Server

• Docker Not Doomed?

  Modern application development essentially consists of composing an application from a variety of services. These services aren’t just infrastructure components that live on a server any more. They’re delivered via an API and could be almost anything underneath as the abstractions start to pile up.

  COBOL code at the other end of a message bus with a lambda-function frontend? Okay. Ephemeral container running a Spring Boot service that connects to an RDBMS on a physical Unix server on the other side of the country? Sure, why not? Modern applications don’t really care, because it’s all about getting the job done. The name of the game is loosely-coupled modular components.

  This is why Docker has joined forces with Microsoft, Bitnami, HashiCorp, and a few others to create the Cloud Native Application Bundle (CNAB) specification. Docker uses this spec as part of its Docker App tool, which behaves a lot like docker-compose to collect a variety of services together into a single application bundle that can be shared around. It’s a lot like a container collection, and brings the same easy portability of containers to composed applications.

  “[Docker App] allows you to describe not just containers, but other services around which the app is dependent,” says Johnston. “And it allows you to do things that enterprises care about, such as signing the bundle, verifying that signature, and automatically promoting it based on that signature and things like that.”

• IBM

  • Red Hat OpenShift Service Mesh is now available: What you should know

    As Kubernetes and Linux-based infrastructure take hold in digitally transforming organizations, modern applications frequently run in a microservices architecture and therefore can have complex route requests from one service to another. With Red Hat OpenShift Service Mesh, we’ve gone beyond routing the requests between services and included tracing and visualization components that make deploying a service mesh more robust. The service mesh layer helps us simplify the connection, observability and ongoing management of every application deployed on Red Hat OpenShift, the industry’s most comprehensive enterprise Kubernetes platform.

    Red Hat OpenShift Service Mesh is available through the OpenShift Service Mesh Operator, and we encourage teams to try this out on Red Hat OpenShift 4 here.

  • Catching up with Red Hat at Sibos 2019

    Red Hat is excited to once again be attending Sibos, an annual financial services industry conference exhibition and networking event that is hosted by SWIFT. This year, the event is being held in London, England from September 23rd through 26th. Red Hat will be attending to sponsor a number of activities and discuss how and why enterprise open source technologies offer innovative capabilities that can help firms thrive in their digital journeys.

Audiocasts/Shows

• Full Circle Magazine: Full Circle Weekly News #144

• Manjaro Levels Up | LINUX Unplugged 318

  It’s official, Manjaro is a legitimate business; so what happens next? We chat with Phil from the project about the huge news.

  Plus we share some big news of our own, and the strange feels we get from Chrome OS.

• Linux Headlines – 09/10/2019

  Mozilla’s Test Pilot program is back with a new VPN service, GSConnect has a big release, and KDE looks to modernize Kate.

  Plus a host of exciting improvements coming in Ubuntu 19.10.

Kernel Space

• It’s Now Easier to Install Acer Firmware on Linux

  Y’know, the Linux Vendor Firmware Service!

  It’s an awesome initiative spearheaded by open source developer Richard Hughes that enables well-known hardware companies — Dell! Lenovo! Wacom! Etc! — safely distribute firmware updates to Linux users, sans hassle.

  Yup! And as Acer is one of the biggest laptop sellers in the world their addition to the ranks of the LVFS is pretty big news (just like I said in my opening line, keep up!).

• Please welcome Acer to the LVFS

• Acer Begins Publishing UEFI Firmware Updates For Linux Users On LVFS For Fwupd

  Following a lengthy evaluation period, Acer is the latest hardware manufacturer offering firmware updates for their products via the Linux Vendor Firmware Service (LVFS) for easily applying these updates from the Linux desktop with Fwupd.

  Acer joins the likes of Dell, HP, Lenovo and other manufacturers in offering firmware updates (primarily UEFI updates, but also other firmware files) via LVFS/Fwupd.

• F2FS Will Have Faster Case-Insensitive Lookups With Linux 5.4

  F2FS has done a good job following EXT4 that spearheaded this modern case-insensitive directory/file feature that’s optional and opt-in on a per directory basis. Like with F2FS’ other following of EXT4 around this feature, it’s now ported the look-up optimization from 5.3 to its driver. On the EXT4 side it has resulted in around 30% faster look-ups on large directories by introducing a temporary cache to avoid repeated case-folding.

• How Intel’s Clear Linux Team Cut The Kernel Boot Time From 3 Seconds To 300 ms

  Intel engineer Feng Tang spoke at this week’s Linux Plumbers Conference in Lisbon, Portugal on how the Clear Linux team managed to boot their kernel faster. They started out with around a three second kernel boot time but cut it down to just 300 ms.

  Among the optimizations carried out to really speed-up their boot time were ensuring more asynchronous driver probing, only initializing a small amount of RAM at start and then after booted hot-plug the rest of it in parallel via systemd, optimized root file-system mounting, disabling unnecessary kernel modules, and similar approaches.

• Graphics Stack

  • Intel’s Gallium3D Linux Driver Now Exposes OpenGL 4.6

    But unlike the i965 driver with OpenGL 4.6 support back-ported to Mesa 19.2, for the Intel Gallium3D driver it isn’t marked for back-porting so is likely a feature for next quarter’s Mesa 19.3 with that being the version in development on Git master. The Intel Gallium3D support comes after all the heavy-lifting done for getting the SPIR-V extensions in place for the common Intel graphics code over the past two years. This Intel Gallium3D driver is now the second in Mesa supporting GL 4.6 and the first Gallium3D driver to do so.

  • AMD “Trusted Memory Zone” Encrypted vRAM Support Coming To Their Linux GPU Driver

    AMD Trusted Memory Zone support is a new feature being worked on for their open-source graphics driver that works in conjunction with the graphics hardware for being able to encrypt portions of the video memory.

    Trusted Memory Zone (TMZ) support appears to be present going back to the original Vega graphics processors but this is the first time we’re seeing it implemented on the Linux side. Trusted Memory Zone protects the contents of TMZ’ed pages from being read by the CPU (non-GPU) clients and fend off writes to the protected pages. AMD TMZ support is being used to offer secure buffer object support on Linux.

  • AMD Navi 14 Workstation Graphics Cards Discovered In Linux Driver Update

    AMD has barely scratched the desktop surface with its Navi GPU architecture—there are just two main models, the Radeon RX 5700 XT and Radeon RX 5700, and three overall if you count the Radeon RX 5700 XT 50th Anniversary Edition. It’s a sure bet we will see more Navi cards in the future. That includes workstation models, as hinted by a breakdown of a recent patch for Linux.

    Up to this point, AMD has leaned on its Vega GPU architecture for its latest workstation graphics cards. That includes the Radeon Pro Vega II and Radeon Pro Vega II Duo, both if which were introduced in June, coinciding with a refreshed Mac Pro desktop.

Benchmarks

• AMD Ryzen 9 3900X Benchmarks On 11 Linux Distributions

  Now that BIOS updates over the past month have resolved the early boot issue with Ryzen 3000 processors and thus the new AMD CPUs playing nicely with modern Linux distributions, here is the long-awaited benchmark comparison of the Ryzen 9 3900X + X570 system benchmarked across an array of different Linux distributions… In fact, 11 Linux OS releases in total were tested on this high-end 12-core / 24-thread desktop processor.

  Last week was a look at eight Linux distributions on the AMD EPYC 7742 2P server while this is the desktop equivalent and pulling in more distributions given the more diverse Linux desktop ecosystem. The Ryzen 9 3900X was running at stock speeds on the ASUS ROG CROSSHAIR VIII HERO WiFi motherboard with 2TB Corsair Force MP600 PCIe 4.9 NVMe SSD, and Radeon RX 560 graphics (not the focus of today’s tests).

Applications

• RawTherapee 5.7 Released, Here’s How to Install it on Ubuntu & Linux Mint

  A new version of open source RAW image processing software RawTherapee is now available to download. We show you how to install it on Ubuntu.

  This post, RawTherapee 5.7 Released, Here’s How to Install it on Ubuntu & Linux Mint, was written by Joey Sneddon and first appeared on OMG! Ubuntu!.

• RawTherapee 5.7 Released! How to Install it in Ubuntu 18.04

  The official Linux Appimage, single executable to launch the software (non-install), is available for download in the previous link

  For Ubuntu 18.04, Ubuntu 19.04, Linux Mint 19.x, you can also install RawTherapee 5.7 via this unofficial PPA.

  1. Open terminal either via Ctrl+Alt+T keyboard shortcut or by searching for “Terminal” from application menu.

• Daniel Stenberg: curl 7.66.0 – the parallel HTTP/3 future is here

  I personally have not done this many commits to curl in a single month (August 2019) for over three years. This increased activity is of course primarily due to the merge of and work with the HTTP/3 code. And yet, that is still only in its infancy…

• Proprietary

  • Chrome 77 Released With Serial API, WebVR 1.1 & Any Element Can Provide Form Data

    Google has rolled out Chrome 77 into their stable channel as the newest version of their lightning fast web browser for Linux.

    Chrome 77 now supports any HTML element providing form data via the “formdata” event, various security improvements, a Serial API for interacting with devices connected to physical or virtual serial ports, WebVR 1.1 support, tab sharing between devices, and a variety of other improvements.

  • Chrome for Android Update

    Hi, everyone! We’ve just released Chrome 77 (77.0.3865.73) for Android: it’ll become available on Google Play over the next few weeks.

  • Chrome 77 for Mac, Windows rolling out: ‘Send this page’ sharing, new favicon animation, more

    Google is rolling out the latest version of Chrome for Mac, Windows, and Linux. Chrome 77 more widely introduces the “Send this page” cross-device sharing…

  • Google Chrome 77 Is Out for Linux, Android, Windows & Mac with 52 Security Fixes

    Google has promoted the Chrome 77 web browser to the stable channel for all supported platforms, including Linux, Android, Windows, and Mac.
    Google Chrome 77 introduces several performance enhancements to speed up your browsing experience, including new performance metrics that helps web developers measure how fast the content of a web page loads so you can access it faster than ever, as well as new form capabilities to support custom form controls.

    “It has not always been easy for developers to measure how quickly the main content of a web page loads and is visible to users. The usefulness of existing metrics varies. Some metrics are only measurable in a lab, while others tell nothing about content that users care about. Consider the example below, taken from a DevTools performance audit,” said Google.

    Additionally, Google Chrome 77 introduces new origin trials that lets you to try new Chrome features before they are released and give feedback to the web standards community on their usability, effectiveness, and practicality. Users will be able to register for the origin trials here.

Instructionals/Technical

• How to enable logging in Nextcloud 16

• How to install CentOS 7 on a PC via bootable USB

• How to cleanly remove a package from a Debian-based distribution

• How To Delete Files Older Or Newer Than N Days Using find (With Extra Examples)

• How to Install CiviCRM on Ubuntu 18.04

• How to get the latest Mozilla Thunderbird for Linux

• How to install Kali Linux 2019.3

• How to replace Gnome Screensaver with Xscreensaver on Ubuntu

• Input Output Redirection on Linux Explained

• Docker Container life cycle explained

• Install Automad CMS with Nginx and Let’s Encrypt SSL on CentOS 7

• Why can’t rootless Podman pull my image?

• Q&A on Linux career, certification and online courses

• GRUB Themes

Games

• Try the demo of the amusingly quirky point & click adventure Edgar – Bokbok in Boulzac

  Edgar – Bokbok in Boulzac is an upcoming in-development point and click adventure game, one that I came across recently and it’s well worth taking a look at the demo.

  Seems it’s one entirely missed by us here at GamingOnLinux, with it appearing on Steam earlier this year and a Linux demo being added back in May.

• Seems like Discord’s new “Go Live” feature is not coming to the Linux version

  Recently, the voice & text chat app Discord released a pretty fun sounding new feature called “Go Live” which sadly seems like Linux will miss out on.

  Go Live is a feature that allows you to share your game screen with a group of friends on a Discord channel, have them join the chat for it and watch you play. Like smaller and more intimate version of Twitch, only it’s just for Discord.

  Tweeting out about this new feature last week, the official Discord Twitter said “We just rolled out Go Live to… 100% of you! Everyone can now launch a game, click a button, and start streaming to their friends.”

• Harebrained Schemes continue to tweak BATTLETECH with a new update out

  Ready for one more turn? Harebrained Schemes have some new tweaks ready in the BATTLETECH 1.7 update that’s out now.

  It’s not a huge update, mostly about giving all their mechs a little spit and polish. The AI has seen a couple of improvements this time including their ability to avoid a potential ECM exploit, ECM carriers actually work a little better at keeping allies cloaked, pathfinding fixes in missions where the AI might become stuck and updated lance role tags for some mechs.

  Something I’m sure a lot of people will appreciate, is their focus on improving performance too. Both the UI rendering and particle systems went through a bunch of optimizations for this update so hopefully it will be smoother overall.

• Age of Grit is a stylish steampunk turn-based, tactical RPG with airship combat

  Released into Early Access recently, Age of Grit gives Steampunk a little cowboy-themed makeover with turn-based airship combat and it’s supporting Linux too.

  Another game crowdfunded on Kickstarter, where Age of Grit managed to get funded back in 2014 so it’s been in development for quite a while now. Nearly five years after the end of the Kickstarter and it’s entered Early Access on Steam.

Desktop Environments/WMs

• GNOME Desktop/GTK

  • GNOME 3.36 Desktop Environment Slated for Release on March 11th, 2020

    While the GNOME 3.34 desktop environment is not out yet, as it is expected to be officially unveiled tomorrow, September 12th, the GNOME developers are already planning on next major release, GNOME 3.36, which is currently slated for release on March 11th, 2020.

    Development of the GNOME 3.36 desktop environment, which will be available under the GNOME 3.35.x umbrella, will start with the first snapshot, GNOME 3.35.1, which is scheduled for public testing release on October 12th. It will followed by a second development snapshot, GNOME 3.35.2, on November 23rd.

  • GNOME 3.36 Pegged For Release On 11 March, More Stable Point Releases Come To GNOME

  • Changes: GNOME 3.35/3.36 release schedule

Distributions

• Screenshots/Screencasts

  • Revisiting Netrunner (First Impressions of 19.08)

• Debian Family

  • Debian 10: Playing catch-up with the rest of the Linux world (that’s a good thing)

    I’ve been using Debian 10 for three months now (yes, before it was officially released via a testing channel), and, as you would expect, it is a super solid release. This is remarkable only because I did not have the same experience at all on Debian 9. My initial foray into Debian 9 was fraught with problems, and I went scurrying back to Debian 8 in a hurry. I tried again after a year and had better luck, but this time around I’ve had no problems at all on either the desktop or server (it’s worth noting, though: before you upgrade, back up any PostgreSQL data, since Debian 10 moves from PostgreSQL 9.6 to 11, a significant migration for any live servers).

    While I plan to wait for at least a one-point release before I test updating any production servers, Debian 10 looks like a great release. I fully expect to be running Debian 10 servers well into the mid 2020s.

    On the desktop side, I still prefer Arch Linux to Debian on my main machine. This might sound like diametrically opposed distros to compare—Debian is focused on stability and changes at a glacial pace, while Arch is a rolling release with updates on a daily basis—but in my experience these have both been the most stable, reliable distros I’ve used. The chief difference is that one updates all the time to achieve that stability while the other updates hardly at all. They may take different approaches, but they arrive at the same result.

  • Debian 10 Buster with GNOME 3: I didn’t expect it to be this fast, but that could be the SSD talking

    I don’t know how much of it is Debian 10 and how much is swapping a 5400-RPM hard drive with an M.2 NVMe SSD, but my 2-year-old laptop is FLYING now that I’ve ditched Windows 10 and the 1 GB magnetic drive that came with it.

    And this is with GNOME 3. The stock or lightly/heavily-favored desktop environment in Debian, Fedora and Ubuntu looks great, runs with no hesitation (in constrast to Windows 10) and doesn’t have me thinking that I need anything else for speed-related reasons.

  • Markus Koschany: My Free Software Activities in August 2019

    Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

• Canonical/Ubuntu Family

  • Ubuntu 19.10 “Eoan Ermine” Promises More Boot Speed Improvements

    According to Colin Ian King, the Ubuntu Kernel Team worked hard during the past few months to find a faster compression/decompression algorithm for the upcoming Ubuntu 19.10 (Eoan Ermine) operating system, which will hit the streets later this fall on October 17th.

    The Ubuntu Kernel Team benchmarked six compression methods for the initramfs, including BZIP2, GZIP, LZ4, LZMA, LZMO and XZ, to measure the loading time of the Linux kernel, as well as the decompression time. The benchmarking was conducted on x86 configurations using the x86 TSC (Time Stamp Counter).

  • My Ubuntu Reached EOL, What Should I Do?

    If your Ubuntu version reached its End of Life (EOL), it will not install software anymore. You can still use the system without time limit but you cannot get more applications nor security updates. This article explains with example to take care of Ubuntu 14.10 “Utopic Unicorn” which has been EOL since 2015 so it can install programs once again (but without updates). This tutorial can be used for other EOLed versions of Ubuntu for example 10.10 or 17.04. I hope this helps.

    Each Ubuntu release has support duration, meaning, a certain period of time where Canonical provides software repository (including security updates) for it. When the support duration ended, it is called End Of Life, meaning Canonical deletes the repository (including security updates) for it. Once your Ubuntu system reached EOL, you cannot install software anymore nor receive any updates. For example, in 2019, versions considered EOL are 12.10, 14.10, and 17.04, among others.

  • Canonical Fixes Linux 4.15 Kernel Regression in Ubuntu 18.04 LTS and 16.04 LTS

    Earlier this month, Canonical published major Linux kernel security updates for all supported Ubuntu Linux operating systems, addressing no less than 28 security vulnerabilities. However, one of the patches also introduced a regression causing the Linux kernel 4.15 on Ubuntu 18.04 LTS and Ubuntu 16.04 LTS systems to crash when handling fragmented packets.

    “USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. We apologize for the inconvenience,” said Canonical in the security advisory.

Devices/Embedded

• Signet High-Capacity Thumbdrive Supports 2FA, Password & Secure Data Storage (Crowdfunding)

  Signet HC Crowdfunding Started The latest version of the Signet thumbdrive is the Signet HC.

• Rock Pi X is a $39 single-board computer with an x86 chip (Intel Atom x5-Z8300)

  Since Raspberry Pi launched its first $35 computer in 2012, a bunch of other companies have entered the space with their own small, cheap, single-board computers. And, like the Raspberry Pi, most of them are powered by ARM processors.

  But Radxa‘s new Rock Pi X is one of a handful of models with an Intel x86 processor, which means you could run Windows or just about any GNU/Linux operating system.

  It’s expected to launch soon for $39 and up.

• Congatec conga-SMX8-Mini is a SMARC 2.0 Module based on NXP i.MX 8M Mini Processor

  NXP i.MX 8M Mini is the first i.MX processor from the company to be manufactured using a 14nm process, which enabled a higher 2.0 GHz frequency for the Cortex-A53 cores.

• Raspberry Pi alternative: Khadas pitches $50 VIM3L as 4K home theater PC

  It’s available for pre-order for $49.99 or as with a CoreELEC HTPC (Home Theater PC) kit including a transparent enclosure, heatsink, Wi-Fi antennas, and remote control for $69.99. Both prices include worldwide shipping.

  The board runs on an Amlogic S905D3, a four-core Arm Cortex A55-based CPU, and includes 2GB of LPDDR4 RAM and 16GB of eMMC flash. It also has Bluetooth 5.0 support, as well as Gigabit LAN, HDMI, USB-C, and USB 2.0 ports.

  The Raspberry Pi 4 Model B, launched in June, comes with up to 4GB memory for $55, twice the RAM offered by the Khadas VIM3L.

• Rock Pi X Intel Cherry Trail Board to Sell for as low as $39

  Most low cost (sub $100) single board computers are based on Arm processors because Intel processors are normally more expensive, but there are some exceptions with AAEON Up Board and Atomic Pi…

• Mobile Systems/Mobile Applications

  • Android manufacturers could learn a thing or two from the iPhone 11 when it comes to video

  • Android phones already have all the new iPhone 11 features

  • Android warning: You should uninstall these Play Store apps to avoid dangerous malware

  • New LG V30 Android Pie-based updates in Europe & Canada

  • [Update: In the US] Android 9 Pie rolling out now to Samsung Galaxy Tab S3, Tab A 2017

  • This $60 Raspberry Pi 4 rival runs Android 9, plays 4K video, and has an AI accelerator

  • Huawei will roll out the EMUI 10 update to over 30 phones

  • 11 ‘Hidden’ Android 10 Features We Have Found So Far

  • Asus ZenFone 5Z Android 10 final beta update available for download

  • Android 10′s share sheet smacks down apps that try to game the alphabetical order

  • Second Galaxy is Out Now on Android

  • Cortado Mobile Solutions Becomes Official Android Zero-Touch Enrollment EMM Partner

  • ASUS ROG Phone II Ultimate Benchmark Preview: The Fastest Android Phone Ever

Free, Libre, and Open Source Software

• Web Browsers

  • Mozilla

    • Google Unveils DNS-over-HTTPS (DoH) Plan, Mozilla’s Faces Criticism

      Google has announced that they would soon be performing a trial of utilizing DNS-over-HTTPS (DoH) in the Google Chrome browser. This experiment will be conducted in Chrome 78 and will attempt to upgrade a user’s DNS server to a corresponding DoH server, and if available, use that for DNS resolution.

      For those unfamiliar with DoH, it allows DNS resolution to be conducted over encrypted HTTPS connections rather than through the normal plain text DNS lookups.

    • Mozilla Reps Community: Rep of the Month – July 2019

      Please join us in congratulating Bhuvana Meenakshi Koteeswaran, Rep of the Month for July 2019!

      Bhuvana is from Salem, India. She joined the Reps program at the end of 2017 and since then she has been involved with Virtual and Augmented Reality projects.

• Productivity Software/LibreOffice/Calligra

  • LibreOffice Conference 2019, Day 1: Some photos

    Yes, the main part of the LibreOffice Conference 2019 is underway, in Almeria, Spain. We’ll have a full write-up (including presentation videos) on this blog – but in the meantime, a quick look-back at the first day…

• Pseudo-Open Source (Openwashing)

  • NVIDIA’s Latest Open-Source Project Is Their NVDLA Deep Learning Compiler

    Two years ago NVIDIA announced the NVDLA as an open-source hardware project with this “NVIDIA Deep Learning Accelerator” to be a free and open architecture for inference accelerators. NVIDIA has now expanded the open-source software ecosystem around NVDLA.

    It has taken NVIDIA until recently to open-source their inference compiler for the “open” NVDLA hardware. The NVIDIA Deep Learning Accelerator compiler is now open-source and designed to maximize the performance and efficiency of deep learning inference on the hardware.

  • Arm Joins The Compute Express Link Bandwagon (CXL)

  • The Reactive Foundation Launches To Support Next Phase of Software Architecture

  • Cloud Foundry Investment And Deployments Increasing

• FSF/FSFE/GNU/SFLC

  • Oracle introduces patch series to add eBPF support for GCC

    Yesterday, the team at Oracle introduced a patch series that brings a port of GCC to eBPF (extended Berkeley Packet Filter), a virtual machine that is placed in the Linux kernel. With the support for binutils (binary tools), this port can be used for developing compiled eBPF applications.

    eBPF was initially used for capturing user-level packet and filtering, it is now used to serve as a general-purpose infrastructure for non-networking purposes as well.

    Since May, Oracle has been planning on introducing an eBPF back-end to GCC 10 to make the GNU compiler target the general-purpose in-kernel virtual machine. Oracle’s inclination on bringing in the eBPF support for GCC is part of the company’s efforts towards improving DTrace on Linux.

• Programming/Development

  • This Week in Rust 303

    Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed.

  • Develop with Django 2 and Python 3 in a container with Red Hat Enterprise Linux

    In my previous article, Run Red Hat Enterprise Linux 8 in a container on RHEL 7, I showed how to start developing with the latest versions of languages, databases, and web servers available with Red Hat Enterprise Linux 8 even if you are still running RHEL 7. In this article, I’ll build on that base to show how to get started with Django 2 using the current RHEL 8 application stream versions of Python 3 and PostgreSQL 10.

    From my perspective, using Red Hat Enterprise Linux 8 application streams in containers is preferable to using software collections on RHEL 7. While you need to get comfortable with containers, all of the software installs in the locations you’d expect. There is no need to use scl commands to manage the selected software version. Instead, each container gets an isolated user space. You don’t have to worry about conflicting versions.

    In this article, I show you how to create a Red Hat Enterprise Linux 8 Django container with Buildah, and run it with Podman. The code is stored on your local machine and mapped into the container when it runs. You can edit the code on your local machine as you would any other application. Because it is mapped via a volume mount, the changes you make to the code are immediately visible from the container, which is convenient for dynamic languages that don’t need to be compiled.

  • Deploying a Flask Application to Heroku

    In this tutorial you will learn how to deploy a Flask application to Heroku. The app can be as simple as a “Hello World” app to a social media monitoring platform!

    Nowadays there is no business that doesn’t have a web app to help it a reach greater audience, or maybe provide its services through an online portal.

    Today you are about to learn how to make an API using Flask as a case study for how to deploy your app on Heroku.

  • Real Python: Python vs C++: Selecting the Right Tool for the Job

    Are you a C++ developer comparing Python vs C++? Are you looking at Python and wondering what all the fuss is about? Do you wonder how Python compares to the concepts you already know? Or perhaps you have a bet on who would win if you locked C++ and Python in a cage and let them battle it out? Then this article is for you!

  • PyCharm 2019.2.2

    PyCharm 2019.2.2 is now available. This version solves regression issues and improves Jupyter Notebook configuration experience.

  • Qt 5.12.5 Released

    I am happy to Announce we have released Qt 5.12.5 today.

    This fifth patch release to Qt 5.12 LTS contains almost 280 bug fixes. Please check most important changes from Qt 5.12.5 Changes Files.

    If you are still using older Qt versions, I strongly encourage all active projects to migrate to Qt 5.12 LTS if possible. After the Qt 5.12.5 release was branched, the Qt 5.12 LTS has entered in ‘strict’ phase, so from now on it will receive only the selected important bug and security fixes. New patch releases to Qt 5.12 LTS will be released regularly in the future as well but with fewer changes than before.

  • Why COBOL Still Matters After 60 Years

    In the world of DevOps, the Agile Manifesto and countless other application delivery frameworks, one has to wonder how an anachronism such as the programming language COBOL (common business-oriented language) has managed to remain relevant. After all, COBOL has its roots back in the 1940s, and was built upon Rear Admiral Grace Hopper’s work on the FLOW-MATIC programming language (a text-based programming language). Hopper, who worked as a technical consultant on the FLOW-MATIC project, is sometimes referred to as the grandmother of COBOL.

Health/Nutrition

• Parents on Twitter Share Sky-High Costs of Giving Birth in the US, Calling for Medicare for All

  “Saving these bills to show my kids what life was like before Medicare for All, and why we fought so hard to give them a better country.”

• Number of Uninsured Americans Rises for 1st Time in a Decade

  The number of Americans without health insurance edged up in 2018 — the first evidence from the government that coverage gains from President Barack Obama’s health care plan might be eroding under President Donald Trump.

Security (Confidentiality/Integrity/Availability)

• Security updates for Wednesday

  Security updates have been issued by Fedora (python38), openSUSE (nginx, nodejs10, nodejs8, python-Twisted, python-Werkzeug, SDL2_image, SDL_image, and util-linux and shadow), Oracle (firefox and nghttp2), Red Hat (.NET Core, firefox, kernel, libwmf, pki-deps:10.6, and poppler), Scientific Linux (firefox), SUSE (ghostscript, libgcrypt, podman, python-SQLAlchemy, qemu, and webkit2gtk3), and Ubuntu (curl, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, systemd, and tomcat8).

• Duty Of Care

  Put differently, when Toyota recalls hundreds of thousands of cars for potential defects in which exactly zero people were harmed, we consider that responsible stewardship of their product.

• The California Consumer Privacy Act

  Next January, California is set to have one of the strongest laws in the nation, passed last year with unusual bi-partisan support, seeking to add some first-of-their-kind state protections over our personal data. It is called the California Consumer Privacy Act (CCPA) of 2018. It nicely reflects the fact that our state is one of the only states in the country whose constitution in Article 1, Section 1, actually contains an express right of privacy guaranteed to all Californians.

  This past year, since the bill’s passage, Purism has worked tirelessly–and dedicated substantial staff resources–to help make sure the new law is not substantially thrashed by Big Tech’s huge army before the fledgling law can even take effect: an army of highly-paid lobbyists. The stakes for Big Tech are large, but the stakes for consumer privacy, and for Purism’s philosophy of consumer privacy protection and control, are so much bigger.

  To try to stem the extraordinary political muscle of Big Tech in Sacramento, Purism has worked in close collaboration with California’s top privacy protection groups including the ACLU, EFF, Consumers Union, Common Sense Kids Action and the Privacy Rights Clearinghouse, and many others to try to stop the onslaught of Big Tech-sponsored bills seeking to vitiate the new law.

  Our CEO has testified in legislative hearings against the weakening measures, and has recently co-written a powerful editorial published in the Mercury News, the newspaper in the backyard of Big Tech in Silicon Valley, against these bills. As Purism’s legislative advocate, I have met with key California legislators to try to thwart Big Tech’s predictable onslaught against this new law.

Defence/Aggression

• Gaddafi vs the West: Two Revolutions on the Wrong Side of History

  Sunday marked half a century since Muammar Gaddafi’s Libyan revolution, which led to the overthrow of the American-backed King Irdis.

• ‘Yemen Was Called the Forgotten War, but Activists Are Refusing to Forget’

• US Media Keep Saying Iran is ‘In Violation’ of a Nuclear Agreement the US Withdrew From

  Yes, Iran is increasing the number of centrifuges it is using to refine nuclear fuel, and yes, it is refining that fuel to a higher percentage of U-235, the isotope that allows the uranium to begin a chain reaction necessary for both fueling a nuclear reactor and for creating an atomic bomb.

• Familiar Faction Of Regime Change Advocates Lash Out At Journalists Reporting From Syria

  Journalists Rania Khalek and Max Blumenthal were condemned for traveling to Damascus, Syria, to report on recent developments in the country.

  The attacks came from a select but influential group of individuals, who resent the manner in which Khalek and Blumenthal have undermined that narrative for supporting regime change operations by Western forces and the militia groups aligned with them.

• 9/11: A Day that Changed the World

  A new anniversary of a catastrophe brings back strong feelings and sad memories. Such is the case of the 9/11 attacks on New York’s World Trade Center, a tragedy that had long-lasting effects. New York, and the world, has not been the same since the events of September 11, 2001.

• Trump’s Afghanistan ‘Peace’ Will Be Vietnam All Over Again: A Mess America Leaves Behind

  When the conflict that the Vietnamese refer to as the American War ended in April 1975, I was a U.S. Army captain attending a course at Fort Knox, Kentucky. In those days, the student body at any of our Army’s myriad schools typically included officers from the Army of the Republic of Vietnam (ARVN).

• Progressives ‘Overjoyed’ as John Bolton Leaves White House

  “Best news of this past few weeks, if not longer!!!!”

• Trump Dismisses John Bolton, Says They ‘Disagreed Strongly’

  President Donald Trump on Tuesday forced out John Bolton, his hawkish national security adviser with whom he had significant disagreements on Iran, Afghanistan and a cascade of other global challenges.

• Bolton’s Replacement Charles Kupperman ‘Another Islamophobe,’ Charge Critics

  “In Washington, D.C. today, the more things change, the more they stay the same.”

• Netanyahu Vows to Begin Annexing West Bank Settlements

  Israeli Prime Minister Benjamin Netanyahu vowed on Tuesday to annex the heart of the West Bank if he wins reelection next week, a move that could inflame the Middle East and extinguish any remaining Palestinian hope of establishing a separate state.

• Ahead of Israeli Election, Netanyahu Vows to Annex Large Swathes of West Bank ‘In Maximum Coordination With Trump’

  “A reminder that Israel is a state where apartheid policies are used to appeal to voters.”

Transparency/Investigative Reporting

• How the UK Security Services neutralised the country’s leading liberal newspaper

  The Guardian, Britain’s leading liberal newspaper with a global reputation for independent and critical journalism, has been successfully targeted by security agencies to neutralise its adversarial reporting of the ‘security state’, according to newly released documents and evidence from former and current Guardian journalists.

• Victory! Ruling in hiQ v. Linkedin Protects Scraping of Public Data

  In a long-awaited decision in hiQ Labs, Inc. v. LinkedIn Corp., the Ninth Circuit Court of Appeals ruled that automated scraping of publicly accessible data likely does not violate the Computer Fraud and Abuse Act (CFAA). This is an important clarification of the CFAA’s scope, which should provide some relief to the wide variety of researchers, journalists, and companies who have had reason to fear cease and desist letters threatening liability simply for accessing publicly available information in a way that publishers object to. It’s a major win for research and innovation, which will hopefully pave the way for courts and Congress to further curb abuse of the CFAA.

  The Trouble with the CFAA

• Big News: Appeals Court Says CFAA Can’t Be Used To Stop Web Scraping

  Two years after a lower court correctly decided that LinkedIn couldn’t use the CFAA to stop third parties from scraping their site, the 9th Circuit appeals court has upheld that decision in a very important decision for the future of an open web. For a long time we’ve talked about how various internet companies — especially the large ones — have abused the CFAA to stop competition and interoperability. If you’re unaware, the CFAA is basically the US’s “anti-hacking” law, which was designed to make it a crime (and a civil infraction) to “break into” someone else’s computer. But for years it’s been interpreted way too broadly (to the point that it’s referred to as “the law that sticks” when trying to get someone for “doing something bad on a computer.”

Environment

• What Corporate Media and the Neolibeal Establishment Can’t Admit About the Climate Emergency

  With the possible exception of an all-out nuclear war, humanity has never encountered a threat that comes close to that posed by climate change.

• Donald Trump Smears the Victims of Hurricane Dorian

  Echoing the racist and dehumanizing rhetoric he has repeatedly deployed against Mexican immigrants, Muslims, and others, President Donald Trump on Monday told reporters—without offering a shred of evidence—that there may be “very bad gang members” and “drug dealers” among those fleeing the Bahamas in the aftermath of Hurricane Dorian.

• Scenes From Matamoros (Photo Essay)

• To Critics Who Say Climate Action Is ‘Too Expensive,’ Greta Thunberg Responds: ‘If We Can Save the Banks, We Can Save the World’

  “If there is something we are not lacking in this world, it’s money. Of course, many people do lack money, but governments and these people in power, they do not lack money.”

• “Trump’s Racism and Cruelty Knows No Bounds”: Outrage as President Smears Dorian Victims Fleeing Bahamas as Gang Members

  “The survivors of Hurricane Dorian are climate change refugees fleeing disaster, and they deserve compassion and support, not isolation and exclusion,” said the Sunrise Movement

• So Close Yet So Far: And I Will Strike Down Upon Thee With Great Vengeance and Furious Anger

  It musta been the latest deranged racism of Trump’s claim he cruelly refused to let Dorian’s destitute survivors into the U.S. because some Bahamians were – OMFG – gang members, drug dealers and “very bad people.”

• Urgently Investing $1.8 Trillion to #AdaptOurWorld and Avert ‘Climate Apartheid’ Could Yield $7.1 Trillion in Benefits, Analysis Shows

  “Without bold adaptation action, climate change becomes a life sentence to poverty and suffering for already vulnerable and marginalized people.”

• Climate Deniers’ Response to Climate Crisis: “There Is No Climate Emergency”

  For many of us who have been writing and campaigning on climate change and against the oil industry for years, it is easy to forget what a momentous year it has been for raising awareness about our climate crisis.The impact of Greta Thunberg, the global school strike movement, the Sunrise Movement, and protests by Extinction Rebellion have all helped elevate climate change up

• White Nationalism and Crony Capitalism Are the Sparks That Started Fires in the Amazon

  The man-made Amazon fires are for clearing the land of its forests and indigenous people. The benefits are for Jair Bolsonaro’s cronies, while producing a climate disaster for the world.

• Activists Follow the Money Fueling Amazon Fires

  While the world watches in horror as fires rage on in the Amazon, activists are shining a light on the big businesses destroying what’s popularly known as the “lungs of the Earth.” On September 5, people around the globe stood in solidarity with the rainforest’s indigenous communities by partaking in the Global Day of Action for the Amazon…

• An Inspiring Climate Victory in Kenya

• Energy

  • Nuclear Power Has No Role in Fighting the Climate Emergency

    The Aug. 26 editorial “A plan that goes nowhere” in the Washington Post claimed that Sen. Bernie Sanders’s (I-Vt.) proposed $16.3 trillion climate plan was made “unnecessarily expensive” by his exclusion of new nuclear power construction and his intention to deny existing nuclear plants license extensions.

  • Plan to Release Radioactive Fukushima Wastewater Into Pacific Ocean Panned by Critics

    “Another reason to not build nuclear power plants.”

• Wildlife/Nature

  • Wild Love Preserve + Idaho Wild Horse Preservation

Finance

• Cause of Termination: Gross Fraud and Malfeasant Negligence

  In the eyes of the law there are differences in lies. While it is wrong to deceive, deception with the intent to cause injury or damage is especially bad. This is the current, and persistent, practice by President Donald Trump and it is worthy of a deeper look.

• An Uber Driver’s Death Shows the Harms of Misclassifying Workers

  In 2015, Waheed Etimad immigrated with his wife and their seven children to the United States from Afghanistan on the special immigrant visa he received after translating for the U.S. Army. Etimad began taking courses at Diablo Valley College, studying to become a computer engineer while driving full time for Uber at night. People who knew Etimad called him a hardworking and devoted family man, an “amazing father, husband, and friend.”

• We Asked Prosecutors if Health Insurance Companies Care About Fraud. They Laughed at Us.

  Like most of us, William Murphy dreads calling health insurance companies. They route him onto a rollercoaster of irrelevant voice menus, and when he finally reaches a human, it’s a customer service rep who has no idea what he’s talking about. Then it can take days to hear back, if anyone responds at all.

  The thing is, Murphy isn’t a disgruntled patient. He prosecutes medical fraud cases for the Alameda County District Attorney’s Office in Oakland, California. And when he calls insurers, he’s in pursuit of criminals stealing from them and their clients. But, he said, they typically respond with something akin to a shrug. “There’s no sense of urgency, even though this is their company that’s getting ripped off.”

• How to Make Health Insurers Take Fraud Seriously

  In most states, laws require private health insurers to submit information to regulators about suspected fraud in their networks. Such reporting helps everyone by highlighting scammers and their schemes. For instance, a doctor could be billing several insurers for services that weren’t provided, a hospital could be uniformly gaming billing codes to pad profits or a fraudster could be targeting several insurers pretending to be a medical professional.

  But ProPublica found that most insurers prefer to handle suspicious cases internally without notifying regulators or prosecutors, who could pursue the alleged perpetrators in court. Ultimately, money lost to fraud is passed on to employers and working Americans who pay for the health plans.

• House Democrats Threaten to Subpoena Pentagon After Report Exposes Trump Deal With Scotland Airport

  “We’re challenging Trump’s laughably fraudulent claim that he had ‘nothing to do with’ the Prestwick Airport near his failing Scottish resort.”

AstroTurf/Lobbying/Politics

• Boris Johnson Trips: Duvets, Toothbrushes and the House of Lords

  In 2017, MP Jacob Rees-Mogg, a Tory creature trapped in cold storage, suggested that the UK’s withdrawal from the European Union was tantamount to fighting the battles of Agincourt, Waterloo and Trafalgar, a true statement of British strength. (Much inconsistency there, but let him ride with it.) “This is Magna Carta, it’s the Burgesses coming at Parliament, it’s the great reform bill, it’s the bill of rights, it’s Waterloo, it’s Agincourt, it’s Crecy. We win all of these things.”

• To Save the Republic, Some of Trump’s Allies and Appointees Will Have to Face Federal Prosecution

  To save our republic, some of Trump’s enablers and political appointees may have to go to jail, just like happened with Nixon’s people. Trump’s policies are inflicting massive damage on the working class, the environment, minorities, and our economy. And the damage he’s doing to our body politic will certainly alter our form of government if there aren’t legal consequences.

• ‘Democracy for Some, But Not for All’: Report Reveals Nearly 1,700 Polling Places Closed Since Supreme Court Weakened Voting Rights Act

  “Seems like Republicans don’t want people to vote…wonder what they are worried about.”

• GOP Holds N.C. House Seat but Shows Weakness in Suburbs

  Conservative Republican Dan Bishop won a special election Tuesday for an open House seat in North Carolina, averting a demoralizing Democratic capture of a district the GOP has held for nearly six decades. But his narrow victory didn’t erase questions about whether President Donald Trump and his party’s congressional candidates face troubling headwinds approaching 2020.

• There’s a Reason Populists Like Elizabeth Warren and Bernie Sanders Are Gaining on Joe Biden

  Looking beyond personalities, Thursday’s Democratic debate will be about three fundamentally different paths to 2020: embrace moderation; mobilize a “majority-minority” electorate; or come out strongly as economic populists.

• Proof Joe Biden Has the Mainstream Media in His Pocket

  Democratic presidential candidate Joe Biden last month released a new Iowa TV ad called “Personal,” which recounts the former vice president’s personal tragedy of losing his wife and daughter to a car crash, and the subsequent loss of his son Beau Biden from brain cancer.

• ‘Under the Trump Administration, the [NLRB] Appointees Have Been Extremists’

• Long-time IT consultant for Alexey Navalny’s Anti-Corruption Foundation quits, accusing management of corruption

  A long-time IT consultant for the Anti-Corruption Foundation has accused the organization of lying to constituents and mismanaging its volunteer labor force. In a blog post on September 10, Vladislav Zdolnikov announced that he is ending his collaboration with Alexey Navalny’s group, in response to what he says was its public dishonesty surrounding recent elections.

• Politicon Lineup Exposes Event as ‘Circus’: Critics

  “Why should the average voter invest in US politics if those running it think it’s all a sport?”

• “Exactly What I’ve Hoped For”: 100+ Education Leaders Voice Support for Sanders K-12 Plan

  “No president or presidential candidate has offered a proposal so bold and sweeping.”

• Democratic Think Tank Center for American Progress Isn’t Fooling Anybody

  The Center for American Progress has laid off the unionized staff members of its news site, ThinkProgress. In a statement posted on the ThinkProgress site, the center announced  it was “transitioning ThinkProgress back to its roots by offering analysis of the news, policy and politics.” Former staffers were concerned the site would turn into a communications arm for the think tank’s scholars and staff, which would be against the union contract that guaranteed editorial independence.

Privacy/Surveillance

• Equifax Victims Jump Through Hoops To Nab Settlement Money They Won’t Get Anyway

  So we’ve noted that the FTC’s settlement over the Equifax hack that exposed the public data of 147 million Americans is a bit of a joke. The FTC originally promised that impacted users would be able to nab 10 years of free credit reporting or a $125 cash payout if users already subscribed to a credit reporting service. But it didn’t take long for the government to backtrack, claiming it was surprised by the number of victims interested in modest compensation, while admitting the settlement failed to set aside enough money to pay even 248,000 of the hack’s 147 million victims.

• White House Pushing Proposal That Would Subject Mentally Ill People To Increased Surveillance

  The White House has decided we’re going to power through our mass shooting crisis by aiming our surveillance apparatus in the direction of the mentally ill. In addition to claiming we might be able to find the next mass shooter by tracking fitness trackers, the administration is pushing for a mental health-based “solution” that would increase the stigma of not being “normal.”

• Much Of The Assault On ‘Big Tech’ Is Being Driven By ‘Big Telecom’

  Over the last few months, Google, Amazon, and Apple have all taken a significant beating on Wall Street amidst rumblings of looming antitrust investigations by the DOJ and FTC. Google, we’re told, is subject of a looming antitrust probe by the DOJ. Amazon, we’ve learned, is facing growing scrutiny from the FTC. Apple stock also briefly did a nose dive on the news that it too may soon be subject to a significant new antitrust probe.

• Ring Has A ‘Head Of Face Recognition Tech,’ Says It’s Not Using Facial Recognition Tech. Yet.

  Amazon has developed facial recognition tech it’s inordinately proud of. Known as “Rekognition,” it’s not nearly as accurate as its deliberately misspelled moniker suggests it is. It drew Congressional heat last year when it misidentified a number of Congress members as criminals.

• Watering Holes and Million Dollar Dissidents: the Changing Economics of Digital Surveillance

  Recently, Google’s Project Zero published a report describing a newly-discovered campaign of surveillance using chains of zero day iOS exploits to spy on iPhones. This campaign employed multiple compromised websites in what is known as a “watering hole” attack. The compromised websites would automatically run the chain of exploits on anyone who visited, with the aim of installing a surveillance implant on the device. Google didn’t reveal the names of the websites or indeed who was being targeted but it soon became clear through other reporting that the likely target of this campaign was the Uyghur community, a Turkic Muslim minority in China facing mass detention and other harsh crackdowns perpetrated by the Chinese government with the most repressive policies coming into place in recent years.

  Security company Volexity followed up the week after with detailed reports of similar website exploit chains targeting Android and Windows devices, again hosted on websites with a primarily Uyghur readership. This week, another publication confirmed that the Chinese government had compromised several international telcos in order to perform yet more invasive surveillance on expatriated Uyghurs.

Civil Rights/Policing

• Adorno is Not a Cheery Guy

  Maybe Teddy would be lots of laughs in a Berlin pub after one too many. But, judging from his essay, “Education after Auschwitz,” written in popular style in 1966 (three years from his death), Adorno might chase away the crowds. “Hey, see that dreary old guy sitting alone in the corner? That’s sad old Adorno.” This essay takes no prisoners, it doesn’t offer any sentimental escape routes from facing the premier demand of his (and our) time. “The premier demand upon all education is that Auschwitz not happen again.” Period. Boom, boom, boom. If poetry wasn’t possible after Auschwitz, well, education might be. But education has to face the “monstrous in the face of the monstrosity that took place.”

• Protest Song Of The Week: ‘Pop Goes The Weapon’ By Prophets Of Rage

  “Warning! The following video contains content that some viewers many not find disturbing. That’s pretty fucked up.”

• Are We Headed Toward a Techno-Eugenic Future?

  Dr. Stuart A. Newman, Ph.D., is professor of cell biology and anatomy. He has been a visiting professor at the Pasteur Institute, Paris, the Centre à l’Energie Atomique-Saclay, Gif-sur-Yvette, the Indian Institute of Science, Bangalore, the University of Tokyo, and was a Fogarty Senior International Fellow at Monash University, Australia. He was a founding member of the Council for Responsible Genetics in Cambridge, Mass. and is a director of the Indigenous Peoples Council on Biocolonialism, Nixon, NV and a member of the editorial board of the Journal of Biosciences (Bangalore). He also writes about social and cultural aspects of biological research and technology.

• Ukrainian human rights official says government will attempt to return 113 more prisoners from Russia

  In an interview with the Russian business outlet RBC, Lyudmila Denisova said that the Ukrainian government intends to negotiate the release of 113 more Ukrainian prisoners currently held in Russia. Denisova is the human rights commissioner for the Verkhovna Rada, Ukraine’s parliament.

• Appeals Court Approves Nationwide Injunction Against Trump Asylum Rule, Acknowledges Harm To Legal Groups

  A federal appeals court restored a nationwide injunction against a rule imposed by President Donald Trump’s administration to block asylum seekers.

  On July 16, a rule on asylum eligibility was developed to deny asylum to individuals who enter the United States at the southern border without first applying for asylum in Mexico or a third country. It is commonly referred to as the third-country rule.

• “We Must Learn to Live Together as Brothers or Perish as Fools”

  We are living in a profoundly dangerous moment.

• Assaults, Bullying, Rape: A Lawsuit Against One Professor Claims a University Didn’t Stop Him

  Two former students at the University of Illinois at Urbana-Champaign and a professor at another college filed a lawsuit Tuesday against a former UIUC professor, claiming he assaulted, bullied and raped multiple students.

  The lawsuit, filed in federal court in Urbana against Gary Gang Xu, seeks damages for distress from emotional, physical and sexual abuse.

• Mugabe’s Rule Led Many to Dismiss Nationalism, But That Opened the Door to Something Much Worse

  Robert Mugabe was one of the many leaders who came to power as a national liberator between the 1950s and 1980s, only to establish violent, corrupt and incompetent autocracies. The decades of misrule they inflicted on their countries did much to discredit nationalism as a progressive ideology that could better people’s lives.

• The Brutality of Robert Mugabe and Zanu-Pf In Zimbabwe

  The independence elections, 27-29 March 1980, saw two main parties competing: ZANU-PF won 57 of the then 80 common roll seats, and 63% of the popular vote; and PF-ZAPU led by Joshua Nkomo gained 20 seats and 24% of the vote. It was clear that ZANU-PF controlled the ZANLA guerrillas whose ‘presence was felt in over two-thirds of the country’, mostly in the Shona-speaking regions, and there was no doubt that ‘peace meant a ZANU-PF victory.’[1] Turnout was a huge 91% of eligible voters. But participation fell to 54% in 1990, ZANU-PF having engulfed ZAPU after December 1987, and fell further to 31% in 1996.[2] A deep and routinised despotism was being entered into under ZANU-PF and Robert Mugabe, almost unparalleled in severity. The liberation struggle had been severe, but the deaths and destruction over four subsequent decades were unrelenting: the main tombstones were Gukurahundi; farm expropriations; war in the Congo; Murambatsvima; the 2008 elections and ‘politicide’ against the MDC; and Marange diamonds. Each will be considered in turn. Robert Mugabe has gone, but ZANU-PF and the military remain. A new Zimbabwe is not around the corner.

• Moscow metro to begin training women as train drivers for the first time

  Beginning in March of 2020, women will be able to train as drivers for the Moscow metro system. Vice Mayor Maxim Liksutov announced the change on September 10, saying new trainees have been eager to sign up since registration for the March training group opened.

• American Barbarity on the Border

  The United States’ current immigration system is functioning exactly the way it is supposed to—it is designed to make people suffer.

• Masked protesters and riot police clash in East Siberian city

  In Ulan-Ude, a city in East Siberia, riot police have clashed with masked individuals at a protest demanding that officials release several jailed followers of Alexander Gabyshev, the Irkutsk “warrior shaman” who since March has been traveling on foot to Moscow, where he plans to “exorcise” Vladimir Putin’s spirit. Demonstrators have also demanded the invalidation of Sunday’s mayoral election results. The Instagram account ves_ulan_ude_ posted video footage of the violence.

• Moscow court says opposition leaders must pay 1.2 million rubles in damages for traffic disruptions caused by peaceful protests

  Moscow’s Koptevsky District Court has upheld a lawsuit brought by the state-owned bus company “Mosgortrans” against nine opposition leaders who advocated and organized an unpermitted protest in the capital on July 27. The defendants have been ordered to pay 1,218,591 rubles (about $18,630) for supposedly disrupting bus service and reducing the company’s revenue.

• Indigenous scholar attempts self-immolation in Ural city to protest language death

  A veteran scholar has attempted to commit suicide by self-immolation outside the State Council building of the Udmurt republic. According to Kommersant-Udmurtia, the man’s name was Albert Razin, and he burned himself in an act of protest against the dissipation of Udmurt ethnic traditions. The Udmurt people are a Finno-Ugric ethnic group living predominantly near Russia’s Ural Mountains.

Internet Policy/Net Neutrality

• The Internet Remains Broken In The Ninth Circuit And, At Least For Now, The Third

  Hopes that the Ninth Circuit would correct its earlier awful ruling against HomeAway and Airbnb were dashed recently when the court denied the petition for rehearing. We had supported that petition because the original decision read in an exception to Section 230′s statutory protection that is not present in the statute, is out of step with prior precedent (including in the Ninth Circuit itself), and threatens the Internet economy. Unfortunately, now that rehearing has been denied, any platform that facilitates commercial speech, and whose revenue model depends on facilitating the transactions arising from commercial speech, will no longer be able to reliably depend on Section 230′s protection, at least not in the Ninth Circuit.

• Victory! California’s Legislature Pulls AT&T and Comcast Bill That Protected Their Monopolies

  AT&T and Comcast lobbyists fought hard this year to pass A.B. 1366, a bill that would have protected their broadband monopolies. Thanks to your support, that bill will not move forward this year.

  The California legislature in 2012 decided to eliminate the authority of its own telecom regulator, the California Public Utilities Commission (CPUC) through the end of 2019—on the promise that such a move would produce an affordable, widely available, high-speed broadband network. What happened instead: over the past several years, California’s broadband market has been heading into a high-speed monopoly. For many, that’s led to more expensive and slower service than many other markets. In fact, all this law has done is protect broadband monopolies. As a result, the major ISPs were working hard to get it renewed through a new bill introduced this session, A.B. 1366.

Digital Restrictions (DRM)

• Tales From The Platform Wars: Steam Dev Says Calling ‘Metro Exodus’ Epic Exclusive Unfair Wasn’t Intended To Incite

  With us now getting on into nearly a year of the new PC gaming platform war between Valve’s Steam platform and the Epic Store, you might have forgotten how this all got kicked off. Before Epic pulled a Healthcare.gov with its platform release, and before crowdfunding efforts to fund PC games began taking a hit, and even before this whole thing transformed into mostly a PR war being fought with the PC gaming fanbase, there was Metro Exodus. The game was the first major title to announce an Epic Store exclusive deal for 6 months and that announcement came shortly after the game also became available for pre-order on Steam. This, understandably, pissed off a great many people. Including, it seems, the folks at Steam, who put out a statement on the game’s page. The results were as predictable as the sun rising in the East.

Monopolies

• Copyrights

  • Message to the Creative Commons Community Regarding Joi Ito

    Like many members of the Creative Commons community, I learned about MIT Media Lab Director Joi Ito’s fundraising from Jeffrey Epstein when Ito posted his public apology on August 15. Since then, Ito has resigned from MIT, from several boards, and also from the Creative Commons advisory council. In light of Ito’s history with CC, members of our community may have questions about his role and about our own fundraising practices. The FAQ below aims to answer those questions.

Server

• Intel Issues Second Release Of Its Rust-Written Cloud-Hypervisor For Modern Linux VMs

  Intel’s open-source crew has released version 0.2 of its primarily Rust-developed Cloud Hypervisor and associated firmware also in Rust.

  The Intel Cloud Hypervisor is their experimental VMM running atop KVM designed for modern Linux distributions and VirtIO para-virtualized devices without any legacy device support.

• SUSE Cloud Application Platform v1.5 released

  SUSE Cloud Application Platform 1.5 is out! It includes many updates from upstream Cloud Foundry, but also a number of useful and exciting new features unique to SUSE. This release, in conjunction with SUSE CaaS Platform 4, is the next step in the evolution of SUSE’s Application Delivery Solutions portfolio.

• Announcing SUSE CaaS Platform 4

  SUSE CaaS Platform 4 raises the bar for robust Kubernetes platform operations with enhancements that expand platform scalability options, strengthen application security, and make it easier to keep pace with technology advancements. Integrating the latest releases of Kubernetes and SUSE Linux Enterprise, SUSE CaaS Platform 4 continues to provide industry leading application delivery capabilities as an enterprise-ready solution.

• A new era in Cloud Native Application Delivery is here

• 3 Infrastructure Compliance Best Practices for DevOps

  For most IT organizations, the need for compliance goes without saying. Internal corporate policies and external regulations like HIPAA and Sarbanes Oxley require compliance. Businesses in heavily regulated industries like healthcare, financial services, and public service are among those with the greatest need for strong compliance programs.

• IBM

  • Introduction to virtio-networking and vhost-net

    In this post we have scratched the surface of the virtio-networking ecosystem, introducing you to the basic building blocks of virtualization and networking used by virtio-networking. We have briefly covered the virtio spec and the vhost protocol, reviewed the frontend and backend architecture used for implementing the virtio interface and have taken you through the vhost-net/virtio-net architecture of vhost-net (host kernel) communicating with virtio-net (guest kernel).

    A fundamental challenge we had when trying to explain things was the historical overloading of terms. As one example, virtio-net refers both to the virtio networking device implementation in the virtio specification and also to the guest kernel front end described in the vhost-net/virtio-net architecture. We attempted to address this by explaining the context of terms and using virtio-net to only describe the guest kernel frontend.

    As will be explained in later posts, there are other implementations for the virtio spec networking device based on using DPDK and different hardware offloading techniques which are all under the umbrella of the virtio-networking.

    The next two posts are intended to provide a deeper understanding of the vhost-net/virtio-net architecture. One post will be intended for architects providing a technical deep dive into the vhost-net/virtio-net and explaining how in practice the data plane and control planes are implemented. The other post intended for developers will be a hands on session including Ansible scripts to enable experimenting with the vhost-net/virtio-net architecture.

    If you prefer high level overviews we recommend you keep an eye out for the virtio-networking and DPDK introductions, to be published in the upcoming weeks.

  • How Linux came to the mainframe

    Despite my 15 years of experience in the Linux infrastructure space, if you had asked me a year ago what a mainframe was, I’d be hard-pressed to give a satisfying technical answer. I was surprised to learn that the entire time I’d been toiling away on x86 machines in various systems administration roles, Linux was running on the s390x architecture for mainframes. In fact, 2019 marks 20 years of IBM’s involvement in Linux on the mainframe, with purely community efforts predating that by a year.

Audiocasts/Shows

• Manjaro Levels Up | LINUX Unplugged 318

  It’s offical, Manjaro is a legitmate buisness; so what happens next? We chat with Phil from the project about their huge news.

  Plus we share some big news of our own, and the strange feels we get from Chrome OS.

  Special Guests: Brent Gervais, Ell Marquez, and Philip Muller.

• mintCast 317 – Yak Shaving

  This week, in our Wanderings, Toyam (Void Linux maintainer) shaves a yak and gets to soldering, I blew up and recovered my Mint install, Tony’s been editing audio and LUGing, Josh has been playing with Windows Subsystem for Linux , and Joe finally gets the Note 10

  Then, in our news we cover the Linux Mint Monthly News, exFAT in the kernel, iPhone and Android exploits and the new Pinebook Pro

  In security, we talk Firefox and why you should give it another try

Kernel Space

• Davidlohr Bueso: Linux v5.2: Performance Goodies

  This applies the idea that in most cases, a rwsem will be uncontended (single threaded). For example, experimentation showed that page fault paths really expect this. The change itself makes the code basically not read in a cacheline in a tight loop over and over. Note however that this can be a double edged sword, as microbenchmarks have show performance deterioration upon high amounts of tasks, albeit mainly pathological workloads.

• Taskbar Latency and Kernel Calls

  I work quickly on my computer and I get frustrated when I am forced to wait on an operation that should be fast. A persistent nuisance on my over-powered home laptop is that closing windows on the taskbar is slow. I right-click on an entry, wait for the menu to appear, and then select “Close window”. The mouse movement should be the slow part of this but instead I find that the delay before the menu appears is the longest component.

  [...]

  Sometimes the challenge in trace analysis is to find where the issue is, but for this issue that part of the analysis was trivial. There were three clear signals that all pointed to the right place, and a painfully obvious culprit.

  The first signal is the input events. UIforETW contains an integrated input logger (anonymized enough so that I don’t accidentally steal passwords or personal information) so I could just drill down to the MouseUp events with a Button Type of 2, which represents the right mouse button.

Benchmarks

• AMD Ryzen 5 3600X & Ryzen 5 3400G Performance In Linux

  When we decided to tackle this article, we didn’t expect it to require as much follow-up testing as it had. In fact, we had considered this article to be a “quick one”, which seems laughable, looking back. Nonetheless, that’s the way testing goes sometimes, and it at least keeps the thermal paste gods pleased.

  As we saw with the 3700X over the 2700X, the 3600X exhibits some huge performance gains over the 2600X in some cases. We usually expect a certain level of advancement from one generation to the next, but AMD has really impressed us with its Zen 2 architecture. Some improvements might be 8%, but some others could be as high as 40%. All of that extra cache sure doesn’t hurt.

Applications

• 10 Best Free Linux GPS Tools

  The Global Positioning System (GPS) is a satellite-based navigation satellite system consisting of a network of satellites which provide positioning, navigation, and timing services in all weather, anywhere on or near the Earth.

  The United States government maintains the system without levying any subscription fees or other charges.

  Use of space-borne positioning and timing data is now commonplace, in everything from freight movement to synchronization of computer networks. Cellular and data networks, shipping and air transport, financial systems, railways, agriculture, and the emergency services all make frequent use of GPS. There are also many different recreational uses of GPS. The one that first springs to mind is for tracking in motor vehicles. GPS helps drivers find the best route to a specified location, summon help in the event of an emergency, plot the location of the vehicle on a map, or find the nearest bank.

Instructionals/Technical

• How to install kubernetes on Centos step by step

• How to Setup SFTP Chroot Jail on Linux – Google Cloud

• How to Collect System and Application Metrics using Metricbeat

• How To Find & Locate Files on a Linux System

• Deploy monit in OpenShift

• Bash Script to Send a Mail About New User Account Creation

• How To Install Python pip On CentOS 7

• Making xinput set-button-map permanent

• Fix ‘Username Is Not In The Sudoers File. This Incident Will Be Reported’ On Debian

• KeePass 2.43 Released with UI and Integration Enhancements

• How to Show Line Numbers in Vim / Vi

• Multiple Examples Of screen Command On Linux

• How to Install WordPress with LEMP Stack on Debian 10

• How to Install and Use TestDisk Data Recovery Tool in Linux

Games

• Civilization VI just got a Battle Royale mode in the September update that’s live now

  Beware of the Red Death, a new official mode in Civilization VI. No this is not a joke, Civ just got a Battle Royale mode. A free mode for everyone too, you don’t need any expansions for it.

  In this brand new mode, there’s a scary radioactive mass that’s covering the planet. There’s a zone that’s safe—for now. Every so often, it will shrink and you need to stay inside it to avoid the Red Death. The world is a dangerous place here too, with corrosive oceans and lakes too so you need to get across quickly. This mode entirely does away with actually building up a civilization. Instead, you scout across the map for City Ruins, Raider Camps and Supply Drops to build up a little army.

  [...]

  Something to note, is that Civilization VI doesn’t seem to run on Arch/Manjaro directly from Steam.

• Golf With Your Friends just had a massive Space themed update

  Being in space shouldn’t be a barrier for Golf apparently, as Golf With Your Friends from Blacklight Interactive just went where no Golf Ball has gone before.

  This big Space themed update is out now for the amusing Early Access title adding in: 18 entirely new holes to try out, over 150 new set pieces for making your own courses, Ball Spinning was added to Custom Games and The Randomizer power-up was added for you to mess with your friends and change the shape of their ball.

• The handy NVIDIA Optimus GPU switcher just added support for more Linux desktops

  Remember we recently wrote about the MATE Optimus GPU switcher being developed by Martin Wimpress of Canonical? Well, it just keeps getting better.

  The fun feature added in the previous update was support for on-demand switching, which was added in a recent NVIDIA driver update. Wimpress hasn’t stopped though, with two more releases being put out since our little news tip.

• Valve have released a big new 1.7 version of SteamVR

  Bringing together a ton of updates from all the recent Beta releases, a big new release of SteamVR is out for everyone further refining the VR experience overall.

  This time around SteamVR gained a simplified user experience, Valve said their aim here is to “more clearly and consistently communicate general VR and specific device status” along with an improved VR display view, with a new docked preview and full-screen mode. A bunch of icons were updated, with support for high-DPI displays and more.

  For Valve’s own Index HMD, there’s now a Brightness Control setting for you to set in-headset. They also enabled column correction to help with vertical “screendoor”, both of which need a firmware update.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • Akademy 2019 Tuesday BoF Wrapup

    Tuesday continued the Akademy BoFs, group sessions and hacking. There is a wrapup session at the end of the day so that what happened in the different rooms can be shared with everyone including those not present.

  • Akademy 2019 Talks: Here’s What You Missed

    According to the now traditional schedule, Akademy 2019 started with two days of conference talks. Hosted by unixMIB at the University of Milano-Bicocca in Milan, Italy, the central conference of the KDE community attracted more than a hundred attendees during this past weekend. Many of them were attending Akademy for the first time ever, which is always a reason to celebrate.

    For those of you who were not able to join us, we’ve prepared a recap of all the talks from this year’s Akademy. The conference program on both Saturday and Sunday was split into two tracks after the lunch break, and included plenty of time for socializing (and hacking!) in between.

  • My Personal Impressions on KDE Plasma 5.16

    KDE Plasma Desktop version 5.16 has been released last June with slogan “Now Smoother and More Fun”. In this article I present you several nice things on 5.16 according to my opinions as a KDE user, among them are, new Do Not Disturb feature and safely remove multiple partitions. I like this release very much. I present this short review for people who are still using old Plasma today and I’m grateful to all KDE developers for this awesome release. And here we go!

    There are a lot of things I don’t cover here as you can see yourself in the official video, release notes, and detailed info by KDE Project. But, new features I find in this release are neat and I like them. As KDE user, I am satisfied. I can feel Plasma 5.16 runs so smooth as shown by latest Neon OS performance being real good on an 8-years old 2GB laptop. Not to mention, it also looks great with old desktop theme. In my opinion 5.16 does good and better once again. Kudos to all KDE developers! (and congratulations to Cezar!)

  • News from KDE PIM in July/August 2019

    Following Volker’s last blog on this topic, here are some highlights of the recent work that has been done around Kontact / PIM during this summer. First of all, stats: there were around 1200 commits in the past two months, leading to the new 19.08 release.

• GNOME Desktop/GTK

  • Tobias Mueller: Talking at GUADEC about defending against USB-borne attacks

    The short version of our approach is that we are trying to be smart about the user’s intent. That is, if the screen is locked, then we block the device. If a new keyboard is present and it tries to perform “dangerous” actions, we block them. Of course, you may very well expect that device to work when the screen is locked or the new keyboard to perform actions deems dangerous. This is why is make sure you have a way to opt out of the mechanism and continue to enjoy your GNOME experience. Almost all credits go to Ludovico for coming up with a set of patches as well as following up to make sure we can get it merged. Our slides are here and the video of our presentation is here:

    But I wanted to write more about GUADEC… This year’s GUADEC was in Thessaloniki, Greece, and I had the pleasure to be talking about the above mentioned protection. It was the end of the summer so the city was nicely warm and comfy. The coffee, juices, pastries, and other food and drinks in small shops on the streets were amazingly fresh and yummie. Arriving in Thessaloniki was okay. I’ve had better airport transfers in my life, but since there were only two buses it was hard to get lost. I needed to pay attention to the GPS, though, to find my right stop. It’s been long since I’ve slept in a bunk bed, but because we’re all GNOME people we had a good time.

Distributions

• Screenshots/Screencasts

  • Debian 10.1 KDE Run Through

    In this video, we are looking at Debian 10.1. Enjoy!

• Fedora Family

  • Fedora 32 Looking At Switching Firewalld From Iptables To Nftables

    While Fedora 31 isn’t even out yet, looking ahead to the Fedora 32 release next spring is a plan to switch firewalld as Fedora’s default network firewall from its existing iptables back-end to the more modern nftables back-end.

    Firewalld upstream has begun defaulting to Nftables and distributions like Red Hat Enterprise Linux 8 are also using it. Now with Fedora 32 that default change-over is likely to take place to provide rule consolidation, namespaced rules support, and more software projects focusing on nftables over iptables.

  • How to set up a TFTP server on Fedora

Devices/Embedded

• RK3399 hacker board upgrade adds 4GB LPDDR4 RAM

  FriendlyElec has released an upgraded version of its Rockchip RK3399 based SBC, the NanoPi-M4. Called NanoPi M4V2, the new $70 board is mostly identical to its predecessor, but offers 4GB of LPDDR4 RAM, along with two user buttons for power and recovery.

  A little over a year ago, FriendlyElec rolled out its third RK3399 based SBC of 2018, the NanoPi-M4. The board seemed to hit on a sweet spot tradeoff in terms of an affordable SBC with a decent amount of RAM. Now the company has launched an upgraded version, the NanoPi-M4 that has 4GB or RAM while moving to the more advanced LPDDR4, in contrast to the NanoPi M4’s LPDDR3. While the NanoPi-M4 costs $75 in its 4GB version ($50 for 2GB), the new NanoPi-M4V2 with 4GB costs only $70. The new board adds two new users buttons—for power and recovery—that were not on the original NanoPi-M4. Other differences on the new NanoPi M4V2 include 2×2 MIMO support and an inconsequential heavier weight of 50.62 grams (versus 47.70g).

• Mobile Systems/Mobile Applications

  • Your annual reminder that those Android vs iOS update stats aren’t as simple as they look

  • I’m an Android User. The Apple Event Almost Broke My Brain.

  • Android Auto and Apple CarPlay Updates Bring Major Changes

  • Android 10 launcher port brings new gesture animations to rooted Android 9 devices

  • Google finally starts rolling out dark mode in the Gmail app on Android 10

  • Gmail for Android dark theme begins rolling out [Gallery]

  • Chrome 77 for Android rolling out: New Downloads page, ‘Send this page’ sharing

  • After Hours: Android games w/ high refresh rates, new Xiaomi Mi TV, more

  • Building a custom machine learning model on Android with Tensorflow Lite

  • GCA Launcher is an Android Go-friendly launcher inspired by Chrome OS and Pixel Launcher

  • Huawei Android 10 upgrade road-map announced, with P30 Pro coming first

  • Best Smartwatch for Women in 2019

  • You Can Now Use Vivaldi Browser on Android

  • Pixel 4 render hints at October 15 announcement date

  • Second Galaxy Available for Android, Reminds Me a Lot of EVE Online

  • iPhone 11 vs. Samsung Galaxy Note 10 vs. Pixel 3 and more: specs comparison

  • Toshiba will use Android TV with some models in its 2020 lineup

  • New Apple iPhone? Please! Get the best, pay less: Android

    Here’s the simple truth: The iPhone 11 brings nothing new to the table. If you want a top-of-the-line phone, you’ll do just as well, if not better, with a Pixel 4 or Samsung Galaxy Note 10. And, if you really want a phone that’s going to catch people’s eyes, and make them go “Whoa!”, then get a Samsung Galaxy Fold and hope Samsung’s got all the bugs out of this foldable beauty.

    Jason and I do agree on one thing: You don’t need to pay a mint for a good smartphone. Unfortunately, except for the iPhone 7, Apple doesn’t offer reasonably priced phones. If you want to be smart with your money, get an inexpensive Android phone.

    A decent Android phone won’t be as swanky as an iPhone 11, but it will do everything Apple’s latest and greatest do for a lot less.

Free, Libre, and Open Source Software

• Programming/Development

  • Django 3.0 alpha 1 released

    Django 3.0 alpha 1 is now available. It represents the first stage in the 3.0 release cycle and is an opportunity for you to try out the changes coming in Django 3.0.

    Django 3.0 has a raft of new features which you can read about in the in-development 3.0 release notes.

  • Exploring pygame 5 – Movement and Collision

    Movement is part of a large portion of games. When jumping between platforms, shooting against a horde of enemies, piloting a space ship and running through the streets, we are causing movement and interacting with the game environment, applying action and causing reactions.

    This chapter is to describe the basics of moving objects across the screen and their interaction with other elements through collision detection.

  • Master Python List Comprehension in 2 Minutes

    This tutorial explains Python list comprehension in no more than 2 minutes. It is the fastest method to search a list, apply some condition, and return a new list with selected elements.

    You may find it similar to Python filter() method that filters values based on some condition. However, list comprehension has a powerful syntax which gives more options.

  • Absolute vs Relative Imports in Python

    If you’ve worked on a Python project that has more than one file, chances are you’ve had to use an import statement before. Even for Pythonistas with a couple of projects under their belt, imports can be confusing!

    If you’re reading this because you’d like to gain a deeper understanding of imports in Python, particularly absolute and relative imports, then you’ve come to the right place! In this tutorial, you’ll learn the differences between the two, as well as their pros and cons.

  • PyCoder’s Weekly: Issue #385 (Sept. 10, 2019)

  • PHP Creator Rasmus Lerdorf Shares Lessons Learned from the Last 25 Years

    This year’s annual phpDay Italian PHP conference in Verona ended with a surprisingly reflective talk from the original creator of PHP.

    As the closing speaker, 50-year-old Rasmus Lerdorf looked back over the web backend programming language’s last 25 years, and offered some lessons learned from the evolution of a humble hypertext preprocessor into a major player in the infrastructure of the web.

    But besides sharing his stories about a lifetime in tech and the changes that rocked our world, Lerdorf also offered his own perspective on what it all had meant, and even some good advice for newer generations of hopeful young hackers who might also want to change the world themselves.

  • Enterprise Java Evolves With Release of Jakarta EE 8 Spec

    Jakarta EE will enable the enterprise Java community to “deliver an enormous amount of value and innovation going forward.”

  • Sunsetting Python 2

    We are volunteers who make and take care of the Python programming language. We have decided that January 1, 2020, will be the day that we sunset Python 2. That means that we will not improve it anymore after that day, even if someone finds a security problem in it. You should upgrade to Python 3 as soon as you can.

  • Monitoring traffic of your Github repositories using Python and Google Cloud Platform — Part 1
    

    It is an article about monitoring your Github open-source repositories traffic. Unfortunately, you can see these statistics only by accessing each repository step by step. You may not want to access them at all? But if you do, you can use this small tool.

  • wxPython – Creating a PDF Merger / Splitter Utility

    The Portable Document Format (PDF) is a well-known format popularized by Adobe. It purports to create a document that should render the same across platforms.

  • The weekly Python news report

    Django 3.0 alpha 1 is now available. The first stage in the 3.0 release cycle is ready for you to use.

  • Python Anywhere: Our new CPU API

    We received many requests from PythonAnywhere users to make it possible to programmatically monitor usage of CPU credit, so we decided to add a new endpoint to our experimental API.

    The first step when using the API is to get an API token — this is what you use to authenticate yourself with our servers when using it. To do that, log in to PythonAnywhere, and go to the “Account” page using the link at the top right.

  • Test and Code: 87: Paths to Parametrization – from one test to many

    There’s a cool feature of pytest called parametrization.
    It’s totally one of the superpowers of pytest.

    It’s actually a handful of features, and there are a few ways to approach it.
    Parametrization is the ability to take one test, and send lots of different input datasets into the code under test, and maybe even have different output checks, all within the same test that you developed in the simple test case.

    Super powerful, but something since there’s a few approaches to it, a tad tricky to get the hang of.

  • 10 Ansible modules you need to know

    Ansible is an open source IT configuration management and automation platform. It uses human-readable YAML templates so users can program repetitive tasks to happen automatically without having to learn an advanced programming language.

    Ansible is agentless, which means the nodes it manages do not require any software to be installed on them. This eliminates potential security vulnerabilities and makes overall management smoother.

    Ansible modules are standalone scripts that can be used inside an Ansible playbook. A playbook consists of a play, and a play consists of tasks. These concepts may seem confusing if you’re new to Ansible, but as you begin writing and working more with playbooks, they will become familiar.

  • How to debug where a function returns using LLDB from the command line

Her Own Toy Story: How A 6-Year-Old Girl’s Letter Launched ‘Plastic Army Women’

“I have to pay the sculptor. I have to pay the tooling. I have to make a down payment on production,” he said. “If it’s coming from China, it’s on a boat for five weeks.”

“By the time you figure out the cost of everything involved in making an original set of plastic toy figures in this size,” he said. “It starts around the cost of a modest new car.”

Imel said he had long been kicking around the idea of adding a set of female toy soldiers to the miniature toys that date back to the 1930s. And though “everyone loved the idea,” he said budget constraints impeded turning the idea into reality.

Security (Confidentiality/Integrity/Availability)

• It’s 2019, and Windows PCs can be pwned via a shortcut file, a webpage, an evil RDP server…

  It will be a busy day for admins and users of Windows PCs and servers, as Microsoft has released updates for a total of 80 CVE-listed bugs.

  Among the more serious issues addressed this month are CVE-2019-1215 and CVE-2019-1214, a pair of elevation-of-privilege vulnerabilities that have been under active attack in the wild.

  In both cases, experts say, miscreants are going after older machines. CVE-2019-1215 preys on Winsock, specifically ws2ifsl.sys, a service that has been targeted by malware since 2007, while the exploit for CVE-2019-1214 is largely looking to target Windows 7 boxes. These flaws can give malware on a machine admin-level access to hijack the whole box.

• 4 open source cloud security tools

  If your day-to-day as a developer, system administrator, full-stack engineer, or site reliability engineer involves Git pushes, commits, and pulls to and from GitHub and deployments to Amazon Web Services (AWS), security is a persistent concern. Fortunately, open source tools are available to help your team avoid common mistakes that could cost your organization thousands of dollars.

  This article describes four open source tools that can help improve your security practices when you’re developing on GitHub and AWS. Also, in the spirit of open source, I’ve joined forces with three security experts—Travis McPeak, senior cloud security engineer at Netflix; Rich Monk, senior principal information security analyst at Red Hat; and Alison Naylor, principal information security analyst at Red Hat—to contribute to this article.

  We’ve separated each tool by scenario, but they are not mutually exclusive.

• Telnet Backdoor Opens More Than 1M IoT Radios to Hijack

  Imperial Dabman IoT radios have a weak password vulnerability that could allow a remote attacker to achieve root access to the gadgets’ embedded Linux BusyBox operating system, gaining control over the device. Adversaries can deliver malware, add a compromised radio to a botnet, send custom audio streams to the device, listen to all station messages as well as uncover the Wi-Fi password for any network the radio is connected to.

  The issue (CVE-2019-13473) exists in an always-on, undocumented Telnet service (Telnetd) that connects to Port 23 of the radio. The Telnetd service uses weak passwords with hardcoded credentials, which can be cracked using simple brute-forcing tactics. From there, an attacker can gain unauthorized access to the radio and its OS.

Defence/Aggression

• Two British-Australian women ‘detained in Iran’ as tensions grow over tanker

  One of the women, a blogger who was travelling through Asia with her Australian boyfriend, was arrested 10 weeks ago on charges which remain unclear, according to The Times.

  She was detained by the Iranian Revolutionary Guard for camping in a military precinct around Jajrood in Tehran province, BBC Persia reported

  The other woman, an academic who had been lecturing at an Australian university, has been given a 10-year sentence, The Times reported, citing a source with knowledge of the cases.

  While the charges against her also remain unclear, 10-year terms are routinely given in Iran for spying charges, the paper reported.

• Germany to restart joint police training with Saudi Arabia

  Germany began its border security training and advisory mission in the conservative kingdom in 2009. The German Federal Police operated an office with three staff members in the capital, Riyadh.

  However, Berlin stopped the cooperation after Khashoggi’s October 2018 murder at the Saudi Consulate in Istanbul drew international condemnation.

  The Foreign Ministry said that restarting the police training program did not mean the German government’s position condemning the Washington Post columnist’s murder had changed.

• Kashmir: China may pose bigger challenge than Pakistan

  China is already occupying 20 per cent of land belonging to Jammu and Kashmir. While Pakistan has failed to find support over Kashmir move, China, on the other hand, may hold the key in this India-Pakistan diplomatic warfare.

Environment

• What can a software developer do about climate change?

  Now, clearly this ordinance isn’t going to solve climate change. In fact, nothing Cambridge does as a city will solve climate change, because there’s only so much impact 100,000 people can have on greenhouse gas emissions.

  But while in some ways this ordinance was a tiny victory in a massive war, if we take a step back it’s actually more important than it seems. In particular, this ordinance has three effects:

  1 Locally, safer bike infrastructure means more bicycle riders, and fewer car drivers. That reduces emissions—a little.

  2 Over time, more bicycle riders can kick off a positive feedback cycle, reducing emissions even more.

  3 Most significantly, local initiatives spread to other cities—kicking off these three effects in those other cities.

  Let’s examine these effects one by one.

• Climate Advocates Are Nearly Unanimous: Bernie’s Green New Deal Is Best

  Climate change is the greatest threat facing humanity, and for the past nine months, the Democratic candidates have been jostling to prove which of them is the most serious about tackling the crisis and who has the most effective and ambitious plan to do so. Voters are now weighing the various plans, but some of the country’s leading environmental and climate groups have already singled out a leader in the pack so far: Bernie Sanders and his Green New Deal plan.

  In near unanimity, representatives from these organizations pointed to Sanders’s plan as standing above the rest, positioning him as a leader on an issue whose urgency is increasingly recognized by the public…

• 22 million pounds of plastics enter the Great Lakes each year

  Plastic debris makes up about 80% of the litter on Great Lakes shorelines. Nearly 22 million pounds enter the Great Lakes each year—more than half of which pours into Lake Michigan, according to estimates calculated by the Rochester Institute of Technology. Regardless of size, as plastics linger in the water, they continue to break down from exposure to sunlight and abrasive waves.

  Microplastics have been observed in the guts of many Lake Michigan fish, in drinking water and even in beer. Perhaps the most worrisome aspect is that the impact of microplastics on human health remains unclear. Plastics are known to attract industrial contaminants already in the water, like PCBs, while expelling their own chemical additives intended to make them durable, including flame retardants.

  Because the problem is virtually invisible, sometimes it’s hard to attract attention to it.

• France launches national consultation on pesticide buffer zones

  The government has suggested a minimum distance of 5 metres for low-lying crops such as cereals and one of 10 metres for higher ones, including vines and fruit.

  The proposals are a far cry from the 150-metre-wide buffer zone introduced by several mayors this summer, which the government opposed.

• Energy

  • What Saudi Arabia’s Energy Shake-Up Says About Its Oil Plans

    That may have been what’s behind recent shake-ups in the Saudi oil industry. Over the weekend, King Salman replaced the country’s powerful energy minister, Khalid al-Falih, with one of his own sons. The new minister Prince Abdulaziz bin Salman, an older half brother of the crown prince, has held leading posts in the oil industry for three decades and was recently minister of state for energy affairs.

    Oil prices rose slightly on Monday after Prince Abdulaziz was named energy minister.

    It is the first time a member of the Saudi royal family is in charge of the energy ministry.

  • Key facts about the new EPA plan to reverse the Obama-era methane leaks rule

    President Trump’s EPA is moving to roll back 2016 Obama administration methane leak regulations for key parts of the oil and gas industry, another example of what seems an across-the-board repudiation of Obama-era environmental and climate change initiatives. The new proposal, if made final, is certain to face legal challenges, with its ultimate fate perhaps being decided only by the administration in office in 2021.

    EPA Administrator Andrew Wheeler in late August signed and later announced a proposed rule that would significantly weaken the methane leak reporting regulations. The proposed approach generally would allow transmission and storage sectors of the industry to self-regulate and self-report leaks of the highly-potent greenhouse gas.

    In a prepared statement, Wheeler said “methane is valuable, and the industry has an incentive to minimize leaks and maximize its use.” He said that since 1990, “methane emissions across the natural gas industry have fallen by nearly 15%,” and that the new EPA approach “should not stifle this innovation and progress.” Separate rules on volatile organic chemicals “also reduce methane,” making the existing rule “redundant,” Wheeler argued.

Finance

• Stripe to Offer a Corporate Card, Joining Brex and Others

  The Stripe Corporate Card will cater to the small businesses and startups in the U.S. on Stripe’s payments platform, the San Francisco-based company said on Tuesday. The card will aim to solve what the company says is a challenge for smaller companies that have trouble securing cards to buy supplies and to issue to employees. The card also means Stripe is getting into the same space as Brex Inc., the corporate card startup which recently garnered a $2.6 billion valuation.

AstroTurf/Lobbying/Politics

• Really a Right Wing Coup

  Just because it is not written in a single document does not mean the UK does not have a constitution. But it does mean it has a particularly bad one.

• Inside Saudi Arabia’s Instagram influence operation, where bloggers get lavish vacations to help clean up the country’s bloody reputation

  Saudi Arabia has been enlisting Instagram influencers to document the country on all-expenses-paid supervised tours, part of efforts to improve its reputation and build a tourism industry from scratch.

Censorship/Free Speech

• Apple programmed Siri to avoid the word “feminism”

  Previously, when Siri was asked if she was a feminist, she would respond “Sorry [user], I don’t really know.” Since the rewrite, responses avoid a stance. “I believe that all voices are created equal and worth equal respect,” she might reply, for example; or, “it seems to me that all humans should be treated equally.”

• How Discord moderators build innovative solutions to problems of scale with the past as a guide

  For a new study that will be published in CSCW in November, we interviewed 14 moderators of 8 “subreddit” communities from the social media aggregation and discussion platform Reddit to answer these questions. We chose these communities because each community had recently adopted the real-time chat platform Discord to support real-time chat in their community. This expansion into Discord introduced a range of challenges—especially for the moderation teams of large communities.

  We found that moderation teams of large communities improvised their own creative solutions to challenges they faced by building bots on top of Discord’s API. This was not too shocking given that APIs and bots are frequently cited as tools that allow innovation and experimentation when scaling up digital work. What did surprise us, however, was how important moderators’ past experiences were in guiding the way they used bots. In the largest communities that faced the biggest challenges, moderators relied on bots to reproduce the tools they had used on Reddit. The moderators would often go so far as to give their bots the names of moderator tools available on Reddit. Our findings suggest that support for user-driven innovation is important not only in that it allows users to explore new technological possibilities but also in that it allows users to mine their past experiences to introduce old systems into new environments.

Privacy/Surveillance

• Your private Instagram pics ain’t as private as you might think

  With just a few clicks in any old web browser, one can uncover the persistent URLs of private Instagram posts and stories that have been cached on Instagram-owner Facebook’s servers.

  By using a web browser that allows users to inspect the elements of a web page, one can find the URL of an Instagram image one has clicked on.

Freedom of Information/Freedom of the Press

• Jamal Khashoggi killers discussed how to ‘cut a warm body’ moments before he came inside consulate

  The audio recordings, obtained by Turkey’s national intelligence and made public by Turkish daily Sabah, detailed the horrifying conversations between the Saudi writer and members of the 15-man hit squad moments before his assassination on October 2, 2018.

Civil Rights/Policing

• Bought and sold 20 times, but no-one’s slave: Hayfa Adi’s story

  Five years after what is now known as the Kocho Massacre, exhumation has finally begun of 17 suspected mass graves around the town.

  There is a chance Ghazi’s fate may be unearthed with the help of his sons’ DNA.

• Moroccan journalist’s trial for alleged abortion postponed after protest

  The case brought against Hajar Raissouni, who writes for the Arabic-language newspaper Akhbar Al-Yaoum, has triggered a furious debate in the media and online about civil liberties and freedom of the press in the north African country.

  The 28-year-old, whose paper has a history of run-ins with the authorities, risks up to two years in prison if found guilty under the penal code which bars sex before marriage and abortion, except if the mother’s life is in danger.

  Her trial had been scheduled to open on Monday but after several hours deliberation the Rabat court ruled it would be postponed until September 16.

  It also said the journalist would be detained until that date, against the repeated requests of her defence team.

• Asia Bibi pleads for justice for victims of Pakistan’s harsh blasphemy laws as she plans to settle in Europe

  Nearly four months after the 54-year-old finally left Pakistan following a miscarriage of justice that caused worldwide outcry, she has the opportunity to rebuild a new life for her and her daughters.

  Yet while she is enthusiastically grateful for the international efforts to free her, she says the world should know that Pakistan’s harsh blasphemy laws have left many others still behind bars.

  In her first ever newspaper interview, she told The Sunday Telegraph she had at times fallen into despair after being sentenced to death in a case condemned around the world.

  She also spoke of her heartbreak at being forced to leave her homeland, amid fears she would be murdered by religious extremists even after Pakistan’s supreme court had quashed her flimsy conviction.

Monopolies

• Patents and Software Patents

  • Automotive supplier Continental gets penalized for its lawyers’ low-quality work as Judge Koh denies (without prejudice) motion for antisuit injunction

    A little over a year ago, Judge Lucy H. Koh of the United States District Court for the Northern District of California denied without prejudice a motion for an antisuit injunction–by a consumer class against Qualcomm. But a very detailed and thoughtfully-crafted order indicated that the motion had raised some valid points, just prematurely, which is why I viewed the order as an invitation for the consumer class to refile at the right time. Meanwhile, Qualcomm’s settlement with Apple has directly and indirectly (because of its effects on Intel’s cellular modem aspirations) taken care of that matter.

  • Remarks by Director Iancu at the Standard-Essential Patents Strategy Conference

    On the morning of February 7, 1904, not far from D.C., a dry goods store in downtown Baltimore, Maryland, burst into flames. The fire alarm sounded, and firefighters from several units throughout the city rushed to answer the call. As they smashed through the burning building, explosions shot embers through the broken windows and onto neighboring structures. Before long, the fire—believed to have been ignited by a discarded cigarette in the building’s basement, near a pile of wood shavings—fueled a blaze that would go on to destroy much of central Baltimore.

    Firefighters from other cities, including Washington, D.C., and Philadelphia, were sent to help battle the inferno, but they quickly encountered a serious problem. Because there were no national standards for fire-fighting equipment in those days, firefighters from one city could not effectively use the equipment from another city. Indeed, poorly matched and hastily bound hoses emitted weak streams of water, while some fire fighters ran out of hose as buildings collapsed before them. This, in turn, wasted precious time and prolonged the fire. And so, Baltimore burned.

    Over the course of 31 hours, the fire went on to consume 70 city blocks, including 1,500 buildings and 2,500 businesses. All told, the property loss from the disaster was an estimated $200 million, and 35,000 people were thrown out of work, sending the city into economic turmoil. It was the most destructive conflagration in the United States since the Great Chicago Fire of 1871. A real tragedy, aggravated by the lack of standards.