Bonum Certa Men Certa

Links 13/8/2019: Mir 1.4 Released, Qt PDF Discussed



  • GNU/Linux

    • Desktop

      • Leaving Windows 7? Here are some non-Windows options.

        Then there’s my own favorite: the Linux desktop. But while I love it, I’m well aware of the Linux desktop’s many problems.

        But recently the Linux community looks to be finally getting its act together. So now might be a good time to kick Linux’s tires.

        Personally, when it comes to the many distros, I favor Linux Mint. It’s good, secure and fast. It also has the advantage, from your perspective, of looking a good deal like Windows 7. That makes switching over to it easier than you might expect.

        But if you need corporate support, you’ll be better off with Red Hat Enterprise Linux Workstation or Canonical’s Ubuntu for desktop. You can, by the by, use Linux desktops with your existing Active Directory domains if that’s what’s stopping you from considering Linux.

        Which is best for you? Only you can answer that question. What I can say, though, is that these days you don’t have to just grit your teeth and shift over to the next version of Windows. Thanks in large part to the move to a SaaS model for nearly all applications, you have real desktop OS choices.

    • Server

      • Taashee Linux Services Joins Bright Computing Partner Program
      • IBM

        • Fedora Developers Discuss Ways To Improve Linux Interactivity In Low-Memory Situations

          While hopefully the upstream Linux kernel code can be improved to benefit all distributions for low-memory Linux desktops, Fedora developers at least are discussing their options for in the near-term improving the experience. With various easy "tests", it's possible to easily illustrate just how poorly the Linux desktop responds when under memory pressure. Besides the desktop interactivity becoming awful under memory pressure, some argue that an unprivileged task shouldn't be able to cause such behavior to the system in the first place.

        • Stephen Gallagher: Flock 2019 Trip Report

          As usual, the conference began with Matthew Miller’s traditional “State of Fedora” address wherein he uses pretty graphs to confound and amaze us. Oh, and reminds us that we’ve come a long way in Fedora and we have much further to go together, still.

          Next was a keynote by Cate Huston of Automattic (now the proud owners of both WordPress and Tumblr, apparently!). She talked to us about the importance of understanding when a team has become dysfunctional and some techniques for getting back on track.

          After lunch, Adam Samalik gave his talk, “Modularity: to modularize or not to modularize?”, describing for the audience some of the cases where Fedora Modularity makes sense… and some cases where other packaging techniques are a better choice. This was one of the more useful sessions for me. Once Adam gave his prepared talk, the two of us took a series of great questions from the audience. I hope that we did a good job of disambiguating some things, but time will tell how that works out. We also got some suggestions for improvements we could make, which were translated into Modularity Team tickets: here and here.

        • IBM Cloud: No shift, Sherlock

          IBM’s cloud strategy has gone through a number of iterations as it attempts to offer a compelling hybrid cloud to shift its customers from traditional IT architectures to modern cloud computing.

          IBM is gambling those customers who have yet to embrace the public cloud fully, remain committed to private and hybrid cloud-based infrastructure, and, if they do use public clouds, they want a cloud-agnostic approach to move workloads. In July, IBM closed the $34bn purchase of Red Hat, an acquisition it hopes will finally enable it to deliver cloud-agnostic products and services.

          To tie in with the completion of the acquisition of Red Hat, IBM commissioned Forrester to look at the benefits to those organisations that are both Red Hat and IBM customers.

        • Red Hat Shares ― Not just open source, *enterprise* open source

          Open source software (OSS), by definition, has source code that’s available for anyone to see, learn from, use, modify, and distribute. It’s also the foundation for a model of collaborative invention that empowers communities of individuals and companies to innovate in a way that proprietary software doesn't allow.

          Enterprise open source software is OSS that’s supported and made more secure―by a company like Red Hat―for enterprise use. It plays a strategic role in many organizations and continues to gain popularity.

        • How open source can help banks combat fraud and money laundering

          Jump ahead a few years to the Fourth EU AML Directive - a regulation which required compliance by June 2017 - demanding enhanced Customer Due Diligence procedures must be adhered to when cash transactions reach an aggregated amount of more than $11,000 U.S. dollars (USD). (The Fifth EU AML Directive is on the way, with a June 2020 deadline.) In New Zealand’s Anti-Money Laundering and Countering Financing of Terrorism Amendment Act of 2017 it is stated that banks and other financial entities must provide authorities with information about clients making cash transactions over $6,500 USD and international monetary wire transfers from New Zealand exceeding $650 USD. In 2018, the updated open banking European Directive on Payment Services (PSD2) that requires fraud monitoring also went into effect. And the Monetary Authority of Singapore is developing regulations regarding the use of cryptocurrencies for terrorist funding and money laundering, too.

        • Automate security in increasingly complex hybrid environments

          As new technologies and infrastructure such as virtualization, cloud, and containers are introduced into enterprise networks to make them more efficient, these hybrid environments are becoming more complex—potentially adding risks and security vulnerabilities.

          According to the Information Security Forum’s Global Security Threat Outlook for 2019, one of the biggest IT trends to watch this year is the increasing sophistication of cybercrime and ransomware. And even as the volume of ransomware attacks is dropping, cybercriminals are finding new, more potent ways to be disruptive. An article in TechRepublic points to cryptojacking malware, which enables someone to hijack another's hardware without permission to mine cryptocurrency, as a growing threat for enterprise networks.

          To more effectively mitigate these risks, organizations could invest in automation as a component of their security plans. That’s because it takes time to investigate and resolve issues, in addition to applying controlled remediations across bare metal, virtualized systems, and cloud environments -- both private and public -- all while documenting changes.

    • Kernel Space

      • Oracle's Kernel Test Framework Might Be Added To The Linux Kernel Tree

        Knut Omang of Oracle is working on integrating the Kernel Test Framework into the Linux kernel source tree/repository.

        The Kernel Test Framework is used for unit testing of the Linux kernel as well as different component testing of the code. Up to this point the Kernel Test Framework has been developed separate of the Linux kernel tree in order to allow for testing against arbitrary versions of the Linux kernel. Now, however, Oracle is wanting to get this kernel testing framework as part of the Linux kernel source tree.

      • Linux Foundation

        • Essential Developer Guide for Building Blockchain Applications Using Hyperledger Sawtooth

          Hyperledger Sawtooth is an enterprise blockchain platform for building distributed ledger applications and networks. The design philosophy targets keeping ledgers distributed and making smart contracts safe, particularly for enterprise use.

          Sawtooth simplifies blockchain application development by separating the core system from the application domain. Application developers can specify the business rules appropriate for their application, using the language of their choice, without needing to know the underlying design of the core system.

          Sawtooth is also highly modular. This modularity enables enterprises and consortia to make policy decisions that they are best equipped to make. Sawtooth’s core design allows applications to choose the transaction rules, permissioning, and consensus algorithms that support their unique business needs.

      • Graphics Stack

        • Mir 1.4 Released With Fix For GTK3, Support For Exclusive Zones

          The Canonical team led by Alan Griffiths for maintaining the Mir display server with Wayland support today rolled out Mir version 1.4.

          Mir 1.4 brings support for the concept of exclusive zones to the MirAL layer, various Wayland layer shell improvements, making the MirClient socket optional, a fix for GTK3 handling, and various other Wayland handling improvements.

        • NVIDIA Continues To Be Involved With Making Vulkan More Appropriate For Machine Learning

          NVIDIA engineers continue to be among those in the Vulkan technical sub-group working to advance machine learning for this API.

          Vulkan machine learning is being worked on for functionality like NVIDIA's DLSS, bots, character animations, and other functionality that can be tailored to machine learning in high frame-rate applications. There's also the benefit of Vulkan being an industry standard unlike CUDA and friends.

        • NVIDIA 435.17 Linux Beta Driver Adds Vulkan + OpenGL PRIME Render Offload

          NVIDIA this morning introduced their 435 Linux driver series currently in beta form with the release of the 435.17 Linux build. With this new driver comes finally the best PRIME/multi-GPU support they have presented to date.

          The NVIDIA 435.17 driver has a new PRIME render offload implementation supported for Vulkan and OpenGL (with GLX). This PRIME offloading is about using one GPU for display but having the actual rendering be done on a secondary GPU, as is common with many of today's high-end notebooks that have Intel integrated graphics paired with a discrete NVIDIA GPU.

        • Vulkan Video Decoding Coming In H1'2020, Ray-Tracing Progressing

          The Khronos Group has posted their material from the SIGGRAPH 2019 graphics conference and includes some interesting updates on Vulkan and their ongoing efforts.

          In addition to making Vulkan better for machine learning, ray-tracing and video decode are two other topics of interest to us.

    • Applications

      • Cast To TV v10 GNOME Extension Adds Support For Casting To Other Linux Devices

        Cast to TV GNOME Shell extension v10 brings Playercast app support, allowing users to cast media files to other Linux devices on the same network remotely, from GNOME Shell.

        Cast to TV is a GNOME Shell extension to cast videos, music and pictures to Chromecast or other devices over a local network. It supports video transcoding on the fly (for videos that can't directly play on the device), customizable subtitles, it can show a music visualizer while casting music, and much more. For controlling the device, the Gnome Shell extensions adds a new button on the top panel with playback controls.

        The latest v10 release of Cast to TV extension doesn't come with any exciting features for Chromecasts, but it brings support for Playercast app.

      • Easy rTorrent + ruTorrent Installation And Configuration Script For Debian Or Ubuntu

        Installing and setting up rTorrent and ruTorrent on an Ubuntu or Debian server can be a complicated, tedious task, specially for inexperienced users. rtinst is a script that makes this easier, by automatically installing and configuring rTorrent, ruTorrent (stable or master), and everything else needed for an Ubuntu or Debian (including on Raspberry Pi) seedbox.

        The script was updated recently with some important improvements, like support for the latest Debian 10 (buster) stable release, and automatic Let's Encrypt certificates generation if possible (in case it fails, it falls back to self-signed certificates).

        rTorrent is a text-based ncurses BitTorrent client based on libTorrent, great for usage on servers, while ruTorrent is a web front-end for rTorrent.

      • Listen to Online Radio on Ubuntu through Cantata

        There are many ways through which you can listen to online radio through Ubuntu. However, if you are looking for a stable application that gives you dedicated access to a large number of radio stations, we recommend using Cantata. It is a free graphical MPD client for Linux, macOS, Windows, and Haiku.

        In this article, we will explain how you can install Cantata to your Ubuntu through the official Ubuntu repositories, and also through the PPA(for latest version). We will also explain how you can set up and use Cantata to listen to online radio stations.

      • Proprietary

    • Instructionals/Technical

    • Games

      • Abbey Games have released the Will Of The People update for Godhood

        After entering Early Access in July, Godhood from Abbey Games has received a bit of a mixed impression from users but they're moving quickly to improve it.

        I can understand where some of the negative reviews have currently come from, while a nice looking game and one I've enjoyed playing, it's currently pretty simple. To be expected from Early Access though, it's going to evolve over time. They've recently adjusted the way they describe it too, originally saying it was a "strategy god game" but they're now saying it's a "roster-management auto-battling god game"—okay then. Hoping to hook in some auto-battler fans I see!

      • Duck in Town - A Rising Knight, a comedy adventure coming to Linux later this year

        Here's another game being created with the FOSS tool Godot Engine: Duck in Town - A Rising Knight, a comedy 3D graphic adventure.

      • The ambitious Anodyne 2: Return to Dust is out with Linux support, some thoughts

        Combining elements from both 3D and 2D games, Anodyne 2: Return to Dust has officially released with Linux support.

        A very ambitious game, using a 3D art style inspired by the PS1, PS2, and N64 era of gaming and 2D sections much like you would have seen on the GBA and SNES. Developed by Analgesic Productions (Even the Ocean, All Our Asias, Anodyne), it's incredibly impressive when you realise this was made by two people.

      • PS3 emulator RPCS3 can now play Demon's Souls at 60FPS thanks to a patch

        RPCS3 for emulating the PlayStation 3 continues advancing quickly! A new blog post is up showing off a patch that enables you to play Demon's Souls at 60FPS and 4K.

      • The Goldberg Steam Emulator has a new release, marking one year

        The Goldberg Steam Emulator is an interesting project and one that could be important if Steam ever goes fully offline.

        It's a replacement for the Steam API file, allowing you to play a Steam game that uses Steam's multiplayer APIs on a LAN without Steam or an internet connection. Sounds like it's a pretty handy project.

    • Desktop Environments/WMs

      • Temperatures continue warming in Riverside County, extreme heat on the way

        The mercury could climb into the triple digits today in the Inland Empire, with even hotter temperatures expected in the next few days.

        A high-pressure system moving in from Texas will bring a rise in temperatures through Wednesday in the Riverside metropolitan area and through Thursday in the Coachella Valley and the San Gorgonio Pass near Banning, according to the National Weather Service.

        The NWS issued an excessive heat warning that will last from 11 a.m. Wednesday to 9 p.m. Thursday for those two desert areas.

      • K Desktop Environment/KDE SC/Qt

        • KDE.org Applications Site

          I’ve updated the kde.org/applications site so KDE now has web pages and lists the applications we produce.

          In the update this week it’s gained Console apps and Addons.

          Some exciting console apps we have include Clazy, kdesrc-build, KDebug Settings (a GUI app but has no menu entry) and KDialog (another GUI app but called from the command line).

        • Instant Workstation

          Some considerable time ago I wrote up instructions on how to set up a FreeBSD machine with the latest KDE Plasma Desktop. Those instructions, while fairly short (set up X, install the KDE meta-port, .. and that’s it) are a bit fiddly.

          So – prompted slightly by a Twitter exchange recently – I’ve started a mini-sub-project to script the installation of a desktop environment and the bits needed to support it. To give it at least a modicum of UI, dialog(1) is used to ask for an environment to install and a display manager.

          The tricky bits – pointed out to me after I started – are hardware support, although a best-effort is better than having nothing, I think.

          In any case, in a VBox host it’s now down to running a single script and picking Plasma and SDDM to get a usable system for me. Other combinations have not been tested, nor has system-hardware-setup. I’ll probably maintain it for a while and if I have time and energy it’ll be tried with nVidia (those work quite well on FreeBSD) and AMD (not so much, in my experience) graphics cards when I shuffle some machines around.

        • Krita 2019 Sprint: Animation and Workflow BoF

          Last week we had a huge Krita Sprint in Deventer. A detailed report is written by Boudewijn here, and I will concentrate on the Animation and Workflow discussion we had on Tuesday, when Boudewijn was away, meeting and managing people arriving. The discussion was centered around Steven and his workflow, but other people joined during the discussion: Noemie, Scott, Raghavendra and Jouni.

          (Eternal) Eraser problem

          Steven brought up a point that current brush options "Eraser Switch Size" and "Eraser switch Opacity" are buggy, so it winded up an old topic again. These options were always considered as a workaround for people who need a distinct eraser tool/brush tip, and they were always difficult to maintain.

    • Distributions

    • Devices/Embedded

      • Compact, TX2-based embedded computer has four PoE ports

        Aaeon’s rugged, low-height “Boxer-8170AI” AI edge computer runs Linux on a Jetson TX2 and supplies 4x USB 3.0 and 4x PoE-enabled LAN ports for powering cameras. You also get 2x HDMI, 2x serial, GbE, and optional SATA and CANBus.

        Aaeon has launched a fanless Boxer-8170AI computer for $1,200. The latest in a line of Boxer-branded, Nvidia Jetson TX2 based compact embedded computers is focused on Power-over-Ethernet for AI edge camera control.

        [...]

        The wallmount-enabled, 2.15 kg system supports -20 to 50€°C temperatures with 0.5 m/s airflow per IEC68-2-14 and resists vibration at 3 Grms/5~500Hz. The system runs Aaeon ACLinux 4.4, which is based on Ubuntu 16.04.

      • Orange Pi Zero2 is a Tiny Allwinner H6 SBC with HDMI 2.0, USB 3.0, Ethernet & WiFi

        Slightly larger than its predecessor, Orange Pi Zero2 is also more powerful with an Allwinner H6 quad core Cortex-A53 processor, USB 3.0 port, HDMI 2.0.

      • Linux-driven i.MX6 gateway offers 4G plus isolated serial and CANBus

        Forlinx announced a compact “FCU1201” IoT gateway that runs Linux on an i.MX6 DualLite and offers 4G, WiFi/BT, LAN, CAN, HDMI, USB, serial, DIDO, and CANBus.

        Chinese embedded vendor Forlinx has unveiled a power-efficient FCU1201 IoT gateway equipped with NXP’s 1GHz, dual-core Cortex-A9 i.MX6 DualLite. Like the company’s i.MX6 UL-equipped FCU1101, the system combines extensive serial interfaces with wireless connectivity.

    • Free, Libre, and Open Source Software

      • HarmonyOS - Huawei's New Open Source Mobile OS

        HarmonyOS is a lightweight, compact operating system with powerful functionality, and it will first be used for smart devices like smart watches, smart screens, in-vehicle systems, and smart speakers. Through this implementation Huawei aims to establish an integrated and shared ecosystem across devices, create a secure and reliable runtime environment, and deliver a holistic intelligent experience across every interaction with every device.

        Huawei also announced the evolution roadmap for HarmonyOS and its kernel. HarmonyOS 1.0 will be first adopted in its smart screen products, which are due to launch later this year. Over the next three years, HarmonyOS will be optimized and gradually adopted across a broader range of smart devices.

        Moving forward, Huawei will lay the foundations for HarmonyOS in the Chinese market, and then expand it further to the global ecosystem.

      • Huawei Could Rid Itself Of Spying Accusations If It Open-Sourced Its Software

        Huawei is seen as a threat to American national security because of the software loopholes in its telecom equipment, but TechRepublic's James Sanders says that Huawei could rid itself of spying accusations if it would open-source its telecom software.

        Open-sourcing its telecom software would allow third parties to see it, examine vulnerabilities, and investigate the software apart from Huawei. To open up the software would allow other companies to gain trust in Huawei and roll back the concerns of Chinese espionage that everyone has on their minds nowadays following the spying accusations.

      • Huawei's Open Source Operating System HarmonyOS Is The Answer To Google's Android

        According to the reports, Yu said that the platform supports various sizes of RAM ranging from kilobytes to gigabytes and this operating system will have no support for any root access. The platform also supports a number of applications where applications from other operating systems like Linux, Android, etc will be compatible. HarmonyOS will use ARK compiler for app development and it will also support several other languages such as Java, Kotlin, JavaScript, C, and C++.

        HarmonyOS 1.0 will be launched this year within the smart screen products. Then the next three pears are planned to optimise this operating system and make it adopt across a wider number of smart devices and other wearables, etc.

      • Huawei to help build China’s first open-source software foundation

        The foundation plan came after GitHub, the world's largest host of source code, in July prevented users in Iran and other sanctioned nations from accessing portions of its service. The incident highlights increasing geopolitical interference with global open-source tech communities, which are supposed to be fair and open to all, analysts said.

      • Huawei to help create nation's first open-source foundation
      • Huawei to help create nation's first open-source foundation

        Huawei Technologies Co said it plans to partner with other companies to set up China's first open-source software foundation, which is expected to begin to operate in a month or two to expand the nation's software community.

        The plan for the software foundation came after GitHub, the world's largest host of source code, prevented in July users in Iran and other nations sanctioned by the United States government from accessing portions of its service. The incident highlights increasing geopolitical interference with global open-source tech communities, which are supposed to be fair and open to all, analysts said.

        Wang Chenglu, president of the software department at Huawei's consumer business group, said software development relies on open-source codes and communities.

      • Productivity Software/LibreOffice/Calligra

        • A look at LibreOffice’s new 6.3.0 “fresh” release

          The open source office suite LibreOffice released its version 6.3.0 last week. This was a major release that added many new features, as well as interoperability enhancements (read: better import and export of Microsoft Office documents) and performance increases. LibreOffice 6.3.0 is a "fresh" (not long-term support) release that may be downloaded directly—or, if you're a Linux user, you might choose to install it from the Snap Store instead. Ubuntu (and probably most Linux users) will get a separate installation of LibreOffice 6.3.0 regardless of whether users install natively from download or install from snaps; Windows users who download the new version will have their existing LibreOffice version (if any) completely replaced upon installation.

          The release notes for 6.3.0 boast of several performance improvements related to loading and saving documents in Writer and Calc. We were able to confirm these performance improvements—but only when installing LibreOffice natively. When we tested LibreOffice 6.3.0 installed from the Snap Store, performance was fine when actually inside the app and working on a document. But application launch times were significantly slower.

      • Education

        • SUSE Academic Program News: Working With Students Around The Globe

          The end of summer for many marks the start of a new semester or calendar school year. At SUSE, we have been working harder than ever to engage with more academic partners and customers, bringing the latest in Linux and Open Source training and education. To only name a few, here are some highlights of recent success within the academic community;

      • Openness/Sharing/Collaboration

        • Open Data

          • University Research Teams Open-Source Natural Adversarial Image DataSet for Computer-Vision AI

            In a paper published in July, researchers from UC Berkeley, the University of Washington, and the University of Chicago described their process for creating the dataset of 7,500 images, which were deliberately chosen to "fool" a pre-trained image recognition system. While there has been previous research on adversarial attacks on such systems, most of the work studies how to modify images in a way that causes the model to output the wrong answer. By contrast, the team used real-world, or "natural" images collected un-modified from the internet. The team used their images as a test-set on a pre-trained DenseNet-121 model, which has a top-1 error rate of 25% when tested on the popular ImageNet dataset. This same model, when tested with ImageNet-A, has a top-1 error rate of 98%. The team also used their dataset to measure the effectiveness of "defensive" training measures developed by the research community; they found that "these techniques hardly help."

      • Programming/Development

        • Qt PDF as a new TP module for Qt 5.14

          I suggest to promote Qt PDF to a Qt module. For Qt 5.14, it will be in Tech Preview state, and Shawn Rutledge is volunteering to be the maintainer. Although still staying an independent library from the user's perspective, it will be hosted and built in the qtwebengine.git repository. Initially only the desktop platforms (Windows, Linux, macOS) would be supported.

          Qt PDF is so far a Qt labs module [1]. It allows Qt applications to render/view PDF's in QWidget based applications [2], and is built on top of PDFium. However, development has been stagnant, also because it is built on top of a rather old version of PDFium.

          Why wasn't PDFium updated? PDFium got merged into Chromium a while ago, and is nowadays built as part of Chromium, using their build system (gn). Updating qtpdf.git to ship with latest PDFium would require quite some work, and keeping it up to date would require continuous work, too - work that nobody was willing to invest into so far.

          But it turns out that, since Qt 5.11, we have PDFium already in our sources, and we're actually also building it! It's part of the Qt WebEngine libs that use it for PDF rendering in HTML. So technically, you can already render PDF's by loading them into a Qt WebEngine page. Anyhow, not everybody wants to ship a web browser for 'just' rendering PDF's [3] ...

          So the idea is that we leverage on the existing build infrastructure for PDFium in qtwebengine.git, and host and build the Qt PDF libraries there. This also means that PDFium will be updated as part of the regular Chromium updates in qtwebengine.git. qtwebengine.git would furthermore get configure flags so that you can build just the Qt PDF libs. And, to reiterate: The Qt PDF libraries will _not_ depend on Qt WebEngine libs at runtime.

          What do you think? Are there any objections for going forward with this for Qt 5.14?

        • Qt PDF Being Discussed For Qt 5.14

          Being evaluated for Qt 5.14 is shipping Qt PDF that allows PDF documents to be rendered/viewed inside QWidget-based applications.

          Qt PDF would be introduced as a technical preview module for Qt 5.14. This Qt component is currently built off the PDFium library. PDFium as part of the Chromium sources for Qt WebEngine is already within the Qt tree and their goal would be to re-use that existing code for the PDF library support.

        • Top 9 Django Concepts - Part 1: 4 Mins

          When I first dive into Django after deciding to specialise as a Django developer.

          The number of concepts that are required for anyone to learn to understand Django can be overwhelming.

          Since Django development approach forces, you to develop in a single and opinioned way of web development with a vast ecosystem of packages to support your needs.

          This could discourage potential Django developers, who prefer flexibility, a lesser amount of learning and unopinionated approach to develop a web application using Python.

          These are the people who want to get things done by picking their own adventure using a smaller amount of packages instead of Django's batteries-included approach.

          In the first part of the series, I will be covering only 3 concepts and their related technical terms to help you get up to speed in using Django.

        • Stack Abuse: Using Django Signals to Simplify and Decouple Code

          Systems are getting more complex as time goes by and this warrants the need to decouple systems more. A decoupled system is easier to build, extend, and maintain in the long run since not only does decoupling reduce the complexity of the system, each part of the system can be managed individually. Fault tolerance has also enhanced since, in a decoupled system, a failing component does not drag down the entire system with it.

          Django is a powerful open-source web framework that can be used to build large and complex systems, as well as small ones. It follows the model-template-view architectural pattern and it is true to its goal of helping developers achieve the delivery of complex data-driven web-based applications.

          Django enables us to decouple system functionality by building separate apps within a project. For instance, we can have a shopping system and have separate apps that handle accounts, emailing of receipts, and notifications, among other things.

          In such a system, several apps may be need to perform an action when certain events take place. One event can occur when a customer places an order. For exmaple, we will need to notify the user via email and also send the order to the supplier or vendor, at the same time we can be able to receive and process payments. All these events happen at the same time and since our application is decoupled, we need to keep every component in sync, but how do we achieve this?

        • Traditional Face Detection With Python

          Computer vision is an exciting and growing field. There are tons of interesting problems to solve! One of them is face detection: the ability of a computer to recognize that a photograph contains a human face, and tell you where it is located. In this course, you’ll learn about face detection with Python.

          To detect any object in an image, it is necessary to understand how images are represented inside a computer, and how that object differs visually from any other object.

        • What’s in a Name? Clarifying the Anaconda Metapackage

          The name “Anaconda” is overloaded in many ways. There’s our company, Anaconda, Inc., the Anaconda Distribution, the anaconda metapackage, Anaconda Enterprise, and several other, sometimes completely unrelated projects (like Red Hat’s Anaconda). Here we hope to clarify two of those – the difference between the Anaconda Distribution and the anaconda metapackage.

          The Anaconda Distribution is the installer that many people download to get a good start on a Python data science coding environment. It includes Python, pandas, scikit-learn, multiple data visualization options, and many other helpful libraries. This installer may come in the form of a GUI .pkg installer (for MacOS), a command-line .sh installer (for MacOS and Linux) and a GUI .exe installer (for Windows). When you see “Anaconda Distribution,” we’re referring to these installers.

        • Getting Started with Machine Learning in the Enterprise

          Machine learning (ML) is a subset of artificial intelligence (AI) in which data scientists use algorithms and statistical models to predict outcomes and/or perform specific tasks. ML models can automatically “learn from” data sets to improve their performance.

          ML is uniquely applicable to enterprise business use cases across a wide number of industries — for example, credit scoring and fraud detection in financial organizations, and tumor detection and DNA sequencing in healthcare. Given the wide applicability, it’s no surprise that many in the enterprise have already embraced machine learning. According to Deloitte Insight’s 2018 survey of US-based early adopters, 63% were already using ML in their enterprise organizations.

        • Organizing PythonPune Meetups

          One thing I like most about meetups is, you get to meet new people. Talking with people, sharing what they are doing helps a lot to gain more knowledge. It is also a good platform to make connections with people having similar area of interests. I have been attending PythonPune meetup since last 2 years. In this blog post, I will be sharing some history about this group and how I got involved in organizing meetups. I will also cover all things involved in organizing a monthly meetup of PythonPune.

  • Leftovers

    • Haben Girma: Guide dogs don’t lead blind people. We wander as one.

      My guide dog crossed the street, then jerked to a halt. “Mylo, forward.” My left hand held the leather harness that wrapped around his shoulders. “Forward,” I repeated. The harness shifted, and I knew he was peering back at me. Some barrier, unseen and unheard by me, blocked our passage.

      Cars created little earthquakes in the street on our left. Behind us ran the road we just crossed. I made the decision: “Mylo, right.” He turned and headed down the sidewalk. I directed him around the block to bypass whatever had stood in our way.

      My dog never knows where I’m going. He has his theories, of course. You went to this cafe yesterday, so clearly you’re going there again, right? Or he’ll veer toward an open door. Seriously, Haben, we need to step in here for a sniff.

    • Security (Confidentiality/Integrity/Availability)

      • Josh Bressers: Appsec isn’t people

        The best way to think about this is to ask a different but related question. Why don’t we have training for developers to write code with fewer bugs? Even the suggestion of this would be ridiculed by every single person in the software world. I can only imagine the university course “CS 107: Error free development”. Everyone would fail the course. It would probably be a blast to teach, you could spend the whole semester yelling at the students for being stupid and not just writing code with fewer bugs. You don’t even have to grade anything, just fail them all because you know the projects have bugs.

        Humans are never going to write bug free code, this isn’t a controversial subject. Pretending we can somehow teach people to write bug free code would be a monumental waste of time and energy so we don’t even try.

        Now it’s time for a logic puzzle. We know that we can’t train humans to write bug free code. All security vulnerabilities are bugs. So we know we can’t train humans to write vulnerability free code. Well, we don’t really know it, we think we can if you look at history. The last twenty years has had an unhealthy obsession with getting humans to change their behaviors to be “more secure”. The only things that have come out of these efforts are 1) nobody likes security people anymore 2) we had to create our own conferences and parties because we don’t get invited to theirs 3) they probably never liked us in the first place.

      • Security updates for Tuesday

        Security updates have been issued by Arch Linux (chromium, postgresql, and postgresql-libs), Debian (atril, chromium, evince, ghostscript, jackson-databind, kernel, and php5), Fedora (kf5-kconfig, mingw-sqlite, pam-u2f, and poppler), Mageia (kernel), openSUSE (aubio, chromium, kconfig, kdelibs4, nodejs10, osc, and zstd), Red Hat (ghostscript), and Ubuntu (ghostscript and MariaDB).

      • When your mail hub password is updated...
        don't
         forget
          to
           run
            postmap
             on
              your
               /etc/postfix/sasl_passwd
        
        

    • Transparency/Investigative Reporting

      • Assange Must Not Also Die in Jail

        There is no official explanation as to why Julian’s health has continued to deteriorate so alarmingly in Belmarsh. Nobody genuinely believes him to be a violent danger, so there is absolutely no call for him to be imprisoned in the facility which houses the hardcore terrorist cases.

        Assange is fighting major legal cases in the UK, Sweden and the United States, yet is permitted visitors for only two hours per fortnight, inclusive of time spent with his three sets of lawyers. All of his visitors have been alarmed by his state of physical health and many have been alarmed by his apparent disorientation and confusion.

        It is because of Assange’s draconian one year sentence for “bail-jumping” on claiming political asylum that he can be kept in such harsh conditions and with so little access to his lawyers. That is why his sentence was so unprecedentedly stiff for missing police bail. Otherwise, as a remand prisoner awaiting extradition hearing his conditions would ordinarily be less harsh and his access to lawyers much better. The Establishment has conspired to reduce his ability to defend himself in court. I am not convinced it is not conspiring to destroy him.

    • Environment

      • Humans cause Antarctic ice melt, study finds

        A team of British and American scientists has found what it says is unequivocal evidence that humans are responsible for significant Antarctic ice melt.

        They say their study provides the first evidence of a direct link between global warming from human activities and the melting of the West Antarctic Ice Sheet (WAIS).

        The discovery is fundamentally important to international efforts to limit climate change, as a small number of scientists still argue that global warming results from natural rather than human causes. That argument should from now on be harder to sustain.

      • Energy

        • Russia says radiation levels rose by 4-16 times in city after accident: TASS

          Radiation levels in the Russian city of Severodvinsk rose by up to 16 times on Aug. 8 after an accident that authorities said involved a rocket test on a sea platform, Russia’s state weather agency said on Tuesday, the TASS news agency reported.

          The defense ministry initially said background radiation had remained normal after the incident on Thursday, but city authorities in Severodvinsk in northern Russia said there had been a brief spike in radiation levels.

    • Censorship/Free Speech

      • UK Moves To Give Regulators Power To Fine Internet Companies 5% Of Revenue If They Can't Wave A Magic Wand And Make Bad Content Disappear

        While in theory the UK is supposed to be leaving the EU soon, it's still technically a part of it, and now appears to be implementing the AVMSD (Audiovisual Media Services Directive) which was agreed to last year. One section of the agreement talks about "protection of minors" and like pretty much all "think of the children" type regulations, it's full of moral panics and impossible demands. While the Directive looks like it was designed for professionally broadcast content, apparently the UK has determined that it should apply to all online video, and the UK Parliament "quietly approved" a plan to give its media regulatory body, Ofcom, the power to fine social media companies up to 5% of their revenue if they can't magically make stuff that "might seriously impair" minors disappear from the internet.

    • Privacy/Surveillance

      • Interoperability and Privacy: Squaring the Circle

        Last summer, we published a comprehensive look at the ways that Facebook could and should open up its data so that users could control their experience on the service, and to make it easier for competing services to thrive.

        In the time since, Facebook has continued to be rocked by scandals: privacy breaches, livestreamed terrorist attacks, harassment, and more. At the same time, competition regulators, scholars and technologists have stepped up calls for Facebook to create and/or adopt interoperability standards to open up its messenger products (and others) to competitors.

        To make matters more complex, there is an increasing appetite in both the USA and Europe, to hold Facebook and other online services directly accountable for the actions of its users: both in terms of what those users make available (copyright infringement, political extremism, incitements to violence, etc) and in how they treat each other (harassment, stalking, etc).

        [...]

        Standards-washing: the lesson of Bush v Gore



        But not all interoperability is created equal. Companies have historically shown themselves to be more than capable of subverting mandates to adhere to standards and allow for interconnection.

        A good historic example of this is the drive to standardize voting machines in the wake of the Supreme Court's decision in Bush v Gore. Ambiguous results from voting machines resulted in an election whose outcome had to be determined by the Supreme Court, which led to Congress passing the Help America Vote Act, which mandated standards for voting machines.

        The process did include a top-tier standards development organization to oversee its work: the Institute of Electrical and Electronics Engineers (IEEE), which set about creating a standard for their products. But rather than creating a "performance standard" describing how a voting machine should process ballots, the industry sneakily tried to get the IEEE to create a "design standard" that largely described the machines they'd already sold to local election officials: in other words, rather than using standards to describe how a good voting machine should work, the industry pushed a standard that described how their existing, flawed machines did work with some small changes in configurations. Had they succeeded, the could have simply slapped a "complies with IEEE standard" label on everything they were already selling and declared themselves to have fixed the problem...without doing the serious changes needed to fix their systems, including requiring a voter-verified paper ballot.

        Big Tech is even more concentrated than the voting machine industry is, and it's far more concentrated than the voting machine industry was in 2003 (most industries are more concentrated today than they were in 2003). Legislatures, courts or regulators that seek to define "interoperability" should be aware of the real risk of the definition being hijacked by the dominant players (who are already very skilled at subverting standardization processes). Any interoperability standard developed without recognizing Facebook's current power and interest is at risk of standardizing the parts of Facebook's business that it does not view as competitive risks, while leaving the company's core business (and its bad business practices) untouched.

        Even if we do manage to impose interoperability on Facebook in ways that allow for meaningful competition, in the absence of robust anti-monopoly rules, the ecosystem that grows up around that new standard is likely to view everything that's not a standard interoperable component as a competitive advantage, something that no competitor should be allowed to make incursions upon, on pain of a lawsuit for violating terms of service or infringing a patent or reverse-engineering a copyright lock or even more nebulous claims like "tortious interference with contract."

        [...]

        But it turns out that you don't need the phone company's cooperation to design a device that works with its system. Careful reverse-engineering and diligent product updates meant that even devices that the phone companies hated--devices that eroded their most profitable markets--had long and profitable runs in the market, with devoted customers.

        Those customers are key to the success of adversarial interoperators. Remember that the audience for a legitimate adversarial interoperability product are the customers of the existing service that it connects to. Anything that the Bell system did to block third-party phone devices ultimately punished the customers who bought those devices, creating ill will.

        And when a critical mass of an incumbent giant's customer base depends on--and enjoys--a competitor's product, even the most jealous and uncooperative giants are often convinced to change tactics and support the businesses they've been trying to destroy. In a competitive market (which adversarial interoperability can help to bring into existence), even very large companies can't afford to enrage their customers.
    • Civil Rights/Policing

      • Daily Dose of Protest: I Dream Guillotine and Mercedes Marxist – IDLES

        One of the best protest albums of 2018 was Joy As An Act Of Resistance by the UK punk band IDLES.

        The album’s socially conscious tunes tackled the regressive attitudes and xenophobia that contributed to Brexit and the culture of “Make America Great Again.” Multiple tunes also addressed toxic masculinity.

        IDLES recently released a seven-inch single featuring two unreleased songs from the album’s session, “Mercedes Marxist” and the B-side “I Dream Guillotine.” Even though the band may have felt that they didn’t fit the mood of their last album, both tracks are hard-hitting, insightful and well worth a listen.

        The band made a video for “Mercedes Marxist.” The visuals support the song’s lyrical message, which relates to the frustration of being a cog in the life-sucking machine of capitalism.

    • Internet Policy/Net Neutrality

      • Courts Again Shoot Down FCC For Ignoring The Law, Making Up Stuff

        As the FCC has rushed to kiss up to telecom giants like AT&T and Verizon, it has enjoyed a fairly casual relationship with both the truth and the law. The agency's repeal of net neutrality, for example, was hinged largely on the idea that the modest rules devastated sector investment, something that data repeatedly disproved. Other Pai FCC policies have equally leaned on flimsy and manufactured data plucked directly from the mouths of sector lobbyists. And while this casual relationship to the truth may play well to Pai's allies, just making things up doesn't work quite as well when it comes time to defend these policies in the courts.

        Case in point: earlier this year the FCC tried to take away a modest $25 per month broadband stipend for tribal residents (you know, for freedom or whatever), while also banning smaller companies from receiving broadband subsidies (giants like AT&T and Verizon surely appreciated that). But while Pai's office claimed screwing tribal residents would somehow massively spur broadband deployment, the courts shot that ruling down for being "arbitrary and capricious," noting that Pai's FCC failed completely to follow the law or to justify its policy with actual facts.

        Fast forward to last week, and the FCC found itself again slapped down for playing fast and loose with factual reality. This time, the courts shot down a sizeable chunk of a recent proposal that gutted most state and local authority over the placement of cellular towers (and so-called "small cells," which are smaller antenna usually affixed to city street lights to extend wireless coverage). While the FCC claimed that doing so would speed up broadband deployment, a coalition of local leaders stated the plan was little more than a giveaway to giants like AT&T and Verizon, who don't like having to deal with pesky things like environmental reviews for cell tower placement.

    • Monopolies

      • Patents and Software Patents

        • Eli Lilly & Co. v. Hospira, Inc. (Fed. Cir. 2019)

          In its decision in a consolidated appeal, Eli Lilly & Co. v. Hospira, Inc. and Eli Lilly & Co. v. Dr. Reddy's Laboratories, Ltd., the Federal Circuit had the occasion to apply the Supreme Court's distinction regarding the limits of prosecution history estoppel on the doctrine of equivalents, regarding the effects on the estoppel of amendments made that are only tangentially related to patentability.

          [...]

          The panel completes its analysis by rejecting Dr. Reddy's Laboratories' argument that the "disclosure-dedication" rule, Johnson & Johnston Assocs. Inc. v. R.E. Serv. Co., 285 F.3d 1046, 1054 (Fed. Cir. 2002) (en banc), prevented Lilly from asserting its claims under the doctrine of equivalents. The Federal Circuit agreed with Lilly that this doctrine does not apply where, as here, the patent does not disclose the specific embodiment at issue (here, pemetrexed ditromethamine) and thus could not have dedicated it to the public. Despite reference to earlier disclosure comprising about 50 antifolate compounds (none of them pemetrexed) and disclosure related to pharmaceutically acceptable salts thereof (but not ditromethamine), in the absence of express disclosure of pemetrexed ditromethamine "we see no reason why a skilled artisan would set out on DRL's winding path to cobble together pemetrexed ditromethamine" and thus held that the dedication-disclaimer rule did not preclude Lilly from asserting infringement under the doctrine of equivalents.

          And on the merits, the Federal Circuit found no clear error in the District Court's determination that the methods for treating pemetrexed ditromethamine claimed by defendants was equivalent to Lilly's claimed methods for administering pemetrexed disodium. Thus, the Federal Circuit affirmed the District Court's grant in each case of summary judgment of infringement under the doctrine of equivalents.



Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day