EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

09.24.19

Links 24/9/2019: CentOS Release/s, ‘Peek’ 1.4.0, Nim Reaches Version 1.0

Posted in News Roundup at 4:11 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Server

      • Persistent Storage for Containers: Why the Future is Open Source

        Software containerization is unlikely to be at the top of the list of considerations for the average storage administrator. First and foremost storage professionals are going to be concerned with every enterprise’s most pressing problem: managing the ‘explosive’ volume of data within the constraints of their limited IT budget.

        However, there are compelling reasons why storage professionals should be thinking about containerization as how its rapid adoption will impact the roadmap of your existing storage providers and drive changes to your own organization’s data storage strategy.

      • Multi-cloud Management: Stratos and Kubernetes

        At the recent Cloud Foundry Summit EU in the Netherlands, Troy Topnik and Neil MacDougall of SUSE demonstrated and talked about the work that SUSE has done to extend the Stratos management interface to include support for Kubernetes and Helm. They described how they used the Stratos extension mechanism to add new endpoint types for Kubernetes and Helm and showed some of the features that SUSE has been developing. They talked about where SUSE is headed next in extending Stratos beyond Cloud Foundry into a Multi-cloud Management interface.

      • IBM

        • Fedora and CentOS Stream

          Hi everyone! You may have seen the announcement about changes over at the CentOS Project. (If not, please go ahead and take a few minutes and read it — I’ll wait!) And now you may be wondering: if CentOS is now upstream of RHEL, what happens to Fedora? Isn’t that Fedora’s role in the Red Hat ecosystem?

          First, don’t worry. There are changes to the big picture, but they’re all for the better.

        • CentOS Linux 8 Officially Released, It’s Based on Red Hat Enterprise Linux 8

          The CentOS project announced today the release and general availability of the CentOS Linux 8.0 open-source operating system for all supported architectures.

          Coming hot on the heels of the CentOS Linux 7.7 release, CentOS Linux 8 is now officially available, based on the sources of the Red Hat Enterprise Linux 8 operating system, which means that it comes with all of its great new features and enhancements for the hybrid cloud era.

          Highlights include support for Application Streams, which consists of fast-moving frameworks, programming languages, and developer tools that are frequently updated, the ability for systems administrators to automate complex tasks more easily, as well as built-in support for the OpenSSL 1.1.1 and TLS 1.3 cryptographic standards.

        • Release for CentOS Linux 8 and CentOS Streams

          CentOS Linux 8.0-1905 has been released. The release notes have more details. The CentOS project also introduces CentOS Stream.

        • CentOS-8 (1905) Release Notes

          Hello and welcome to the first CentOS-8 release. The CentOS Linux distribution is a stable, predictable, manageable and reproducible platform derived from the sources of Red Hat Enterprise Linux (RHEL)1. You can read our official product announcement for this release.

          CentOS conforms fully with Red Hat’s redistribution policy and aims to have full functional compatibility with the upstream product. CentOS mainly changes packages to remove Red Hat’s branding and artwork.

          We have decided not to follow Red Hat’s usage of Installation Roles. In CentOS Linux all content from every distribution ‘channel’ is made available to the user at time of installation.

          Please read through the other sections before trying an install or reporting an issue.

          This is the first release of a new distribution from the CentOS Project: CentOS Stream. CentOS Stream is a rolling-release Linux distro that exists as a mid-stream between the upstream development in Fedora Linux and the downstream development for Red Hat Enterprise Linux (RHEL). It is a cleared-path to contributing into future minor releases of RHEL while interacting with Red Hat and other open source ecosystem developers. This pairs nicely with the existing contribution path in Fedora for future major releases of RHEL. You can read more on the CentOS Stream release notes page.

        • Presenting CentOS Stream

          Today, CentOS Stream is available based on CentOS Linux 8 software packages the project has been building over the summer combined with the latest Red Hat Enterprise Linux (RHEL) 8 development kernel. You can read the release announcement here.

          CentOS Stream will be a rolling-release Linux distro that exists as a midstream between the upstream development in Fedora Linux and the downstream development for Red Hat Enterprise Linux (RHEL). It is a cleared-path to contributing into future minor releases of RHEL while interacting with Red Hat and other open source developers. This pairs nicely with the existing contribution path in Fedora for future major releases of RHEL.`

          Over the coming months, the CentOS Project and Red Hat Engineering plan to begin updating the packages in CentOS Stream to reflect the in-progress development toward the next minor release of RHEL. This, for the first time, makes the CentOS Project a part of the RHEL platform development cycle.

          During this period, and with community support, Red Hat and the CentOS Project will develop the processes necessary to help CentOS Stream evolve rapidly to serve the needs of current and future CentOS distro users and to enable developers in new and interesting ways, all while helping to contribute to the broader platform.

          In the past there was no way to contribute to the upstream via the CentOS Project. That changes with CentOS Stream — you can make stronger, more direct connections to the operating system developers of the Fedora Project, reducing the feedback loop into the distro creation itself. Bringing the diversity of all developer voices to the room when RHEL is being planned and created.

          During the introduction and build-out of CentOS Stream, we want to make sure we’re helping CentOS distro users however you need it. Come join the conversation and help us create the future.

        • CentOS Linux 8 released: New Features and Download

          entOS Linux 8 released. It is a Linux distro derived from RHEL 8. CentOS was created when Red Hat stopped providing RHEL free. These days CentOS mostly used on servers, HPC, and desktop. CentOS is a high-quality Linux distribution. It gives complete control of its open-source software packages and is fully customized for research needs or for running a high-performance website without the need for license fees. Let us see what’s new in CentOS 8.

        • Remi Collet: CentOS 8 repository

          Shortly after RHEL-8, CentOS 8 is released and of course my repository is already open and fully populated.

        • Changes to CentOS: What CentOS Stream means for developers

          Today Chris Wright, vice president and CTO at Red Hat, published a post describing how CentOS is changing and the opportunities it opens for developers in the Red Hat Enterprise Linux (RHEL) ecosystem. The net effect of this change is that, in addition to CentOS Linux 8, there is a new version of CentOS—CentOS Stream—which will provide a “rolling preview” of future Red Hat Enterprise Linux kernels and features. This is being announced in addition to the release of the traditional CentOS Linux 8, which is a downstream rebuild of the current RHEL release.

          CentOS Stream is an exciting addition to the family of Linux operating systems that are upstream and downstream of Red Hat Enterprise Linux.

          CentOS Stream will live in-between Fedora and RHEL, providing a clearer vision of what the next version of RHEL will be, giving developers the opportunity to stay a step or two ahead in their planning, and making it easier to ensure next-generation applications will be compatible with future RHEL versions. CentOS Stream also will make contributing to future versions of RHEL much simpler and more direct.

        • CentOS 8.0 Released As Community Version Of Red Hat Enterprise Linux 8

          With Scientific Linux having been phased out moving forward, CentOS is the main community-based distribution (albeit backed by Red Hat) providing a cost-free version of Red Hat Enterprise Linux. It took a few months to get out the door, but CentOS 8.0 is now available as being re-based off Red Hat Enterprise Linux 8. CentOS/RHEL 8.0 brings many new features over the aging EL7 archive.

        • Red Hat Creates CentOS Stream

          Red Hat announced a new project called CentOS stream that will serve as an upstream project for Red Hat Enterprise Linux to establish a better relationship between RHEL, Fedora and CentOS. According to Red Hat CTO, “The CentOS Stream project sits between the Fedora Project and RHEL in the RHEL Development process, providing a “rolling preview” of future RHEL kernels and features. This enables developers to stay one or two steps ahead of what’s coming in RHEL, which was not previously possible with traditional CentOS releases.”

        • CentOS Stream Announced As Developer-Forward Distribution, Rolling Release Of RHEL

          CentOS Stream is a new forward-looking distribution running in parallel with CentOS 8 and in cooperation with Red Hat and the CentOS Project.

          While CentOS 8.0 will be announced today, Red Hat made the surprise announcement of CentOS Stream this morning.

          Red Hat’s Chris Wright wrote of CentOS Stream, “CentOS Stream is a developer-forward distribution that aims to help community members, Red Hat partners and others take full advantage of open source innovation within a more stable and predictable Linux ecosystem. It is a parallel distribution to existing CentOS Linux, which this morning saw the release of CentOS Linux 8.”

        • Red Hat introduces rolling release CentOS Stream

          If you need enterprise Linux with support, Red Hat wants to sell you Red Hat Enterprise Linux (RHEL). If not, Red Hat will be happy if you use CentOS, the RHEL clone. It’s not updated as often, but it does the job. Now, Red Hat is switching things up by offering a rolling release version of its popular server operating system: CentOS Stream.

          A rolling release is one in which all of the operating system — kernel, libraries utilities and applications — is continuously updated. Examples of these include Arch, Manjaro, and openSUSE Tumbleweed. The more typical roll-up releases consolidate recent updates into a stable tested operating system.

        • Transforming the development experience within CentOS

          More than five years ago, Red Hat and the CentOS Project joined forces to further the development of next-generation Linux innovations for enterprise IT. Since then, we’ve seen the open source model continue to thrive, fueling the rise of Linux containers, Kubernetes, microservices, serverless and more. Given the rapid pace of this community-driven innovation, we, in agreement with the CentOS Project leadership, are pleased to introduce a new model into the CentOS Linux community: CentOS Stream.

          CentOS Stream is a developer-forward distribution that aims to help community members, Red Hat partners and others take full advantage of open source innovation within a more stable and predictable Linux ecosystem. It is a parallel distribution to existing CentOS Linux, which this morning saw the release of CentOS Linux 8.

        • A journey to the vhost-users realm

          In the previous deep dive blog, we showed the benefits moving the network processing out of qemu and into a kernel driver by using the vhost-net protocol. In this post we will go one step further and show how to achieve better network performance by moving the dataplane from the kernel to userspace in both the guest and the host using the DPDK: Data Plane Development Kit. To achieve this we will also look in detail into a new implementation of the vhost protocol: the vhost-user library.

          By the end of this post, you should have a deep understanding of all the components involved in a vhost-user/virtio-pmd based architecture and understand the reasons behind the significant performance improvement it provides.

        • OpenShift Scale-CI: Part 2 – Deep Dive

          In part one of the series, we saw how the Red Hat OpenShift Scale-CI evolved. In this post, we will look at the various components of Scale-CI. OpenShift Scale-CI is not a single tool, it’s a framework which orchestrates a bunch of tools to help analyze and improve the Scalability and Performance of OpenShift.

          [...]

          A typical Scale-CI run installs OpenShift on a chosen cloud provider, sets up tooling to run a pbench-agent DaemonSet, runs Conformance (e2e test suite ) to check the sanity of the cluster, scales up the cluster to the desired node count, runs various scale tests focusing on Control plane density, kubelet density, HTTP/Router, SDN, Storage, Logging, Monitoring and Cluster Limits. It also runs a Baseline workload which collects configuration and performance data on an idle cluster to know how the product is moving across various OpenShift releases. The results are shipped to the Pbench server after processing for analysis and long term storage. The results are scraped to generate a machine readable output ( JSON ) of the metrics to compare with previous runs to pass/fail the Job and send a green/red signal.

        • Deliver digital telco services with modern operations and business support systems

          There are plenty of opportunities for communication service providers (CSPs) to expand and evolve their offerings to be more competitive, including new services for more than 17 billion connected devices in use today around the world. The challenge, however, will be to modernize operations support systems (OSS) and business support systems (BSS) so that the digital services can be provisioned, monitored, managed, scaled and delivered to meet customers’ high expectations.

          [...]

          Red Hat OpenShift Container Platform delivers a strong foundation for microservices-based OSS/BSS architecture. It integrates a number of open source projects, bringing together enterprise-grade Linux operating system, container runtime, networking, monitoring, container registry, authentication, and authorization solutions. These components are tested and supported together for unified operations on a comprehensive Kubernetes platform spanning the leading clouds. Coupling it with integration and automation solutions can increase both efficiency and agility in network management and business operations, clearing the way for innovation and improved customer experience. Red Hat’s Consulting team offers a comprehensive adoption path to move CSPs from inception to production at scale.

    • Audiocasts/Shows

      • Full Circle Magazine: Full Circle Weekly News #146
      • Noodlings | Desktops and Window Managers, BDLL and openSUSE News

        I view KDE Plasma as the pinnacle of all things that are the Desktop and portal into your digital life. This is of course my own opinion but really, what else can do as much as Plasma, in as little resources and be as flexible as it is.

        Xfce is the GTK desktop that is, in my estimation, the benchmark to which all GTK desktops should be measured against. It is what I would call a “classic” Redmond style interface that is familiar to nearly everybody.

        i3 is a very interesting window manager, I would still call it a desktop of sorts though the “hard core” users of it may say otherwise. It uses Gnome so it is encumbered by the Gnome limitations. If it could somehow be Xfce based, it would seemingly make more sense. I did some searching and so far as I can tell, I have not been able to find a Kwin based Window manager as opposed to i3.

        [...]

        The welcome window for openSUSE received more translations for global users with an update of the opensuse-welcome 0.1.6 package.

        openSUSE MicroOS, specifically the core appliance buildier Kiwi, has been further updated, it added required cryptomount coding for for EFI boot.

        openSUSE MicroOS is designed for container hosts an optimized for large deployments. It benefits from the rolling of Tumbleweed and the SUSE Linux Enterprise hardening and scale of deployment. It is optimized for large deployments but is just as capable with a single container-host. Uses the BTRFS snapshots for updates and rollback.

    • Kernel Space

      • Linux 5.4 To Support NVMe-of P2P Support With Compatible Systems

        Sent in and already landed on Monday were the PCI changes for Linux 5.4 and includes an interesting feature addition.

        With the Linux 5.4 PCI code is support for handling peer-to-peer (P2P) DMA between root ports for whitelisted bridges. This work allows for NVMe over Fabrics (NVMe-of) P2P support to transfer data between devices while bypassing any switching on the root complexes.

      • Graphics Stack

        • AMDVLK 2019.Q3.6 Vulkan Driver Brings New Extensions & Performance Tuning

          AMD’s AMDVLK open-source Vulkan Linux driver recently fell off its weekly release wagon with the last release being nearly one month ago. But today they finally tagged their next milestone and given the time that’s lapsed there are a number of new features and improvements.

          AMDVLK 2019.Q3.6 is the latest source snapshot of their official Vulkan Linux driver that is now available from GitHub.

    • Applications

      • Linux GIF Screen Recorder Peek 1.4.0 Is Out With UI Updates, Fixes

        Peek, a free an open source animated GIF screen recorder for Linux, was updated to version 1.4.0. This release updates the user interface to the new GNOME guidelines, while also fixing some crashes.

        With Peek you can create small, silent screencasts of an area of the screen, saving them as GIF animations. While Peek is optimized to record the screen as an animated GIF, the application can also save the screencast as a video (WebM or MP4, without sound), though for this I recommend SimpleScreenRecorder or OBS, which offer more flexibility.

        Use it by placing the Peek frame on top of the area you want to record, then click the Record as GIF button to save the recording as an animated GIF image. To use a different format, like APNG, WebM or MP4, click the down arrow to the right-hand side of the Record button.

      • Animated GIF Recorder ‘Peek’ 1.4.0 Released (How to Install)

        Peek screen recorder 1.4.0 was released today with stability fixes and some use interface improvements. Here’s how to install it in Ubuntu 18.04, Ubuntu 19.04, and derivatives.

        Peek is a handy desktop screen recorder with an easy to use interface. It supports recording to GIF, APNG, Webm, and MP4, and so far works on X11 or inside a GNOME Shell Wayland session using XWayland.

      • Peek, the GIF Screen Recorder for Linux, Has Been Updated

        Peek is one of my favourite bits of software. I don’t use it often — for a millennial I’m surprisingly bad at using GIFs — but when I do use it, I always appreciate how perfectly formed it is.

        So naturally I’m excited to say that a new version of Peek is now available for download.

        And it features a batch of welcome improvements that make an already-great app that little bit better!

    • Instructionals/Technical

    • Games

      • Imperator: Rome has a big free ‘Cicero’ update out now with some major changes

        Paradox have just launched a big free update to their struggling new strategy game Imperator: Rome, which might help to turn things around for it.

        Today the free Cicero update launched, which Paradox said lets “the player focus on political consequences and imperial governance instead of waiting for numbers to grow”

      • Space Grunts 2 combines a turn-based rogue-like with card-based battles, out now

        Orangepixel just released their latest game Space Grunts 2, keeping a similar approach to the original with the roguelike experience and turn-based battles only this time with cards.

        If the name is not familiar, Orangepixel also made games including: Heroes of Loot, Space Grunts, Ashworld, Gunslugs:Rogue Tactics and more. They’ve supported Linux for a long time and Space Grunts 2 continues that.

      • D3D9 over Vulkan gets even better as D9VK 0.21 ‘Lollihop’ is out

        Developer Joshua Ashton continues doing some great work, as another release of the D3D9 to Vulkan layer D9VK is out.

        Released just today, D9VK 0.21 ‘Lollihop’ implements more needed D3D9 features like D3DBLEND_BOTHSRCALPHA and D3DBLEND_BOTHINVSRCALPHA. There’s also now support for “locking of MSAA images with intermediate resolve” which is apparently invalid behaviour for D3D9 “but everyone supports this”, the YUV2 and YUVY video formats were implemented for compute shaders and some “minor” performance improvements.

      • D9VK 0.21 Implements More Direct3D 9 Over Vulkan Functionality, Many Bug Fixes

        D9VK 0.21 is out today as the newest feature release for this project implementing the Direct3D 9 API over Vulkan.

        The D9VK 0.21 release implements more blending features, support for locking of MSAA images with intermediate resolve, locking of depth stencil images, YUVY/YUV2 video format support via compute shaders, and other features now hooked up for D3D9 / DXSO / fixed function functionality. Various performance improvements are also present.

      • The Surge 2 Sees Same-Day Linux Support Via Steam Play, RADV Workaround Needed

        Released yesterday was The Surge 2 third-person action RPG game by Deck13 and sequel to the earlier The Surge game. While only released for Windows and consoles, thanks to Valve’s Steam Play there is same-day support on Linux.

        The Surge 2 natively uses Vulkan so that works nicely with Steam Play and no other apparent fundamental issues leading to this fairly notable game working at-launch on Linux with Steam Play.

      • Transform your x86 Linux PC into a Retro-Gaming Powerhouse with Retropie!
      • Twitch now officially sponsor OBS Studio development and more in the latest progress report

        I honestly don’t know where we would be without OBS Studio now, it’s a fantastic bit of free and open source software for recording videos and doing livestreams. It seems Twitch agree.

        Developer and OBS founder Hugh “Jim” Bailey, wrote a new progress report yesterday which goes over some thoughts on how they’re doing. The first big point was how Twitch have started directly supporting OBS Studio (full announcement), as they’ve become a “Premiere” level sponsor which means they’re pumping more than $50K a year into the project. It’s not clear exactly how much, as the sponsor tiers only go up to “Diamond” which is $50K a year and Twitch are being listed above that level on the OBS contribute page.

      • Steam’s top releases for August 2019 are out, here’s our usual look over

        Another month has passed and Valve have just now put up a post going over some of the big new releases on Steam for August.

        Their top twenty list goes over what games earned the most in the first two weeks following the release. It doesn’t matter if it’s a “full” release or Early Access as it all counts when talking about revenue. Then they also take a look at the top five free titles by their peak concurrent player count following release.

      • The Long Dark is celebrating five years since release, Episode 3 of the story due in October

        Five years ago in September 2014, The Long Dark entered Early Access as a rather unique take on the survival game genre. Later in November 2015, it also released for Linux.

        That might seem like a long time, but for a full game to be developed it’s really not. There’s plenty that have gone on for far longer like Project Zomboid which has been going since some time in 2011. Bigger games do tend to take a long time, especially for a smaller team like Hinterland with The Long Dark.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Calamares: Welcome Malayalam

          During Akademy, I chatted with Aish about Malayalam, a language of Kerala state. It stands out for me as a language with a beautiful script.

          Not two days after Akademy, I was approached by two people on IRC about adding a Malayalam translation for Calamares, the Linux installer. I think it was largely independent. In any case, Subin and Balasankar now run the Malayalam translation team on Transifex for Calamares. In ten days or so they’ve reached 50% translation state, which means that they land in the “ok” list of languages. The next release of Calamares will have Malayalam translations enabled and selectable from the language drop-down on startup.

    • Distributions

      • Bye Bye Bento, Hello Bootstrap!

        This is probably the last post related to revamping our user interface (UI).

        This is part 8 of a series of posts about revamping the user interface of OBS. We started off with the Package pages in October 2018, moved on to the Project, User and Group pages in December 2018, continued with the Request pages in February 2019 and migrated the Configuration pages in March 2019. We then finished the Maintenance pages in April 2019, the Search and Kiwi Editor pages were completed in May 2019. In June 2019 we focused on the Cloud and Monitor pages. The whole migration was finished in September 2019, bye bye bento!.

        After almost one year of work, we systematically updated to a new technology stack, simplified a lot of code and brought the interface over from 2006 to 2019.

      • New Releases

        • UCS 4.4-2: Second Point Release

          Looking back at the first point release (UCS 4.4-1 in June 2019), our REST API for the Univention Directory Manager was still in beta stadium. Good news: the interface for accessing the directory service is stable now. The API connects applications to the UCS directory service; access is granted via a web service using HTTPS, and data is exchanged JSON format. So, the REST API offers the same functionality as the udm command line tool.
          For example, it simplifies the maintenance of user properties or computer objects from connected systems. Developers of applications offered in the Univention App Center also benefit from the new, standardized access because they are no longer limited to the UDM Python interface. The REST API of the Univention Directory Manager is by default activated on all UCS 4.4-2 DC Master and DC Backup instances.

      • Canonical/Ubuntu Family

        • Ubuntu Eoan Ermine 19.10 Community Wallpaper Competition – WINNERS!

          The Ubuntu wallpaper competition has attracted over 160 entries this year, the most ever! Thanks to everyone who entered their art for consideration by the Ubuntu community as wallpaper for 19.10 Eoan Ermine. I’ve thoroughly enjoyed watching the thread expand over the months with lots of beautiful images.

          The standard is very high this year so I think it’s going to be hard to limit yourself to your favourite ten, but limit yourself you must. Think carefully about how you vote, the winners will go forwards through to the 20.04 LTS competition as well.

        • These Are the Default Wallpapers of Ubuntu 19.10 (Eoan Ermine)

          Canonical has announced the winners of the Ubuntu wallpaper competition and unveiled the default wallpapers for the upcoming Ubuntu 19.10 (Eoan Ermine) operating system.

          The Ubuntu wallpaper competition opened its doors to photographers and graphic designers since early July, and more than 160 artists have submitted their beautiful artwork for inclusion in the upcoming Ubuntu 19.10 (Eoan Ermine) operating system, due for release on October 17th. However, only nine of them had their artwork included in Ubuntu 19.10.

        • Meet the 9 Winners in the Ubuntu 19.10 Wallpaper Competition

          The winning entries in the Ubuntu 19.10 wallpaper competition have been revealed.

          Nine new background images, picked from a pool of hundreds, will be included on the Ubuntu 19.10 install image and available “out of the box” in the ‘Eoan Ermine’.

          While I’d say this cycle’s crop is less-than-diverse bunch — 3 mountain shots; no “bright” background — it does (rather notably for distro geeks like me) include the first Ubuntu branded wallpapers for years.

          Distro logos, mascot names and the like had been a no-no in the rules prior to now.

          Below is (hopefully) a gallery of the selected drapes for your perusal and opinion. Do note that these images are compressed, resized versions of the actual wallpapers because hey: I want this page to finish loading sometime this decade!

        • Mint has landed

          There’s no better, friendlier introduction to using Linux than with Linux Mint. Linux and the accompanying library of open source tools means you’re no longer locked to a single OS vendor, a single desktop or a single app store.

          With the recent release of the new Mint 19.2 we’ve decided to visit how best to install it for a perfect set up. Hopefully both newbies and long-time Linux users will get useful insights into how to better set up their systems and get started. From install options, where to place your /home, making the most of LVM and loads more.

        • Canonical Releases New Kernel Live Patch for Ubuntu 18.04 LTS and 16.04 LTS

          The new Linux kernel live patch is here to address just a single security vulnerability, namely a buffer overflow (CVE-2019-14835) discovered by security researcher Peter Pi in Linux kernel’s virtio network backend (vhost_net) implementation, which could lead to DoS attacks.

          “Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS,” reads the security advisory.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Chef CEO says he’ll continue to work with ICE in spite of protests

        Yesterday, software development tool maker Chef found itself in the middle of a firestorm after a Tweet called them out for doing business with DHS/ICE. Eventually it led to an influential open-source developer removing a couple of key pieces of software from the project, bringing down some parts of Chef’s commercial business.

        Chef intends to fulfill its contract with ICE, in spite of calls to cancel it. In a blog post published this morning, Chef CEO Barry Crist defended the decision. “I do not believe that it is appropriate, practical, or within our mission to examine specific government projects with the purpose of selecting which U.S. agencies we should or should not do business.”

        He stood by the company’s decision this afternoon in an interview with TechCrunch, while acknowledging that it was a difficult and emotional decision for everyone involved. “For some portion of the community, and some portion of our company, this is a super, super-charged lightning rod, and this has been very difficult. It’s something that we spent a lot of time on, and I want to represent that there are portions of [our company] that do not agree with this, but I as a leader of the company, along with the executive team, made a decision that we would honor the contracts and those relationships that were formed and work with them over time,” he said.

      • ‘No source code for evil’: Developers pressure Chef Software to cut ties with ICE

        With thousands of immigrant children separated from their parents under President Donald Trump’s anti-immigration policies, the US Immigrations and Customs Enforcement (ICE) has made many enemies. At the same time, software companies like Chef Software, the DevOps company, work with ICE. So, when open-source developer Seth Vargo discovered his open-source project, Chef Sugar, was being used by Chef, he pulled his code. And then he and Chef Software both discovered just how much Chef, the program, relied on his library.

        Chef Sugar is a Ruby library that makes it easier to work with the DevOps program Chef. Varga developed and open-sourced the library while he worked at Chef, and the library was later integrated into Chef’s source code. But, while open source, Chef Sugar’s most up-to-date code still lived on Vargo’s personal GitHub repository.

        So, when Vargo, now a Google Cloud engineer, declared he has “a moral and ethical obligation to prevent my source from being used for evil,” he removed his code from both GitHub and RubyGems, the main Ruby package repository.

        Bang!

      • You can’t open-source license morality
      • The Apache Software Foundation Announces Apache Rya as a Top-Level Project

        The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache Rya as a Top-Level Project (TLP).

        Apache Rya (pronounced “ree-uh”) is a Cloud-based Big Data triple store (subject-predicate-object) database used to process queries in milliseconds. The project was originally developed at the Laboratory for Telecommunication Sciences, and was submitted to the Apache Incubator in September 2015.

        “We are very excited to reach this important milestone showing the maturity of the project and of the community around it,” said Dr. Adina Crainiceanu, Vice President of Apache Rya and Associate Professor of Computer Science at the U.S. Naval Academy. “RDF (Resource Description Framework) triple data format is simple and flexible, making it easy to express diverse datasets such as connections between users on social media, financial data and transactions, medical data, and many others. Rya provides a scalable solution to store and query such data. The publication of the first research article about Rya garnered interest from industry, academia, and several government agencies. Bringing the project to ASF allowed collaboration and increased pace of development.”

      • Apache Promotes Rya To Being A Top-Level Project

        The Apache Software Foundation today announced that Rya has been promoted as the organization’s newest top-level project.

        Apache Rya is a cloud-based big data triple store database that is designed to deliver queries at milisecond level performance.

        Apache Rya has been an incubator project for the past four years but now given its proliferation of usage from drones to edge computing use-cases and petabyte-scale graph modeling has now been promoted to being a top-level project.

      • ReactOS 0.4.12 Released with Window Snapping, New Themes

        A new version of the open source Windows clone ReactOS is now available for download.

        ReactOS 0.4.12 features a ‘multitude of improvements’ throughout the would-be Windows-inspired OS, including improved font handling and new system themes, among many other changes.

        This update also introduces window snapping on the desktop (I’m amazed it didn’t have this already) and adds support for the Intel e1000 NIC driver (used in virtual machines).

        Kernel improvements, support for user mode DLLs, and general tweaks to many core apps also feature.

      • ML

        • 7 Good Open Source AI/Machine Learning Systems

          Artificial intelligence is taking over many sectors in technology in the last few years. Developers from all different backgrounds finally realized the opportunities AI an achieve for them regardless of their needs. And as usual in any new buzz, proprietary solutions are always developed to try to take a piece of the new market, but open source ones were also developed to allow everybody to have their share of the new technology.

          In today’s article, we list 7 of the best open source AI/Machine learning systems.

        • AAEON BOXER-8310AI Rugged Fanless Mini PC Combines Apollo Lake Processor & Myriad X VPU for AI Edge Applications

          The company has now introduced three new AI embedded computers for the same AI edge applications but using Intel processors together with Intel/Movidius Myriad X VPU (Vision Processing Unit) for AI acceleration. The three models are BOXER-8310AI, BOXER-8320AI, and the upcoming BOXER-8330AI based on respectively Intel Celeron/Pentium Apollo Lake processor, Intel Core i3 7th gen processor, and an Intel Core i3/77 or Xeon processor.

        • Aaeon spawns three Intel-based AI computers with Myriad X

          Aaeon announced three “Boxer-8300AI” series edge AI computers that run Linux on Intel Apollo Lake or 6th and 7th Gen Core CPUs with up to two Myriad X-enabled AI Core X modules or AI Core XPG cards.

          Over the years, Aaeon has churned out dozens of Intel-based “Boxer” embedded computers, but in recent years we have seen more Arm-based Nvidia Jetson TX2 models such as the recent Boxer-8170AI. Meanwhile, Aaeon has also introduced various UP boards equipped with Intel’s Movidius Myriad 2 Vision Processing Unit (VPU) and newer, more powerful Myriad X VPU, as seen on its Whiskey Lake-U based UP Xtreme.

      • Web Browsers

        • Mozilla

          • Exploring Collaboration and Communication with Mozilla Hubs

            In April last year, Mozilla introduced Hubs, an immersive social experience that brings users together in shared 3D spaces. Hubs runs in the browser on mobile, desktop, and virtual reality devices. Since its initial release, the platform has undergone extensive development work to better enable communities and creators to embrace the opportunities that online collaborative environments have to offer. As a result, we’ve seen increased adoption of Hubs and new use cases have emerged.

            The ability to connect to anyone around the world is a powerful tool available to us through the internet. As we look at advancements in mixed reality like the WebXR API, we are able to explore ways to feel more present with others through technology. One area where virtual reality shows considerable promise is in supporting distributed teams.

            Mozilla is no stranger to remote collaboration. 46% of our employees work from home and the ten company offices span seven countries across six time zones. Because of this, we’re excited about finding opportunities to improve the ways we connect with our community of contributors and volunteers. Remote work and collaboration is a core part of how we connect to each other through the web.

      • Productivity Software/LibreOffice/Calligra

        • Nepal: LibreOffice localisation event on Software Freedom Day 2019

          Thanks to our worldwide community, LibreOffice is available in over 100 languages. Volunteers help to translate the software, documentation and website – and on Software Freedom Day, the Nepalese LibreOffice community organised a localisation event.

        • Yak Shaving Progress Report

          At last years LibreOffice conference in Tirana I gave a talk on how SwClient is considered harmful. At this years LibreOffice conference in Almeria, I presented a lightning talk, giving some updates on the progress.

      • FSF/FSFE/GNU/SFLC

      • Programming/Development

        • Picolibc 1.0 Released – A New C Library For Embedded Systems

          Even prior to his SiFive employment, Keith was working on finding lightweight libc implementations that would work for his embedded system use-cases around his model rocket components, etc. Picolibc is the libc implementation for what he was previously developing as “newlib-nano”, This new libc library has a replaced stdio implementation, now makes use of the Meson build system, removal on unused code, and other changes.

        • EuroPython 2019 – Videos for Thursday available

          In this batch, we have included all videos for Thursday, July 11 2019, the second conference day.

          In the coming week we will publish videos for the final conference day. In total, we will have more than 130 videos available for you to watch.

          All EuroPython videos, including the ones from previous conferences, are available on our EuroPython YouTube Channel.

        • xlwings Tutorial: Make Excel Faster Using Python

          But that doesn’t mean can’t still enjoy some of the efficiencies of Python! In fact, using a library called xlwings, you can use Python to make working in Excel faster.

        • Java SE 13 Reaches GA

          Oracle has announced the general availability of Java Standard Edition 13 (Java SE 13) along with the open source version, Java Development Kit 13 (JDK 13). The announcement was made at Oracle OpenWorld in San Francisco.

          OpenWorld is held concurrently with CodeOne, and in the keynote for this Brian Goetz, Java language architect at Oracle, said the move to a six montlly schedule is working well but means new releases don’t have big new features.

        • Java still relevant, Linux desktop, and more industry trends

          The impact: A completely open source release of Java Enterprise Edition as Jakarta EE lays the groundwork for years of Java development to come. Some of Java’s relevance comes from the mind-boggling sums that have been spent developing in it and the years of experience that software developers have in solving problems with it. Combine that with the innovation in the ecosystem (for example, see Quarkus, or GraalVM), and the answer has to be “yes.”

        • Python-inspired Nim: Version 1.0 of the programming language launches

          Nim is a statically typed program language that draws on concepts from languages like Modula-3, Delphi, Ada, C++, Python, Lisp, and Oberon.

          However since it’s a compiled programming language with a static type system, it’s also been compared to Rust, C++, and Go.

          The Nim compiler can generate executables for distribution on Windows, Linux, BSD and macOS systems. It also compiles to C, C++ and JavaScript.

        • Version 1.0 released – Nim Blog

          Today is the day. The Nim Team is very proud and happy to announce the much-anticipated version 1.0 of the language.

          Nim has always been focused on providing a compiled statically typed language focusing on efficiency, readability and flexibility.

          Version 1.0 marks the beginning of a stable base which can be used in the coming years, knowing that the future versions of Nim won’t break the code you have written with the current version.

        • Nim Programming Language Hits Stable Milestone With v1.0 Release

          The Nim programming language now has a stability guarantee with this statically-typed, general purpose programming language hitting its 1.0 release.

        • Debugging Python Code Running in Docker Containers with Wing 7

          Docker is a containerization system that uses a relatively light-weight form of virtualization to package and isolate application components from the host system, making it easier to spin up uniformly configured virtual machines for use in application development, testing, and deployment.

          Wing 7 can be used to develop and debug Python code running inside of Docker containers. This is accomplished by setting up a mapping of local (host-side) directories into the container, and then configuring Wing so it can accept debug connections from the container.

        • Real Python: Thonny: The Beginner-Friendly Python Editor

          Are you a Python beginner looking for a tool that can support your learning? This course is for you! Every programmer needs a place to write their code. This course will cover an awesome tool called Thonny that will enable you to start working with Python in a beginner-friendly environment.

        • RSEQ Support Might Finally Premiere In Glibc 2.31 For Using This Modern Linux Feature

          It’s looking like RSEQ support might be added to the GNU C Library with the Glibc 2.31 release in a few months time. The “restartable sequences” support was added last year to the Linux kernel and the numbers have been quite promising for the performance benefits.

          The RSEQ (Restartable Sequences) system call was added back in Linux 4.18 to allow for faster user-space operations on per-CPU data. Benchmarks on the RSEQ system call have been quite promising while it looks like the GNU C Library might finally be wrapping its support for RSEQ in time for the next release, Glibc 2.31.

        • Coverage.py 5.0a7, and the future of pytest-cov

          Progress continues in the Python coverage world. Two recent things: first, the latest alpha of Coverage.py 5.0 is available: 5.0a7. Second, pytest-cov is supporing coverage.py 5.0, and we’re talking about the future of pytest-cov.

          There are two big changes in Coverage.py 5.0a7. First, there is a new reporting command: coverage json produces a JSON file with information similar to the XML report. In coverage.py 4.x, the data storage was a lightly cloaked JSON file. That file was not in a supported format, and in fact, it is gone in 5.0. This command produces a supported JSON format for people who want programmatic access to details of the coverage data. A huge thanks to Matt Bachmann for implementing it.

          The second big change is to the SQL schema in the 5.x data file, which is a SQLite database. Previously, each line measured produced a row in the “line” table. But this proved too bulky for large projects. Now line numbers are stored in a compact binary form. There is just one row in the “line_bits” table for each file and context measured. This makes it more difficult to use the data with ad-hoc queries. Coverage provides functions for working with the line number bitmaps, but I’m interested in other ideas about how to make the data more usable.

  • Leftovers

    • Science

      • Legacy College Admissions Are a Testament to What is Legacy Culture

        I have been witnessing it for my entire adulthood and it’s a scenario that plays out well for major media which likes to pretend that  George W. Bush is an anomaly for having attended both Yale (undergrad) and Harvard (business school) simply because his father attended these very same institutions. When The New Yorker got hold of Bush’s Yale records, it not only uncovered that he scored a 566 on the verbal SAT and a 640 on  the math SAT, far below the median score for his Yale classmates, but many Americans reading the journalism on this story were led to believe that this case is isolated to one anomaly.  The problem is that legacy college admissions are not only symptomatic of the problems within American academia, but they are a symbol of our culture and the myth that one can work and study one’s way from one class to another.

    • Hardware

      • Unknown bug is bringing Hollywood Mac Pros running Avid to their knees

        Apple is getting ready to release a new, powerful Mac Pro but it seems the old model is having some considerable problems right now. And it is shutting parts of Hollywood down.

        The problems started when users first noticed that their Mac Pros weren’t restarting properly after being shut down. It only appears to be impacting users of the high-end video editing app Avid, meaning people across Hollywood are impacted big time. In fact, people have been taking to Twitter and Facebook to warn users not to shut their Macs down, according to Variety

      • Mac Pros Across Hollywood Are Crashing, Refusing to Reboot

        The combination of a Mac Pro and Avid’s Media Composer video editing software is a common one across Hollywood.

    • Security (Confidentiality/Integrity/Availability)

      • Security updates for Tuesday

        Security updates have been issued by Debian (php5), Fedora (blis, kernel, and kernel-headers), openSUSE (bird, curl, fish3, ghostscript, ibus, kernel, libgcrypt, openldap2, openssl-1_1, skopeo, and util-linux and shadow), Oracle (dovecot and kernel), Red Hat (dovecot, httpd:2.4, qemu-kvm, and redhat-virtualization-host), Scientific Linux (dovecot), SUSE (djvulibre, expat, firefox, libopenmpt, and rust), and Ubuntu (ibus and Mosquitto).

      • How to create strong passwords

        To create a strong password, try combining two or more unrelated words. It could even be an entire phrase. Then change some of the letters to special letters and numbers. The longer your password, the stronger it is.

        A single word with one letter changed to an @ or ! (such as p@ssword!) doesn’t make for a strong password. Password cracking programs contain every type of these combinations, in every single language.

    • Defence/Aggression

      • A Careless Bully at the KFC at the End of Empire

        Will Trump go to war with the Iranians or the homeless? Or both?

      • See “Official Secrets”

        The movie “Official Secrets,” which is just out, is about Katharine Teresa Gun, the British translator in the U.K. government’s equivalent to the U.S.’s NSA, who leaked a top secret memo in an effort to prevent the Iraq War (in which up to 1 million Iraqis and over 35 thousand U.S. and U.K soldiers died, and many hundreds of thousands of others were injured).

      • Strong Men in Europe: Tony Abbott Visits Hungary

        “I extend a special welcome to Australia’s former prime minister. It is in part due to his tough policy that we regard Australia as a model country. We especially respect it for the brave, direct and Anglo-Saxon consistency which it has shown on migration and defence of the Australian nation”.

      • Ending the Afghan War Won’t End the Killing

        I’ve never been to Afghanistan, but I am the mother of two young children. So when I imagine what life must be like there after 18 years of war, my mind conjures up the children most vividly — the ones who have been affected by the conflict — and their parents. I think of the 12-year-old boy who was carrying water to a military checkpoint in a remote part of that country, earning pennies to help sustain his family, whose legs were blown off by a landmine. Or the group of children at a wedding party, playing behind the house where the ceremony was taking place. One of them picked up an unexploded shell, fired from a helicopter, that hadn’t detonated in battle. It blew up, killing two children, Basit and Haroon, and wounding 12 others. What must it be like to care for a five year old — the age of my oldest child — who is maimed and who needs to learn how to walk, play, and live again with ill-fitting prosthetics?

      • American Iago: On Washington’s Character Assassins

        Slander. Libel. Calumny. Defamation. Vituperation. Degradation. Vilification. Smears and trolling and backstabbing. Whatever you call it, reputation destruction is a tried-and-true foreign-policy tactic of Washington. Whether aimed at individuals or nations, the goal is regime change. It is character assassination writ large. When Washington does it, they don’t just take down an individual, they take down whole administrations, entire governments, nationwide ideologies, and entire economies.

    • Transparency/Investigative Reporting

      • Pamela Anderson Defends WikiLeaks From Meghan McCain: ‘How Many People Has the American Government Killed, Innocently?’

        Pamela Anderson stopped by ABC’s “The View” Friday and defended WikiLeaks’ Julian Assange from Meghan McCain, who called him a “cyber-terrorist,” and Joy Behar, who questioned if he supports President Donald Trump.

        Asked about Assange’s state as he serves out an 11-month prison sentence in London while awaiting possible extradition to the United States, Anderson said her friend’s health has deteriorated and he’s lost weight, but “he is the most resilient person” she’s ever met.

    • Environment

      • Trump and his ilk clash with the global climate movement

        A giant worldwide protest highlights the gap between Trump, nationalist leaders and millions clamoring for real climate action.

      • The House is on fire, but we need more than the fire brigade

        lobal emissions are reaching record levels and show no sign of peaking. The last four years were the four hottest on record, and winter temperatures in the Arctic have risen by 3°C since 1990. Sea levels are rising, coral reefs are dying, and we are starting to see the life-threatening impact of climate change on health, through air pollution, heatwaves and risks to food security. The impacts of climate change are being felt everywhere and are having very real consequences on people’s lives. Climate change is disrupting national economies, costing us dearly today and even more tomorrow.’

        UN secretary-general Antonio Guterres is not pussyfooting around the climate problems facing the world today, and more so tomorrow. In his statement announcing the Climate Action Summit of September 23th, he is not only clear about the problems, but also bullish about the prospects: ‘There is a growing recognition that affordable, scalable solutions are available now that will enable us all to leapfrog to cleaner, more resilient economies… Business is on our side. Accelerated climate solutions can strengthen our economies and create jobs, while bringing cleaner air, preserving natural habitats and biodiversity, and protecting our environment.’

      • Greta Thunberg and 15 other children filed a complaint against five countries over the climate crisis

        Swedish climate activist Greta Thunberg and 15 other children filed a complaint with the United Nations Monday alleging that five of the world’s major economies have violated their human rights by not taking adequate action to stop the unfolding climate crisis.

        The complaint was filed a short time after Thunberg delivered an impassioned rebuke to world leaders at the UN Climate Action Summit.

        “You have stolen my dreams and my childhood with your empty words — and yet, I’m one of the lucky ones,” Thunberg said Monday. “People are suffering, people are dying.”

        The petition names five countries — Germany, France, Brazil, Argentina and Turkey — which they say have failed to uphold their obligations under the Convention on the Rights of the Child, a 30-year-old human rights treaty which is the most widely ratified in history.

      • Scientists need to learn from the young

        Global climate strike meets global scientific hero Alexander von Humboldt – and this time scientists must start to learn from the young.

      • US Lobby Groups Most Effective at Blocking Climate Action – Report

        Of the top 10 trade associations considered to be the most effective at opposing climate-friendly policies globally, seven are based in Washington DC, according to a report published this week by lobbying watchdog InfluenceMap.

      • Extremes of global heat bring tipping points closer

        It makes good business sense to contain planetary warming to 1.5°C. Passing the Paris target spells disaster, with more extremes of global heat.

      • We’re Inching Closer to Earth’s Deadliest Tipping Points

        Urgent action on climate change will be costly. But inaction could be four or five times more expensive, according to new climate accounting: extremes of global heat are on the increase.

      • Energy

        • The US Is Exporting a Fracked Climate Catastrophe

          According to climate scientists, limiting the worst impacts of climate change means weaning the world off of fossil fuels, not ramping it up. But two factors, the U.S. “fracking revolution” that helped boost domestic oil and gas production to record levels combined with lifting the 40-year-long ban on exporting crude oil in 2015, are complicating that vision.

    • Finance

      • Amazon vs. the Socialists in Seattle

        In what may turn out to be a preview of the U.S. presidential election, with the ruling class hellbent on stopping Bernie Sanders at all costs, big business in Seattle is
        Amazon vs. the Socialists in Seattle https://www.counterpunch.org/2019/09/23/amazon-vs-the-socialists-in-seattle/ against socialist and progressive candidates in this year’s elections.

      • President Trump, I’m One of the Workers You Lied To

        My entire working life has been dictated by offshoring. I’ve spent my career jumping from one factory closing to another.

      • Travel Chaos, Jobs Lost as U.K. Firm Thomas Cook Collapses

        Hundreds of thousands of travelers were stranded across the world Monday after British tour company Thomas Cook collapsed, immediately halting almost all its flights and hotel services and laying off all its employees.

      • US Consumer Complaints Database Will Remain Public

        In a surprise move, the United States Consumer Finance Protection Bureau (CFPB) has announced it will keep its consumer complaints database open to the public following uncertainty over whether it would do so. The database is a crucial resource containing over a million complaints about consumer financial products

      • There’s No Chance Corporate Elites Will Fix Inequality

        Ralph Waldo Emerson once wrote of being leery of a fast-talking huckster who visited his home: “The louder he talked of his honor, the faster we counted our spoons,” Emerson exclaimed.

      • Companies Are Using a Depression-Era Law To Escape Trump’s Tariffs — And It’s Costing Them

        A few weeks ago, signs went up in the parking lots and loading docks at Fluid Equipment Development Co., a small manufacturer in Monroe, Michigan, a lakeside town a bit south of Detroit.

        “WARNING,” they read. “This bonded facility is under the custody and control of U.S. Customs and Border Protection and any person entering these premises must comply to the laws governed therein.”

      • The Serpent of Their Agonies

        One of the world’s most brilliant analysts of our present Neo-liberal world, Wolfgang Streeck, penetrates laser-sharp into the internal logic of this new form of capitalism (How will capitalism end? [2016]. Most of us need all the help we can get to understand this serpent that would commodify everything in its pathway as it deeply erodes social regimes everywhere in the world to maximize its profits for the very few. Karl Polyani thought that the governing logic of capitalism was to be self-regulating. That’s capitalism’s utopia.

      • Russia’s Central Bank proposes banning new investors from buying more than 50,000 rubles in foreign stocks

        As a new bill introducing regulatory categories for investors makes its way through Russia’s State Duma, the country’s Central Bank has introduced a set of amendments that would place severe restrictions on those who are just beginning to invest.

      • Crash Course: How Boeing’s managerial revolution created the 737 MAX disaster

        Nearly two decades before Boeing’s MCAS system crashed two of the plane-maker’s brand-new 737 MAX jets, Stan Sorscher knew his company’s increasingly toxic mode of operating would create a disaster of some kind. A long and proud “safety culture” was rapidly being replaced, he argued, with “a culture of financial bullshit, a culture of groupthink.”


        Sorscher, a physicist who’d worked at Boeing more than two decades and had led negotiations there for the engineers’ union, had become obsessed with management culture. He said he didn’t previously imagine Boeing’s brave new managerial caste creating a problem as dumb and glaringly obvious as MCAS (or the Maneuvering Characteristics Augmentation System, as a handful of software wizards had dubbed it). Mostly he worried about shriveling market share driving sales and head count into the ground, the things that keep post-industrial American labor leaders up at night. On some level, though, he saw it all coming; he even demonstrated how the costs of a grounded plane would dwarf the short-term savings achieved from the latest outsourcing binge in one of his reports that no one read back in 2002.*

        Sorscher had spent the early aughts campaigning to preserve the company’s estimable engineering legacy. He had mountains of evidence to support his position, mostly acquired via Boeing’s 1997 acquisition of McDonnell Douglas, a dysfunctional firm with a dilapidated aircraft plant in Long Beach and a CEO who liked to use what he called the “Hollywood model” for dealing with engineers: Hire them for a few months when project deadlines are nigh, fire them when you need to make numbers. In 2000, Boeing’s engineers staged a 40-day strike over the McDonnell deal’s fallout; while they won major material concessions from management, they lost the culture war. They also inherited a notoriously dysfunctional product line from the corner-cutting market gurus at McDonnell.


      • How to Invest in Cryptocurrency: Best 30 Tips to Follow Before Investing

        The concept of crypto trading is sophisticated. If you have decided to dive into the enormity of cryptocurrency, you must know about blockchain, what is bitcoin, how a miner works, and the rate of the available currencies. Here, this comprehensive tips will help you to invest in cryptocurrency successfully.

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

      • About Elastic’s DMCA move

        Yesterday evening we noticed that some Search Guard repositories and artifacts on Sonatype’s and GitHub’s websites were removed. We have since learned that the removal was precipitated by takedown notices received by GitHub and Sonatype from Elasticseach, Inc. (“Elastic”) pursuant to the Digital Millennium Copyright Act (DMCA).

        Elastic appears to claim that certain components of floragunn’s Search Guard product infringe Elastic’s copyrights. To be clear, floragunn fully and unconditionally rejects Elastic’s allegations of copyright infringement, and will vigorously defend Elastic’s unfounded claims in court, and hold Elastic accountable for damages that their actions have caused floragunn and its customers.

        We understand that companies like GitHub and Sonatype must react to DMCA takedown notices to protect themselves from potential liability. However, it is important to understand that by taking down content under DMCA, GitHub and Sonatype are not taking sides in the dispute between Elastic and floragunn, but are simply seeking to protect themselves against potential infringement claims.

    • Privacy/Surveillance

      • Private Companies Gathering Plate Data Are Selling Access To People’s Movements For $20 A Search

        License plate readers are everywhere. Their existence is predicated on the assumption that traveling on public roads strips drivers of their privacy. To a certain extent this is true. But automation allows government agencies to reconstruct peoples’ lives and movements by simply typing in a plate number and accessing the billions of image/location data records stored by ALPR manufacturers like Vigilant.

    • Civil Rights/Policing

      • Court Says Compelled Production Violates Fifth Amendment… Unless The Gov’t Takes Certain Steps First

        A federal judge in California has issued a ruling [PDF] on the Fifth Amendment that upholds both the Constitutional right and a request that appears to violate it. It doesn’t all fit together perfectly, but the “foregone conclusion” doctrine factors into it. But constraints are put on this conclusion and, ultimately, that’s how the government is permitted to carry out this search.

      • During A Police Raid, Russian Activist Uses Drone To Whisk Sensitive Data To Safety

        Drones have moved beyond the novelty stage, and are now capable of having a global impact. That was shown most dramatically by the recent drone attack on the world’s largest oil processing facility in Saudi Arabia. The loss of production has caused the price of oil to spike, and fears about a global recession to mount — all because of a few tiny drones.

      • UN: World Leaders Should Speak Out for Rights

        World leaders gathering for the United Nations General Assembly should reject the abusive policies of autocratic populists and promote greater respect for human rights worldwide.

      • How Far Will Sisi’s Government Go to Crush Protests?

        Time and again, Egyptian security forces have responded to peaceful protests with harsh oppression. Rare public protests this weekend were met with tear gas, the firing of live bullets, and mass arrests.

      • Thailand: Pro-Democracy Activists Acquitted

        Bangkok’s Criminal Court acquitted six prominent pro-democracy activists in an important verdict for protecting free expression in Thailand.

      • Making Torture American Again, With Help From Hollywood

        Regardless of their take on the volatile topic of torture, there appears to be rare agreement among an array of experts, activists, proponents and critics about one of the most reliable ways it has been successfully defended in recent decades. The so-called ticking time bomb scenario has done the trick so often and so well—for leaders of countries, militaries, small armies of Hollywood producers—that it has taken on the enticing shine of a particularly hot political commodity: the foregone conclusion disguised as a given.

      • Mass Arrests Cast Doubt on Rights Reform in Kazakhstan

        Since coming to power in June, Kazakhstan’s President Kassym-Jomart Tokaev has claimed a desire to accelerate political reforms and improve human rights in the country. But the mass detention of peaceful protesters over the weekend and other recent large-scale arrests undermine Tokaev’s expressed commitment to reform.

      • Trump Is Taking His War on Women Worldwide

        Not content to merely police women’s bodies in the United States, the Trump administration has gone global with their war on reproductive rights. According to The Guardian, which has seen the document, U.S. officials wrote a letter to United Nations member states asking that they join an allegedly “growing coalition” of countries determined to end abortion.

    • Monopolies

      • People Freaking Out About Amazon Copying A Shoe Are Totally Missing The Point

        I know that tons of people are talking antitrust about the big internet companies, and Amazon is a prime target these days. So, perhaps I shouldn’t have been surprised last week when there was a minor freakout, starting on Twitter, when Jeff Morris Jr., who works in the internet industry, tweeted out an angry tweet about Amazon supposedly copying Allbirds’ famous shoes:

      • Patents and Copyright: Protection Racket for Intellectuals

        Last week I was asked on Twitter why proposals for replacing patent monopoly financing of prescription drugs with direct public financing have gained so little traction. After all, this would mean that drugs would be cheap; no one would have to struggle with paying tens or hundreds of thousands of dollars for drugs that are needed for their health or to save their life. (This is discussed in chapter 5 of Rigged [it’s free].)

        Public funding would also eliminate the incentive to misrepresent the safety and effectiveness of drugs in order to maximize sales at the patent monopoly price. Without patent monopolies, the drug companies would not have had the same incentive to push opioids, as well as many other drugs of questionable safety and effectiveness.

        The idea of direct funding of biomedical research also should not seem strange to people. We currently spend close to $45 billion a year on research through the National Institutes of Health and other government agencies. The idea of doubling or tripling this funding to replace the roughly $70 billion of patent supported research now done by the pharmaceutical industry, should not appear outlandish, especially since the potential savings from free-market drugs would be close to $400 billion annually (1.9 percent of GDP).

      • Copyrights

        • RomUniverse Aims to Crowdfund Legal ‘Piracy’ Battle With Nintendo

          Download portal RomUniverse plans to put up a fight against Nintendo. The site, which the game publisher accuses of brazen and mass-scale copyright infringement, hopes that people will donate money to crowdfund its upcoming legal expenses.

        • French Court Declares That Steam Gamers Actually Do Own What They Bought

          Good news on the front for those of us that think we ought to own what we’ve actually bought. You may recall that way back in 2015, when the world made much more sense, French consumer group UFC-Que Choisir sued Valve over several different ways the company operates the Steam platform. Chief among those concerns were resale rights, with Steam arguing all along that its subscription based service does not afford customers the right to resell the games they bought, as they would physical copies of games. As we said all along, why the delivery method for a video game should alter the consumer rights for that product were anyone’s guess, but that was the argument Valve made in response to the suit.

        • US Court Says Fair Use Nullifies French Rightholder’s Attempt To Extract $2.25 Million From A California Art Scholar

          Almost twenty-three years after a US art editor was first sued by a French company for alleged copyright infringement, a US court has told the French rightholders going after him that copyright does not work that way… at least not here in the United States. (via Courthouse News)

        • Investigation Targets Telegram & WhatsApp-Based Newspaper Pirates

          An investigation in Italy is targeting people who not only upload pirated copies of news publications to WhatsApp and Telegram, but those who download them too. Three key providers of content have already been identified using marked content and there are threats to fine downloaders too.

        • Cable Giant Spectrum On Quest To Outlaw ‘Insane’ Streaming Password Sharing

          For years, streaming video operators like HBO and Netflix have taken a relatively-lax approach to password sharing. Netflix CEO Reed Hastings has gone so far as to say he “loves” the practice, and sees it as little more than free advertising. Execs at HBO (at least before the AT&T acquisition) have made similar arguments, arguing that young users in particular that share their parents’ password get hooked on a particular product via password sharing, then become full subscribers down the road. In short, they see it as added value for the consumer, and have repeatedly stated it doesn’t hurt them.

EPO Under Fire From EU Parliament, But Patent Trolls Already Storm Europe, Emboldened by Low Quality of European Patents

Posted in Europe, Law, Patents at 2:22 pm by Dr. Roy Schestowitz

Earlier this month: European Patent Office’s Cooperation and Collaboration With Patent Trolls Instead of Science and Technology

Candid Europe

Summary: There are further signs that the MEPs (European politicians) have at least taken an interest in EPO abuses, particularly the outrageous patent scope that renders many European Patents void and illegal (courts would almost certainly reject them if it reached that far; patent trolls try hard to settle outside them)

“Today is World Day Against Software Patents,” Benjamin Henrion jokingly declared (“Anyone can make up World Day of anything,” I responded). “Freedom of programming is under attack in the US, with the STRONGER patent act law proposal to restore software patents, and the pending EU Unitary Patent Court to validate the EPO practice to grant them…”

“The EPO does not want so-called ‘clients’ (“stakeholders”) to see this dissent as it may further harm confidence in European Patents.”Thankfully, the EPO recently came under fire from the European Parliament, as we mentioned in [1, 2] very recently. The EPO has said nothing about it. Not even mere “tweets”. The EPO does not want so-called ‘clients’ (“stakeholders”) to see this dissent as it may further harm confidence in European Patents. In other words, EPO management is trying to hide the damage its own decisions caused.

A Web site that exists to promote patents on life and nature (Life Sciences [sic] Intellectual [sic] Property [sic] Review) has just reacted to European authorities rightly opposing the aforementioned EPO abuse. From this ‘news’ (lobbying) site:

The European Parliament has said that the internal rules of the European Patent Office (EPO) “must not undermine democratic political control of European patent law”.

In a resolution passed last Thursday, September 19, the parliament urged the European Commission and EU member states to do “everything in their power” to obtain legal clarity from the EPO regarding the patentability of products obtained exclusively from biological processes.

The dispute between the parliament and the EPO originates in a December 2018 decision of the latter’s technical board, which established what the parliament called a position of “legal uncertainty”.

This “legal uncertainty” is legal dynamite for trolls! Companies shed off “low certainty” patents and sell them to parasites.

“10 of the 11 patent suits filed today were filed by patent trolls,” it has been reported this week, “according to RPX Corp. That’s 91%.”

Coming to Europe already.

The Corporate Linux Foundation as Agent of Microsoft and Other Serial GPL Violators

Posted in Deception, GNU/Linux, GPL, Microsoft, Red Hat, VMware at 1:45 pm by Dr. Roy Schestowitz

As if the principal goal of this foundation or its entire purpose is to embellish and improve the image of those who attack Linux the most

Summary: The Linux Foundation does a disservice to those whom it claims to speak for and represent; unless of course the Linux Foundation is the trade group whose goal is to outsource Linux to the foes of Linux

IT’S NO SECRET that we do not trust the person who last year said (see video above) that “Open Source loves Microsoft,” which is an intentional lie (on par with “Microsoft loves Linux”). He, Jim Zemlin, had also said we need to “respect Microsoft” and he compared Microsoft to “a puppy” (the context being, Microsoft critics being the moral equivalent of people who violently assault baby dogs). Wow, you really aced it, Jim! You don’t even use Linux and you didn't really know about it until almost a decade after it had come out (and approximately 17 years after GNU!), so revisionist and highly distorted history can be understood, albeit not tolerated. You claim to represent Linux, but your actions conform to something else. The people who generally manage the brand (or trademark) “Linux” barely use Linux. Some never used it at all! The person who tells us “Linux” is so great (Zemlin) actually rejects it himself. This is the person who we’re led to assume will ‘guard’ Linux. A sobering reality check makes one wonder if he does exactly the opposite. The people entrusted to run Linux.com are also not full-time Linux users. What on Earth is going on?!

“The people entrusted to run Linux.com are also not full-time Linux users.”For 12 years we kept mostly quiet about it; we worried that speaking negatively about Zemlin et al would hurt Linux as a whole. But earlier this year we broke the silence, motivated in part by two ladies who had grown fed up with what they had seen. We were shown examples and started our research last winter. The deeper we look, the worse it gets. Then, back in April, all staff of Linux.com got fired. All except one, Swapnil, who typically wrote the paid-for (by sponsors) staged ‘interviews’. Commercials in article form…

“We sat down with Heather Kirksey VP, Community at LF Networking to deep dive into the advancement of networking technologies.”

“LF Networking (LFN) and the Corporate Linux Foundation have once again outsourced everything to Microsoft (GitHub).”So said Swapnil yesterday in his blog post. It’s an ad for LF Networking (LFN). Swapnil is now — as before — openwashing 5G with help from the Corporate Linux Foundation (of course 5G is very proprietary and also a patent trap). This is just their business model; as a marketing front…

LF Networking (LFN) and the Corporate Linux Foundation have once again outsourced everything to Microsoft (GitHub). In their own words from the official statement:

LF Networking (LFN) and the GSMA today announced that the Common NFVi Telco Taskforce (CNTT) has reached its first major milestone with the publication of its initial common Reference Model and first Reference Architecture. Jointly hosted by the GSMA and the Linux Foundation, CNTT operates as an open committee responsible for creating and documenting an industry-aligned Common NFVI Framework.

“This initial release represents the first tangible output of CNTT,” said Heather Kirksey, vice president, Community and Ecosystem Development, the Linux Foundation. “In the short time since ONS North America, the community has already reached milestones around creation of the Reference Model and first Reference Architecture. We have also initiated significant discussion around Reference Implementation along with commencement of enhancements to OVP within OPNFV. I am very pleased to see the focused delivery of this group and our ability to align the industry and accelerate innovation, especially in the advance of 5G. It’s incredible to witness such deep collaboration and integration among operators and vendors from across the globe.”

“The speed with which this group has been established and produced its first tangible results are testament to the close cooperation and collaboration of its industry members,” said Alex Sinclair, Chief Technology Officer, GSMA. “A common framework and approach will accelerate adoption and deployment in the 5G era and we look forward to aligning further with our partners on this important project.”

It is a GitHub repository. So Microsoft controls it. Swapnil didn’t stop there. He then used Linux.com to prop up Dan Meyer from partner publishers of the same employer. Marketing as ‘news’ (their business model is just that). To quote: “The Linux Foundation’s LF Networking group and industry trade association GSMA unveiled the first data release for their Common NFVi Telco Taskforce (CNTT). This initial tranche includes a common reference model and the first reference architecture.”

“It is a GitHub repository. So Microsoft controls it.”And this project is — you’ve guessed it — controlled by Microsoft now. The Corporate Linux Foundation has meanwhile formed another surveillance group (awful members with spying agenda) and outsourced everything to Microsoft, as usual. In their own words: “Presto was developed at Facebook in 2012 as a high-performance distributed SQL query engine for large scale data analytics. Presto’s architecture allows users to query a variety of data sources such as Hadoop, S3, Alluxio, MySQL, PostgreSQL, Kafka, MongoDB and move at scale and speed. It solves the problem of having to choose between having fast analytics that use an expensive commercial solution or using a slow but “free” solution that require excessive hardware.”

What bothers us a great deal is that the Corporate Linux Foundation has outsourced everything to Microsoft yet again. It’s doing this all the time. As another site put it: “An SQL query engine developed by Facebook and moved earlier this year to a non-profit development group is now being hosted by the Linux Foundation.”

“What bothers us a great deal is that the Corporate Linux Foundation has outsourced everything to Microsoft yet again. It’s doing this all the time.”It is being used for surveillance. Here’s another one: “The open source Structured Query Language engine Presto is getting its own project within the Linux Foundation. [...] Presto was designed as an SQL query engine for performing interactive queries on data from sources such as Hadoop, S3, Alluxio, MySQL, PostgreSQL, Kafka and MongoDB. It’s capable of querying multiple data formats, no matter if it’s in a relational, NoSQL, proprietary or unstructured format. Data is queried where it’s stored, without needing to move it to a separate system first.”

And yes, of course Swapnil just had to promote that in his own site as well.

But wait, it get worse

Swapnil from the Corporate Linux Foundation does openwashing for Microsoft… yet again (he did this many times before). He literally refuses to see Microsoft as a rival. They pay him to attack GNU/Linux, so why worry?

“Go work for Microsoft,” I told him. “So at least more people know whose agenda you really serve…”

His Microsoft openwashing came in multiple parts on Monday [1, 2] and he then sucked up to Microsoft, which reciprocates with links to his site.

“Swapnil from the Corporate Linux Foundation does openwashing for Microsoft… yet again (he did this many times before).”There was some more openwashing for VMware on the same day, in multiple parts (sponsored by the Corporate Linux Foundation, which is paid by VMware to do this PR stunt); he just can’t help himself, as if the only way to make a living is by lying for these corporations. GPL violators; serial violators…

Quite frankly, this isn’t even the exception in Swapnil’s site, which is nowadays promoting Amazon’s listening devices (not for the first time). Earlier today it wrote about surveillance coming to nature/parks too. Microphones, listening devices and tracking by wireless signals. Marketed to us as “smart cities” and marketed to us by Swapnil’s site (Corporate Linux Foundation). We’ve seen similar openwashing and surveillance propaganda — some of it for listening devices — from Zemlin or the Corporate Linux Foundation. This is their vision of our future. These people of the Corporate Linux Foundation are toxic. This is the kind of vision of the world the sole Linux.com editor has. Listening devices, openwashing and surveillance; lots of propaganda towards those ends. Mass conditioning and indoctrination help weaken resistance.

“Listening devices, openwashing and surveillance; lots of propaganda towards those ends.”The Corporate Linux Foundation is drowning itself (and us) in a swamp of buzzwords and other nonsense. Connor Jones and Steven J. Vaughan-Nichols ‘report’ (puff pieces) on LF Edge this week [1, 2]. “According to Arpit Joshipura,” one article says, “edge computing will overtake cloud computing by 2025.”

Buzzwords’ battles.

As one person put it: “Is the Linux Foundation where failing projects go to die? That’s sad.”

And one reply said, “yeah indeed linux foundation has gone downhill.”

“It’s also killing Linux,” I responded, “feeding it as lunch to hostile corporations…”

“The Corporate Linux Foundation is drowning itself (and us) in a swamp of buzzwords and other nonsense.”Check out today’s article from Decrypt. To quote: “The internet-of-things cryptocurrency IOTA, and the Linux Foundation, the team behind the developer-friendly operating system, have joined forces, according to a blog post. Combined, they will work to integrate IOTA into LF Edge, Linux’s platform for edge computing. Edge computing is tech’s latest buzzword. The sales pitch is that cloud computing relies on centralized storage in big data warehouses, owned by Amazon, IBM and other blue chip giants. The issue, apparently, is that these data warehouses are often far away from the customers who use them. Edge computing however, promises to use computing power at the ‘edges’ of the network—physically much closer to customers—offering a host of benefits including reduced latency time and less bandwidth.”

In this particular case the Corporate Linux Foundation is acting/serving as little but a marketing agency. Not only in this case (it’s licensing the “Linux” brand for PR); they’re just outsourcing things to Microsoft via GitHub…

Notice how all/most of the above announcements come from KubeCon. Who runs it?

Let’s see…

It turns out that the Linux Foundation isn’t liked even by Microsoft (which ‘bought’ it). As one of them put it: “Wow didn’t realize sponsoring Kubecon Shanghai was the amount of sending a kid to an ivy league… Those pay-for-play keynotes sure don’t come cheap [] I’d much rather sponsor the open source firmware conference, no pay-for-play. All community. All people helping one another. And a hackathon. The Linux foundation events, on the other hand, just scream disingenuous. [] “my kid couldn’t get into college based off their own merit so I paid for them to be accepted” “my project couldn’t get a keynote on it’s own merit, so I paid for one”…”

There’s a screenshot there too, from the brochure.

“In this particular case the Corporate Linux Foundation is acting/serving as little but a marketing agency.”More people now realise that this thing called “Linux Foundation” is a scam that sells keynotes, tweets, "thank yous" and so on.

“Got feeling that kubecon is hijacked by big sponsors to move their agenda,” one person has just remarked. Jim Zemlin and his ‘nonprofit’ are profiting big time (about $100,000,000 per annum) from this attack on Free software (which they help companies raid and privatise). As one senior Red Hat employee has just put it: “So the #OpenCore summit, where Open Core companies complain about Cloud providers using their code but not paying or giving back enough, has AWS as platinum sponsor.”

There’s a screenshot there as well.

People are at least beginning to pay closer attention to these things. Red Hat would be rather hypocritical to say the above given its practices with trademarks, systemd etc.

We’ve noticed a sharp increase in site traffic lately, marking perhaps growing interest in these issues we’ve been covering for many years. The departure of Stallman is another wake-up call.

As one reader put it in an E-mail message, “I want to give them a chance to do us right, but after the farce that took him down, of course — and before we even get to the “diversity” angle, because this statement still holds true if we only talk about the white males that apply…”

“People are at least beginning to pay closer attention to these things.”“The biggest tragedy of the Stallman replacement process is going to be that its going to come down to a decision between someone who would devote their entire life to the role, and someone who would just treat it like a job. And there are too many people who would choose, even prefer, the person who would just treat it like a job. That’s what we are most likely to lose, apart from Stallman himself. And it’s a triumph of corporate cynicism if we do – a triumph of weak devotion over lifelong dedication.”

That’s a correct way to put it, too…

Several people from Red Hat and even Red Hat’s Web site played the “diversity” card against Stallman this past week. It’s like they don’t want someone to replace him based on devotion to Software Freedom but based on other criteria.

Microsoft, suffice to say, couldn’t be happier. Stallman’s last speech as FSF President was ironically enough at Microsoft.

Microsoft is already surging ahead with the E.E.E. offensive; earlier today we saw under the “Linux” RSS feed of the CBS tech tabloid, ZDNet, this article; yes, ZDNet has just shelved Visual Studio, which is proprietary software that doesn’t run on GNU/Linux, under the Linux feed. “Loves Linux” lies let them get away with it…

“Corporate takeover of Linux has entered ‘warp speed’ (or drive).”Phoronix has also just helped Microsoft’s openwashing of .NET (Open Core). It’s those same stunts again. Earlier today and earlier this week (for the second day in a row) Red Hat was pushing Microsoft .NET, only about a week after issuing a rather disturbing press release about Stallman.

Corporate takeover of Linux has entered ‘warp speed’ (or drive).

Links 24/9/2019: GStreamer 1.16.1, Steam Play Proton, WordPress 5.3 Beta

Posted in News Roundup at 7:51 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Server

      • Do What You Love; Love What You Do!

        I still have a sales trophy from 16 years ago. My daughter was born 3 months before and I was still trying to get back on my feet after the “Internet bubble burst” from 2 years prior got me a ‘RIF package’ from IBM.

        [...]

        I haven’t ‘worked’ in over a year, but that doesn’t mean that we are not moving forward. Managing a team of 12 of the smartest, brightest and most awesome consultants in all of Open Source and the IT universe, I am involved in multiple projects. Projects that will affect how SUSE goes into the future and people are listening.

    • Audiocasts/Shows

      • 09/23/2019 | Linux Headlines

        NPM’s CEO Bryan Bogensberger resigns, Google’s new Play Pass subscription service and their Kotlin bootcamp are announced.

        Plus some noteworthy updates for ulauncher and ReactOS.

      • Episode 82 | This Week in Linux

        On this episode of This Week in Linux, we have probably the most controversial episodes we have ever done for this show but before we get to all of that, we’re going to cover some exciting news like a new version of OBS Studio with release of OBS 24.

    • Kernel Space

      • Linux Kernel 5.3 Gets First Point Release, It’s Now Ready for Mass Deployments

        Released by Linus Torvalds on September 15th, Linux kernel 5.3 is the latest and most advanced kernel series for Linux-based operating systems and introduces support for the Intel Speed Select feature to make power tuning much easier on some Xeon servers, as well as support for AMD Radeon Navi GPUs in the AMDGPU driver.

        It also adds support for Zhaoxin x86 CPUs, support for utilizing the clamping mechanism in power-asymmetric processors, support for the umwait x86 instructions for more power efficient userspace, support for 16 millions new IPv4 addresses in the 0.0.0.0/8 range, and support for the lightweight and flexible ACRN embedded hypervisor.

      • Collabora Adds MPEG-2 Decoding to the Linux 5.3 Kernel, Many Other Changes
      • Graphics Stack

        • AMD Linux Graphics Driver Stack Cutting Down On PCI ID Table Duplication

          Traditionally with the Linux graphics drivers there are PCI ID tables littered in multiple places throughout the driver stack from the DRM/KMS kernel drivers to the Mesa OpenGL/Vulkan drivers but also the potential for other areas like the increasingly less common DDX drivers and other components. AMD is looking to address the proliferation of PCI IDs throughout the stack and the maintenance burden of having to keep the list of IDs in sync across the different components.

          AMD has been working to centralize their PCI ID list within the DRM/KMS kernel area and to then expose the needed device and description/family bits to user-space that should be the basic information needed by the likes of the RadeonSI Gallium3D driver for managing the support rather than having to keep replicating these lists.

    • Benchmarks

      • Older Broadwell Graphics Performance Is Looking Good With The New Intel Gallium3D OpenGL Linux Driver

        majority of our benchmarking of Intel’s new Gallium3D OpenGL open-source driver is done with various “Gen9″ graphics hardware given its proliferation and not yet having any Icelake Gen11 graphics hardware for Linux benchmarking. But with the Iris Gallium3D going back to supporting Broadwell “Gen8″ graphics, here is a fresh look at how that oldest supported Intel hardware is working for this new Linux open-source OpenGL driver compared to the current default “i965″ Intel OpenGL driver too.

        Last week I provided an extensive look at the current Intel Gallium3D driver performance with the common Gen9 graphics hardware and the performance (and overall stability) of this new driver is looking great. It’s looking like Intel is still on track for enabling that driver by default in Mesa before the 19.3 release at the end of the calendar year. Following that testing I was curious about Broadwell so I fired up an old Lenovo ThinkPad X1 Carbon laptop.

    • Applications

      • GStreamer 1.16.1 stable bug fix release

        The GStreamer team is pleased to announce the first bug fix release in the stable 1.16 release series of your favourite cross-platform multimedia framework!

        This release only contains bugfixes and it should be safe to update from 1.16.x.

        See /releases/1.16/ for the details.

        Binaries for Android, iOS, Mac OS X and Windows will be available shortly.

    • Instructionals/Technical

    • Games

      • Another Steam Client Beta is up, fixing a Linux issue and some Remote Play problems

        Valve have again released another update to the Steam Library beta. There’s still a lot of issues with it but they seem to be getting through the major problems.

        For the new Library they’ve added a screenshots section to pages for non-Steam games, non-Steam games should be available when Family View is enabled and they fixed an issue with the play bar going over the links bar on the game details when library sharing is active.

      • Steam Play Proton 4.11-6 is out with newer DXVK, support for The Surge 2 and GTA 5 launcher fixes

        Valve and CodeWeavers have once again updated Steam Play Proton as they react quickly to issues that appear.

        It’s another small release too but small isn’t exactly a bad thing. Seeing more regular updates to fix issues for major titles is actually something I had hoped they would do.

      • Valve Releases Proton 4.11-6 To Pull In DXVK 1.4

        Just a week past the previous Proton update, Proton 4.11-6 is out today from Valve as the latest version of their Wine downstream powering Steam Play.

        The principal change to Proton 4.11-6 is pulling in this weekend’s release of DXVK 1.4. The DXVK 1.4 release has Direct3D 11.4 + DXGI 1.5 support to improve game compatibility, and fixes to benefit a handful of games like the Rockstar Game Launcher and Dark Souls III.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.17 Desktop Environment Enters Beta, Final Release Lands October 15

          KDE Plasma 5.17 promises some really cool new features and enhancements, among which we can mention multi-screen and HiDPI improvements, fractional scaling on Wayland, support for managing and configuring Thunderbolt hardware in System Settings, Night Color support on X11, and much-improved notifications with automatic Do Not Disturb mode for presentations.

          Several of the pages in System Settings got redesigned to help you configure your KDE Plasma system easier, the Breeze GTK theme now offers users a better appearance for the Chromium and Google Chrome web browsers and supports system color schemes for GTK and GNOME apps, System Monitor now shows NVidia GPU stats, and Plasma Discover package manager now shows icons for Snap apps.

        • KDE Connect on Windows – Sneak a peak

          Linux, Windows, what. More like awesome Linux software on Windows, what. Behold a review of KDE Connect for Windows, including setup and configuration of the nightly build, functionality and associated glitches, usage testing with SMS, file sharing and music playback, some other observations, and more. Enjoy.

    • Distributions

      • Best Linux distros of 2019: for beginners and advanced users

        Linux is traditionally associated as being an operating system for coders and programmers, but over the years there have been real attempts to make Linux more attractive to general consumers. This is not least due to general consumer dissatisfaction with Windows security issues or even Apple’s walled garden.

        However, Linux comes in many different forms, known as ‘flavors’ or ‘distros’. This is simply because Linux is so incredibly configurable that different forms tend to be developed for different userbase needs or interests.

      • Reasons why openSUSE is Fantabulous in 2019

        Not long ago, I was in the openSUSE Discord off topic chat room… or channel… whatever the terminology is, and the reasons for using openSUSE came up because someone needed a reminder. It was probably more tongue and cheek than anything but it is good, from time to time, to reflect on your decisions and ask yourself whether or not those decisions are still correct.

        After doing a little reflection as to why I use openSUSE, what is its unique selling feature, I would say there are multiple and those reasons likely change in rank based on your particular use case. For me it is the combination of the tools plus a few herbs and spices that provide to me a reliable and stable base upon which I can rely which enables me to learn, experiment and potentially break it with mutliple fail safe features to easily restore it to a pre-fiddling stage. I get freedom to fiddle with openSUSE without the catastrophic consequences of breaking it. It is quite literally everything I want out of a computer operating system.

        Here are some of the featurs I think make it “Fantabulous”, today, in 2019.

      • Intel Database Reference Stack 1.0 Shows How To Optimize For Optane DC Persistent Memory

        Intel’s Database Reference Stack 1.0 is another initiative under their Clear Linux umbrella for demonstrating a database setup that is optimized for their Optane DC Persistent Memory hardware in conjunction with 2nd Gen Xeon Scalable (Cascadelake) CPUs.

        [...]

        This early release of their Database Reference Stack runs atop Clear Linux while tailoring Apache Cassandra and Redis for running off these persistent memory modules. This stack also pulls in Kubernetes for orchestration/management, Kata Containers, and makes use of the Intel Persistent Memory Development Kit (PMDK) and Low-Level Persistence Library. Both FSDAX and DEVDAX persistent memory modes are supported by this stack.

      • New Releases

        • Hyperbola GNU/Linux-libre: Milky Way v0.3 install medium release

          We hereby announce a new release of Hyperbola live image and HyperTalking for Hyperbola GNU/Linux-libre. It is the first release with LibreSSL support and adherence to the Filesystem Hierarchy Standard.

          This version contains various bugfixes and improved stability.

      • Fedora Family

        • Fedora Workstation 31 – What’s new

          Fedora has been leading the migration to Wayland since day one and we are not planning to stop. XWayland on demand has been an effort a lot of people contributed to this cycle. The goal is to only need XWayland for legacy X applications, not have it started and running all the time as that is a waste of system resources and also having core functionality still depend on X under Wayland makes the system more fragile. XWayland-on-demand has been a big effort with contributions from a lot of people and companies. One piece of this was the Systemd user session patches that was originally written by Iain Lane from Canonical. They had been lingering for a bit so Benjamin Berg took those patches on for this cycle and helped shepherd them over the finish line and get them merged upstream. This work wasn’t a hard requirement for Wayland-on-demand, but since it makes it a lot easier to do different things under X and Wayland which in turn makes moving towards XWayland-on-demand a little simpler to implement. That work will also allow (in future releases) us to do things like only start services under GNOME that are actually needed for your hardware, so for instance if you don’t have a bluetooth adapter in your computer there is no reason to run the bits of GNOME dealing with bluetooth. So expect further resource savings coming from this work over time.

          Carlos Garnacho then spent time going through GNOME Shell removing any lingering X dependencies while Olivier Fourdan worked on cleaning up the control center. This work has mostly landed, but it is hidden behind an experimental flag (gsettings set org.gnome.mutter experimental-features “[...,'autostart-xwayland']“) in Fedora 31 as we need to mature it a bit more before its ready for primetime. But we hope and expect to have it running by default in Fedora Workstation 32.

        • Fedora Workstation 31 Should Be Another Fantastic Release For Desktop Linux

          Fedora Workstation 31 when it debuts at the end of October should be another great release for the Fedora project and continuing to ship with the bleeding-edge yet stable packages and latest upstream innovations.

          I continue running Fedora Rawhide on a number of systems internally and that’s going well. We’ve covered many of the features of Fedora 31 during its development cycle thus far while now Red Hat’s Christian Schaller has done a great job highlighting some of the most interesting work on the Fedora Workstation 31 front.

        • Fedora 31: Let’s have an awesome release party!

          Fedora 31 will be released soon. It’s time to start planing activities around the release.

          The most common activity to do is organize release parties. A release party is also a great way for other contributors in the community to get involved with advocacy in their local regions. Learn how to organize a release party and get a badge for it in this article.

      • Debian Family

        • William (Bill) Blough: Free Software Activities (August 2019)
        • Bits from the DPL (August 2019)
          Dear Debian:
          
          First, we're approaching the deadline for projects and mentors for the
          next round of Outreachy [15].  If you have a corner of Debian and would
          bi interested in helping show a new intern why what you're working on is
          really exciting, then please take a look at that announcement.
          You don't have a lot of time, so please act quickly.
          
          I like to start out my Bits from the DPL with a quick glimpse into some
          corner of Debian.
          This month comes with mixed emotions as I take a moment to thank several
          people who have stepped back from their roles.  No, nothing is going
          wrong; this is just the normal consequences of people taking stock of
          their involvement after the Buster release.
          
          Just before August started, Laura Arjona Reina retired from being
          involved in DebConf organization [16].  Since then, two members of the
          DebConf committee have resigned: Jonathan Carter [17] and Lucas Nussbaum
          [18].
          
          Steve McIntyre [19] and Luca Filipozzi stepped down from the cloud team.
          
          One of the best things about Debian is that especially in the last few
          years we've developed a culture of taking stock of our own involvement
          and asking ourselves whether we still want to be in some position.  All
          of the above are still actively involved in Debian.  In all cases they
          have just realized that it is time to move on from a particular role and
          focus on the parts of Debian that they choose.
          
          Rotation of people helps our organization stay strong.
          So I'd like to thank you all for your service in these roles, and thank
          you for making room for others to get involved.
          
          And at least for the DebConf committee and Cloud Team, I need to work
          with the community and teams to find replacements:-)
          
          
      • Canonical/Ubuntu Family

        • Lubuntu, A Once Great Distro, Is Falling Behind

          Lubuntu used to be that Linux distribution that you referred a friend to in case he wanted a very lightweight, newbie-friendly yet elegant alternative for Windows. Up to its 18.04LTS release, it indeed worked as expected, but starting with 18.10 where the development team switched to using the Qt-based desktop LXQt instead of traditional LXDE, things started to break.

          As a short background, you should know that there was a desktop environment called “Razor-Qt”, which was a newly developed desktop based on the Qt toolkit that aimed to be lightweight and modern in the same time. There was also another team working on a Qt branch of LXDE (which is GTK-based) called LXDE-Qt. After a lot of discussions, both teams combined efforts and started to work on one project called LXQt.

          LXDE desktop is still working today, and is considered to be feature complete. But it was not even ported to GTK 3 like other desktops such as MATE and XFCE, instead, it’s still using the legacy GTK 2.

        • Ubuntu’s ZFS Installation Work Will Continue Into The 20.04 LTS Cycle

          With Ubuntu 19.10 one of the changes we have been looking forward to the most is the planned Ubuntu desktop installation support atop ZFS as a root file-system and Canonical’s related work around the new ZSYS daemon. It’s looking like the basic ZFS root installation support will make it in time for next month’s Ubuntu 19.10 release but more advanced installation features won’t be ready in time.

          As of writing and even with the Ubuntu 19.10 beta freeze upon us, the option for installing the Ubuntu desktop atop a ZFS root file-system isn’t yet in place for Ubiquity. There were some disagreements over the zfs_install code for Ubiquity with its design. Revised code is now being worked on.

        • The Fridge: Ubuntu Weekly Newsletter Issue 597

          Welcome to the Ubuntu Weekly Newsletter, Issue 597 for the week of September 15 – 21, 2019.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Hippocratic License: Open Source License Against the Likes of ICE

        Coraline Ada Ehmke has created “Hippocratic License” that “add ethics to open source projects”. But this seems to be just the beginning of a controversy as the “Hippocratic License” may not be open source at all.

      • Software Company Chef Won’t Renew ICE Contact After All

        Come Monday, Crist reversed course.

        In a new blog post, Crist said that Chef won’t renew contracts with ICE and the US Customs and Border Protection when they expire next year, and that the company will donate this year’s revenue from the contracts to charities that help families affected by the agencies’ family separation and detention policies. The ICE contract was valued at $95,500 for an 11-month period through August 2020. Chef declined to comment on the value of the CBP contract.

      • Coder deletes open source add-on for Chef in protest over ICE contract

        On September 17, Seth Vargo—a former employee of Chef, the software deployment automation company—found out via a tweet that Chef licenses had been sold to the Immigration and Customs Enforcement Agency (ICE) under a $95,500, one-year contract through the approved contractor C&C International Computers & Consultants. In protest, Vargo decided to “archive” the GitHub repository for two open source Chef add-ons he had developed in the Ruby programming language. On his GitHub repository page, Vargo wrote, “I have a moral and ethical obligation to prevent my source from being used for evil.”

        That move, according to an all-hands email sent out by Chef CEO Barry Crist—later published on the company’s website—”impact[ed] production systems for a number of our customers. Our entire team has worked to minimize customer downtime and will continue to do so until we restore services to 100% operation.”

      • Events

        • CppCon 2019 News Roundup

          C++ developers flocked to Colorado for CppCon 2019. The convention is intended for personal networking and slideshow presentations, but its size leads to a handful of niche announcements that might be interesting to our readers when bundled together.

      • Web Browsers

        • Blokada review: Thousands of ad blocking and filtering requests per day

          I am familiar with AdGuard thanks to its ad blocker for multiple desktop browsers, but Blokada was a new name for me. A search in the Play Store was fruitless, so I googled it.

          What kind of service would it provide for someone to believe that Android should not be used without it? Was it someone just stating his/her opinion as facts, or was there some truth behind it?

          Turns out, I kind of agree with this redditor. Blokada is an ad blocker that works differently from what AdGuard provides in its browser extension. It not only blocks ads, it has a list of blacklisted URLs, and it creates a local VPN to block any request that is submitted to any domain in said list. The request bounces against the local VPN and dies right away.

        • Mozilla

          • Firefox Nightly: These Weeks in Firefox: Issue 64
          • Building a creative foundation

            Last week I spent two days at Harvard University participating in my third Professional Development class at Harvard. This time the subject was “Creative Thinking: Innovative Solutions to Complex Challenges.” The workshop was led by two experienced facilitators, Anne Manning and Susan Robertson.

            We started with introductions, and it soon became clear we had a very diverse group of participants – I was the lone person from the tech sector, but there was a nice blend of sectors represented, as well as some international participants. This made from some very interesting discussion outside the classroom and during the various breaks.

            I was also pleased that some people sought me out, especially once they found out I was an “Ideator.” Prior to the class, we had taken an assessment, and then were presented with the results. In one of the exercises, it turned out we were teamed up with other participants who fell into the same quadrant as us. I thought it was a good way to weave that assessment into the class content (and of course, initially without us being aware of it).

            I had some great takeaways from the two day class. I think the thing I appreciated the most was that the facilitators went to great lengths to give us a toolkit to take with us to apply the next time we are working on a project or interacting within a team. I think I also left the class with the distinct feeling that much like the diagram our team came up with above, you really have to build creativity into your system in a continuous manner.

      • CMS

        • Kiwi TCMS: Kiwi TCMS 7.0

          We’re happy to announce Kiwi TCMS version 7.0! This is a major release which includes security updates, significant database schema and API changes, many improvements, removed functionality, bug fixes, substantial internal refactoring and several new languages. You can explore everything at https://public.tenant.kiwitcms.org!

        • WordPress 5.3 Beta 1

          This software is still in development, so we don’t recommend running it on a production site. Consider setting up a test site to play with the new version.

      • Pseudo-Open Source (Openwashing)

      • FSF/FSFE/GNU/SFLC

        • Links: September 22, 2019 | Hackaday

          Of all the stories we’d expect to hit our little corner of the world, we never thought that the seedy doings of a now-deceased accused pedophile billionaire would have impacted the intellectual home of the open-source software movement. But it did, and this week Richard Stallman resigned from the Computer Science and Artificial Intelligence Lab at MIT, as well as from the Free Software Foundation, which he founded and served as president. The resignations, which Stallman claims were “due to pressure on MIT and me over a series of misunderstandings and mischaracterizations”, followed the disclosure of a string of emails where he perhaps unwisely discussed what does and does not constitute sexual assault. The emails were written as a response to protests by MIT faculty and students outraged over the university’s long and deep relationship with Jeffrey Epstein, the late alleged pedophile-financier. This may be one of those stories where the less said, the better. If only Stallman had heeded that advice.

        • Photoshop too expensive? Use these free alternatives instead

          GIMP (GNU Image Manipulation Program) is a downloadable, professional-grade photo editor with an extensive Photoshop-like collection of essential editing tools. In addition, GIMP boasts advanced filters and layer masks. Whether you want to add text, erase background or add texture to a photo, this no-cost editing software will meet your needs.

      • Licensing/Legal

        • FSF Continuing Legal Education Seminar on GPL Enforcement and Legal Ethics

          The FSF Licensing and Compliance Lab will work with experienced lawyers and professionals to provide a full day continuing legal education (CLE) seminar on GPL Enforcement and Legal Ethics for legal professionals, law students, free software developers, and anyone interested in licensing issues.

        • Xiaomi Releases Android Pie Kernel Sources for Redmi Note 8, Note 8 Pro

          Xiaomi has often been criticized by FOSS proponents and developers for its failure to abide by the GNU General Public License v2 license, which governs open source software such as Android. The company has often either completely failed to release kernel sources for its smartphones and tablets, or released them long after the launch of the device, both of which are an outright violation of the GNU GPL license.

      • Programming/Development

        • Qt Quick on Vulkan, Metal, and Direct3D – Part 3

          In part 3 of our series on Qt graphics (part 1, part 2), we will look at how shaders are handled in Qt Quick in Qt 5.14 when switching the scenegraph over to rendering through QRhi, the Qt Rendering Hardware Interface. We choose to cover shader handling before digging into the RHI itself because Qt Quick applications using ShaderEffect items or custom materials have to provide fragment and/or vertex shader code themselves, and therefore they need to be aware of (and by Qt 6, migrate to) the new approach to shader handling.

          Speaking of Qt 6: while everything described here applies to, and only to, Qt 5.14, and may change in later releases, what we have here will likely form the foundation of graphics and compute shader handling in Qt 6, once the few remaining rough edges are eliminated.

        • Command Execution Tricks with Subprocess – Designing CI/CD Systems

          The most crucial step in any continuous integration process is the one that executes build instructions and tests their output. There’s an infinite number of ways to implement this step ranging from a simple shell script to a complex task system.

          Keeping with the principles of simplicity and practicality, today we’ll look at continuing the series on Designing CI/CD Systems with our implementation of the execution script.

        • DjangoCon US 2019: Python & Django in San Diego!

          We are back to San Diego!! Our team will be joining DjangoCon US’s conference, one of the biggest Django events in the world. For this year, we’ll be giving two talks: Pull Requests: Merging good practices into your project and Building effective Django queries with expressions

        • 12 Excellent Free Books to Learn Ada

          Ada is a structured, statically typed, imperative, wide-spectrum, multi-paradigm, object-oriented high-level, ALGOL-like programming language, extended from Pascal and other languages. The language was developed in the late 1970s and early 1980s. Ada is named after Augusta Ada Byron (often now known as Ada Lovelace), daughter of the poet Lord Byron.

          Ada has built-in language support for explicit concurrency, offering tasks, synchronous message passing, protected objects, and non-determinism. Ada incorporates the benefits of object-oriented languages without incurring the pervasive overheads.

          Other notable features of Ada include: strong typing, inherent reliability, modularity mechanisms (packages), run-time checking, parallel processing, exception handling, the ability to provide abstraction through the package and private type, and generics.

        • An advanced look at Python interfaces using zope.interface

          The Zen of Python is loose enough and contradicts itself enough that you can prove anything from it. Let’s meditate upon one of its most famous principles: “Explicit is better than implicit.”

          One thing that traditionally has been implicit in Python is the expected interface. Functions have been documented to expect a “file-like object” or a “sequence.” But what is a file-like object? Does it support .writelines? What about .seek? What is a “sequence”? Does it support step-slicing, such as a[1:10:2]?

          Originally, Python’s answer was the so-called “duck-typing,” taken from the phrase “if it walks like a duck and quacks like a duck, it’s probably a duck.” In other words, “try it and see,” which is possibly the most implicit you could possibly get.

        • DevNation Live Bengaluru: Kubernetes serverless application architecture

          Our first DevNation Live regional event was held in Bengaluru, India in July. This free technology event focused on open source innovations, with sessions presented by elite Red Hat technologists.

          In this session, Burr Sutter discusses serverless architectures, which have become a common approach in organizations that want to be more effective in DevOps and optimize their IT resources. This approach adds further flexibility to the next generation of microservices, and Knative helps running your microservices serverless workloads on Kubernetes/OpenShift be more agile and effective.

        • RcppAnnoy 0.0.13

          A new release of RcppAnnoy is now on CRAN.

          RcppAnnoy is the Rcpp-based R integration of the nifty Annoy library by Erik Bernhardsson. Annoy is a small and lightweight C++ template header library for very fast approximate nearest neighbours—originally developed to drive the famous Spotify music discovery algorithm.

          This release brings several updates. First and foremost, the upstream Annoy C++ code was updated from version 1.12 to 1.16 bringing both speedier code thanks to AVX512 instruction (where available) and new functionality. Which we expose in two new functions of which buildOnDisk() may be of interest for some using the file-back indices. We also corrected a minor wart in which a demo file was saved (via example()) to a user directory; we now use tempfile() as one should, and contributed two small Windows build changes back to Annoy.

        • Picolibc Version 1.0 Released

          I wrote a couple of years ago about the troubles I had finding a good libc for embedded systems, and for the last year or so I’ve been using something I called ‘newlib-nano’, which was newlib with the stdio from avrlibc bolted on. That library has worked pretty well, and required very little work to ship.

          Now that I’m doing RISC-V stuff full-time, and am currently working to improve the development environment on deeply embedded devices, I decided to take another look at libc and see if a bit more work on newlib-nano would make it a good choice for wider usage.

          One of the first changes was to switch away from the very confusing “newlib-nano” name. I picked “picolibc” as that seems reasonably distinct from other projects in the space and and doesn’t use ‘new’ or ‘nano’ in the name.

  • Leftovers

    • A human approach to reskilling in the age of AI

      If you don’t believe AI conversations affect you, then I suggest reviewing this 2018 McKinsey Report on reskilling in the age of automation, which provides some interesting statistics.

    • Hardware

    • Health/Nutrition

      • We’re in Court to Protect Family Planning Care for Millions of Low-Income Patients

        Title X is a federally funded family planning program that guarantees low-income people can receive critical health care services for free or at a reduced cost. For decades it’s been one of the most effective federal health care programs, providing a wide range of vital reproductive and other services for millions of people across the country who wouldn’t otherwise be able to afford them.

      • As Vaping-Related Lung Illnesses Continue, the Culprit Remains a Mystery

        Young people across the United States are continuing to fall ill with vaping-related lung disease as federal investigators struggle to identify the cause. In a conference call with reporters on Thursday, officials from the Centers for Disease Control and Prevention said they have recorded 530 probable and confirmed cases, along with seven deaths. Canada also reported its first case this week, after a teenager in Ontario was put on life support following use of an e-cigarette device.

        In many of the recorded cases, the patients — mainly men under the age of 25 — have experienced chest pain, shortness of breath, and coughing, among other symptoms. But officials have not been able to pin down a single substance, ingredient, or brand that could be responsible. And while most patients have reported vaping tetrahydrocannabinol (THC), the primary psychoactive ingredient in marijuana, others say they only vaped nicotine or a combination of the two.

    • Security (Confidentiality/Integrity/Availability)

      • Parrot 4.7 Ethical Hacking OS Released with Linux Kernel 5.2, MATE 1.22 Desktop

        Coming more than four months after version 4.6, the Parrot 4.7 release is here with up-to-date penetration testing and ethical hacking tools for security researchers and everyone else how wants to get started with security releated tasks. Powered by the Linux 5.2 kernel, Parrot 4.7 introduces a new sandbox behavior to make it easier to use sandboxed apps.

        “In Parrot 4.7 the sandbox is disabled by default, and users can decide wether to start an application sandboxed or not,” explains Lorenzo Faletra. “You can easily start the sandboxed version of an installed program from the /sandbox/ folder or from a dedicated menu that we plan to improve in the future, or you can re-enable it by default by using the firecfg tool.”

      • South Africa’s renowned white hat hacker

        SensePost CTO Dominic White is one of South Africa’s best-known white hat hackers and has become the face of cybersecurity for many people.

        White’s love for computers started in school when his mother bought him a second-hand computer from one of their tenants.

        “I immediately tried to plug it all in and get it turned on. I soon realized I had no idea what I was doing, but I wanted to figure it out,” he said.

        He did figure it out, and quickly realised that high school computer science presented many opportunities for mischief.

      • How DevOps professionals can become security champions

        Security is a misunderstood element in DevOps. Some see it as outside of DevOps’ purview, while others find it important (and overlooked) enough to recommend moving to DevSecOps. No matter your perspective on where it belongs, it’s clear that security affects everyone.

        Each year, the statistics on hacking become more alarming. For example, there’s a hacker attack every 39 seconds, which can lead to stolen records, identities, and proprietary projects you’re writing for your company. It can take months (and possibly forever) for your security team to discover the who, what, where, or when behind a hack.

        What are operations professionals to do about these dire problems? I say it is time for us to become part of the solution by becoming security champions.

      • Nine words to ruin your Monday: Emergency Internet Explorer patch amid in-the-wild attacks

        Microsoft today issued a rare emergency security update for Internet Explorer to address a critical flaw in the browser that’s being exploited right now in the wild.

        Redmond says the vulnerability, a scripting-engine memory-corruption bug designated CVE-2019-1367, can be abused by a malicious webpage or email to achieved remote code execution: that means Windows PCs can be hijacked by viewing a suitably booby-trapped website, or message, when using Internet Explorer. Malware, spyware, and other software nasties can be injected to run on the computer, in that case.

        Discovery of the flaw, and its exploitation in the wild by miscreants to commandeer systems, was attributed to Clément Lecigne of the Google Threat Analysis Group. The programming blunder is present in at least IE 9 to 11.

        Such flaws are not uncommon, and Microsoft typically patches anywhere from 10-20 browser and scripting engine remote code execution bugs each month with the Patch Tuesday bundle. Because they allow remote code execution with little or no user warning or interaction, Redmond considers such bugs to be critical security risks.

      • Job Opportunity for a Junior Developer (m/f/x)

        We, Lightning Wire Labs, are offering an opportunity ideal for a student to become a Junior Developer.

        As a leading organisation in the IPFire Project, we are growing our team to allow us to move it forward quicker as well as advancing other internal projects.

        Are you a frequent contributor to Open Source projects, but want to develop your skills further? Join our growing team to help us to achieve our ambitious goals and learn at the same time.

        [...]

        This job will be remote work with occasional visits to our main office if required. A EU/EEA citizenship is required.

    • Defence/Aggression

      • Echoing ‘Immortal Regiment’ World War II march, Moscow opposition groups request permit for ‘Immortal Gulag’ march

        The “Immortal Regiment” memorial march is a staple of collective memory in contemporary Russia: In it, marchers carry photographs of relatives and others who were killed in the Second World War. In an apparent attempt to elevate internal Soviet repressions to the cultural status of the war, a group of Russian opposition organizations is petitioning to hold a march called “Immortal Gulag” in central Moscow.

      • A Veteran in a World of Never-Ending Wars and IEDs
      • Government Moves To Block Alleged Drone Whistleblower’s Defense In Espionage Act Case

        The United States government has moved to block Daniel Hale, a former U.S. Air Force language analyst, from presenting any evidence that he had “good motives” when he allegedly disclosed documents to a reporter that exposed a targeted assassination program involving armed drones.

        Yet, while the U.S. government hopes to ensure Hale cannot put on a whistleblower defense during his trial, Hale’s defense attorneys have directly challenged the constitutionality of the Espionage Act, arguing [PDF] it violates the First Amendment. They also assert that the government is selectively and vindictively prosecuting Hale for his alleged act of dissent.

      • Iran Has Called Washington’s Bluff

        At the UN, Tehran is challenging the Europeans to defy Washington—and the attack on Saudi oil installations demonstrates that Iran can fight back against US sanctions, whether directly or through proxies.

    • Environment

      • U.N. Summit Opens With Dire Warnings on Climate Change

        The U.N.’s annual gathering of world leaders opens today with U.N. Secretary-General Antonio Guterres hosting a major summit promoting action to slow climate change.

        The event—which follows a New York City-sanctioned school climate strike and a U.N. Youth Summit featuring 16-year-old Swedish climate activist Greta Thunberg—will draw an impressive list of world leaders, including German Chancellor Angela Merkel, French President Emmanuel Macron, and Indian Prime Minister Narendra Modi, who will detail specific steps to lower dependence on fossil fuel. China’s Foreign Minister, Wang Yi, will also speak. Over 100 world leaders are expected to attend. But there’s one glaring absence.

      • We Are Nowhere Close to Meeting Our Climate Goals

        The summit highlighted the nations doing the most to fulfill their commitments as part of the 2016 Paris climate accord. That meant representatives from Saudi Arabia, Japan, and the US got no time on stage. Among the biggest contributors to the global carbon budget, they were excluded for not sufficiently committing to emissions reduction or for pursuing policies that actively undermine the Paris accord. President Donald Trump underscored his climate dismissal by attending for a mere 15 minutes. With dozens of world leaders descending on UN headquarters, Trump had scheduled a competing meeting at the UN for a “call to protect religious freedom”; in the end, he and Vice President Mike Pence made a brief surprise appearance at the climate meeting.

      • ‘You Are Failing Us’: Plans, Frustration at U.N. Climate Talks

        Scolded for doing little, leader after leader promised the United Nations on Monday to do more to prevent a warming world from reaching even more dangerous levels.

      • Global Idiocy
      • Russia joins Paris Agreement on climate

        Russian Prime Minister Dmitry Medvedev has signed a government order accepting the conditions of the Paris Agreement, RIA Novosti reported. The agreement was initially drafted in 2015 to provide an international framework for combating the climate crisis.

      • Naomi Klein, Autism and Climate Activism

        In a recent interview with Amy Goodman, Naomi Klein linked Greta Thunberg’s autism with her powerful commitment to combating climate chaos. In doing so, I believe she promoted a serious misunderstanding about how autism is linked to Greta’s moral clarity on this existential threat. In the interview quoted extensively below, Klein talks about autism and the human brain’s propensity for “mirroring.”

      • Overpopulation

    • Finance

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

    • Privacy/Surveillance

      • Google Blocks Privacy Push at the Group That Sets Web Standards

        The Alphabet Inc. unit was the only member of the World Wide Web Consortium to vote against the measure to expand the power of the organization’s [Internet] privacy group, according to a tally of the results viewed by Bloomberg News. Twenty four organizations voted for the idea in a recent poll.

      • Snowden’s Book Is a Bestseller — and a Honeypot for Hackers

        Edward Snowden’s memoir “Permanent Record” is a best seller. Hackers are trying to cash in on it, too.

        A type of malware called Emotet is being embedded in an email phishing campaign that offers Snowden’s book as an attachment. The spam email claims the former government contractor’s story has been banned, then encourages readers to download, read and share his book, according to Malwarebytes Inc., which analyzed the campaign in recent days.

        But when a recipient clicks on the attachment, there’s no book. Instead, there’s a link that, if selected, buries malicious code into the unlucky clicker’s device. Malwarebytes said it discovered the emails in English, Spanish, German, Italian and French.

    • Civil Rights/Policing

    • Digital Restrictions (DRM)

      • Nerf’s new Ultra blasters shoot farther than ever before — but there’s a catch

        But the new blasters come with a catch: DRM for darts, it sounds like! “If the blaster detects an incompatible dart in the drum, it won’t fire and will skip to the next chamber,” writes The Wall Street Journal. A Hasbro executive told the publication that existing darts were just too easy to copy, and it’s got patents pending on the new Ultra foam.

        That may annoy the Nerf community, because it could drive up the effective price of hosting a Nerf war. Right now, you can buy hundreds of knockoff Nerf Elite darts for just a few dollars online and use them in dozens of different blasters from both Hasbro and competitors, whereas it’ll cost $10 to get just 20 of these new Ultra darts instead.

        The low prices and interoperability of Elite darts meant event organizers could afford to provide a big chest of ammo for players that they return at the end of the day — instead of each person bringing their own ammo and fighting over which darts belong to which people at the end of each game.

    • Monopolies

      • Twitter Bans Saudi Official Implicated in Khashoggi Murder, Hundreds of Other Pro-Saudi Accounts

        Twitter on Friday said it had “removed or suspended thousands of accounts with ties to governments in the Middle East,” including a former close media adviser to Saudi Crown Prince Mohammed bin Salman who reportedly ran a pro-regime online troll army and was implicated as involved in the murder of dissident journalist Jamal Khashoggi.

      • Copyrights

        • How Untitled Goose Game adapted Debussy for its dynamic soundtrack

          Using Logic, he split up the song into two beats, ending up at about 400 stems. And although the notes can sometimes cut off midway through musical phrases, the songs avoid sounding chopped up through the use of reverb. “I exported each of these stems so that the reverb rings out as much as it can,” he says. “Each of these stems, they’re not the same length, even though they’re the same musical length. You can play them over the top of each other, and it just sounds like the piano is holding down the sustain pedal.”

          The stems were then matched up to the game, which operates in three states: the first is a silent state, where the goose is just hanging out, not doing anything; in the second state, the “low energy version” is performed as the goose is plotting and scheming, moving closer to his prey; and the third state is when you’re being actively chased, which is the performance you’d hear on a record. The game chooses which version to play depending on what’s happening — so taking into account all the different ways the stems can be matched together, that means the amount of different versions you can hear is “a number with, like, 52 zeroes,” Golding says. “One of the beauties of the game is that nobody’s gonna get the same performance.”

Richard Stallman Explains His Microsoft Talk

Posted in FSF, Microsoft at 12:23 am by Dr. Roy Schestowitz

My Talk at Microsoft by Richard Stallman (original released under CC-BY; Copyright © 2019 Richard Stallman)

Stallman at Microsoft

Summary: “There are those who think that Microsoft invited me to speak in the hope of seducing me away from the free software cause. Some fear that it might even have succeeded. I am sure the Microsoft staff I addressed saw that that could never happen.”

It is now public knowledge that on 4 September 2019 I gave a talk at the Microsoft campus in Redmond. I was invited and I accepted. The report of this has led to a certain amount of speculation and rumor.

There are those who think that Microsoft invited me to speak in the hope of seducing me away from the free software cause. Some fear that it might even have succeeded. I am sure the Microsoft staff I addressed saw that that could never happen. I resisted Steve Jobs’s snow job in 1989 or 1990; I am no easy mark for those who want me to change my views.

Others assert that inviting me was opposition research and nothing more. If that was the intention, Microsoft didn’t learn anything it could not have learned from recordings of my talks.

In the past, Microsoft published what it called “contributions to open source” that were no contribution whatsoever to the Free World. (This says something about the deep difference between the open source and the free software movement.) However, if Microsoft sought to return to that practice, it had no need to invite me.

Some are trying to portray my decision to speak there as approval of Microsoft’s current conduct. This is, of course, absurd. My rejection of Microsoft’s nonfree software continues just like my rejection of all other nonfree software. But the fact that people make nonfree software is no reason not to show them reasons why software should be free.

I don’t think Microsoft invited me with a view to seduction, or opposition research, or trickery, or misrepresention. I think some Microsoft executives are seriously interested in the ethical issues surrounding software. They may also be interested in carrying out some of the specific suggestions/requests I presented. I started with a list of actions that would help the free software community, and which I though Microsoft might be amenable to, before stating the free software philosophy in the usual way. I think there is a chance that Microsoft might change some practices in ways that would help the Free World practically, even if they do not support us overall.

It is only a chance; I would not try to estimate the probability. Microsoft did not give me any promises to change; I did not ask for any.

What I can say now is that we should judge Microsoft’s future actions by their nature and their effects. It would be a mistake to judge a given action more harshly if done by Microsoft than we would if some other company did the same thing. I’ve said this since 1997.

That page describes some hostile things that Microsoft famously did. We should not forget them, but we should not maintain a burning grudge over actions that ended years ago. We should judge Microsoft in the future by what it does then.

Another thing I’ve said for years, about various companies, is that when a company does several different things, it is best to judge each thing on its own, provided they are separable. Actions that benefit freedom are good, and we should say so, while being careful not to let a small good distract us from a large evil.

The main motive for Microsoft’s future activities, whether changed or not, will surely be profit. That is neither here nor there, because the free software movement is not against profit, as such; we are not the simplistic opposite of the extreme capitalism which claims that profit justifies any and all means. We approve of what respects users’ freedom, whether done for profit or not, and we condemn what tramples users’ freedom, whether done for profit or not.

Time will show us whether Microsoft begins to do substantial activities that we can judge as good. Let’s encourage that in all prudent ways.

Here are the suggestions I gave to Microsoft.

  • Help keep computers unlocked (no “secure boot” that restricts what systems we can run). Truly secure boot means YOU specify what system is allowed to run in your computer.
  • Help make peripherals safe — no back doors in their embedded software. This applies to keyboards, cameras, disks and memory sticks, since they contain computers and with preinstalled software that can be replaced through a universal back door. Crackers do that, installing malware into them, which becomes an advanced persistent threat. I can explain more if desired.
  • Publicly take back Microsoft’s attacks on copyleft made in the 2000s. Ballmer called the GPL a “cancer”. Allchin called it “un-American”.
  • Encourage copylefting of application and library code, maybe even system and tool code.
  • Direct GitHub to promote correct and clear use of licenses and the best use of copyleft (GPL version 3-or-later).
  • Help fight against copyright on interfaces.
  • Help make the web usable with Javascript deactivated.
  • Implement an anonymous internet sales platform that doesn’t require Javascript, using GNU Taler (taler.net).
  • Publish the hardware interface of products such as Hololens so we can run them without any nonfree software. Even if our software is years behind, that will be better than not being able to use these devices at all.

And one other suggestion, which I made to a vice president but perhaps not in my talk.

  • Release the source code of Windows under the GNU GPL.

I know that is a stretch, but from what I heard there. it isn’t totally impossible.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts