasingly rely on ad hominem attacks to blunt her influence. Thunberg gained prominence after she began skipping some days of school to protest climate inaction outside Swedish parliament. She spearheaded the school walkouts that saw more than a million children across the globe leaving their classrooms to demand action on global warming. She has addressed world and U.N. leaders and has been nominated for the Nobel Peace Prize. Later this month, she'll sail across the Atlantic Ocean in a 60-foot yacht powered by solar panels and underwater turbines on her way to participate in the U.N. climate talks in New York (see related story). But the success of Thunberg — who describes herself on Twitter as a "16 year old climate activist with Asperger" — remains a sore point for those who reject mainstream climate science and some who have helped shape or encourage the Trump's administration rollback of climate policy.
Weird legal theory, but one that could possibly to be stretched to target some of the $7.5 billion Microsoft paid to acquire GitHub. But it takes a lot of novel legal arguments to hold a third party responsible for content posted by a user, even if the content contained a ton of sensitive personal info.
The lawsuit [PDF] alleges GitHub knew about the contents of this posting since the middle of April, but did not remove it until the middle of July after being notified of its contents by another GitHub user. The theory the law firm is pushing is that GitHub was obligated to scan uploads for "sensitive info" and proactively remove third-party content. The lawsuit argues GitHub is more obligated than most because (gasp!) it encourages hacking and hackers.
Security updates have been issued by Debian (fusiondirectory, gosa, kconfig, kernel, pango1.0, and python-django), Fedora (aubio, icedtea-web, java-1.8.0-openjdk, kernel, kernel-headers, kernel-tools, libslirp, openqa, os-autoinst, and upx), Gentoo (JasPer, libvncserver, and redis), Mageia (cyrus-imapd and php), Oracle (kernel), Red Hat (chromium-browser, cockpit-ovirt, Red Hat Virtualization, and rhvm-appliance), SUSE (ImageMagick, libvirt, python, and wireshark), and Ubuntu (poppler).
If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any ".desktop" or ".directory" file for a while.
A cybersecurity researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted .desktop and .directory files to silently run arbitrary code on a user's computer—without even requiring the victim to actually open it.
If you want to use a password manager (as you probably should), there are literally hundreds of them to choose from. And there are lots of reviews, weighing in features, usability and all other relevant factors to help you make an informed decision. Actually, almost all of them, with one factor suspiciously absent: security. How do you know whether you can trust the application with data as sensitive as your passwords?
Unfortunately, it’s really hard to see security or lack thereof. In fact, even tech publications struggle with this. They will talk about two-factor authentication support, even when discussing a local password manager where it is of very limited use. Or worse yet, they will fire up a debugger to check whether they can see any passwords in memory, completely disregarding the fact that somebody with debug rights can also install a simple key logger (meaning: game over for any password manager).
Judging security of a password manager is a very complex task, something that only experts in the field are capable of. The trouble: these experts usually work for competing products and badmouthing competition would make a bad impression. Luckily, this still leaves me. Actually, I’m not quite an expert, I merely know more than most. And I also work on competition, a password manager called PfP: Pain-free Passwords which I develop as a hobby. But today we’ll just ignore this.
So I want to go with you through some basic flaws which you might encounter in a local password manager. That’s a password manager where all data is stored on your computer rather than being uploaded to some server, a rather convenient feature if you want to take a quick look. Some technical understanding is required, but hopefully you will be able to apply the tricks shown here, particularly if you plan to write about a password manager.
Heat extremes on the high seas are on the increase, with ocean heat waves disturbing ecosystems in two hemispheres and two great oceans, US scientists report.
And these same sudden rises in sea temperatures don’t just damage coral reefs, they kill the corals and start the process of reef decay, according to a separate study by Australian researchers.
Andrew Pershing of the Gulf of Maine Research Institute and colleagues report in the Proceedings of the National Academy of Sciences that they examined data from 65 marine ecosystems over the years 1854 to 2018 to work out how frequently ocean temperatures suddenly rose to unexpected levels.
Visitors walk slowly through a room of dimmed lights and glowing tanks that bring the mysteries of the sea into plain view. The Steinhart Aquarium at the California Academy of Sciences in San Francisco is home to 900 different species — everything from brightly colored reef fish to prickly sea urchins, even an albino alligator named Claude.
But some of the most exciting things to see are out of the public’s view.
In a specially constructed darkroom in one of the labs, scientists are coaxing corals to spawn and studying how to increase the chances of survivorship for baby corals. It’s all part of a larger effort to give threatened reefs — and all the species that depend on them — a fighting chance.
It hasn't taken long for Trump's and Paul Ryan's once-heralded Foxconn factory deal in Wisconsin to quickly devolve into farce. The state originally promised Taiwan-based Foxconn a $3 billion subsidy if the company invested $10 billion in a Wisconsin LCD panel plant that created 13,000 jobs. But as the subsidy grew to $4.5 billion the promised factory began to shrink further and further, to the point where nobody at this point is certain that anything meaningful is going to get built at all.
Reports last fall detailed the ever-shrinking nature of the deal, and how Foxconn was using nonsense to justify its failure to follow through, claiming it was building an "AI 8K+5G ecosystem" in the state to somehow make everything better. But the buildings Foxconn have purchased remain largely empty and the lion's share of the company's promises unfulfilled, despite mounting taxpayer cost.
Fast forward to this week, when an analysis of the cost impact of the downsized project basically concluded what most knew all along: the deal was never going to work as structured, and throwing taxpayer funds at Foxconn isn't likely to pay dividends.
For most of the last two years, the conventional wisdom on Brexit has been that a no-deal Brexit was impossible because it was certain to be blocked by a Remain-majority House of Commons. For the last few months, however — roughly since it became clear that Boris Johnson was about to be elected Tory leader and prime minister — the conventional wisdom has changed to the view that a no-deal Brexit is now unstoppable.
In both cases, the conventional wisdom was and is wrong. The best approximation to the truth is that both these outcomes are possible but that there are large obstacles in the way of either: A no-deal Brexit is at risk because a majority of MPs want to block it at all costs; the blocking of a no-deal Brexit is at least as difficult because MPs earlier voted by a huge majority to legislate an automatic no deal if Parliament couldn’t agree on a deal, and now there is no apparent majority for any available deal.
As I’ve argued before, Brexit is now the Rubik’s Cube of British politics.
Naturally, both sides of the debate hanker after some bold move, unforeseen by all, that would settle the issue in their favor. In the last week, each has proposed cutting the Gordian Knot in a different way. How plausible are their solutions?
Consider, first, the idea proposed by Boris Johnson’s chief adviser, the brain-heavy Dominic Cummings: The prime minister, if he lost a no-confidence vote in the House of Commons while pursuing a no-deal outcome, would simply dissolve Parliament and declare a general election on a date after October 31 so that Brexit would occur automatically.
The offices of two lawmakers from Emmanuel Macron’s LaREM party in Toulouse in the southwest of the country have been vandalised by famers inToulouse, just the latest in a number of incidents over the past week. In the case of Monique Iborra, tonnes of manure were dropped outside her offices, while the office of Corinne Vignon was blocked using concrete blocks. Manure was also dumped outside police headquarters.
According to the farmers of the FDSEA farmers union, they had invited the ten deputies of Haute-Garonne region for a debate on the CETA agreement.
However, none of the deputies responded and, according to Christian Mazas, head of the regional branch of the union, they decided to visit the deputies.
The US Supreme Court has struck down a provision in the Lanham Act which bans the registration of "immoral and scandalous matter" because it violates the First Amendment. The opinion was written by Justice Elena Kagan and delivered on June 24. According to the Supreme Court, the USPTO should not have refused designer Erik Brunetti's application to register the trademark 'Fuct' for his clothing line on the basis of immorality. Brunetti avers that the mark is an acronym for "Friends U Can't Trust".
The Federal Court of Appeals for the 2nd Circuit reversed the trial court decision to determine the invalidity of Brazilian patent PI 9708108-6, owned by Sanofi-Aventis (case Cristalia Ltda v. Sanofi-Aventis Deutschland Gmbh). This patent claimed a combination of leflunomide and teriflunomide. The decision was published on August 24, 2018.
In 2015, the Brazilian generic company Cristalia filed an invalidity lawsuit before the Federal Court of Rio de Janeiro against Sanofi. Cristalia argued the lack of inventive activity of the patent and that leflunomide has been available for decades, so its combination would be obvious for a person having ordinary skills in the art.
Sanofi filed a reply seeking the dismissal of the lawsuit. The defendant provided data showing the increase of the therapeutic action of the drug with the combination of the two pharmaceutical compounds in the quantities claimed (leflunomide at the concentration of 2 to 20 mg and teriflunomide in the proportion of 0.3% to 50% of the second in relation to the first).
[...]
The Appellate Court unanimously declared the patent invalid. The reporting Appellate Judge Gustavo Arruda Macedo accepted the conclusions of the expert report. Moreover, in his opinion, Hon. Judge Macedo transcribed an excerpt of the opinion prepared by the Federal Prosecution Office in order to reject the application of the Principle of Legal Certainty:
“Although the judiciary should observe the necessary legal certainty that must guarantee the business activity in the country, it is also certain that the matter concerning the patent of drugs affects the right of the collectivity to the broad access to health treatments and supply of medicines at economically reasonable levels. Such right of exclusivity on the exploitation of the patent, therefore, can only be exercised for a given time and in the face of the fulfillment of various requirements for the granting of exclusivity “.
The case creates a relevant precedent: even if the judge is free to evaluate the evidence, it is not possible to decide entirely against the evidence produced in the records.