GNU/Linux

• Desktop

  • The new System76 Firmware Update Utility is a much-needed tool

    This should come as no surprise, as System76 already had a firmware updater (available in the Pop Shop) for its Thelio and Oryx Pro systems. However, that software was a completely different beast (originally written in Python, whereas the new software was written in Rust). Had you been running a distribution other than Pop!_OS, your only option for updating firmware was the command line tool fwupd. In a world where more and more users are adopting Linux, that’s not smart business. Why? As more new (non-admin) users adopt Linux, the command line will be used less and less. Without a GUI to upgrade a system’s firmware, that would equate to a large number of out-of-date firmware. It doesn’t take a PhD to handle that math.

    Now, however, System76 has integrated that Firmware updater in to the GNOME System Settings tool, although the tool can be integrated into any distribution that uses a non-GNOME desktop. This shift should clearly delineate the updating of firmware from standard system updates. That is not to say standard system updates aren’t crucial—they are. Without regular updates, your system wouldn’t receive security patches, software improvements, and new features. However, without firmware patches, your systems could be vulnerable to seriously damaging and hijacking firmware malware, which is why this move should be seen as so critical for Linux.

  • Repurpose Your Old Laptop [with GNU/Linux]

    Switching to a less intensive OS such as Linux or Chrome OS is likely to be less taxing on your hardware, therefore yielding better performance for you. Chrome OS might not be the best option however, as it’s based around cloud storage, which isn’t cheap.

    Linux, on the other hand, offers the best of both worlds. Windows users can easily get used to Linux, and the wide variety of distributions or distros (different releases of Linux OS) make using this OS quite a treat.

    Anyone looking to make the switch to Linux can easily accomplish the task using only a bootable pendrive and a laptop. Just make sure the laptop’s wifi adapter is compatible with your choice of Linux distro.

    Additionally, there are some things to note when shifting to Linux. You will lose out on some applications, such as Photoshop, Premiere Pro, etc. but since you’re going to be installing it on an old system, it’s unlikely you’d be using any of these softwares anyway.

    YouTube is going to be essential in your journey to Open Source greatness, and Chris Titus Tech’s ‘First time Linux installation’ series and Switched To Linux’s ‘Distro Reviews’ will provide you with a lot of info when getting started.

• Server

  • AWS celebrates Labor Day weekend by roasting customer data in US-East-1 BBQ

    A power outage fried hardware within one of Amazon Web Services’ data centers during America’s Labor Day weekend, causing some customer data to be lost.

    When the power went out, and backup generators subsequently failed, some virtual server instances evaporated – and some cloud-hosted volumes were destroyed and had to be restored from backups, where possible, we’re told.

    A Register reader today tipped us off that on Saturday morning, Amazon’s cloud biz started suffering a breakdown within its US-East-1 region.

    Our tipster told us they had more than 1TB of data in Amazon’s cloud-hosted Elastic Block Store (EBS), which disappeared during the outage: they were told “the underlying hardware related to your EBS volume has failed, and the data associated with the volume is unrecoverable.”

    [...]

    Unlucky customers who had data on the zapped storage systems were told by AWS staff that, despite attempts to revive the missing bits and bytes, some of the ones and zeroes were permanently scrambled: “A small number of volumes were hosted on hardware which was adversely affected by the loss of power. However, due to the damage from the power event, the EBS servers underlying these volumes have not recovered.

• Audiocasts/Shows

  • The Linux Link Tech Show Episode 824

  • FLOSS Weekly 545: PyPI Security

    The Python Package Index (PyPI) is a repository of software for the Python programming language. PyPI helps you find and install software developed and shared by the Python community.

  • Swap that Space | BSD Now 314

    Unix virtual memory when you have no swap space, Dsynth details on Dragonfly, Instant Workstation on FreeBSD, new servers new tech, Experimenting with streaming setups on NetBSD, NetBSD’s progress towards Steam support thanks to GSoC, and more.

  • mintCast 316.5 – Dive Into Leo

  • Episode #228: Hunting bugs and tech startups with Python

    What’s it’s like building a startup with Python and going through a tech accelerator? You’re about to find out. On this episode, you’ll meet Elissa Shevinsky from Faster Than Light. They are building a static code analysis as a service business for Python and other code bases. We touch on a bunch of fun topics including static code analysis, entrepreneurship, and tech accelerators.

• Kernel Space

  • Intel SGX Linux Support Bits Revved For A Twenty-Second Time

    The Software Guard Extensions (SGX) support for the Linux kernel around the memory enclaves continues to be worked on by the open-source Intel team and is now up to their twenty-second revision but it’s not clear that this code is ready yet for the upcoming Linux 5.4 cycle.

    Intel has worked an excruciatingly long time on these Linux patches with the v21 patches having come out in mid-July. Now at the start of September is v22 for these patches that provide support for hardware-protected/encrypted memory regions with SGX enclaves.

  • Inline encryption for filesystems

    The encryption of data at rest is increasingly mandatory in a wide range of settings from mobile devices to data centers. Linux has supported encryption at both the filesystem and block-storage layers for some time, but that support comes with a cost: either the CPU must encrypt and decrypt vast amounts of data moving to and from persistent storage or it must orchestrate offloading that work to a separate device. It was thus only a matter of time before ways were found to offload that overhead to the storage hardware itself. Satya Tangirala’s inline encryption patch set is intended to enable the kernel to take advantage of this hardware in a general manner.

    The Linux storage stack consists of numerous layers, so it is unsurprising that an inline encryption implementation will require changes at a number of those layers. Hardware-offloaded encryption will clearly require support from the device driver to work, but the knowledge of which encryption keys to use typically comes from the filesystem running at the top of the stack. Communicating that information from the top to the bottom requires a certain amount of plumbing.

  • Restricting path name lookup with openat2()

    Looking up a file given a path name seems like a straightforward task, but it turns out to be one of the more complex things the kernel does. Things get more complicated if one is trying to write robust (user-space) code that can do the right thing with paths that are controlled by a potentially hostile user. Attempts to make the open() and openat() system calls safer date back at least to an attempt to add O_BENEATH in 2014, but numerous problems remain. Aleksa Sarai, who has been working in this area for a while, has now concluded that a new version of openat(), naturally called openat2(), is required to truly solve this problem.
    The immediate purpose behind openat2() is to allow a program to safely open a path that is possibly under the control of an attacker; in practice, that means placing restrictions on how the lookup process will be carried out. Past attempts have centered around adding new flags to openat(), but there are a couple of problems with that approach: openat() doesn’t check for unknown flags, and the number of available bits for new flags is not large. The failure to check for unknown flags is a well-known antipattern. A program using a path-restricting flag needs to know whether the requested behavior is understood by the kernel or not; the alternative is to accept security vulnerabilities on kernels that do not implement those flags.

  • Linux Foundation

    • Ask the TAB

      The Linux Foundation (LF) Technical Advisory Board (TAB) is meant to give the kernel community some representation within the foundation. In a “birds of a feather” (BoF) session at the 2019 Open Source Summit North America, four TAB members participated in an “Ask the TAB” session. Laura Abbott organized the BoF and Tim Bird, Greg Kroah-Hartman, and Steven Rostedt joined in as well. In the session, the history behind the TAB, its role, and some of its activities over the years were described.

      Abbott started things off by noting that she is one of the newest members of the TAB, so she asked Kroah-Hartman, who is the longest-serving member, to give some of the history. At the time the Open Source Development Labs (OSDL) merged with the Free Standards Group in 2007 (which he characterized as “when we overthrew OSDL”) to form the LF, the kernel community was quite unhappy with how OSDL had been run. The kernel developers made a list of six or eight demands and the LF met five of them. One of those was to form an advisory board to help the organization with various technical problems it might encounter.

• Applications

  • 5 of the Best Linux Writing Tools

    Writing is not an easy task, and therefore any assistance provided by a useful app can be very much appreciated, and even totally relied upon. The apps included here needed to satisfy only three criteria to make it to this list: they had to be compatible for Linux, they had to be a writing tool but not a word processing app, and they had to be great.

  • What is TLDR and Explained How to Use it

    Linux command line users must be familiar with “man” command. It stands for manual pages, which means that every Linux command or utility comes with the set of instructions or possible usage of the command. Man pages are of great help while working on the command line, but often, the documentation available via man pages is too lengthy or too confusing to learn. It also does not provide any real life examples too. All it include is the details of what that particular command does, and what are its available switches ( also called options ).

    TLDR (Too Long Didn’t Read) is a community driven efforts to improve default Linux man pages, it provides an easy to under documentation for every command or utility and it also demonstrates the usage of the command with pretty simple examples. In this article, we will be learning the process to install TLDR and how to use it to work better on Linux terminals.

• Instructionals/Technical

  • Working with the Red Hat Insights API

  • Chgrp Command in Linux (Change Group)

  • How to add a node to OpenNMS

  • VirtScreen on openSUSE | Turn a Tablet into a Second Monitor

• Games

  • The Steam Library overhaul is finally coming in Beta this month

    Valve have officially announced that the Beta for the overhaul of the Steam Library is coming on September 17th. Valve did a demo to some press outlets recently in a closed-doors session and now they’ve formally announced it.

    This is something Valve have been working on for a long time and it is absolutely needed. The current Library feature of Steam is incredibly simplistic and when you’ve built up a bigger amount of games it’s so a bit useless really.

  • Steam Linux Usage Reportedly Ticks Up To 0.8% For August

    Due to the US Labor Day holiday, Valve was slow in updating their monthly figures for their controversial Steam Survey of hardware/software data by polled users. At least for their initial batch of August numbers they are reporting a small increase in the Linux gaming population.

    By now most Linux gamers either trust or hate the Steam Survey with some arguing its inaccurate or biased or simply broken methodology for polling enough users. But most cross-platform game developers do report it to be fairly accurate with their Linux sales generally aligning to the Steam survey metrics, at least not wildly different. If you are interested in it, the magic number for August is 0.8%.

• Desktop Environments/WMs

  • GNOME Desktop/GTK

    • Allan Day: Towards a UX Strategy for GNOME (Part 1)

      At the recent GUADEC in Thessaloniki, I gave a talk about some strands of work that I’ve been doing around UX strategy and design/development process. I ended up skipping over some points that I’d wanted to make, and I also had some great conversations with people about the talk afterwards, so I wanted to share an updated version of the talk in blog form.

      I’ll be splitting the talk into multiple posts. This first post is about creating a UX strategy for GNOME. As you might expect, this is a plan for how to improve GNOME’s user experience! In particular, it tries to answer the question of which areas and features need to be prioritised.

      The approach I’ve taken in creating this strategy follows a fairly standard format: analyse the market, research user needs, identify and analyse competitors, then use that data to design a product which will succeed in the current desktop market. The main goal is to offer a product which meets user needs better than the alternatives.

      In later posts in the series, I’m going to show off a set of updated designs for GNOME, which I think are a good place to start implementing the strategy that I’m laying out. For many readers, those later posts will probably be more interesting! However, I do think it’s useful to provide the strategy, in order to provide background and put that work in context.

    • Robert Ancell: GUADEC 2019 – Thessaloniki

      This year we had seven people from Canonical Ubuntu desktop team in attendance. Many other companies and projects had representatives (including Collabora, Elementary OS, Endless, Igalia, Purism, RedHat, SUSE and System76). I think this was the most positive GUADEC I’ve attended, with people from all these organizations actively leading discussions and a general consideration of each other as we try and maximise where we can collaborate.

      Of course, the community is much bigger than a group of companies. In particular is was great to meet Carlo and Frederik from the Yaru theme project. They’ve been doing amazing work on a new theme for Ubuntu and it will be great to see it land in a future release.

      In the annual report there was a nice surprise; I made the most merge requests this year! I think this is a reflection on the step change in productivity in GNOME since switching to GitLab. So now I have a challenge to maintain that for next year…

• Distributions

  • New Releases

    • IPFire 2.23 – Core Update 135 released

      This is the official release announcement for IPFire 2.23 – Core Update 135, which is packed with a new kernel, various bug fixes and we recommend to install it as soon as possible.

  • Fedora Family

    • Fedora 30 : About the Jupyter lab tool.

      The tutorial for today is about Jupiter Lab and Fedora 30. You can see an old tutorial with Fedora 29 here.
      The JupyterLab is the next-generation web-based user interface for Project Jupyter.
      This can be installed using conda, pip or pipenv.

  • Debian Family

    • Call for testing: [TAILS] 4.0~beta2

      You can help Tails by testing the second beta for the upcoming version 4.0!

    • Tails 3.16 is out

      This release fixes many security vulnerabilities. You should upgrade as soon as possible.

• Devices/Embedded

  • Arm-based touch-panel computer has a slim, 31.7mm profile

    Data Modul’s rugged, 10.1-inch “Slim Panel PC” runs Yocto 2.4 with Linux 4.9 on an i.MX6 with a capacitive touchscreen, dual CAN ports, Ethernet, mini-PCIe, and micro-HDMI ports.

    Data Modul announced an “ultra-flat” Slim Panel PC with a 10.1-inch capacitive touchscreen that runs Linux on an 800MHz NXP i.MX6 Solo, DualLite, or Quad. The name derives from the 185 x 267mm system’s relatively svelte 31.7mm thickness.

  • Mobile Systems/Mobile Applications

    • Here’s how to change your Android 10 system accent color

    • Press F to Pay Respects to the Back Button in Android 10

    • Will my phone get Android 10?

    • OnePlus 7T with Android 10 stops by Geekbench

    • Samsung is testing Android 10 with One UI 2.0 on the Galaxy S10 and Galaxy Note 10

• Free, Libre, and Open Source Software

  • Open-source voting for San Francisco

    To open-source fans, the lure of open-source voting systems is surely strong. So a talk at 2019 Open Source Summit North America on a project for open-source voting in San Francisco sounded promising; it is a city with lots of technical know-how among its inhabitants. While progress has definitely been made—though at an almost glacially slow speed—there is no likelihood that the city will be voting using open-source software in the near future. The talk by Tony Wasserman was certainly interesting, however, and provided a look at the intricacies of elections and voting that make it clear the problem is not as easy as it might at first appear.

    Wasserman is a professor of software management practice at Carnegie Mellon Silicon Valley and a San Francisco resident; he was asked to serve on an advisory committee on open-source voting for the city. San Francisco is about 11x11km, with around 800,000 people; roughly 500,000 of those are registered voters and nearly 350,000 turned out for the November 2018 election. He said that 70% participation by registered voters is a pretty good turnout for the US.

    There are two different organizations within the city government that handle elections: the elections commission and the elections department. The commission is tasked with making the policies and plans for elections, while the department actually implements them, runs the elections, and reports the results. The elections department also handles “problem” ballots and registrations; as part of that, it stores 20 years of paper ballots underneath city hall, which he found astonishing.

    The goal of the project is to develop the country’s first open-source voting system for political elections, which could potentially have a broad impact if it is successful, both locally and nationally. There are other justifications for it as well, including providing transparency for voters and the expectation of saving money. There are only three (down from four due to a merger) companies that sell election systems in the US; they are not cheap and moving to open-source would provide freedom from being locked into those vendors.

  • David Humphrey: Some Assembly Required

    In my open source courses, I spend a lot of time working with new developers who are trying to make sense of issues on GitHub and figure out how to begin. When it comes to how people write their issues, I see all kinds of styles. Some people write for themselves, using issues like a TODO list: “I need to fix X and Y.” Other people log notes from a call or meeting, relying on the collective memory of those who attended: “We agreed that so-and-so is going to do such-and-such.” Still others write issues that come from outside the project, recording a bug or some other problem: “Here is what is happening to me…”

    Because I’m getting ready to take another cohort of students into the wilds of GitHub, I’ve been thinking once more about ways to make this process better. Recently I spent a number of days assembling furniture from IKEA with my wife. Spending that much time with Allen keys got me thinking about what we could learn from IKEA’s work to enable contribution from customers.

  • Workarea Commerce Releases Platform to Open Source Community

    Workarea, the enterprise commerce platform built to unify commerce, content management, merchant insights and search, is releasing its software to the open source community. Built upon open source technologies from inception, including Ruby on Rails, MongoDB, and Elasticsearch, Workarea touts unparalleled flexibility and scale in modern cloud environments. The platform source code and demo instructions are now available on GitHub.

  • Events

    • Linux Plumbers Conference: LPC waiting list closed; just a few days until the conference

      The waiting list for this year’s Linux Plumbers Conference is now closed. All of the spots available have been allocated, so anyone who is not registered at this point will have to wait for next year. There will be no on-site registration. We regret that we could not accommodate everyone. The good news is that all of the microconferences, refereed talks, Kernel summit track, and Networking track will be recorded on video and made available as soon as possible after the conference. Anyone who could not make it to Lisbon this year will at least be able to catch up with what went on. Hopefully those who wanted to come will make it to a future LPC.

    • Linux Plumbers Conference waiting list closed; just a few days until the conference

      The Linux Plumbers Conference has filled up and has closed its waiting list.

  • Web Browsers

    • Mozilla

      • Mozilla Cloud Services Blog: A New Policy for Mozilla Location Service

        Several years ago we started a geolocation experiment called the Mozilla Location Service (MLS) to create a location service built on open-source software and powered through crowdsourced location data. MLS provides geolocation lookups based on publicly observable cell tower and WiFi access point information. MLS has served the public interest by providing location information to open-source operating systems, research projects, and developers.

        Today Mozilla is announcing a policy change regarding MLS. Our new policy will impose limits on commercial use of MLS. Mozilla has not made this change by choice. Skyhook Holdings, Inc. contacted Mozilla some time ago and alleged that MLS infringed a number of its patents. We subsequently reached an agreement with Skyhook that avoids litigation. While the terms of the agreement are confidential, we can tell you that the agreement exists and that our MLS policy change relates to it. We can also confirm that this agreement does not change the privacy properties of our service: Skyhook does not receive location data from Mozilla or our users.

        Our new policy preserves the public interest heart of the MLS project. Mozilla has never offered any commercial plans for MLS and had no intention to do so. Only a handful of entities have made use of MLS API Query keys for commercial ventures. Nevertheless, we regret having to impose new limits on MLS. Sometimes companies have to make difficult choices that balance the massive cost and uncertainty of patent litigation against other priorities.

        Mozilla has long argued that patents can work to inhibit, rather than promote, innovation. We continue to believe that software development, and especially open-source software, is ill-served by the patent system. Mozilla endeavors to be a good citizen with respect to patents. We offer a free license to our own patents under the Mozilla Open Software Patent License Agreement. We will also continue our advocacy for a better patent system.

  • Licensing/Legal

    • Debating the Cryptographic Autonomy License

      If one were to ask a group of free-software developers whether the community needs more software licenses, the majority of the group would almost certainly answer “no”. We have the licenses we need to express a range of views of software freedom, and adding to the list just tends to create confusion and compatibility issues. That does not stop people from writing new licenses, though. While much of the “innovation” in software licenses in recent times is focused on giving copyright holders more control over how others use their code (while still being able to brand it “open source”), there are exceptions. The proposed “Cryptographic Autonomy License” (CAL) is one of those; its purpose is to give users of CAL-licensed code control over the data that is processed with that code.
      Van Lindberg first went to the Open Source Initiative’s license-review list with the CAL in April. At that point, it ran into a number of objections and was rejected by the OSI’s license review committee. The license has since been revised to address (most of) the objections that were raised; a third version with minor tweaks was posted on August 22.

      At its core, the CAL is a copyleft license; distribution of derived products is only allowed if the corresponding source is made available under the same (or a compatible) license. The third version added one exception: release of source can be delayed for up to 90 days if required to comply with a security embargo.

    • Commons Clause in open source licences: business necessity or betrayal of software freedom?

      Accommodation of new business models and technological advances has fundamentally disrupted the open source industry. Unlike on-prem solutions, which are installed in a user environment, cloud-based software remains hosted on the vendor’s servers and is accessed by users through a web browser. Because cloud-based offerings do not involve software distribution, the copyleft effect of open source licences is not triggered.

      Large cloud providers use their market power and infrastructure to generate significant revenues by offering proprietary services around successful open source projects, thus depriving such projects of an opportunity to commercialise similar services.

      [...]

      Whether the benefits of employing the Commons Clause outweigh the potential risks is likely to invoke a case by case analysis. The community consensus on the four software freedoms [the freedom to run the program for any purpose, the freedom to modify it for private or public use, the freedom to make copies and distribute the program and its derivatives] is under continuous pressure for modification. Indeed reshaping the portfolio of freedoms may not necessarily be a threat to open source as we know it, but rather an evolution thereof.

      As Heather Meeker, the drafter of the Commons Clause, has noted, the choice is often between the full proprietary route and a source-available licensing. By choosing the latter, we may preserve at least some of the freedoms.

  • Programming/Development

    • Linker limitations on 32-bit architectures

      Before a program can be run, it needs to be built. It’s a well-known fact that modern software, in general, consumes more runtime resources than before, sometimes to the point of forcing users to upgrade their computers. But it also consumes more resources at build time, forcing operators of the distributions’ build farms to invest in new hardware, with faster CPUs and more memory. For 32-bit architectures, however, there exists a fundamental limit on the amount of virtual memory, which is never going to disappear. That is leading to some problems for distributions trying to build packages for those architectures.

      Indeed, with only 32-bit addresses, there is no way for a process to refer to more than 4GB of memory. For some architectures, the limit is even less — for example, MIPS hardware without the Enhanced Virtual Addressing (EVA) extensions is hardwired to make the upper 2GB of the virtual address space accessible from the kernel or supervisor mode only. When linking large programs or libraries from object files, ld sometimes needs more than 2GB and therefore fails.

    • Object Detection with ImageAI in Python

      Object detection is a technology that falls under the broader domain of Computer Vision. It deals with identifying and tracking objects present in images and videos. Object detection has multiple applications such as face detection, vehicle detection, pedestrian counting, self-driving cars, security systems, etc.

    • Lisp on Talos II

      I’ve been following the status of Lisp on ppc64le lately.

      I’m running ppc64le Debian sid. Just after I had set up my system, I did some experimentation with what Debian packages had to offer. ECL was the only Lisp that worked, so I started using it for various projects. (I’ve since learned on #sbcl that CLISP built from source is also a good option.)

      Ideally I wanted to be able to use SBCL, so I wondered how far into an SBCL bootstrap I could get with ECL as the host compiler. A few months ago, I found the answer was not very far.

    • Six Reasons COBOL Has Survived to Age 60

      This month in 2019 marks the 60th anniversary of COBOL. That’s right: In a world in which something can be outdated almost as fast as it moves off the shelf, COBOL (common business-oriented language), a code technology that predates Microsoft Windows, UNIX, Java and Linux, is 60 years old.

      COBOL is a high-level programming language for business applications. It was the first popular language designed to be operating system-agnostic and is still in use in many financial and business applications today.

      COBOL was designed for business computer programs in industries such as finance and human resources. Unlike some high-level computer programming languages, COBOL uses English words and phrases to make it easier for ordinary business users to understand. The language was based on Rear Admiral Grace Hopper’s 1940s work on the FLOW-MATIC programming language, which was also largely text-based. Hopper, who worked as a technical consultant on the FLOW-MATIC project, is sometimes referred to as the “grandmother of COBOL.”

Leftovers

• Science

  • Paleocomputing watch: Tech magazines cover the BBS scene

    The wonderful folks at Paleotronic (previously) have rounded up scans of articles from 1980s-era computer magazines that advised new computer users on navigating the burgeoning world of dial-up BBSes.

    Dial-ups were my introduction to networked computing. We had an acoustic coupler and teletype connected to a PDP at the University of Toronto in 1977 when I was 6, but it wasn’t until we got an Apple ][+ and a Hayes modem card in 1979 that the world opened up for me. That system didn’t have enough expansion slots to accommodate all the cards we had for it, so installing the modem meant swapping out the 80 column card, which meant that we lost access to lower-case characters when we were online. My modem days started out in ALL CAPS.

• Hardware

  • Intel Core i9 9900KS Releasing In October With All-Core 5GHz Turbo

    Intel announced at IFA 2019 in Berlin that their Core i9 9900KS processor will be releasing next month.

    For those losing track, the Core i9 9900KS is Intel’s all-core 5GHz processor as a step above the existing Core i9 9900K. On the downside, it’s still a 14nm-derived Coffeelake part.

    The 5GHz all-core turbo frequency with the i9-9900KS is said to be possible with normal air cooling. The base frequency of this eight-core / sixteen thread processor will be 4.0GHz, a 400MHz increase over the 9900K. Pricing and TDP figures have yet to be announced.

    [...]

    Intel hasn’t yet indicated if we’ll be sampled with the 9900KS or Cascadelake-X for Linux benchmarking, but hopefully as certainly many Linux users are interested in the performance potential — with real-world workloads, which was also a common theme for Intel’s IFA 2019 talk.

• Security (Confidentiality/Integrity/Availability)

  • Year-Old Samba Bug Allows Access to Forbidden Root Share Paths

    For almost a year, threat actors could exploit a vulnerability in Samba software that allowed them to bypass file-sharing permissions and escape outside the share root directory.

    The security flaw has been introduced in Samba 4.9.0, released on September 13, 2018, and can be leveraged under certain conditions.

  • The breach prevention playbook

    Authentication is the first step to a solid defense, as most breaches start with poor authentication practices. A bad actor will procure a legitimate login credential (a password) from an unsuspecting user via phishing, social engineering, or even plain theft. When the password is obtained, it allows the bad actor to log in to systems as someone they are not. The network doesn’t recognize that it is a malicious actor entering the credentials, allowing them to access anything as a “legitimate” user who has permission to access. Fortunately, several tactics and technologies can help further strengthen authentication tactics.

    [...]

    Single sign-on (SSO) technologies and implementing multi-factor authentication can eliminate the problem of too many passwords and the lack of security as it relates to the password itself. SSO enables a user to utilize a single, strong password across the entire range of systems they need to access. Another advantage of SSO is that it can apply stronger authentication methods to systems that don’t natively support them. For example, natively many UNIX and Linux systems transmit passwords in clear-text — an obvious risk; but an SSO solution that enables an Active Directory (AD) log-on to work for Unix/Linux will automatically extend AD’s password encryption and stronger authorization to those non-Windows systems.

  • WordPress 5.2.3 Security and Maintenance Release

    WordPress 5.2.3 is now available!

    This security and maintenance release features 29 fixes and enhancements. Plus, it adds a number of security fixes—see the list below.

    These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so you’ll want to upgrade.

    If you haven’t yet updated to 5.2, there are also updated versions of 5.0 and earlier that fix the bugs for you.

• Environment

  • Caroline Lucas: Spending Review totally slapdash on climate

    Caroline said: “We’re used to official greenwash from government, but what we saw today was a mere slapdash swipe, a few drops of paint, on a canvas that otherwise entirely overlooked our climate emergency.

    “Our environment was totally ignored in the overview of the UK economy, and the Chancellor only got around to a specific climate announcement two-thirds of the way into the speech.

    “Any Chancellor fit for office would have announced a Green New Deal as an economic cure for the triple crisis of inequality, climate breakdown and failed finance.

    “This spending review doubles down on a failed economic model that is trashing our environment, and trashing the prospects for young people.

  • Energy

    • Wall Street Journal and Senator Barrasso Still Peddling Koch’s Electric Car Myths

      Senator John Barrasso and the Wall Street Journal (WSJ) editorial board are once again attacking the federal electric vehicle tax credit, and are once again relying on easily debunked talking points born of the Koch network’s influence machine.

      Senator Barrasso has reportedly sent a letter to Republican colleagues in the Senate, advising them not to extend the electric vehicle (EV) tax credit.

      The Wall Street Journal’s editorial board cheered Senator Barrasso’s act in an editorial published Tuesday. The deception and falsehoods are so rife in the WSJ editorial that it that begs for rebuttal. So here goes.

• Privacy/Surveillance

  • In-house counsel on managing the Whois ‘purge’

    In-house counsel in both the UK and the US say they are still struggling to get to grips with data protection laws and that strict rules around revealing details of potential infringers have meant some threats go unchecked.

• Monopolies

  • Patents and Software Patents

    • Patent case: Sisvel International S.A. vs Xiaomi Corporation, Netherlands

      Cases in which FRAND licences are discussed, and where if no licence is taken an injunction is requested, more closely resemble unpaid debt claims then IP-related cases and are thus less suitable for preliminary proceedings. Further, the fact that the case was complex, not only in relation to the patented subject-matter but also because of the international implications, led the judge to the conclusion that the case was not suitable for preliminary proceedings.

    • SE – THREE YEARS WITH THE SWEDISH PATENT AND MARKET COURT

      Today, three years after its inception on 1 September 2016, and with more data now available, it is time to follow up on our 2017 blog post regarding the efficiency and reliability of patent cases adjudicated by the Swedish Patent and Market Court.

    • Berkheimer: Coming Up this Fall

      The Berkheimer case has been pending for a while. Steven Berkheimer first filed his infringement lawsuit against HP back in 2012. (N.D. Ill.) In 2016, the district court dismissed the case on summary judgment — finding the claims ineligible. That decision included two key legal findings (1) eligibility is purely a question of law; and (2) the clear and convincing evidence standard does not apply to questions of eligibility. The appeal then took two years and in 2018 the Federal Circuit vacated that holding — finding that underlying issues of fact may be relevant here to the question of patent eligibility.

      [...]

      As I mentioned previously, the petition creates a false dichotomy. As we know from claim construction, not all questions-of-fact are given to a jury to decide. And, the Federal Circuit did not hold that eligibility is “a question of fact for the jury.” Despite the intentional misdirection by HP’s Counsel Mark Perry (Gibson Dunn) and David Salmons (Morgan Lewis), the case is interesting and important and I look for the court to take the case.

    • “Exceptional Case” Rule does Not apply to Doctrine of Equivalents

      When I wrote about this case back in May 2019, I headlined the post with the court’s statement that “The Doctrine of Equivalents Applies ONLY in Exceptional Cases.” I noted that the court’s statement was “a major step without precedential backing.” It is possible that the court was simply intending to state that DOE is rare. The decision was so problematic though because “exceptional case” is a term of art used elsewhere in patent law and suggests creation of an additional test prior to allowing a patentee to rely upon DOE. Citing my post, Amgen petitioned for rehearing on the issue.

      [...]

      The decision as it reads now recognizes that DOE winners will be rare — and that rarity stems from the nature of the DOE test. In particular, DOE only applies when the accused device or method is different from what is claimed but may not be “substantially different” on an element-by-element basis.

    • Broad Interpretation of 315(b) time-bar applied to 315(a) challenge

      Prior to filing its IPR petition, Cisco had filed a declaratory judgment (DJ) action in district court seeking to invalidate Chrimar’s U.S. Patent 8,902,760. However, rather than pursuing the case to judgment or settlement, Cisco dismissed its lawsuit without prejudice. Under typical principles of preclusion, this type of dismissal would not prohibit or estopp Cisco from challenging the patent again at a later date. However, the question here was how those rules mesh with the Patent Act.

      [...]

      The petitioner Cisco easily checks the boxes of the statute — it filed a civil action challenging validity before it filed the IPR petition. However, Cisco argued that that the voluntary dismissal should reset the case. The voluntary-dismissal argument had already been foreclosed in the 315(b) situation.

      Cisco argued that 315(a) (unlike 315(b)) parallels estoppel provisions and thus should follow the same rules. The PTAB panel rejected that argument — following the Federal Circuit’s lead here to strictly apply the statute as written and without judicial exception. The statute “does not include an exception.” Thus, the holding: Cisco’s IPR Petition is barred by its prior DJ action even though voluntarily dismissed.

    • PTAB Redeclares CRISPR Interference and Grants Leave for Some (But Not All) of Parties’ Proposed Motions

      On Monday, the Patent Trial and Appeal Board (PTAB) issued an Order deciding which of the parties’ (University of California/Berkeley, the University of Vienna, and Emmanuelle Charpentier, Junior Party, abbreviated to “CVC” throughout, and The Broad Institute, Massachusetts Institute of Technology, and Harvard University, Senior Party) proposed motions it will deign to consider in the first (appropriately called “motions”) phase of the newly declared interference regarding priority of invention to CRISPR technology. The Board also and separately redeclared the interference and by doing so avoided considering one of CVC’s motions (that arrived at Berkeley’s desired outcome nevertheless).

      [...]

      Separately, the Board redeclared the interference to add four of CVC’s pending applications to the interference. There are no other changes to the declaration; the Broad and its co-owners remain Senior Party and CVC remains Junior Party (although as the Board noted in its accompanying Order this could change depending on the outcome of the motions the parties are authorized to file), nor were there any other changes in the patents and applications in interference, the accorded priority benefits nor the claims for each party corresponding to the count (i.e., substantially all of them). As the interference has been set out the Board seems ready to address all remaining issues between the parties to produced (subject to appeal) a final determination of who owns CRISPR.

  • Trademarks

    • The facepalm trade mark case in China

      This Kat instantly liked the facepalm emoji when it was first released in 2016. It felt like some hidden inner voice was speaking out, echoing in her own ears. It had been something that had been missing for some time – an expression of frustration or embarrassment at the difficulties of a tough situation:

      ‘The iPhone is finally getting a facepalm emoji’ — Telegraph

      ‘Apple gives the world what it needs, a facepalm emoji’ — mashable

      ‘The One Emoji You’ve All Been Waiting For Is FINALLY Coming To Your Phone…’ — popbuzz

      ‘HOERA! ER KOMT EINDELIJK EEN FACEPALM-EMOJI’ — metronieuws.nl

      [...]

      Jin disagreed with the criticism. In an interview, he said that, as the owner of a clothing-trading company, he has always sought trade-mark protection for the patterns printed on the clothes by his company. As to the facepalm pattern, he had been using it on his products for almost two years, and therefore thought he should protect it as a trade mark to prevent future trade-mark squatting on rivals’ clothing products. Pressed by the reporter on whether he had known Tencent was in possession of the said emoji, Jin replied, ‘This emoji was not so popular when I started using it’. In addition, since he had only applied for the goods in class 25, he believed it ‘would not be precluding Tencent (the owner of WeChat), or the netizens and WeChat users, from using the facepalm emoji’.

GNU/Linux

• Server

  • Linux And Kubernetes Support The Intelligent Enterprise

    The concept of the intelligent enterprise has arrived in SAP user companies. Now, they need intelligent infrastructures. Linux and Kubernetes can help.
    SAP has been focusing a lot of its efforts on introducing the intelligent enterprise to its customers – and it has succeeded. Many user companies are currently trying to become intelligent.

    The concept of the intelligent enterprise serves as an aspiration, a favorable goal on their digitalization path. Various SAP solutions promise to get them there: S/4, in-memory database Hana, SAP Cloud Platform (SCP), C/4 Hana, SAP Cloud Analytics, SAP Data Hub, cloud solutions like Qualtrics or SuccessFactors, or Leonardo.

  • A guide to human communication for sysadmins

    Not too long ago, I spoke at a tech event in the Netherlands to an audience mostly made up of sysadmins. One of my topics was how sysadmins can increase the value they deliver to the organization they work for. I believe that among the most important factors for delivering value is for everyone to know the overall organization’s priorities and goals, as well as the priorities and goals of the organization’s development teams.

    This all sounds obvious, but in many organizations, silos almost completely block the inter-team communication needed to understand each other’s priorities. Even in large organizations that pat themselves on the back for having gone full DevOps (or aspire to go full DevOps), knowledge of the priorities and goals of other teams is not ubiquitous. When I asked the couple hundred people in my audience whether they knew their development teams and what drives those teams, very few hands came up.

  • IBM

    • Cloud-native messaging on Red Hat OpenShift with Quarkus and AMQ Online

      Quarkus is a Kubernetes-native Java stack tailored for GraalVM and OpenJDK HotSpot, crafted from the best of breed Java libraries and standards, according to the project website. Starting with the 0.17.0 release, Quarkus supports using the Advanced Message Queuing Protocol (AMQP), which is an open standard for passing business messages between applications or organizations.

      Red Hat AMQ Online is a Red Hat OpenShift-based mechanism for delivering messaging as a managed service. Previously, we have seen how to use AMQ Online to provision messaging. In this article, we will combine AMQ Online and Quarkus to show how you can create a modern messaging setup on OpenShift using two new technologies from the messaging space.

      The guide assumes you have an installation of AMQ Online on OpenShift. Read the installation guide for more information. AMQ Online is based on the EnMasse open source project.

    • Red Hat sets new performance records on AMD ROME processors

      As x86_64 hardware sees improvements in the area of CPU die size reduction, Red Hat has continued to work with our partners to better enable world class performance. Recently, AMD released its ROME line of processors, known as the AMD Epyc 7002 Series. With a die size of 7nm, AMD has achieved several new performance world records and many of these results have been with workloads running on Red Hat Enterprise Linux (RHEL) 7 and RHEL 8.

      Leaning on our long history of collaboration, Red Hat and AMD have worked together to deliver enhanced performance to enterprise data centers and beyond. Red Hat’s development and performance engineering teams have been working on hardware enablement and validation of these ROME processors for more than a year, resulting in several benchmark publications using RHELx.

    • Red Hat Summit 2020: Call for Proposals for new developer track

      Red Hat Developer invites you to share your expertise at Red Hat Summit 2020, April 27-29th in San Francisco California. Submit a proposal now to lead a conference session and share your development story.

      Every year, thousands of developers attend Red Hat Summit. New for 2020, you will be able to attend a new track created specifically for application developers. This track will focus on the latest application development technologies, and we need your help.

      Red Hat Summit attendees want to hear your stories of success and failure, your best techniques, how your work is changing, architecture tips, DevOps, and what’s new. Please submit your session ideas based on real-world examples and hands-on instruction. Below are some ideas to help you get started.

• Audio/Video

  • Stop video autoplay with Firefox

    You know that thing where you go to a website and a video starts playing automatically? Sometimes it’s a video created by the site, and sometimes it’s an ad. That video is doing its level best to get your attention, which is very distracting when that’s not what you’re looking for. If you find autoplay videos annoying, Firefox can help return some peace to your life by blocking them. Here’s how to stop video autoplay.

  • A Chat with Drew DeVore | Jupiter Extras 10

    Brent sits down with Drew DeVore, Jupiter Broadcasting’s latest addition to the Audio Editing Engineer team and cohost of Choose Linux. We chat shoes, his love for linux, adventures in audio, and why JB feels like home.

• Kernel Space

  • Eventually “Schedutil” Could Replace Linux’s Existing CPU Scaling Governors

    The Schedutil CPU frequency scaling governor has been around for a few years and has gotten better over time but in our own tests we still find it frequently not being as competitive to the “performance” governor and others. However, in the future Schedutil might become the default and perhaps only governor.

    Following the brief tests of the new AMD CPUFreq CPPC solution, which isn’t mainlined, a Phoronix reader pointed out a recent kernel mailing list discussion that went under our radar.

    Upstream kernel developer Peter Zijlstra was critiquing several points of the proposed AMD CPPC code that AMD developers have been working on for Collaborative Processor Performance Control support with their new Zen 2 processors. Zijlstra rejected various elements of the AMD code proposal, including the calling it a “huge mistake” for exposing a lot of the data to user-space due to complicating future kernel efforts. He also rejected the idea of AMD creating a Linux user-space tool for generating CPPC profiles for target user workloads.

  • ASpeed AST2600 Support Coming To The Linux 5.4 Kernel

    While not officially released yet, support for the ASpeed AST2600 is coming to the Linux 5.4 kernel.

    The ASpeed AST2500 server management processor / BMC has been very common to servers over the years but will soon be succeeded by the AST2600. There previously has been rumors the AST2600 is coming with 2020 server motherboards and that looks like it may pan out with the Linux 5.4 kernel set to debut with initial support for this ASpeed controller.

    The dual-core A7 while old is a big upgrade over the single-core ARM11 800MHz CPU found within the AST2500. Earlier rumors have suggested the AST2600 to be fabbed on a TSMC 28nm process.

  • Graphics Stack

    • NVIDIA Lands Another New OpenGL Extension In 2019 Around Multi-GPU/SLI

      While most games/engines and software in general are moving from OpenGL to Vulkan, NVIDIA is still investing in their OpenGL driver stack and even adding new multi-GPU/SLI functionality to their driver and as part of that introducing new extensions.

      Back in July I wrote about new OpenGL extensions for multi-GPU rendering that at the time were about exposing explicit controls over multi-cast rendering, the progress fence extension for coordinating operations between multiple GPU command streams, and a WGL-catered extension for creating contexts in a multi-GPU environment.

    • X.Org’s Modesetting Driver Flips Off Atomic By Default

      While atomic mode-setting has been around for several years now and to provide a modern mode-setting interface that can test modes prior to the actual operation and reduce possible flickering during mode-setting events and also being faster, the common xf86-video-modesetting driver has at least temporarily disabled the support by default.

      Within the latest X.Org Server 1.21 Git and requested for back-porting to X.Org Server 1.20 is disabling atomic support by default. This stems from a black screen when doing rotation on a different CRTC and other problems along the atomic code-path for this in-tree driver. So by default the generic modesetting driver will use the legacy code-path by default to avoid messing up existing users.

    • Mesa’s Gallium3D LLVMpipe Driver Adds Compute Shader Support

      Red Hat’s David Airlie has been refocusing efforts recently on improving the state of the LLVMpipe driver that implements OpenGL / OpenGL ES on top of CPUs using LLVM. In the past few weeks he’s been wiring up more GL4 / GLES 3.1 extensions and this morning the latest achievement is supporting OpenGL compute shaders!

      Following a long series of patches, Airlie has OpenGL compute shader support working for LLVMpipe in tandem with various LLVM/Gallivm changes.

• Benchmarks

  • NAS Parallel Benchmarks: EPYC 7601 vs. EPYC 7742 vs. Xeon Platinum 8280

    Not included as part of our original EPYC 7742 / EPYC 7002 “Rome” Linux benchmarks was the NAS Parallel Benchmarks (NPB) developed by NASA. While an MPI testing favorite, there were build issues with the older version of NPB packaged by the Phoronix Test Suite. But with recently having updated that test profile against the latest NPB upstream, here are some results for the EPYC 7742 2P, EPYC 7601 2P, and dual Xeon Platinum 8280 benchmark results. Separately, there’s also results now for NeatBench 5 with this video editing plug-in test case now part of the Phoronix Test Suite.

  • AMD Ryzen 9 3900X Linux CPU Frequency Scaling Governor Benchmarks

    Given the recent talk about the Schedutil CPU frequency scaling governor and its future along with CPU frequency scaling behavior in general on AMD Zen 2 processors, here are some benchmarks of the Ryzen 9 3900X when tested with the different Linux “CPUFreq” governor options.

    This round of testing is just for reference purposes in looking at how these different CPU frequency scaling governor tunables compare. The power consumption between the modes weren’t compared due to the WattsUp Pro meters being busy on other systems and this testing was done prior to the recent Windows/Linux power discoveries; in fact, this testing was from back in July albeit slipped under the radar for publishing these figures.

    From the Linux 5.3 Git kernel as of the end of July while running Ubuntu 18.04 LTS, the CPUFreq governor options of ondemand, performance, powersave, and schedutil were tested. For most Linux distributions, “ondemand” is the default governor while “performance” is known for some workloads to deliver better performance when the CPUFreq driver doesn’t respond fast enough for ramping up the CPU clock frequencies. Schedutil meanwhile is the newest governor and makes use of the kernel’s scheduler utilization data to try to make more informed decisions about what to do with the CPU frequencies. Schedutil has an interesting future ahead, but as we’ve shown several times, there generally are shortcomings still compared to the likes of Schedutil. The powersave governor, lastly, keeps the clocks at a minimum and really isn’t useful for a desktop unless really trying to conserve power. But for this article we’re just looking at the performance difference on the Ryzen 9 3900X for easily changing this Linux kernel tunable.

• Applications

  • Cockpit 202

    Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 202.

  • Daniel Stenberg: FIPS ready with curl

    It should show that it uses wolfSSL and that all the protocols and features you want are enabled and present. If not, iterate until it does!

  • Peter Czanik: Handling lists in syslog-ng: the in-list() filter

    Recently, a number of quite complex configurations came up while syslog-ng users were asking for advice. Some of these configurations were even pushing the limits of syslog-ng (regarding the maximum number of configuration objects). As it turned out, these configurations could be significantly simplified using the in-list() filter, one of syslog-ng’s lesser known features.

    First, a bit of history. The idea of the in-list() filter came to me while I was listening to Xavier Mertens at a Libre Software Meeting conference talk in France. In his talk, he described how to check log messages for suspicious IP addresses. He used free IP address lists from the Internet (spammer IP addresses, malware command and control IP addresses, etc.) and, using a batch process, he kept checking if any of those were present in the log messages on a nightly basis.

    It occurred to me that all of the above could be done in real-time. Namely, several different parsers capable of extracting IP addresses and other important information from log messages as they arrive are already available in syslog-ng. All that was missing was a tool that could compare the extracted value with a list of values coming from a file. This tool was implemented quickly as a ‘spare time project’ by one of my colleagues. This is how the in-list() filter was born.

• Instructionals/Technical

  • How to Install Mastodon on Ubuntu 18.04

  • nmap get all active online ips from specific network

  • How to Set Up Cron Job on Debian 10

  • How to install and run Opera Browser via Snap on Ubuntu

  • How to Change Themes in Linux Mint

  • How to Get Average CPU and Memory Usage from SAR Reports Using the Bash Script

  • How to Install DataGrip on Debian 10

  • How to Check Swap Space in Linux

  • How To Capture Database Changes

  • How to Install Mastodon Client ‘Tootle’ in Ubuntu 18.04

  • Install Warzone Game In Ubuntu Operating System

  • Environment variables in PowerShell [Ed: Why does Red Hat push people to learn Microsoft?]

• Games

  • Haunted maze game Phantom 3D has been released

    Graverobber Foundation, developer of cyberpunk dungeon crawler Das Geisterschiff is back with a new game called Phantom 3D.

  • Fluid Simulation is one of the most mesmerising things I’ve seen in a while

    Fluid Simulation is something you all need to try out for a few minutes to de-stress. A nice casual experience for a tired mind perhaps.

    Appearing in my Twitter feed recently was a tweet from developer Pavel Dobryakov, which said “fucking hell I have managed it” with a link to a WebGL Fluid Simulation to try in a web browser. I was completely captivated by it, throwing my mouse around making shapes and adjusting all the settings. A good 30 minutes passed before I realised how the outside world faded away for a time.

  • The Dragon Clan have entered Armello with a new DLC

    The cast of Armello has grown bigger with the newly released The Dragon Clan DLC adding in four new characters.

    Not played Armello before? It’s a grim fairy-tale board game, where one player will attempt to become King or Queen. Game of Thrones with an animal cast is a pretty reasonable description. It can be a huge amount of fun if you don’t mind the RNG, playing it with friends is an absolute blast. Lots of interesting game mechanics, allowing you to really mess with other players.

  • Doom 4 Vanilla is the latest crazy Doom game pack inspired by 2016′s DOOM

    This is quite amazing. I never grow tired of seeing what people in the Doom modding community are able to achieve.

    Doom 4 Vanilla recently showed up, what the developer describes as “Doom 2016 the Way 1993 Did It” and it really does look like a huge amount of fun. It’s not the work of a single person though, as it does pull in mods and resources from others all under one roof.

  • Adventure and strategy RPG Pathway is getting a big free update, some of it has been teased

    Pathway released back in April and it’s a lot of fun but one thing was certain after playing it for a lot longer, it did get repetitive. A big free update is coming soon and it’s sounding good.

    We already knew it was getting an update, since they did previously confirm it but they didn’t say what it would include. At least now, we have some details on it as they announced in a post on Steam. For starters, it’s getting both a Japanese and Chinese localization to bring in more players. To do so, they said they had to rewrite a lot of the UI code. Always nice to see more games available across different languages!

  • Colourful retro arcade inspired shoot ‘em up Laservasion is out now

    Red Phoenix Studios recently released Laservasion, a retro inspired arcade styled shoot ‘em up with Linux support. It’s pretty darn colourful once you get into it.

  • Jupiter Hell continues advancing as a seriously fun action-packed roguelike

    ChaosForge are truly onto something special with Jupiter Hell, a roguelike that doesn’t really feel like one and each update just makes it even more awesome to play.

    They continue to push out regular updates, with another released this week. The first big addition of the latest update is the inclusion of more levels and secrets, as the second Io branch – CRI Laboratories is now in. This includes its own special level the “CRI Armory”.

    Also in this release are the new Medical and Technical stations. Medical will allow you to do things like heal up or extract a health pack, while Technical will let you control your mod supply or perhaps repair some armour. The point of these stations is to “allow for some control over your run”.

• Desktop Environments/WMs

  • K Desktop Environment/KDE SC/Qt

    • Akademy App now with BoF info + more

      If you already downloaded the app, please open it and refresh to get the new info!

      Also I would like to thank Ben for setting up Sitter’s project on our beloved Binary Factory!

• Distributions

  • openSUSE Is A Community Of Communities: Gerald Pfeifer

    Gerald Pfeifer, a seasoned open source developer and CTO of SUSE EMEA, has been appointed the new chair of the openSUSE board. We talked to Pfeifer to better understand the role of the openSUSE board, the relationship between the company and the community, and the status of the openSUSE Foundation.

  • Screenshots/Screencasts

    • How to install Linux Lite 4.6

    • Manjaro 18.1 RC9 KDE Run Through

      In this video, we are looking at Manjaro 18.1 RC9 KDE.

  • Fedora Family

    • Python 3.7.4 : Create an Stand Alone Executable on Fedora distro.

    • How to build Fedora container images

    • Fedora 30 : The last Krita version.

      Today I will show you how to use the last version of Krita with Fedora 30 distro. First, download the app image application Krita from the official website. The AppImage is a format for distributing portable software on Linux without needing superuser permissions to install the application.

  • Debian Family

    • The New Kali Linux Is Here

      Offensive Security has announced the release of Kali Linux 2019.2. Kali Linux is one of the most popular and widely used penetration testing Linux distributions.

      The release is based on Linux kernel 5.2.9, and “includes various new features across the board with NetHunter, ARM, and packages (plus the normal bugs fixes and updates),” according to the project’s announcement page.

    • Candy Tsai: Beyond Outreachy: Final Interviews and Internship Review

      The last few weeks (week 11 – week 13) of Outreachy were probably the hardest weeks. I had to do 3 informational interviews with the goal of getting a better picture of the open source/free software industry.

      The thought of talking to someone I don’t even know just overwhelms me. So this assignment just leaves me scared to death. Pressing that “Send Email” button to these interviewees required me to summon up all of my courage but it was totally worth it. I really appreciate their time for chatting with me.

      On the other hand, it’s hard to believe the internship is coming to an end! Good news is that I will be sticking around Debci after this.

      [...]

      Last but not least, here’s a wrap-up of my internship in QA format. Hope that this helps anyone that wants to participate in future rounds get a better picture of how the Outreachy Internship was with Debian Debci.

  • Canonical/Ubuntu Family

    • Ubuntu Dock Might Start Showing Trash and Removable Device Icons

      Developers working on the dependable desktop dock bar are adding the ability to display icons for attached devices, such as USB thumb drives, external monitors, SD cards, and MP3 players, just like the Unity Launcher does.

      Code to support the presence of these items is currently pending upstream (hence it’s not available to try yet). That said, there is no major reason why the code can’t land ahead of Ubuntu 19.10, due next month.

      Icons for removable devices and peripherals would house unmount and eject actions (where appropriate) in their respective icon’s right click menu.

    • Upgrade from Windows 7 to Ubuntu Part 3: Applications

      After talked about intro and releases, now I will talk about applications on Ubuntu GNU/Linux that are replacements to ones on Windows. You need to know this information in order to switch as the most important thing you really use is the application. For example, if previously you are accustomed to Microsoft Office, MATLAB, and Adobe Reader, on Ubuntu you will use LibreOffice, Octave, and Evince, respectively. More fortunately, just as I said on Part 2, all applications are available for you in the central Ubuntu repository, you do not need to manually search different places anymore. I hope this will be useful for you. Happy reading!

• Devices/Embedded

  • Scaled-back version of Khadas Vim3 starts at $50

    Shenzhen Wesion has launched a “Khadas Vim3L” spin of the Vim3 starting at $50 with half the max RAM and eMMC that swaps out the hexa-core A311D for a quad -A55 Amlogic S905D3 with a scaled-back Mali-G31 and 1.2-TOPS NPU. Prices have also dropped on the Vim1 and Vim2.

    Shenzhen Wesion’s Khadas project has released a version of its open-spec, community-backed Khadas Vim3 SBC that sells for half the price. The Khadas Vim3L specs are identical except that the maximum RAM and eMMC have been halved to 2GB LPDDR4 and 16GB eMMC 5.1. The Vim3L replaces the powerful Amlogic A311D (4x Cortex -A73 @ 2.2GHz, 2x -A53 @ 1.8GHz) with a 1.9GHz, quad-core Cortex-A55 based Amlogic S905D3. The SoC is similarly fabricated with a 12nm process.

  • Raspberry Pi Model Comparison: Which One’s for You?

    This year, the Raspberry Pi got even better thanks to the release of the Raspberry Pi 4. The new model pushes the specs even higher, making the list of things you can do with the tiny single-board computer even longer. If you’ve felt limited by past models, this is great news for your projects.

    That said, not every project needs all of the power of the latest Raspberry Pi model. The older models are still quite capable and may even be better-suited to your project, depending on what you’re looking to do.

  • Mobile Systems/Mobile Applications

    • Android Auto, One, and TV pick up new logos as part of recent rebranding

    • Metz M55S9A OLED Android TV Launched in India, Priced at Rs. 99,999

    • Coocaa 50Q5 review: An affordable 4K Android TV, with some compromises

    • Android 10: Everything you need to know about its new privacy settings

    • Video: Get a full overview of Android 10 in just 11 minutes

    • Android 10: Share a Wi-Fi password in a snap with a QR code

    • Android 10 review: new gestures, dark theme, and privacy improvements

    • Huawei P30 Pro gets two new colors, teases Android 10 upgrade at IFA

    • An aftermarket Android Auto, Apple CarPlay upgrade that won’t break the bank

    • Trusted Face smart unlock method has been removed from Android devices

    • Critical Android Warning As 1.25 Billion Smartphone Users Told To Update Now

    • Android 10 Released – What’s New?

    • Hacking Android With Metasploit

      Good morning/evening/night my fellow hackers, today’s lesson is on Metasploit and how we can hack Android with a Metasploit payload. So let’s get started!!

      As always, this post is for educational purposes and should not be used on your friends or enemies, that’s illegal.

    • Google Officially Releases Android 10, Rolling Out Now to All Pixel Smartphones

      Google officially released today the long-anticipated Android 10 mobile operating system, a major release that adds numerous new features and improvements, as well as stronger privacy and security features.

      Coming more than a year after the Android 9 “Pie” release, the Android 10 mobile OS is finally here and it’s rolling out as we speak to all Pixel devices, including the Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, and Pixel 3a XL. This is the first release of Android to not have a dessert codename, despite the fact that it was developed under the Android Q umbrella.

    • OnePlus 7T Pro could come with Snapdragon 855 Plus, Android 10 out-of-the-box

    • How to use the new Digital Wellbeing features in Android 10, Focus Mode, and site timers

    • How to download and install Android 10

    • Android 10 is rolling out to the Redmi K20 Pro and Essential Phone, OnePlus 7/7 Pro get open beta [UPDATED]

    • Android 10 Open Beta is now available for the OnePlus 7 and 7 Pro, download it now

    • OnePlus 7 Pro and OnePlus 7 get Android 10 open betas on launch day

    • Redmi K20 Pro gets Android 10 update already

    • [Update: Fixed] Selecting images in Android 10′s app switcher is broken, preventing you from easily sharing Instagram pics

    • [Intelligent battery optimization] OnePlus 7 (Pro) Android 10 Developer Preview 5 update goes live

    • Top 7 Free and New Android Apps for September 2019

• Free, Libre, and Open Source Software

  • Principles

    In an internal conversation about some community pushback on something we did, I linked to islinuxaboutchoice.com – people often think that ‘just’ because a product is open source, it can’t advertise to them, it has to be chock full of options, it has to be made by volunteers, it can’t cost money and so on…

    But if you want to build a successful product and change the world, you have to be different. You have to keep an eye on usability. You have to promote what you do – nobody sees the great work that isn’t talked about. You have to try and build a business so you can pay people for their work and speed up development. Or at least make sure that people can build businesses around your project to push it forward.

    I personally think this is a major difference between KDE and GNOME, with the former being far less friendly to ‘business’ and thus most entrepreneurial folks and the resources they bring go into GNOME. And I’ve had beers with people discussing SUSE’s business and its relationship with openSUSE – just like Fedora folks must think about how they work with Red Hat, all the time. I think the openSUSE foundation is a good idea (I’ve pushed for it when I was community manager), but going forward I think the board should have a keen eye on how they can enable and support commercial efforts around openSUSE. In my humble opinion the KDE board has been far to little focused on that (I’ve ran for the board on this platform) and you also see the LibreOffice’s Document Foundation having trouble in this area. To help the projects be successful, the boards on these organizations need to have people on them who understand business and its needs, just like they need to have community members who understand the needs of open source contributors.

    But companies bring lots of complications to open source. When they compete (as in the LibreOffice ecosystem), when they advertise, when they push for changes in release cycles… Remember Mark Shuttleworth arguing KDE should adopt a 6-month release cycle? In hindsight, I think we should have!

  • Web Browsers

    • Mozilla

      • Today in tortured tech analogies: Mozilla lets Firefox loose in the hen house, and by hen house, we mean the tracking cookie jar, er…

        Mozilla has declared that its latest Firefox browser will no longer allow third-party tracking cookies by default, pushing an existing limited-audience feature to all users.

        The so-called Enhanced Tracking Protection feature is being built into version 69 of the browser. It more or less implements an age-old feature of browser privacy add-ons, like Adblock Plus, and builds it into the core product.

        Mozilla aims to not only block tracking cookies, but beef up Firefox’s existing Facebook Container anti-social-network feature, detect and block cryptomining malware, and stop browser fingerprinting scripts.

        Browser fingerprinting scripts, as the name suggests, take a snapshot of your browser, its customisation options and installed plugins, with a view to uniquely fingerprinting your device so your browsing habits can be profiled, tracked and ultimately turned into ad companies’ revenues.

        On top of that the browser will also let users block all autoplay videos – as opposed to just the noisy ones, as it does now.

      • This Week In Rust: This Week in Rust 302

        This Week in Rust is openly developed on GitHub. If you find any errors in this week’s issue, please submit a PR.

      • Firefox 69.0 Released with Enhanced Tracking Protection Enabled

        Mozilla Firefox 69.0 was released today. The new release rolls out stronger privacy protections by enabling Enhanced Tracking Protection (ETP) by default.

        Enhanced Tracking Protection blocks third-party sites from tracking cookies and cryptominers. There’s also optional strict setting blocks fingerprinters as well as the items blocked in the default standard setting.

      • Debugging WebAssembly Outside of the Browser

        WebAssembly has begun to establish itself outside of the browser via dedicated runtimes like Mozilla’s Wasmtime and Fastly’s Lucet. While the promise of a new, universal format for programs is appealing, it also comes with new challenges. For instance, how do you debug .wasm binaries?

        At Mozilla, we’ve been prototyping ways to enable source-level debugging of .wasm files using traditional tools like GDB and LLDB.

        The screencast below shows an example debugging session. Specifically, it demonstrates using Wasmtime and LLDB to inspect a program originally written in Rust, but compiled to WebAssembly.

  • Productivity Software/LibreOffice/Calligra

    • LibreOffice developers team up to improve PPT/PPTX (PowerPoint) file support

      Good news for all users of high quality presentation software: a dedicated team has been formed within the LibreOffice community with the aim of further improving PPT/PPTX (PowerPoint) file format support.

      [...]

      LibreOffice’s Quality Assurance team is currently going through the collections of PPT and PPTX issues and carefully re-analysing and prioritising them. The QA team will continue to provide support in the form of patch testing and verification.

  • Pseudo-Open Source (Openwashing)

    • The Four “Os” of Open Banking [Ed: Red Hat openwashing of banks (some of its biggest -- in revenue terms -- clients)]

      While I was studying computer science, the notion of open source was much argued over. Our university professors found the idea playful but approached it from an old-school way where they could not fully grasp how it would fit into a business landscape. We students, on the other hand, found the open source movement empowering. Not only did it provide us with reliable and free tools, it also gave us the chance of contributing to a global community from our small classroom in Algeria.

      Those heated open source debates are not very different from the Open Banking discussions which I have today in Europe and globally.And, just as open source has become commonplace, I’m convinced that Open Banking will become ubiquitous in the financial services sector in the future.

  • Programming/Development

    • How I Followed my Heart, Conquered Fear and Became a Public Speaker

      In this guest post Mridu shares with us how she got into public speaking, conquering fear and imposter syndrome. What did she learn? And what does she recommend for people starting out? Let’s hear from Mridu!

      I am everyday thankful for having crossed paths with individuals who are passionate to share their experience with others. Inspiration came from a teacher who loves to teach with energy and enthusiasm, making sure the student actually learned. Oftentimes I felt our teacher’s enthusiasm was more than the collective enthusiasm of our batch of 200 students.

    • Using Python to Build a Web Scrawler Step by Step

      Start writing here…The need for extracting data from websites is increasing. When we are conducting data related projects such as price monitoring, business analytics or news aggregator, we would always need to record the data from websites. However, copying and pasting data line by line has been outdated. In this article, we would teach you how to become an “insider” in extracting data from websites, which is to do web scraping with python.

    • GCC 10 Compiler Drops IBM Cell Broadband Engine SPU Support

      Next year’s GNU Compiler Collection 10 (GCC 10) compiler release is doing away with support for IBM’s Cell Broadband Engine SPU support.

      There hasn’t been much (anything?) happening on the IBM Cell processor front in about one decade and the GNU toolchain folks are ready to drop the Cell Broadband Engine SPU support with that compiler target previously being maintained by Sony.

    • Real Python: Python args and kwargs: Demystified

      Sometimes, when you look at a function definition in Python, you might see that it takes two strange arguments: *args and **kwargs. If you’ve ever wondered what these peculiar variables are, or why your IDE defines them in main(), then this article is for you. You’ll learn how to use args and kwargs in Python to add more flexibility to your functions.

    • EuroPython 2019 – Videos for Wednesday available

      We are pleased to announce the first batch of cut videos from EuroPython 2019 in Basel, Switzerland.

    • Combining Coverage-Guided and Generation-Based Fuzzing

      Coverage-guided fuzzing and generation-based fuzzing are two powerful approaches to fuzzing. It can be tempting to think that you must either use one approach or the other at a time, and that they can’t be combined. However, this is not the case. In this blog post I’ll describe a method for combining coverage-guided fuzzing with structure-aware generators that I’ve found to be both effective and practical.

    • Mike Driscoll: Lucid Programming Podcast – Writing Books About Python

      I was recently interviewed on the Lucid Programming Podcast by Vincent Russo about writing books about Python.

    • New Book Excerpt: On Coupling and Abstractions

Leftovers

• Security (Confidentiality/Integrity/Availability)

  • The ‘weaponisation’ of vulnerabilities

    Jett says the ‘weaponisation’ of vulnerabilities means that cyber criminals are exploiting them to launch highly co-ordinated attacks against individuals, businesses and specific groups by using a combination of technical and non-technical tools. He adds that, in most cases, these vulnerabilities are targeted in automated exploit kits, which are developed by criminal groups and monetised in various online forums.

    [..].

    “Let’s use the example of attacks on specific individuals. By scouring various channels – both legitimate and illicit – attackers are able to amass sufficient information about their targets to build a comprehensive profile about them. Gradually, they gather enough material to determine what’s going to be the most effective method(s) of attack and they’ll typically utilise multiple attack surfaces to pursue their targets.”

  • Security updates for Wednesday

    Security updates have been issued by Arch Linux (grafana, irssi, and jenkins), Debian (freetype, samba, and varnish), Fedora (community-mysql, kernel, kernel-headers, kernel-tools, and python-mitogen), openSUSE (postgresql10 and python-SQLAlchemy), Oracle (kdelibs and kde-settings and squid:4), Red Hat (kdelibs and kde-settings, kernel, kernel-rt, openstack-nova, qemu-kvm, and redis), Scientific Linux (kdelibs and kde-settings, kernel, and qemu-kvm), SUSE (ansible, java-1_7_1-ibm, libosinfo, php53, and qemu), and Ubuntu (irssi, samba, and systemd).

• Defence/Aggression

  • Walmart to Stop Selling Certain Types of Gun Ammunition

    Walmart says it will discontinue the sale of handgun and short-barrel rifle ammunition and also publicly request that customers refrain from openly carrying firearms in stores even where state laws allow it.

• Transparency/Investigative Reporting

  • Office Of Legal Counsel Sued For Refusing To Turn Over Legal Memos Congress Said Aren’t Exempt From FOIA Law

    Another lawsuit has arisen from the Office of Legal Counsel’s ongoing refusal to allow the general public to see its legal memos. The OLC claims these are categorically exempt from FOIA law because they constitute “deliberative” documents and/or are protected by attorney-client privilege.

• Environment

  • Bahamians begin rescues as Dorian moves on toward US coast

  • Fighting Water Privatization with ‘Blue Communities’

    That year Barlow helped found the Council of Canadians, a nonprofit focused on democracy, trade and environmental issues, and jumped headlong into a global battle to protect public control of water resources — a fight in which she’s been a leading voice ever since.

    Among her accomplishments, Barlow was instrumental in the United Nations’ decision to declare access to clean water a human right in 2010. She’s also received accolades for her efforts including the Right Livelihood Award and the Lannan Cultural Freedom Fellowship Award. She’s currently the honorary chair of the Council of Canadians, chair of the board of Food and Water Watch and a councilor with the Hamburg-based World Future Council.

    In Whose Water Is It, Anyway? she writes not just about the hazards of water privatization but about proactive efforts that communities are taking to protect water resources, including the Blue Communities Project, which started in Canada in 2009 and has spread to cities, universities, unions and faith-based organizations around the world. Blue Communities commit to defending water as a human right, protecting water resources for the public trust and banning bottled water from municipal facilities and events.

    We spoke to Barlow about the different forms that water privatization can take, the solutions offered by Blue Communities and our biggest water threat.

  • Egyptian theatre aids climate change fight

    To help to alert people to the hotter future ahead, an Egyptian theatre troupe is taking the climate message to villages to enlist farmers.

• Finance

  • Everything You Need to Play Baseball Is Made in China — and Getting Hit by Trump’s Tariffs

    Since 1983, Kim Karsh has helped baseball teams deal with an inconvenient fact of the modern economy: Almost everything you need to play America’s homegrown sport is now made in China, from cleats to batting helmets.

    Lately, supplying the game’s amateurs and fans has gotten more difficult. Karsh owns California Pro Sports in Harbor City, California, where invoices for big customers now include a caveat: Prices are up due to the Trump administration’s tariffs on Chinese imports, and they could rise further on short notice.

  • California City Experiments With Universal Income

    Democratic presidential candidate Andrew Yang wants to give cash to every American each month.

• Censorship/Free Speech

  • Indiana Appeals Court Decides Badmouthing A Cop On Facebook Is A Crime

    The Indiana Court of Appeals has handed down an opinion that says criticizing a police officer — at least in this case — is a criminal offense.

• Civil Rights/Policing

  • Maryland Appeals Court Says Sexting Teen Is A Child Pornographer

    Far too many prosecutors in far too many states have trouble reading child porn statutes. Instead of reading them how they’re intended to be read — to punish adults who victimize minors — they read them to include the criminalization of minors participating in sexting. When these pictures and videos are shared, these justice system components become contortionists in order to treat subjects of recordings as their own child pornographers.

  • Lungu Calls For Urgent Measures To End S.A Xenophobia

    President Edgar Lungu has condemned the ongoing xenophobic attacks in South Africa in all its forms and manifestations.

    President Lungu has said attacks of this nature targeted at foreigners call for urgent concerted measures by the South African Government and the regional bodies.

  • Xenophobia hub: Tiwa Savage, Burna Boy ditch SA; Lagos reprisals, Zambia prez prays

    Players in Nigeria’s entertainment industry have severally been reacting to the violence in South Africa with two of Nigeria’s biggest acts announcing that they have ditched trips to South Africa.

  • Violence is not the answer

    Resurgent attacks – including physical brutality, looting and intimidation – by xenophobic and criminal elements against fellow Africans are appalling and heartbreaking.

    The violence pitting blacks against each other is needless, and does all of us collectively as Africans no good.

• Internet Policy/Net Neutrality

  • California Has No Broadband Plan for the Future While The World Marches Ahead

    The world’s largest economies are aggressively modernizing their Internet infrastructure with universal fiber to-the-home plans or have already achieved that metric—with the exception of the United States. EFF noted that there is a desperate need for a federal “Fiber for All” plan that tackles this national problem. But the same can be said about the state of California, the country’s largest state economy, which ranks on its own as the fifth largest economy of the world.

    In fact, as of 2012, the California legislature decided to eliminate the authority of its own telecom regulator, the California Public Utilities Commission (CPUC) through the end of 2019—on the promise that such a move would produce an affordable, widely available, high-speed broadband networks.

Monopolies

• Patents and Software Patents

  • The big elephant in the FTC v. Qualcomm antitrust room: compulsory licensing of standard-essential patents

    Even I as an outspoken critic of Qualcomm’s business model don’t doubt for a second that Qualcomm’s pre-Quanta agreements with competing cellular baseband chipset makers weren’t intended to be exhaustive. But does that make them involuntary? Qualcomm can’t claim that it signed those agreements at gunpoint or to comply with regulations. The Supreme Court didn’t say in Quanta that it overruled, or expanded, an older doctrine. Instead, the highest court in the land said that this had been the law for 150 years, and even the (relatively speaking) more recent case that governed Quanta is from the 1940s, long before there was such a company as Qualcomm. I readily believe Qualcomm that they had misinterpreted the law, but does that make the agreements they signed until then involuntary?

    Additionally or alternatively, one can hold against Qualcomm that it entered into FRAND licensing declarations such as the two with respect to which Judge Koh entered summary judgment that they undoubtedly required Qualcomm to extend FRAND licenses to rival chipset makers. Again, Qualcomm’s self-delusionary opinion might have been that it could circumvent that obligation, but we’re talking about a voluntary course of dealing. (To be clear, I’m not saying that breach of contract is an antitrust violation.)

  • Continental withdraws U.S. antisuit injunction motion against Nokia only in part–potential for enforcement dispute

    Continental’s filing states that they are now opposing this injunction in Munich. Technically, this means the Munich I Regional Court would have to hold another hearing with respect to the U.S. entity, but given how the last hearing went, it would either take a surprising change of mind on the German court’s part or a new and winning argument on Continental’s part to get a different outcome. Then the matter will go up to the Munich Higher Regional Court, to which I assume Continental is already appealing–or about to appeal any moment–Friday’s injunction against the German parent company. The appeals court may very well overrule the lower court, and Continental’s notice makes clear that they may revive the withdrawn parts of the motion in the event the Munich AAII is lifted.

    Nokia had asked the German court to obligate Continental to withdraw its motion within 24 hours of service, but the court instead granted the injunction only on the basis of requiring a withdrawal “without undue delay.” Therefore, the fact that Continental needed a few days (not even counting the long Labor Day weekend in between) shouldn’t matter.

    But it’s only a partial withdrawal. The notice clarifies that Continental’s withdrawal relates only to ten specified Nokia v. Daimler cases pending in Dusseldorf, Mannheim, and Munich, and only with respect to three Nokia legal entities, but the Daimler supplier “is not withdrawing its motion for anti-suit injunction in any other respect, i.e., insofar as it seeks an order enjoining the other defendants in this proceeding, as well as Nokia, from pursuing or instituting against Continental or any of its customers (or their subsidiaries or affiliates) any other action alleging infringement of their global 2G, 3G and 4G SEPs during the pendency of the FRAND proceeding in this Court, or from acting in concert with anyone to pursue or institute such an action.”

• Copyrights

  • Sony Is Feverishly Battling Vita Tinkerers Despite Vita Being Discontinued

    If ever there were a poster child for this strange new culture in which we don’t actually own what we buy, there is a strong argument for making Sony the number one pick. Beyond all of Sony’s day-to-day anti-consumer practices disguised as anti-piracy efforts, the company is also rather infamous for the Playstation 3 debacle, in which the console was rolled out with a feature that allowed buyers to install other operating systems on it, and then subsequently removed that feature via a firmware update. That Sony wasn’t fully trashed in the legal and public opinions courts for doing so basically set the tone for the subsequent decade, where now this sort of bullshit is common practice.

GNU/Linux

• Linux for Chromebook may offer a choice in distro in the future

  After the successful launch of Linux for Chromebooks which caught the attention of a lot of developers, it seems there’s been a push for more.

  A recent submission for additional functionality on Chromium has me very interested. The request (along with mock screenshots on how the setup may look) is for users to have the option to choose their Linux Distribution at the time of install.

• Geeks in Cyberspace: A documentary about Linux nerds and the web that was

  Malda created Slashdot.org more than 20 years ago, in 1997, and his friends helped him turn his proto-blog into an engine of participation. The site was powered by an incredibly rich suite of Linux, Apache, MySQL, and clever Perl hacks, as well as a community of readers who would submit stories, comment on them, then moderate those comments to bring the best bits to the top. Wired called this “open-source journalism” in 1999, and the site would directly influence the creation of Digg and later Reddit.

  Slashdot’s massive influence in the open source community coincided with what could be termed the open source bubble of the late 1990s, when Linux companies set records on Wall Street, and Microsoft recognized it had a real competitor in projects that were giving their source code away for free. Malda and his friends profited from the speculative craze, albeit modestly in comparison to later social media entrepreneurs. They sold Slashdot to Andover.net in the summer of 1999 for several million dollars in cash and stock options.

• Server

  • Microsoft set to close licensing loopholes, leave cloud rivals high and dry

    Microsoft this fall will begin closing loopholes in its licensing rules that have let customers bring their own licenses for Windows, Windows Server, SQL Server and other software to rival cloud providers like Google and Amazon.

    The Redmond, Wash. company laid down the new law in an Aug. 1 announcement, the same day it previewed Azure Dedicated Host, a new service that runs Windows virtual machines (VMs) on dedicated, single-tenant physical servers.

  • Schedule for Open Infrastructure Shanghai now released

    It may feel like summer is still in full swing, but before you know it, we’ll be facing those shorter days that autumn (or fall, depending on your geographic location and/or linguistic preference) brings. To brighten up these shorter days, many in the open source community will be looking forward to the Open Infrastructure Summit (sometimes shortened to OIS) in Shanghai. The first of these summits to be held in mainland China, this is an exciting event as it will bring together some of the finest minds in open source from around the world in one location.

  • What is Edge [and Fog] Computing and How is it Redefining the Data Center?

    Some of you may have noticed that a hot new buzzword is circulating the Internet: Edge Computing. Truth be told, this is probably a buzzword you should be paying attention to. It is creating enough of a hype for the Linux Foundation to define edge computing and its associated concepts in an Open Glossary of Edge Computing. So, what is edge computing? And how does it redefine the way in which we process data? In order to answer this, we may need to take a step backwards and explain the problem edge computing solves.
    We all have heard of this Cloud. In its most general terms, cloud computing enables companies, service providers and individuals to provision the appropriate amount of computing resources dynamically (compute nodes, block or object storage and so on) for their needs. These application services are accessed over a network—and not necessarily a public network. Three distinct types of cloud deployments exist: public, private and a hybrid of both.

    The public cloud differentiates itself from the private cloud in that the private cloud typically is deployed in the data center and under the proprietary network using its cloud computing technologies—that is, it is developed for and maintained by the organization it serves. Resources for a private cloud deployment are acquired via normal hardware purchasing means and through traditional hardware sales channels. This is not the case for the public cloud. Resources for the public cloud are provisioned dynamically to its user as requested and may be offered under a pay-per-usage model or for free (e.g. AWS, Azure, et al). As the name implies, the hybrid model allows for seamless access and transitioning between both public and private (or on-premise) deployments, all managed under a single framework.

  • IBM

    • Using the STOMP Protocol with Apache ActiveMQ Artemis Broker

      In this article, we will use a Python-based messaging client to connect and subscribe to a topic with a durable subscription in the Apache ActiveMQ Artemis broker. We will use the text-based STOMP protocol to connect and subscribe to the broker. STOMP clients can communicate with any STOMP message broker to provide messaging interoperability among many languages, platforms, and brokers.

      If you need to brush up on the difference between persistence and durability in messaging, check Mary Cochran’s article on developers.redhat.com/blog.

      A similar process can be used with Red Hat AMQ 7. The broker in Red Hat AMQ 7 is based on the Apache ActiveMQ Artemis project. See the overview on developers.redhat.com for more information.

    • From the AWS Blog: What Red Hat OpenShift Dedicated can do for you

      While Red Hat OpenShift makes it easier for teams to implement and run Kubernetes-based Linux container infrastructure, there are scenarios where a team may be too small or spread too thin even to administrate an OpenShift cluster on their own. For these teams, we offer Red Hat OpenShift Dedicated, a fully managed and provisioned service from Red Hat, hosted on AWS. These two services go hand in hand to provide production-grade container-based infrastructure on top of Amazon’s worldwide cloud infrastructure.

      But what does that actually mean for an IT executive trying to suss out the total costs, savings and optimizations offered by moving to OpenShift Dedicated? Ryan Niksch, Partner Solutions Architect at Amazon, has written an extensive blog entry detailing the exact benefits of using OpenShift Dedicated. That should be some useful information for anyone evaluating the many hosted Kubernetes options available in the marketplace.

    • Want to power innovative clouds? Rev up open source technologies

      It wasn’t that long ago that open source software was considered an unusual technology choice for enterprise computing. Not so anymore. According to Red Hat’s 2019 State of Enterprise Open Source survey of 950 IT professionals, 68% of respondents said their use of enterprise open source has increased over the past 12 months. And, only 1% indicated that open source software was not at all important, while 69% said it is very or extremely important.

      The survey illustrates open source software’s impact on cloud computing, too. According to the survey, IT leaders who expect to use more enterprise open source in the next year are more likely than IT leaders who do not expect to use more enterprise open source in the next year to move legacy applications to the cloud, modernize IT infrastructure and applications, and manage hybrid or multiclouds. And 43% of respondents said open source is being used in their cloud management tools.

    • Peanuts, paper towels, and other important considerations on community

      Red Hat president and CEO Jim Whitehurst explains that even the smallest gestures can impact how an organization sees itself—and how it sustains itself.

      [...]

      The most powerful aspects of an organization’s culture live in the smallest individual gestures—sometimes no bigger than a peanut.

      Not long ago, as I was sitting in the Dallas airport waiting for a delayed flight, I watched another passenger munch on some peanuts. Their shells fell all over the floor and, after a few minutes, the passenger kicked them into the aisle, presumably for the airport cleaning staff to collect later.

      I hadn’t given those peanuts shells much thought until a recent internal Red Hat event, when someone asked me about my pet peeves. I started thinking about the way I notice paper towels on the floors in Red Hat bathrooms. Whenever I see them, I pick them up and put them in the trash.

• Audiocasts/Shows

  • Performance Picks for Kicks | LINUX Unplugged 317

    We take a trip to visit Level1Tech’s Wendell Wilson and come back with some of his performance tips for a smoother Linux desktop.

    Plus the story behind exFAT coming to Linux, and the big desktop performance improvements landing next week.

    Special Guests: Alex Kretzschmar, Brent Gervais, Cassidy James Blaede, Drew DeVore, and Ell Marquez.

  • LHS Episode #299: Wee Oui

    Hello and welcome to the 299th episode of Linux in the Ham Shack! In this episode, the hosts discuss ARES and Hurricane Dorian, keeping 2m frequencies in France, Icom’s new foray into QRP radio, Google in open source, fldigi, WINE and much more. Thank you for listening and we hope you have a fantastic week.

• Kernel Space

  • UPower 0.99.11 Released As v1.0 Remains Elusive

    UPower is the abstraction layer around batteries and other power devices on Linux. Even with it being years since it was known as DeviceKit-power and seeing many 0.99 updates, the UPower 1.0 release isn’t there yet but at least UPower 0.99.11 is now available as their first release since February.

    UPower 0.99.11 is the project’s first release since formally adopting a Code of Conduct. The CoC used is the common FreeDesktop.org Code of Conduct that is based upon the Contributor Covenant.

  • Oreboot Is Taking Shape As Rust’ed, Purely Open-Source Focused Coreboot

    Oreboot has been in development for a number of months now and while at first may have sounded like a novelty downstream of Coreboot is now proving its usefulness and taking shape.

    Oreboot similar to Libreboot is focused on targeting “truly open systems” as Coreboot without binary blobs. But in addition to taking that libre stance to hardware support in working to do away with binary blobs like the current Intel FSP or present AMD AGESA, Oreboot trades in the C code for Rust (hence the name of Coreboot without the “C”).

  • Systemd 243 Released With Many Changes

    Systemd 243 finally shipped this morning as the latest major update to this widely used Linux init system.

    After seeing release candidates for just over one month, systemd 243 was finally tagged a short time ago. We’ve been particularly eager to see systemd 243 due to its AMD RdRand workaround though with new motherboard firmware updates working around the Ryzen 3000 series boot issue, it’s been less of an issue, but nice to see this systemd update out there with its workaround.

  • Intel Linux Graphics Driver Preparing NN Integer Mode Scaling

    Following the recent hype of Intel’s Windows graphics driver introducing integer mode scaling support, their open-source Linux graphics driver is receiving similar treatment with nearest-neighbor integer scaling support.

    The nearest-neighbor integer mode scaling support aims to provide better clarity to images when upscaled from say 1280 x 720 to 3840 x 2160 (or any other integer multiple of the original source image) compared to other scaling techniques. The integer scaling mode is particularly useful for pixel art video games that can otherwise lose their sharp edges when upscaled.

  • Linux 5.4 Kernel To Bring Improved Load Balancing On AMD EPYC Servers

    Adding to the growing list of features for Linux 5.4 with its cycle officially kicking off in mid-September is a kernel scheduler optimization designed to improve load balancing on AMD EPYC servers.

    The scheduler topology improvement by SUSE’s Matt Fleming changes the behavior as currently it turns out for EPYC hardware the kernel has failed to properly load balance across NUMA nodes on different sockets.

  • Linux Foundation

    • An introduction to Hyperledger Fabric

      One of the biggest projects in the blockchain industry, Hyperledger, is comprised of a set of open source tools and subprojects. It’s a global collaboration hosted by The Linux Foundation and includes leaders in different sectors who are aiming to build a robust, business-driven blockchain framework.

      There are three main types of blockchain networks: public blockchains, consortiums or federated blockchains, and private blockchains. Hyperledger is a blockchain framework that aims to help companies build private or consortium permissioned blockchain networks where multiple organizations can share the control and permission to operate a node within the network.

• Benchmarks

  • Phoronix Test Suite 9.0 M3 Brings Improvements Around Offline/Private Testing

    The third and likely final development milestone release ahead of this month’s Phoronix Test Suite 9.0-Asker release is now available for cross-platform, fully-automated benchmarking.

    Phoronix Test Suite 9.0 Milestone 3 most notably brings improvements for running the Phoronix Test Suite in an offline environment particularly when there is no OpenBenchmarking.org test/suite data present. Phoronix Test Suite 9.0 is now shipping a static cache of all the tests/suites as of release time to help offline users. Those running with Internet connectivity will continue to query OpenBenchmarking.org for new/updated profiles. This should help those that initially run Phoronix Test Suite in an offline environment.

  • AMD Firmware Update To Bring Boost Performance Optimizations

    There has been a lot of talk recently of AMD Ryzen 3000 series processors reportedly not hitting their boost clock frequencies, whether stock coolers are adequate for hitting the boost frequencies, and other concerns around the boost behavior on these new Zen 2 processors. AMD issued a statement today they are rolling out a new BIOS/firmware update to help with boost clock frequency optimizations.

  • PowerTop, AMD CPUFreq CPPC & Other Power Tests From The Ryzen 9 3900X On Linux

    Idle load was about three Watts less for the overall AC system power consumption, the average power draw under idle and load came out to 2~3 Watts, and the peak AC power draw was just one Watt lower. That’s the out-of-the-box state compared to setting all the PowerTop tunables to their “good” state. So it saved 1~3 Watts, but still off the 10~30 Watt differences seen on the same hardware between Ubuntu 19.04 (plus Linux 5.3) and Windows 10 1903.

• Applications

  • 20 Best Drone and Robot Software for Linux: The Professionals Choice

    Linux is enriched with a lot of drone and robot software. This industry is entirely linked with Artificial Intelligence and Machine Learning, which needs a different kind of expertise and creativity. Since the new era of technology has emerged, it started to be a vital part mostly in the scientific research area. Also, this kind of stuff is not cheap to build and control. So, deciding on a particular product is fishy enough, even if you are experienced in this industry.

  • The birth of the Bash shell

    Shell scripting is an essential discipline for anyone in a sysadmin type of role, and the predominant shell in which people write scripts today is Bash. Bash comes as default on nearly all Linux distributions and modern MacOS versions and is slated to be a native part of Windows Terminal soon enough. Bash, you could say, is everywhere.

    So how did it get to this point? This week’s Command Line Heroes podcast dives deeply into that question by asking the very people who wrote the code.

  • 14 Best Free Linux Earth Science Software

    Earth science (also known as geoscience) is the focus of understanding the sciences related to the planet Earth. It includes a wide range of fields such as geology, geography, geophysics, meteorology, oceanography, and glaciology. Some people are surprised to learn that astronomy is also regarded to be an earth science. Geology is generally considered to be the primary earth science.

    Earth scientists plays an important role in helping nations minimize risks that are posed by climate change and natural disasters (such as floods, tornadoes, hurricanes, and earthquakes).

    Science really prospers and advances when individuals share the results of their experiments with others in the scientific community. There is a certain logic that scientific software should therefore be released under an open source license. Software is crucial in helping earth scientists carry out scientific research in understanding the system earth and its interplay with society.

  • Proprietary

    • Tesla owners are complaining that they were locked out of their cars and left ‘stranded’ after the app stopped working

• Instructionals/Technical

  • Gzip Command in Linux

  • DNS configuration with Ansible

  • Fix Xfce Desktop Error, Can’t Right-Click and Change Wallpaper

  • digiKam Recipes 19.09.01

  • Fedora 30 : Few commands for Fedora distro.

  • Warzone 2100 3.3.0 Released, How to Install it in Ubuntu

  • Controlling Red Hat OpenShift from an OpenShift pod

  • Use the Kubernetes Python client from your running Red Hat OpenShift pods

  • Turn Off/Disable Notifications on your Ubuntu’s Lock Screen

  • Troubleshooting OpenShift Internal Networking

  • stylesheet for nmap output

  • Linux Commands for Beginners 18 – Variables

  • Building a better TurtleBot3

  • CDC pipeline with Red Hat AMQ Streams and Red Hat Fuse

  • Can GitHub Actions replace your CI server?

  • Installing and using Zenmap (Nmap GUI) on Ubuntu and Debian

  • How To Configure Static IP Address In Linux And Unix

  • Helper GUI For scrcpy, The Android Desktop Display And Remote Control Tool

  • How to install ONLYOFFICE Document Builder on Ubuntu

  • How to Use URL Rewriting

  • How to Manage /etc with Version Control Using Etckeeper on Linux

  • How to Manage and Restore Tmux Sessions in Linux

  • How To Enable SSH On FreeBSD

  • Exec – Process Replacement & Redirection in Bash

• Games

  • The Humble RPG Bundle seems like a really great deal for Linux gamers

    In the mood for some new games? Well Humble Bundle are back again for your monies, this time with The Humble RPG Bundle.

  • A little look over ProtonDB reports for Steam Play in August 2019

    Another month has come and go and so ProtonDB, the super handy unofficial tracker for Steam Play compatibility ratings has released another data dump.

    Looking to get started with Steam Play? Be sure to check our previous beginners guide.

    Once again, here’s a quick look over some points shown in the data. August had a total of 3,848 reports sent in with ProtonDB showing a total of 56,345 reports overall. From that, ProtonDB is currently reporting 6,129 “games work” which ProtonDB base on those with at least one gold rating or higher.

  • openblack is a FOSS game engine for Black & White currently under development

    How about a little open source to start your Tuesday morning? Work is going into the openblack project, to create a modern open source game engine for Black & White.

    Originally released in 2001, Black & White is a “god game” developed by Lionhead Studios which closed down back in 2016. It’s considered a classic and even now it’s well love, with plenty of new games describing it as an inspiration.

  • The FOSS racer Yorg has recently released a big update with local multiplayer

    Always great to see free and open source games continue to mature. The racing game Yorg just recently put out a big a new release and it’s coming along nicely.

    Part of this update included moving to a new version of Panda3D, the open source game engine/framework used to power Yorg. This should help with performance, gamepad support and much more.

  • Village construction and management simulator MicroTown is out in Early Access

    Snowy Ash Games just recently released MicroTown, a pixel art village construction and management simulator. Note: Key provided by the developer.

    So far, it feels pretty good. Has a certain Settlers feel to it! The gameplay offered currently is a little simple and short, with only a single scenario to go through or sandbox play with no objective. For what it’s worth though, the developer does describe it as a “relaxing” game so a huge amount of depth is likely not the point with this one.

  • GTA-inspired Battle Royale game Geneshift just got a pretty big makeover

    Geneshift is really looking slick with the latest major update now available, completely overhauling the menu and the way you unlock everything. Overall, it’s a huge improvement.

  • Little Misfortune from the developer of Fran Bow is releasing this month

    After releasing a demo with Linux support back in April, the dark adventure game Little Misfortune now has a release date of September 18th.

    Developed by Killmonday Games, this is their second title after the really well received Fran Bow from back in 2015. Curiously, Killmonday said that Little Misfortune shares the same universe as Fran Bow and it seems it will be as delightfully strange. They say that it’s an “interactive story” one where your choices will have an impact and there will be…consequences.

• Desktop Environments/WMs

  • K Desktop Environment/KDE SC/Qt

    • Plasma 5.16.5

      Today KDE releases a Bugfix update to KDE Plasma 5, versioned 5.16.5. Plasma 5.16 was released in June with many feature refinements and new modules to complete the desktop experience.

      This release adds a month’s worth of new translations and fixes from KDE’s contributors. The bugfixes are typically small but important and include…

    • KDE Plasma 5.16 Desktop Reaches End of Life, Plasma 5.17 Arrives on October 15

    • The past and future of the Randa Meetings

      This big and old house hosted our Randa Meetings for several years but unfortunately we have to tell you that it is, at least for now, no longer available. The former owners couldn’t afford to renovate it and thus needed to sell the house. So the new owner of the house is now the municipality of Randa and they have decided against opening it for rent this year. We don’t know much about their future plans, but we are trying to stay up to date so we can inform you about another possibility for Randa Meetings as soon as we can. But honestly we’re not very optimistic for futher Randa Meetings in the same house in Randa.

      No need to be sad or afraid that the meetings are dead though, as the team behind them is already looking for and thinking about other possibilities and locations for future “Randa” Meetings.

    • Akademy, the pulse of a vibrant community

      Have you ever wondered how KDE, a global community of volunteers, can successfully create and maintain such a large set of software projects? Projects that, among many others, include image and video editing applications, a powerful desktop environment and frameworks that make the work of developers easier. If you have not found the answer yet, I recommend you to participate in Akademy, the annual conference of the KDE community, because the answer is not a technical one.

      The answer is the community spirit. Regardless of nationality, sexual orientation or age, everyone feels comfortable in KDE. If you participate in a BoF session, raise your hand and shoot a question, no matter your technical expertise, every single person will pay attention to what you will say. KDE is an inclusive community; be respectful and tolerate others and you will be more than welcome.

  • GNOME Desktop/GTK

    • What to Expect in GNOME 3.34, Out Next Week

      The GNOME 3.34 release is set for an early September release, and it’ll ship with a sizeable set of new features and changes in tow.

      Among the new stuff that GNOME 3.34 brings, which millions of desktop Linux users can look out for, is easier app folder creation, a entirely revamped system profiling tool, and power ups for a crop of core apps.

      In short, GNOME 3.34 is a substantial yet iterative upgrade that buffs some of this free desktop’s rougher edges, particularly in so-called problem areas like animations and frame rates.

      There’s plenty more to talk about so read on to snare a sneak peek at the best new features in GNOME 3.34!

    • Will Thompson: γυαδεκ? χκπτγεδ?

      GUADEC in Thessaloniki was a great experience, as ever. Thank you once again to the GNOME Foundation for sponsoring my attendence!

    • Adrien Plazas: GUADEC 2019

      I attended Christian’s talk about designing multi-process apps, it sparked the interest of Alexander Mikhaylenko who rapidly started playing with these concepts, as we plan since a long time to run Libretro cores in a subprocess in GNOME Games.

      Lubosz presented his work on the VR Linux desktop. Even better, he demoed it, and the next day it was possible to test it in the corridor! So I did, and it was pretty amusing.

• Distributions

  • Best lightweight Linux server Distros without GUI

    Most of the Linux server Distro can become an ultimate lightweight Linux server operating system if we use them in their minimal form. Although a wide range of open-source Linux distros can be used to perform server tasks by installing applications and tools needed by a server such as Apache, PHP, MySQL and more, the thing we have to make sure is the stability, Long term support and security. If you are going to opt any Linux Distro on your Server, you will never want it to be bloated or crashed oftentimes.

  • Charging Money For Linux Distros And Open Source Software? It’s More Successful Than You Think

    Daniel Foré is the founder of elementary OS, a boutique Linux distribution developed by a small startup that scraped by on user donations and merchandise sales. Then, inspired by an established business tactic in the gaming space, Foré and his team flipped a somewhat controversial switch that led to a massive increase in the company’s income: they simply started charging money for it.

    That just makes sense when you look at the potential audience elementary OS wants to serve: anyone.

    “We started out with a donation thing, but you know, donations are such a small scale that it doesn’t match what we need in order to serve all the people who are interested in using elementary OS,” Foré says in the upcoming September 4 episode of Linux For Everyone. “Even Patreon is a small portion of what we bring in.”

  • Screenshots/Screencasts

    • Hanthana Linux 30 Run Through

      In this video, we look at Hanthana Linux 30.

  • Debian Family

    • Kali Linux 2019.3 Released For Ethical Hacking Enthusiasts

      Earlier this year in May, the folks at Offensive Security shipped Kali Linux 2019.2 — the second Kali release of 2019. The biggest feature of 2019.2 was the new Nethunter 2019.2 release that supports more than 50 Android smartphones.

      Going one step further, the developers have released the third point update of the year in the form of Kali Linux 2019.3. It includes a number of changes to ensure ethical hackers can get the most out of this operating system.

    • Kali Linux 2019.3 released and Kali Linux NetHunter updated for mobile devices

      The third release of Kali Linux 2019 has now been made available for download bringing with it a wide variety of new features, enhancements and updates to hacking tools within the operating system. Kali Linux 2019.3 as a major update to the OS which was switched to the Linux 5.2 kernel series, providing users with improved hardware support when compared to Linux 4.19 used in previous releases. Linux kernel 5.2.9 is being used by default in this version, which updates many tools, including Burp Suite, HostAPd-WPE, Hyperion, Kismet, and Nmap.

      As well as rolling out Kali Linux 2019.3 an update has been rolled out for the Kali Linux NetHunter project for running Kali on Android devices offering support for LG V20 International Edition, Nexus 5X, Nexus 10, and OnePlus 7. “The OnePlus 7 is now the phone we recommend for Kali NetHunter. It is the latest and greatest flagship device for half the price of other devices,” said Offensive Security. “One thing to note is package management is done through the F-Droid compatible NetHunter store, so you can even choose to have a NetHunter device without any Google Play.”

    • Norbert Preining: Debian Activities of the last few months

      I haven’t written about specific Debian activities in recent times, but I haven’t been lazy. In fact I have been very active with a lot of new packages I am contributing to.

      [...]

      Lots of updates since we first released TeX Live 2019 for Debian, too many to actually mention. We also have bumped the binary package with backports of fixes for dvipdfmx and other programs. Another item that is still pending is the separation of dvisvgm into a separate package (currently in the NEW queue). Biber has been updated to match the version of biblatex shipped in the TeX Live packages.

  • Canonical/Ubuntu Family

    • Canonical Outs Major Linux Kernel Security Updates for All Supported Ubuntu OSes

      Affecting the Linux 5.0, 4.15, and 4.4 kernels of Ubuntu 19.04 (Disco Dingo), Ubuntu 18.04 LTS (Bionic Beaver), and Ubuntu 16.04 LTS (Xenial Xerus), the most critical vulnerability (CVE-2019-10638) fixed in this new security update was discovered by Amit Klein and Benny Pinkas in the Linux kernel when randomizing IP ID values generated for connectionless networking protocols, which could allow a remote attacker track particular Linux devices.

      Also discovered by Amit Klein and Benny Pinkas, the security update addresses another critical vulnerability (CVE-2019-10639) in the Linux kernel, but only affecting the Linux 4.15 kernel used in the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) systems. This could allow a remote attacker to exploit another vulnerability in the Linux kernel as the location of kernel addresses could exposed by the implementation of connection-less network protocols.

    • 5 Reasons to Switch to Linux Mint

      If you are looking for an easy to use, low learning curve, compatible, reliable Linux based distribution – Linux Mint is the ultimate choice.

    • Linux Mint 19.3 To Further Enhance Its HiDPI Support

      Even as we approach 2020, many Linux distributions and various desktop programs still isn’t fully optimized for today’s modern HiDPI screens. Fortunately for users of Ubuntu-based Linux Mint, their next update will further improve its HiDPI support.

      On tap for Linux Mint 19.3 are reworking several lingering icons/images that were never redone for a HiDPI world, the GTK status icon for system tray icons needs to be optimized still for HiDPI, and other changes.

    • Linux Mint 19.3 Slated for Release on Christmas with HiDPI Improvements, More

      The Linux Mint project published their monthly newsletter to inform the community about the latest developments around the Ubuntu-based Linux Mint operating system.
      With the Linux Mint 19.2 “Tina” operating system hitting the streets last month, the Linux Mint project has kicked off the development of the next release, Linux Mint 19.3 (codename is yet to be revealed), which is expected to arrive this Christmas with more improvements and updated components.

      “With the stable release behind us, the upgrade path opened and the new packages ported towards LMDE 3, we started work on Linux Mint 19.3. This next release is planned for Christmas, so our development cycle is quite short and we need to move fast,” said Linux Mint project leader Clement Lefebvre.

    • Monthly News – August 2019

      I hope you enjoyed the release of Linux Mint 19.2. It all went really well here, we got very good feedback during the BETA phase and that allowed us to fix a significant number of bugs. The stable release was very well received. It was great to see you happy, and we really enjoyed your comments, in particular about the speed and resource usage improvements in Cinnamon.

      With the stable release behind us, the upgrade path opened and the new packages ported towards LMDE 3, we started work on Linux Mint 19.3. This next release is planned for Christmas, so our development cycle is quite short and we need to move fast.

      Let’s have a look at some of the upcoming improvements.

    • Design and Web team summary – 03 September 2019

      This was a fairly busy two weeks for the Web & design team at Canonical. Here are some of the highlights of our completed work.

• Devices/Embedded

  • 9 Raspberry Pi Operating Systems That Aren’t Linux

    Also derived from UNIX is NetBSD, more closely related to BSD (Berkeley Software Distribution), itself an extension of UNIX.

    But what does BSD offer the Raspberry Pi user? Well, like Linux, BSD is open source, and UNIX-like. Many apps and utilities work on both, which means switching to BSD is the easiest option in this list. BSD has strengths that Linux does not, such as better GPIO connectivity.

  • Raspberry Pi Camera v2 Review

    The versatile single-board computer from the UK, the Raspberry Pi, is a firm favorite among makers and tinkerers and Linux hackers the world over. It’s small, it’s light, it’s easy to use and set up, and with the launch of the new Model B version 4, it’s really quite powerful.

    But almost as interesting as the board itself are the kinds of peripheral gizmos you can attach to the main board. Most of these are third-party hats and other add-ons, but one of the most popular ones is the official Raspberry Pi camera.

  • Compact computer has Ryzen V1000, four GbE ports with PoE, and NVMe

    Neousys is launching a compact, rugged “POC-500” embedded PC with a Ryzen Embedded V1000, 4x GbE with PoE, 4x USB 3.0, 2x COM, dual displays, an NVMe-ready M.2 slot, and mini-PCIe and MezIO expansion.

    We missed Neousys’ announcement of its POC-500 series earlier this summer, but the rugged, compact system is still listed as “coming soon.” This latest member of the company’s ultra-compact POC family is its first AMD-based model, featuring the Ryzen Embedded V1000. The other POC computers run on Intel Apollo Lake and Bay Trail SoCs, such as the similarly DIN-rail form factor, Apollo Lake based POC-300. The V1000 is three times more powerful than Apollo Lake and with much more advanced Vega graphics, says Neousys.

  • Compact module taps AMD’s Ryzen Embedded V1000

    Arbor Technology has posted specs for a COM Express Compact Type 6 module with AMD’s Ryzen Embedded V1000 SoC. The EmETXe-a10M0 joins other V1000-based modules using the 95 x 95mm Compact Type 6 form factor such as Seco’s COMe-B75-CT6, Ibase’s ET976, and Kontron’s COMe-cVR6. The latter is also now available with the scaled-down Ryzen Embedded R1000.

  • Whiskey Lake-UE module supports four USB 3.1 Gen2 ports

    Adlink’s Linux-ready “cExpress-WL” Compact Type 6 module features an 8th Gen Whiskey Lake-UE chip with up to 64GB DDR4, 3x SATA, 8x PCIe, 4x USB 3.1 Gen2, triple displays, and optional -40 to 85°C.

    Adlink announced a COM Express Compact Type 6 module that follow earlier modules with the 95 x 95mm form factor including the Intel 6th Gen Skylake based cExpress-SL and Apollo Lake powered cExpress-AL. This time, Adlink showcases Intel’s more recent 8th Gen Whiskey Lake UE-series.

  • ESP32-S2 Processor Datasheet Released, Development Boards Unveiled

  • Mobile Systems/Mobile Applications

    • Welcoming Android 10!

      After more than a year of development and months of testing by early adopters, we’re ready to introduce Android 10 to the world!

    • Google Releases Android 10 With “Vulkan Everywhere”, Privacy Improvements

      Google has officially released Android 10 today, what formerly was known as “Android Q” during development.

      Android 10 is a big update with improved privacy controls, a proper dark theme, Opus audio support, AV1 video codec support, a native MIDI API, ART optimizations, foldable screen support, and a wide variety of other additions and improvements.

    • Android 10 released

      Google has announced the release of Android 10, the free parts of which are available from the Android Open Source Project now.

    • 9to5Google Daily 297: Android 10 officially launches for Pixel devices

    • Android 10 Arrives for Essential Phone

    • Android 10 Gesture Controls Grayed Out? Here’s the Fix

    • When should you expect to receive the Android 10 update?

    • Galaxy Note 10 already being tested with Android 10

    • Hands-on with the Android 10 Nonogram Easter Egg [Video]

    • Android 10′s Best Features, a ‘Virtual USB’ Hack, and More News

    • OnePlus 7 and OnePlus 7 Pro get Android 10 open beta update: What is new, how to install

    • Are Android Statues Still Fun Without the Desserts?

    • Google adds Dual SIM Dual Standby support to Pixel 3a with Android 10

    • Google Maps app for Android adds a Street View layer

    • Gmail to get dark theme support on Android later this month

    • Walmart slices a huge $333 off this 49-inch Sony Bravia 4K Android LED TV

    • Airtel Xstream 4K Android Box launched: Will it be better than Jio’s Set Top Box in terms of prices

    • Lifehacker’s Complete Guide to Android

    • Spotify will officially bring back its Android widget following user outcry

    • Why ‘Zero Day’ Android Hacking Now Costs More Than iOS Attacks

    • Huawei to launch Mate 30 on Sept. 19 without Android OS

    • This new feature in Chrome OS 76 makes Android feel so much more native on Chromebooks

    • Google gives Android TV, Android Auto, and Android One new logos

    • Tips to increase storage on Android smartphones

    • Google is working to remedy the Google Calendar spam issue

    • Nokia has the highest pie among phones running latest Android 9

    • Google’s new Android Focus Mode could break your app addictions

    • Cochlear and GN Hearing Become World’s First to Support Direct Android Streaming to Hearing Devices Using Bluetooth Low Energy

    • Android 10 transforms hearing aids into Bluetooth headsets

    • Google releases Android 10 with battery-saving dark mode

    • Huawei to launch Mate 30 on September 19 without Android OS

    • OnePlus 7 & OnePlus 7 Pro Receive Android Q Developer Preview 5 Update

    • Android 10 could be out today, if this dubious leak is to be believed

    • Surveillance campaign targeting Uyghur Muslims affected not just iOS, but Android too

    • Samsung Galaxy Note 10+ review: The best Android smartphone till date, PERIOD!

    • Sony A9G (2019) OLED Android TV Review

    • Vivo Nex 3 Specs Leaked: This Could Be the Android Phone to Beat

    • When it comes to timely Android updates, Nokia is on top

    • Nokia has best record for Android software and security updates

• Free, Libre, and Open Source Software

  • EU turns from American public clouds to Nextcloud private clouds

    Just like their American counterparts, more than half of European businesses with over 1,000 employees now use a public cloud platform. But European governments aren’t so sure that they should trust their data on Amazon Web Services (AWS), Azure, Google Cloud, or the IBM Cloud. They worry that the US CLOUD act enables US law enforcement to unilaterally demand access to EU citizens’ cloud data — even when it’s stored outside the States. So, they’re turning to private European-based clouds, such as those running on Nextcloud, a popular open-source Infrastructure-as-a-Service (IaaS) cloud.

  • Events

    • Kiwi TCMS: Open source sprints at PyCon Balkan in Belgrade

      Next month our team will be at PyCon Balkan, Oct 3-5 in Belgrade. Together with presentation and a workshop we are going to host open source sprints! These will be an informal gathering where participants will be able to learn more about how open source works and go through their first contributions. This is ideal for students and less experienced people but we welcome everyone. There will be tasks ranging from easy to very hard!

  • Web Browsers

    • Mozilla

      • 69.0 Firefox Release

        As of today, Enhanced Tracking Protection will be turned on by default, strengthening the security and privacy for all of our users around the world. We’d like to extend a special thank you to all of the new Mozillians who contributed to this release of Firefox.

      • Firefox 69 is Now Available to Download

        Firefox 69 is a modest release on the features front, with its most notable improvements reserved solely for those using the browser on macOS and Windows systems.

        For instance, Firefox 69 will use the energy-efficient GPU for WebGL content on MacBooks that have dual graphics cards, which will help improve battery life while using the browser.

      • Today’s Firefox Blocks Third-Party Tracking Cookies and Cryptomining by Default

        For today’s release, Enhanced Tracking Protection will automatically be turned on by default for all users worldwide as part of the ‘Standard’ setting in the Firefox browser and will block known “third-party tracking cookies” according to the Disconnect list. We first enabled this default feature for new users in June 2019. As part of this journey we rigorously tested, refined, and ultimately landed on a new approach to anti-tracking that is core to delivering on our promise of privacy and security as central aspects of your Firefox experience.

        Currently over 20% of Firefox users have Enhanced Tracking Protection on. With today’s release, we expect to provide protection for 100% of ours users by default. Enhanced Tracking Protection works behind-the-scenes to keep a company from forming a profile of you based on their tracking of your browsing behavior across websites — often without your knowledge or consent. Those profiles and the information they contain may then be sold and used for purposes you never knew or intended. Enhanced Tracking Protection helps to mitigate this threat and puts you back in control of your online experience.

      • Firefox 69 — a tale of Resize Observer, microtasks, CSS, and DevTools

        For our latest excellent adventure, we’ve gone and cooked up a new Firefox release. Version 69 features a number of nice new additions including JavaScript public instance fields, the Resize Observer and Microtask APIs, CSS logical overflow properties (e.g. overflow-block), and @supports for selectors.

        We will also look at highlights from the raft of new debugging features in the Firefox 69 DevTools, including console message grouping, event listener breakpoints, and text label checks.

      • Recommended Extensions program—where to find the safest, highest quality extensions for Firefox

        Extensions can add powerful customization features to Firefox—everything from ad blockers and tab organizers to enhanced privacy tools, password managers, and more.

        With thousands of extensions to choose from—either those available on addons.mozilla.org (AMO) or self-hosted extensions listed on third-party websites—we know it can sometimes feel overwhelming trying to find good, trustworthy extensions. That’s why we created Recommended Extensions, a collection of curated extensions that meet our highest standards of security, utility and user experience.

      • Mozilla’s Manifest v3 FAQ

        Chrome versions the APIs they provide to extensions, and the current format is version 2. The Firefox WebExtensions API is nearly 100% compatible with version 2, allowing extension developers to easily target both browsers.

        In November 2018, Google proposed an update to their API, which they called Manifest v3. This update includes a number of changes that are not backwards-compatible and will require extension developers to take action to remain compatible.

        A number of extension developers have reached out to ask how Mozilla plans to respond to the changes proposed in v3. Following are answers to some of the frequently asked questions.

  • Openness/Sharing/Collaboration

    • Open-Source Finance: From Scarcity To Abundance

      A relatively new branch of economic theory that extends out of chartalism, MMT seeks to explain the way money works in practice today. With the advent of fractional reserve banking and practices like “quantitative easing,” it’s evident that governments can generate money out of thin air, or to use the fancier Latin term, ex nihilo. On top of this so-called monetary mass (M0), the banking system creates asset-backed money (called M3) through the emission of debt. As MMT researcher Dr. Randall Wray explains, a balanced budget — in which tax revenues always equal government spending — is a fallacy and actually limits full employment and the creation of new value. In fact, I believe we could, in theory, do away with taxes and just print the corresponding monies into circulation, adding to the supply instead of taking out by taxation. MMT describes that it’s not a shortage of capital that limits growth and innovation, but how that money is spent.

    • Humbleness key to open source success, Kubernetes security struggles, and more industry trends

      As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers. Here are five of my and their favorite articles from that update.

  • Programming/Development

    • Go 1.13 Release Notes

      The latest Go release, version 1.13, arrives six months after Go 1.12. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before.

      As of Go 1.13, the go command by default downloads and authenticates modules using the Go module mirror and Go checksum database run by Google. See https://proxy.golang.org/privacy for privacy information about these services and the go command documentation for configuration details including how to disable the use of these servers or use different ones. If you depend on non-public modules, see the documentation for configuring your environment.

    • Go 1.13 Released With TLS 1.3, Illumos, Unicode 11 & Other Fun

      Go 1.13 was released today as Google’s latest update to their language and run-time/toolchain.

    • Django Optimization: Or how we avoided memory mishaps

      Working in a tech startup is akin to fighting a series of fires that crop up every now and then (faster, if you’re iterating at breakneck speeds). Each time you douse a fire enough to maintain some calm over the next few months, but you know in the back of your mind that this isn’t over. Thus it becomes important to pick your battles.

    • Excellent Free Books to Learn COBOL

      COBOL is an acronym which stands for Common Business-Oriented Language. The US Department of Defense, in a conference, formed CODASYL (Conference on Data Systems Language) to develop a language for meeting business data processing needs which is now known as COBOL.

      COBOL is a standard language that can be compiled and executed on various machines. It’s ideally suited for business-oriented applications as it can handle huge volumes of data. It provides numerous debugging and testing tools. COBOL is a structured language; it has different divisions, so it’s easy to debug. The language is not designed for writing systems programs.

      COBOL is one of the oldest computer languages.

    • 50 Best Free Online Python Tutorials

      According to TIOBE Programming Community Index released in August 2019 for the most popular programming languages, Python stands 3rd in the list behind Java and C programming language. Exceptional progress in popularity of the Python language shows how this language has gained the trust of the millions of programmers and become one of the most reliable programming languages.
      Personally I’m not surprised with the overwhelming popularity gained by Python language because I’ve been using Python since my early days in programming and it is high-level programming language which is very easy to learn but one of the most powerful programming languages which lets you do whole lot of things with it.

      Multiplatform support is what makes Python one of the most used programming languages as it helps programmer avoid using different tools to port application and software’s between different platforms such as Android, Mac and Windows.

      It’s great idea to start your programming career with Python as it one of the easiest languages to learn with effortless integration support to other languages such as Java, JavaScript, PHP, etc. Learning Python is a fun task once you get familiar with the language and to make it more interesting for you; I’m going to give you 50 best online Python tutorial which you will find very useful.

    • Lists and Tuples in Python

      In this course, you’ll learn about working with lists and tuples. Lists and tuples are arguably Python’s most versatile, useful data types. You’ll find them in virtually every non-trivial Python program.

    • Python for NLP: Working with Facebook FastText Library

      This is the 20th article in my series of articles on Python for NLP. In the last few articles, we have been exploring deep learning techniques to perform a variety of machine learning tasks, and you should also be familiar with the concept of word embeddings. Word embeddings is a way to convert textual information into numeric form, which in turn can be used as input to statistical algorithms. In my article on word embeddings, I explained how we can create our own word embeddings and how we can use built-in word embeddings such as GloVe.

      In this article, we are going to study FastText which is another extremely useful module for word embedding and text classification. FastText has been developed by Facebook and has shown excellent results on many NLP problems, such as semantic similarity detection and text classification.

      In this article, we will briefly explore the FastText library. This article is divided into two sections. In the first section, we will see how FastText library creates vector representations that can be used to find semantic similarities between the words. In the second section, we will see the application of FastText library for text classification.

    • Webinar: “10 Tools and Techniques Python Web Developers Should Explore” with Michael Kennedy

      Building web applications is one of Python’s true superpowers. Yet, the wide-open ecosystem means there are SO MANY CHOICES for any given project.

    • Issue #384 (Sept. 3, 2019)

    • A case study in analyzing C++ compiler errors: why is the compiler trying to copy my move-only object?

      Recently a coworker came across a C++ compiler error message that seemed baffling, as they sometimes tend to be.

      We figured it out together, and in the hope of perhaps saving some others form being stuck on it too long, I thought I’d describe it.

    • Huawei Releases their Open Source Ark Compiler for HarmonyOS

      Back in May, there were rumors Huawei was working on HongMeng OS as an alternative to Android mobile operating systems, as the OS was brought to light due to US sanctions against the company.

  • Standards/Consortia

    • Report from July 2019 ISO C++ Meeting (Core Language)

      The summer 2019 C++ meeting was in Cologne, Germany, 10 years since our last meeting in Germany. As usual, Red Hat sent three of us to the meeting: I attended in the Core language working group (CWG), Jonathan Wakely in Library (LWG), and Thomas Rodgers in SG1 (parallelism and concurrency).

    • USB 4.0 “USB4″ Specification Published

      As expected after Intel provided Thunderbolt 3 to the USB Promoter Group royalty-free earlier this year, the USB 4.0 “USB4″ specification was published today and indeed based on the Thunderbolt protocol specification.

• Leftovers

  • Security (Confidentiality/Integrity/Availability)

    • India Suffers Most IoT Attacks for Second Quarter in a Row

      The world of IoT is expanding rapidly, and businesses are adopting it at a quick pace in order to prevent being left behind. Unfortunately, IoT’s current security situation leaves much to be desired, and as such, are hotspots for people who want to cause trouble.

      Should companies continue to adopt IoT to keep ahead of the competition? Or is it a smarter move to stop and wait for proper security protocols to catch up? Let us know below!

    • Security updates for Tuesday

    • Teardown of a Failed Linux LTS Spectre Fix

      Today’s blog will serve as a deep dive into a recent Spectre fix, one of dozens being manually applied to the upstream Linux kernel. We’ll cover the full path this fix took, from its warning-inducing initial state to its correction upstream and then later brokenness when backported to all of the upstream Long Term Support (LTS) kernels. We’ll look at both the nature of the flaw in the backport as well as flaws in upstream processes that resulted in this backporting failure. As contrast, we’ll note how our independent review process spotted this vulnerability at commit time and how our Respectre plugin had already automatically fixed the underlying vulnerability.

    • grsecurity: Teardown of a Failed Linux LTS Spectre Fix

      This grsecurity blog entry looks at how an ineffective Spectre fix found its way into the stable kernel releases.

  • Defence/Aggression

    • We Are Living in the Wreckage of the War on Terror

    • Radiation levels still surging at pontoons damaged in Russia’s mysterious missile-test explosion

      Background radiation levels are still spiking near the two pontoons that were damaged in an apparently botched missile test last month in the Arkhangelsk region, according to journalists from the Belomorkanal news agency, who recently visited the site and took measurements.

  • Transparency/Investigative Reporting

    • Imprisoned Activist Jeremy Hammond Called Against His Will to Testify Before Federal Grand Jury in the EDVA

      Imprisoned information activist Jeremy Hammond has been called against his will to testify before a Federal Grand Jury in the Eastern District of Virginia (EDVA). Last week Hammond was removed from the Federal Correctional Institution in Memphis, Tennessee where he was serving a 10-year prison sentence after pleading guilty to charges he hacked the private intelligence contractor Stratfor Global Intelligence. At the time of his transfer Hammond was enrolled in the Federal Bureau of Prison’s intensive Residential Drug Abuse Program (RDAP) which upon completion qualifies participating inmates for early release. Hammond’s prison release date was projected to come around mid December of 2019 but because of his removal from the RDAP program and the summons to this grand jury his time incarcerated could be extended by over two years. Although Hammond is still in transit it is believed he will be detained in or near Alexandria, VA for the duration of his proceedings.

  • Environment

    • Worse US Atlantic floods need planned retreat

      What are now considered once-in-a-hundred-years floods are on the increase in the US. Later this century, they could happen to northern coastal states every year.

      And even in the more fortunate cities along the south-east Atlantic and the Gulf of Mexico coasts, the once-in-a-century floods will happen a lot more often: somewhere between every 30 years and every year.

      In a second study, a team of distinguished scientists argues that the US should face the inevitable and begin to plan for a managed, strategic retreat from its own coasts.

      At the heart of both studies is a set of new realities imposed by a rapidly-heating ocean and higher air temperatures worldwide. As the icecaps of Greenland and Antarctica melt, and as the glaciers of Canada and Alaska retreat, so sea levels have begun to rise inexorably.

    • Wildlife/Nature

      • How Animal Researchers Stay Out of the News

        If you are like most people, you know a lot more about how farm animals are treated on factory farms than dogs, primates and other animals are treated in US labs. It is no coincidence.

      • What the New Yorker Got Wrong About Forests and Wildfires

        The New Yorker recently published an article titled Trailblazing plan to fight California Wildfires that contains misinformation. I’ve had many people ask me what I thought of the piece. Given the influential nature of the New Yorker, I decided to respond here.

      • Pacific Bluefin Tuna Fishing Proposals Jeopardize Recovery Efforts

        Pacific bluefin tuna remains a species at risk. Despite a 2017 agreement on a rebuilding plan by countries that catch the species, overfishing that began nearly a century ago continues, leaving this highly valuable fish at less than 4 percent of its historic size — and vulnerable to extinction.

        When the managers responsible for Pacific bluefin tuna meet Sept. 2-6 in Portland, Oregon, they must reject proposals from Japan and South Korea that would raise quotas and put the future recovery of the population at risk. Instead, the decision-makers from the Western and Central Pacific Fisheries Commission and Inter-American Tropical Tuna Commission, which jointly manage the species, should exercise caution, not increase catch limits, and focus on long-term sustainable management of the fishery.

        The rebuilding plan that was passed just two years ago aims to return the species to 20 percent of its historic size by 2034. Japan’s proposal calls for increasing the catch of both juvenile and adult Pacific bluefin, and comes even after countries rejected a similar proposal from Japan last year. Any increase in catch quotas would exacerbate overfishing and delay or derail the chances of a recovery. Additionally, recovery depends on an increase in recruitment — an estimate of the number of new fish entering the population in a given year — but signs point to a possible decrease in recruitment last year. Managers should wait for the results of an official stock assessment, scheduled for next year, to confirm if the plan is working before even considering raising the bluefin quota.

    • Overpopulation

      • The country’s birth rate is now less than one child per woman

        But other features of South Korean society may be dragging birth rates down. For one, working hours are among the longest in the rich world. In 2018 South Koreans laboured for 39 hours per week on average, 16% above the OECD mean. Work at home, meanwhile, is not shared equally. A survey in 2018 by the Korea Institute for Health and Social Affairs, a think-tank, found that married women do about four times as much housework and three times as much child care as their husbands. Greater gender equality and less punishing working hours would encourage more childbearing. Until then, expect South Korea’s fertility rate to keep falling.

  • Finance

    • The Defining Scam of the Neoliberal Era

    • Lawmakers Seize Brexit Agenda in Major Blow to Boris Johnson

      On a day of humiliating setbacks, British Prime Minister Boris Johnson suffered a major defeat in Parliament on Tuesday night as rebellious lawmakers voted to seize control of the Brexit agenda, prompting the embattled prime minister to say he would call for a new general election.

    • Justifications for Inequality: The Neuroses of Kochland

      One of the brothers Koch, David, has shuffled off this mortal coil, and the pious few looking at his passing may well think he is making it tough for camels passing through needles. As part of the Brothers Koch, he presided over a corporate empire that did its pinching best to wrest control from the purses of public accountability in the US republic. At his death, he was the eleventh richest person on the planet, on par with his dominant brother, Charles.

    • This Labor Day, We Need Real Plans to Build Worker Power

      This Labor Day, Democratic presidential candidates will no doubt be touting their support for a $15 per hour minimum wage. None have opposed the idea.

  • AstroTurf/Lobbying/Politics

    • Bernie Sanders Is Coming to American Journalism’s Rescue

      Criticizing the media has become a sensitive issue for many on the left in the age of Trump. With an authoritarian president in office who seeks to discredit the media at every turn and regularly calls the press the “enemy of the people,” being too critical of the journalism business in 2019 can feel a bit like kicking someone when they’re down. Journalists in and beyond the U.S. not only must deal with a hostile president who attacks reporters and publications that don’t offer a steady stream of fawning coverage, but they are also grappling with the fact that their industry is in rapid decline.

    • Joe Biden Taps Influence Industry Despite Pledge on Lobbyists

      Joe Biden entered the Democratic primary promising “from day one” to reject campaign cash from lobbyists.

    • Beyond the Brexit Debacle

      If we focus only on the near term and on Brexit, we are doing precisely what Boris Johnson wishes. But the ramifications of the last few weeks will have effects on politics on the British Isles that are far more far reaching than even the question of EU membership. Let us think about those.

    • Democracy Dies From Bad Fact-Checking

      With these polemics-disguised-as-rebuttals, the Post is discrediting the entire journalistic genre of fact-checking. This is dangerous in a way that goes beyond any damage it does to Sanders as a presidential candidate. In truth, Sanders has little to worry about. The fact-checks are so ludicrous that they are unlikely to sway any voters. What they are more likely to do is feed into a pervasive distrust of the mainstream media, which is bad for democracy.

      Fact-checking is an essential journalistic service, all the more so under President Donald Trump. As is well known, Trump is a pathological liar on a scale never seen before in American politics. He makes Richard Nixon and Joseph McCarthy look like Boy Scouts. Many journalists, notably Daniel Dale of CNN, have done a commendable job in keeping track of Trump’s unending Niagara of prevarication, fibs, invention, and nonsense.

    • The Crazed, Rogue Leader is in Washington Not Tehran

      History in the Middle East is unkind to us westerners. Just when we thought we were the good guys and the Iranians were the bad guys, here comes the ghostly, hopeless possibility of a Trump-Rouhani summit to remind us that the apparent lunatic is the US president and the rational, sane leader who is supposed to talk to him is the president of the Islamic Republic of Iran. All these shenanigans are fantasy, of course – like the “imminent” war between America and Iran – of which more later.

    • James Comey, Whistleblower

      Former FBI director James Comey has been criticized once again for violating FBI guidelines in handling official matters.  He was pilloried for his handling of Hillary Clinton’s violations of security practices as secretary of state, and now for revealing Donald Trump’s efforts to obstruct justice.  Although Comey believed he was acting in the best interests of the nation on both occasions, there is no argument that Comey did violate the FBI’s internal regulations.  On both occasions, he was calling attention to illegal and possibly criminal behavior by Clinton and Trump.

    • From Trump Tower to Dictatorial Trump Power Over Law

      Donald Trump is “dumb as a rock” (to use his phrase) when it comes to the programs and the policies of the federal government agencies over which he is allegedly presiding. However, when it comes to defending and expanding his own political power, Trump is shameless and profoundly cunning.

    • Hong Kong’s Enemy Within

      The bedrock of any nation is its government — the manifestation of its sovereignty and protector of its people. But what if the personal loyalties of a substantial portion of civil servants do not lie with the sovereign? Worse, what if these allegiances are actually more to other powers — forces that are at odds with the sovereign and working to undermine its interests?

  • Censorship/Free Speech

    • Suit Against Pharmacy Groups Uses Antitrust as a Weapon Against Unaccountable Online Censorship

      PharmacyChecker.com found itself in a tough spot. The website evaluates online pharmacies, giving people information about how to cheaply and safely import prescription medicines into the U.S. for personal use. A network of other groups, closely aligned with U.S. pharmaceutical companies, is trying to drive Pharmacy Checker off the Internet, but Pharmacy Checker is calling them out.

      PharmacyChecker is the focus of a pressure campaign aimed at Internet gatekeepers, including domain name registrars, web hosting services, advertising networks, and search engines. PharmacyChecker is fighting back with an antitrust lawsuit against these rival groups, accusing them of conspiring to restrain competition, both in lawful prescription drug sales and in information about how to save money on prescription drugs. The pharmacy groups’ influence campaign against Pharmacy Checker is a classic example of shadow regulation—the use of private agreements with the Internet’s gatekeepers to regulate the speech of others. Pharmacy Checker’s antitrust suit is an important testcase for fighting back against unaccountable private speech policing.

    • The siege through journalists’ eyes 15 years after a horrific terrorist attack in Beslan, ‘Meduza’ asks reporters on the ground what they remember

      On September 1, 2004, terrorists seized a grade school in Beslan, capturing 1,128 children, parents, and staff. For the next two and a half days, the assailants mined the building and waited. By the end of the ordeal — one of the worst terrorist attacks in Russian history — 333 people were dead, and 783 were injured. Throughout the tragedy, Russian and foreign journalists were in Beslan, reporting the story live from on the ground. Fifteen years later, Meduza asked some of these journalists what they remember about those difficult, dark days.

  • Privacy/Surveillance

    • Facebook says Homeland Security can’t make fake accounts

      Fake accounts violate Facebook’s rules, and even the Department of Homeland Security can’t create them, the social network told the Associated Press today in response to a new policy implemented by the agency.

      In one of a series of changes to immigration policy last week, the department said employees at US Citizenship and Immigration Services, a division of DHS, could create fictitious accounts on social media to investigate the social media presence of an applicant for citizenship or a visa. This year, the Trump administration also started requiring applicants to list social media accounts as part of the visa screening process, a move that critics saw as an unnecessarily invasive measure.

    • Smart devices raise fear of privacy invasion for Australians

      Australians are concerned about their privacy with smart devices listening in on their conversations, and allowing organisations to extract personal information from their digital footprints.

    • How Porn Performers Fall Victim to Twitter Impersonators

      The glitch I noticed while trying to report my friend’s impersonator is one that is widely known to sex workers on Twitter. Commonly referred to as “shadow banning,” the act of delisting accounts from search can have serious effects for Twitter users. (You can find out more about shadow banning from my OneZero colleague Will Oremus’ stories on it here and here.)

      It’s not merely that it makes it harder for fans to find their account; in many cases, erasing a real account from search gives added legitimacy to impostor accounts, which show up in place of the actual account when someone types in a person’s name. (When reached for comment about the original reporting issue that drew my attention, a Twitter representative informed me that the team was “aware of this issue,” noting that there was “no specific timeline for when it’ll be fixed, but we’re working on it.”)

    • Purism: Why the Total Dossier on Everybody Must Stop

      There is a total dossier on everybody, and you are likely a willing, yet oppressed, participant. Willing because of how convenient it is; oppressed, because everything you do is under the complete control of others.

      Gang-stalking by corporations must stop. We have seen before what can happen when all the whereabouts of all people are tracked. The German Secret Police (the Stasi) had over 250,000 spies, who served in a four-decade long despotic regime over a population of 17 million, committing crimes against their own people–crimes that were viewed to be as brutal as those perpetrated by their Nazi predecessors–reminds us what oppression is. We have seen what happens when your privacy is invaded, when what you do is tracked. Decades before the Stasi, the Gestapo had 40,000 spies watching over a country of over 80 million, committing the worst atrocities on civilians ever; this is what oppression is.

      We have seen what happens when who talks to whom turns into a demagogic tragedy. McCarthyism was coined from recklessly slandering public figures, ruining the lives of hundreds of US citizen with unsubstantiated accusations; this is what repression is.

    • 8 Best Browser Extensions for 2019

      Whether you’re a casual or power user of the Internet, there are some must-have browser extensions that will enhance the utility of your favorite browser, boost your security, and overall improve your quality of life online. Today, we’ll cover the top 8 browser extensions, along with two of the best browser supported VPNs

    • Dropbox To Stop Following Symlinks To Items Outside The Dropbox Folder

      It looks like Dropbox will soon stop following symbolic links to files or folders outside of the Dropbox folder.

      When placing a symbolic link (symlink or soft link) in the Dropbox folder before this change, the symlink is replaced by the data it points to, so you have the actual data on the Dropbox servers, and not just the symlink.

    • Announcing the PureBoot Bundle: Tamper-evident Firmware from the Factory

      We have been promoting the benefits of our PureBoot tamper-evident firmware with a Librem Key for some time, but until now our laptops have shipped with standard coreboot firmware, that didn’t include tamper-evident features. To get tamper-evident features, you had to reflash your Librem laptop with PureBoot firmware after the fact, using our standard firmware update process. One of the biggest challenges for most people using PureBoot was the initial setup process–but many people might find installing an OS challenging too.

      The best way to solve this challenge is for us to do the setup for you–and that’s what we are happy to announce today.

      While we will still default to our standard coreboot firmware, starting today, if you order a Librem laptop and select the “PureBoot Bundle” option for the firmware, you can choose to have PureBoot installed and configured at the factory. The PureBoot Bundle includes a Librem Key, as well as a “Vault” USB drive that will contain the GPG public key we generated at the factory. You can use the Vault drive later to store backups of GPG keys you generate and store them in a safe place.

    • 14 Best Privacy-Focused Email Services in 2019

      We’ve covered emails in a lot of our articles ranging from titles about the best email marketing services to Android email clients and several wonderful email client apps e.g. Mailspring. And while we have covered some email services that respect users’ privacy individually, we haven’t ranked them into a top list before.

      Today, we’re placing our focus to the top email service applications you can use in 2019 thus my list of the best privacy-focused email services. It is a mixture of free, paid, open-source, and closed-source applications arranged alphabetically.

  • Civil Rights/Policing

    • Russian investigators drop rioting charges against five demonstrators and want another two suspects transferred to house arrest

      Russia’s Investigative Committee has dropped its rioting charges against five suspects in the so-called “Moscow Case” against demonstrators who attended recent unpermitted opposition rallies. Officials have closed the cases against Sergey Abanichev, Daniil Konon, Valery Kostenyok, Vladislav Barabanov, and Dmitry Vasiliev. All five men could still be charged with misdemeanor offenses, however.

    • ‘If I’m sad, why do I need to pretend like everything’s fine?’ Death Cafés are bringing Russians together to break taboos about the end of life. Our correspondent joined in — and began to overcome her own fears.

      Over the past several years, a movement advocating for “a more positive relationship to death” has taken off around the world, especially in Great Britain and the United States. This movement’s ideology suggests that people should talk more about their own deaths and those of their loved ones, establishing a more conscious relationship with the inevitable end of every life. The most striking part of this movement is the so-called Death Café, a space where those who wish to can talk about death, burials, and the many complications that come along with them. Such cafés already exist in a number of Russian cities. Meduza correspondent Sasha Sulim attended Death Café meetings in Moscow and Voronezh to find out what purpose they serve for their members and organizers. In the process, she began to see her own relationship with death in a new light.

    • Children’s rights commissioner demands inquiry, after police officers abandon journalist’s two-year-old daughter

      Moscow Children’s Rights Commissioner Evgeny Bunimovich has asked the city’s state prosecutors to review the actions of the police officers who arrested journalist Ilya Azar on September 2, leaving his two-year-old daughter at home, unattended.

    • A day of verdicts in Moscow’s cases against opposition demonstrators is a mixed bag for Russia’s opposition

      On September 3, courts sentenced three suspects in the so-called “Moscow Case” to multiple years in prison for crimes allegedly committed at unpermitted opposition rallies in the city. Vladislav Sinitsa was sentenced to five years for tweeting about the children of law-enforcement officials; Ivan Podkopaev was sentenced to three years for pepper-spraying two National Guard troops; and Danil Beglets was sentenced to two years in prison for shoving a police officer.

    • Financiers Of For-Profit Prisons Targeted With ‘Rolling Picket’ Organized By Anti-ICE Activists

      Dozens of activists met at Bryant Park in midtown Manhattan to demonstrate against financial institutions connected to Immigration and Customs Enforcement (ICE) through for-profit prison companies.

      The protesters engaged in a “rolling picket” on August 27, rallying at branches of HSBC, Vanguard, BlackRock, and Prudential in order to pressure the companies to divest from CoreCivic and GEO Group, which imprison immigrants for ICE.

    • Sparking Change: How Movements Pass on Inspiration

      Change doesn’t happen in a vacuum. Resistance is a continuum. Nonviolent movements arise amidst the efforts of many other struggles. The knowledge of how to organize for change is a global legacy passed between movements and generations of activists through lineages of inspiration that stretch through hundreds of years. (The first recorded strike happened in 1170 BC when Egyptian pyramid builders refused to work until they were paid; they’ve been happening much the same way ever since.) We learn from one another both directly and indirectly. We mimic creative tactics. We replicate strategies. We learn from mistakes. We are emboldened by others’ courage.

    • America’s White Problem Revisited

      Almost three decades ago when Arthur M. Schlesinger, Jr. penned The Disuniting of America: Reflections on a Multicultural Society (1991), the threat of American white extremism was, if not quite unimagined, profoundly underestimated. Instead, Schlesinger lays the blame for what he calls the “decomposition of America” on the rise of “tribalism,” with Afrocentrism, “multiculturalists” and “ethnocentric separatist,” who in Schlesinger’s view see “the western tradition [as] inherently racist, sexist, ‘classist,’ hegemonic; irredeemably repressive, irredeemably oppressive,” presenting a clear and present danger. In some ways, the book presages Samuel P. Huntington’s The Clash of Civilizations (1996), another in a long tradition of apocalyptic treatises on the rising tide of color, although this time penned by cold war liberals who offer a more palatable version lacking the overtly racist demagoguery of previous scribes. Like Huntington, Schlesinger envisions that the threat to western, specifically American values and institutions comes from an imagined Brown Peril of teeming dark-skinned others not from those who have historically rejected them – i.e., white racial narcissists. As Sam Tanenhaus wrote in his 2017 review of the book in The Atlantic, “though its critique of the ‘politics of identity’ and the ‘tribal antagonisms’ it bred should have included a harder look at his own privileged tribe, its delusions as well as its prejudices and presumptions.”

    • The Many Faces of Immigration Resistance

      For the most part, major news organizations like the New York Times, CNN, the Washington Post, and the Los Angeles Times have provided comprehensive, accurate coverage of major immigration-related developments. Significant policy changes and their impacts on people have been presented with careful regard for both detail and larger issues. This is as it should be. Nevertheless, coverage often falls short in underplaying a critical dimension of unfolding events: the extraordinary depth and breadth of resistance to the Trump administration’s policies.

    • Whose Bread I Eat, His Song I Sing: An International Education Nonprofit and a Devil’s Bargain

      2019 is the 100th anniversary of the founding of the Institute of International Education (IIE), a well-known US-based private nonprofit that focuses on international student exchange and aid, foreign affairs, and international peace and security. IIE refers to itself as “a world leader in the international exchange of people and ideas.”

    • Starved for Five Days, Disabled Child Succumbs in Indian Province

      Starved for five days, Goutam Behera, 17, a disabled child from Odisha, an eastern state of India, finally succumbed on July 8, 2019. Was it a starvation death? Government is evasive; but the activists say, ‘yes’. If there are so many food related schemes in the state, then why the starvation deaths? That’s the moot question.

    • Politics & 21st Century Discontents: Change It

      We’ve Got Trouble People

    • The NRA vs. American Children

      If any doubts remain about the nefarious influence of the National Rifle Association (NRA) on the political life of the United States, President Donald Trump’s decision to discuss gun control measures with that organization should dispel them. The offer to discuss these measures is like asking a criminal for his weapon of choice in order to hand it over. This obsequiousness equals that of many legislators, mainly Republican, who refuse to pass effective legislation on gun control measures out of fear of losing NRA support. Scores of people stand to lose, among them a significant number of children and adolescents, whose lives end needlessly by criminal violence.

    • We Are All Indigenous

      “All things are interrelated. Everything in the universe is part of a single whole. Everything is connected in some way to everything else. It is therefore possible to understand something only if we can understand how it is connected to everything else.”

    • Remembering Mitch Podolak

      Before going to bed last night, I learned from a post I was tagged on on Facebook that Mitch Podolak had died.  If I ever checked my Feed, I might have learned earlier — he had died several days earlier, on August 25th, 2019.  Incidentally, exactly one year after US Senator John McCain died, who was about as different politically from Mitch as it would be possible to be.  (I probably only happen to remember that because I wrote a song about the man when he died.  If I wrote one about Mitch, it wouldn’t be like that one at all.)

  • Digital Restrictions (DRM)

    • Cory Doctorow: DRM Broke Its Promise

      Streaming services do depend on DRM: DRM is how Spotify stops third parties from making play­ers that skip ads, and it’s how Netflix and Amazon Prime stop you from saving its Christmas movies to your hard-drive in July so you can watch them for free in December, when they become pay-per-view movies.

      There’s a name for societies where a small elite own property and everyone else rents that prop­erty from them: it’s called feudalism. DRM never delivered a world of flexible consumer choice, but it was never supposed to. Instead, twenty years on, DRM is revealed to be exactly what we feared: an oligarchic gambit to end property ownership for the people, who become tenants in the fields of greedy, confiscatory tech and media companies, whose in­ventiveness is not devoted to marvelous new market propositions, but, rather, to new ways to coerce us into spending more for less.

  • Monopolies

    • Copyrights

      • Announcing an Open Call for Proposals: The Bassel Khartabil Fellowship

        The Fellowship supports outstanding individuals developing free culture projects in their communities under adverse circumstances, honoring the legacy of beloved artist, open source technology innovator, free culture advocate Bassel Khartabil.

      • Search Engines Given “Six Hours” to Delete Pirate Links Under New Law

        New amendments to Russian law developed by the largest media and search engines will require the latter to swiftly delete ‘pirate’ links from their indexes. According to local sources inside the working group, platforms like Yandex will be required to delete links within six hours after their appearance on infringing content databases, which must be queried every five minutes.