Are you running AWS on the original Amazon Linux AMI?
Good news, you’ve won a major reprieve from plans to end support for the operating system this summer, with the cloud provider bowing to “customer feedback” and agreeing to extend end-of-life to December 31, 2020.
AWS had planned to phase out support by June, but push-back from customers has seen it extend that date by six months; and add a minimal three-year maintenance support period to June 30, 2023 for good measure.
Maintenance will be limited: users of the 10-year-old AMI (Amazon Machine Image) will only get critical and important security updates for a reduced set of packages, with no guaranteed support for new AWS features.
AWS still wants users to migrate to Amazon Linux 2, saying “we strongly encourage you to use it for your new applications.”
Lots of news including Pine64, Linux gaming, Thunderbird, and WireGuard. Plus Will is looking to install a decent OS on his Mac, and mixed news in KDE Korner.
OpenMandriva’s latest update has new user tools, Godot scores a $250,000 grant, and Intel pulls out of Nervana.
After years of development WireGuard, a revolutionary approach to Virtual Private Networks (VPN) was finally fast-tracked to the Linux kernel. Now, at long last, WireGuard is in Linus Torvald's code tree. That means WireGuard should appear in the Linux kernel 5.6 release. This may be as early as April 2020.
This has the potential to change everything about VPNs -- not just in Linux, but in the entire VPN world. That's because essentially all VPN services run off Linux servers. Some VPN services, such as StrongVPN and Mullvad VPN, have already seen the writing on the wall and are moving their software stacks to WireGuard.
Nvidia released today the Nvidia 440.59 long-lived graphics driver for UNIX systems to add a few enhancements and fix various bugs.
Available for Linux, BSD, and Solaris systems, the Nvidia 440.59 proprietary graphics driver disables frame rate limiting on systems without active displays when HardDPMS is enabled and fixes an X crash on systems with multi-GPU Screen configurations by restricting the maximum number of GPU Screens to one per device.
Furthermore, it improves the saving of configuration files in nvidia-settings by adding a default filename when no configuration file is detected, and patches another bug that could cause the X server to crash.
Codeplay announced last year they were working on an open-source layer for running Intel's oneAPI and Data Parallel C++ on NVIDIA GPUs and as part of that supporting Khronos' SYCL on NVIDIA hardware. Today they revealed more details on this achievement and new software layer.
Codeplay announced today their experimental code for SYCL on NVIDIA GPUs without having to go through OpenCL. Instead, they are going through LLVM and generating the NVPTX to run on the NVIDIA binary GPU drivers.
This should be working for both single and multi-GPU setups and obviously benefits compute-focused systems in particular. Hopefully this BACO for KFD support will get buttoned up in time for the AMD Radeon changes for Linux 5.7.
Intel's Linux graphics stack has seen a lot of major changes in recent years besides the addition of their "ANV" Vulkan driver. The Intel Linux OpenGL driver saw their new Gallium3D driver, NIR has come about as the new intermediate representation used across their drivers, and other fundamental changes and improvements. The latest underlying work is introducing a pattern-based code generator for their graphics compiler.
Longtime open-source Intel Linux developer Ian Romanick spoke at FOSDEM 2020 this weekend in Brussels about the automatic, pattern-based code generation he's been working on for the Intel Mesa code. This comes after more than a decade of experimenting with the idea before of a code-generator generator only to hit roadblocks.
Hikari is a stacking window manager with tiling support that has also work-in-progress code for serving as a Wayland compositor. However, unlike most X11 window managers and Wayland compositors being focused on Linux systems, Hikari is BSD-focused.
Hikari was presented at this weekend's Free Open-Source Developers' European Meeting (FOSDEM) in Brussels as a window manager / compositor initially targeting FreeBSD but is being ported ultimately to other platforms as well: Hikari can also be built for OpenBSD and the Wayland support should work on Linux systems.
Last week we published benchmarks of the Motile M141, Walmart's private-label tech branch, and the M141 being a Ryzen 3 3200U powered laptop that has been retailing for just $199 USD. In those initial benchmarks was an extensive look at the Windows vs. Linux performance while this article today is looking at the performance of this AMD Ryzen 3 laptop against a number of old and new Intel laptops, all tested using a daily snapshot of Ubuntu 20.04 LTS.
Eight laptops I had available were tested for putting the performance of this $199 USD laptop in perspective. Though as one unfortunate item: since running the original article and all the publicity on the Motile M141, Walmart has increased its price at least temporarily to $279 USD. We'll see if it falls back to $199 in the days ahead but even at $279 is still a decent deal. The laptops I had available for testing in this comparison included...
Conducted the trial of the editor of the publication Michael Larabel for the selected device Walmart M141, whose price tag reaches $ 200. The laptop operates on the basis of processor AMD Ryzen 3 3200U, while the graphics is Vega 3. From the device has 4 GB of RAM and a display of 14 inches at a resolution of 1080 p. In as the OS used Windows 10 and Ubuntu 20.04 LTS. In the end, it turned out that in the case of a Linux distribution, the speed of the device was much higher. Only on each of the systems was carried out for 63 test. Ubuntu has shown itself to be better in 60% of cases, and totally bypassed Microsoft product 15%.
Insight: Useful Tools To Monitor CPU And GPU Temperature In Ubuntu
Let’Ss have a quick look into the list of CPU & GPU temperature monitoring tools for Ubuntu operating systems.
Sensors is a command-line utility to monitor CPU and GPU temperature in Linux. It helps you to see the readings of all sensor chips including the CPU. Run the following command in Ubuntu to install Sensors.
Do you know Repology.org? It is a brilliant package search engine for all GNU/Linux distros. For us, we can find out software packages --in binary and source forms-- across various distros' repositories, even those which do not have package search facilities, and then quickly compare package version with versions available in another distros. In short, we using Ubuntu, Fedora, openSUSE and whatever distros can search for packages centrally here. For individual software developers, Repology is useful to discover which distros have not yet packaged your software, and to contact the maintainers quickly. For distro maintainers, of course it's useful to compare your repository against another distros' repositories. Repology can generate informative badge of package availability (see examples below) we can display onto any website that accept HTML code. This overview covers what Repology is with examples and how to use it for users across GNU/Linux distros in easy ways. I didn't find any other source on the net that covers it yet so I decided to write this article. I hope this helps you a lot in finding packages and researching more about GNU/Linux. Enjoy!
Termshark, an interactive Wireshark-like terminal interface for TShark written in Go, was updated to version 2.1 (2.1.0 followed quickly by 2.1.1 to solve an issue) with new features like a conversation view for the most common conversation types, support for multiple live captures / interfaces on the command line, support for extcap interfaces by default, and more.
Wireshark is a popular free and open source network protocol analyzer for Linux, macOS, BSD, Solaris and other Unix-like operating systems, and Microsoft Windows. Wireshark has a GUI, and for those wanting to use it from the command line there's TShark, a terminal oriented version of Wireshark for capturing and displaying packets. TShark doesn't have an interactive user interface though.
This is where Termshark comes in. Termshark is an interactive terminal user interface (TUI) for TShark, inspired by the Wireshark user interface.
After being in development for 8 months, TLP 1.3 was released with a new configuration scheme, tlp-stat improvements, and a workaround for laptops reporting incorrect AC or battery status, among others.
TLP is an advanced power management tool for Linux. The tool comes with a default configuration optimized for battery saving, so it's very easy to use - just install TLP and you can forget about it. TLP is highly customizable though, so in case you want to change some of its settings you can do that too (this is done by editing the TLP configuration file).
TLP auto-detects if your laptop runs on battery or AC and applies settings (changes the CPU frequency scaling and governor, sets the WiFi power saving mode, enables or disables integrated radio devices, sets the disk APM and disk spin down timeout, etc.) that optimize the laptop for performance (when on AC) or battery saving (when on battery). A list of features can be found on its website.
Nextcloud Hub is the first completely integrated on-premises content collaboration platform on the market, ready for a new generation of users who expect seamless online collaboration capabilities out of the box.
CopyQ clipboard editor released version 3.10.0 a day ago. Here’s how to install it in Ubuntu 16.04, Ubuntu 18.04, Ubuntu 19.10.
CopyQ is a free open-source clipboard editor with editing and scripting features. It monitors system clipboard and saves its content in customized tabs. Saved clipboard can be later copied and pasted directly into any application.
Trese Brothers Games (Star Traders: Frontiers, Templar Battleforce + more) have revealed their next game. Cyber Knights: Flashpoint, a tactical RPG that plunges you and your team of hackers, mercs and thieves into the neon-soaked future of 2231.
Seeking funding on Kickstarter, they're a pretty safe bet for Linux support and their previous games have worked well. Looks like plenty of gamers agree in a more broad sense, since the campaign only launched today and they're closing in on $30,000 against their $50,000 goal.
If you’ve spent some time gaming on Linux, you’ve probably run into some frustration installing and managing all your different games. Sure, Steam is great, but what if you’ve bought some games of other storefronts, like GOG? And what about your hundred plus gig collection of ROMs (don’t worry, we won’t snitch on you)? And how about games from Windows-only storefronts, like the Epic Games Store, Battle.net, or Origin?
Enter Lutris, a one-stop launcher and library manager for all your games, regardless of where you’ve bought them from. Unlike Windows, there’s no need to go and download extra emulation software – everything is already baked into Lutris. It’s also incredibly easy to configure run-time options to tweak settings needed to get specific titles running on Linux, use specific graphical settings, or even boost performance. Excited? Let’s get into it.
Ikey Doherty's new startup Lispy Snake presents Serpent, an open-source game framework for helping indie game developers create 2D games.
Serpent is a continuous-energy multi-purpose three-dimensional Monte Carlo particle transport code. It is under development at VTT Technical Research Centre of Finland since 2004.[1] Serpent was originally known as Probabilistic Scattering Game (PSG) from 2004 to the first pre-release of Serpent 1 in October 2008.[2] The development of Serpent 2 was started in 2010.[3] The active development of Serpent 1 has been discontinued even though Serpent 2 is not officially released yet. Serpent 2 is however available for registered users of Serpent 1.[4]
Serpent was originally developed to be a simplified neutron transport code for reactor physics applications. Its main focus was on group constant generation with two-dimensional lattice calculations. Burnup calculation capability was included early on. Nowadays Serpent is used in a wide range of applications from the group constant generation[5] to coupled multi-physics applications, fusion neutronics and radiation shielding.[3] In addition to the original neutron transport capabilities, Serpent is able to perform photon transport.[3]
Some good news to share for the free and open source Godot Engine, as the lead developer Juan Linietsky announced during GodotCon that Epic Games have approved them for an Epic MegaGrant.
This was announced during Linietsky's talk on porting Godot Engine over to the Vulkan API, which is coming with Godot Engine version 4.0 later this year. Epic Games have approved them for a sum of $250,000 USD which they've known for a little while, but they only just got the okay to announce it.
Say hello to GOAT (Godot Open Adventure Template), a new open source project template for Godot Engine aimed at helping developers to create 3D adventure games.
Licensed under the permissive MIT license, this fully featured project template has a ton of features built for it including a simple inventory system, interacting with objects, playing voice recordings with subtitles, and changing game settings. It's meant for 3D first-person games with a sweet item pick up and inspect feature seen in many other adventure games.
Dicey Dungeons is easily one of the best indie games released with Linux support last year, a success for the developer and it's continuing to get better.
The latest build, version 1.7, had a focus on high priority bugs and other annoying issues to make the game experience smoother to get a solid base for modding and new features. It now supports high DPI monitors, remembers your window size, fixes multiple crash bugs and lockups, sorts out a few UI issues, some enemy behaviours weren't working correctly which was solved, if you play as the Inventor character you now get Scrap as a level up reward at level 5 preventing an issue getting stuck and loads more bug fixes.
I know how it is, you look at your list of games and think "I need something new!" and then you click around Steam, GOG, Humble, itch and more and end up going back to the safety of what you already know. Here to help with that!
Gathering a list of good games is hard, and it's always highly subjective. With this list of 50 Linux games released across 2019 I've tried to mix in plenty of games I personally might not have enjoyed as much as others, but I know plenty of people that do. That way, it creates a nicely varied list.
We’ve touched on this lightweight Qt-based desktop environment a few times in the past. Its a quirky, modular desktop built around plugins that, while not big on bling, boasts an efficient, productivity-focused design.
Arguably more popular with users of FreeBSD than Linux (it helps that it’s the default desktop in TrueOS), the Lumina desktop is available in the archives of some Linux distros, including (naturally) Arch.
In this video, we are looking at OpenMandriva 4.1.
The common understanding is that an Operating System is composed by a “kernel” and some basic tools around it. This apply to all Operating Systems out there, not just Linux/Unix based ones. Speaking about “Linux”, you might not be aware of the “GNU/Linux naming controversy“, where the name “Linux” refers precisely to the “Linux Kernel” and “GNU” refers to the basic components like GNU Compiler Collection (GCC), the GNU C library (glibc), and GNU Core Utilities (coreutils), GNU Bash shell and more. At this point, come to realise that the Linux Kernel and the GNU tools are in a “symbiosis“, and one cannot be used independently of the other. So it is technically more correct to refer to “GNU/Linux Operating System” than a “Linux Operating System”. However when the words “Linux system or Linux server” is used, it often includes far more that just “GNU/Linux”. For instance, your preferred web server, database, programming language librairies or Graphical Environment (like GNOME) is not part of the “GNU/Linux” group, and this is where the name “Linux Distribution” makes sense.
People using this Open Build Service instance should normally not notice – but if you were crazy enough to add the old IP addresses to some firewall rules or configuration files, please make sure that you update your configuration accordingly.
Three years ago, I wrote an article that explaining how to recover from a failed boot following a major version upgrade in Fedora. At that time, I was working with Fedora 25, and suddenly, I was no longer able to get to the desktop. The issue turned out to be a buggy initramfs, which is an issue I've only encountered once in the past, back in Ubuntu, back in 2009. Since, it's been quiet.
Well, the wheel of time has dumped us back at the beginning. The same issue happened again. I had (somewhat) recently upgraded an instance of Fedora 29 to Fedora 30, and lo and behold, I found myself facing the same problem. Almost. I had a black screen, and a message that said: Cannot open access to console, the root account is locked. At this point, trying to do anything didn't yield any results. I could only reboot. I did try another kernel, and this helped - I got to my desktop. While the issue seems to be similar, I had to go a slightly different way about fixing it.
Do you use Red Hat Satellite and Red Hat Ansible Automation Platform? As far back as Satellite version 6.3, these products can be integrated together. Once integrated, Ansible Tower will be able to pull a dynamic inventory of hosts from Satellite. In addition, once a Red Hat Enterprise Linux (RHEL) host is provisioned by Satellite, it can be configured to automatically make a callback to Ansible Tower to run a playbook to configure the new host.
This post, which is part one of a two-part series, will show how to set up a dynamic inventory in Ansible Tower that pulls a list of hosts from Satellite, and cover examples of how to use this dynamic inventory. The second post in the series will cover how to automatically make a callback to Ansible Tower after newly provisioned hosts are built from Satellite.
In this article, we will take a look at improvements in the user flows to deploy applications in OpenShift 4.3 Developer Perspective. You can learn more about all the improvements in the OpenShift 4.3 release here. Since the initial launch of the Developer Perspective in the 4.2 release of OpenShift, we’ve had frequent feedback sessions with developers, developer advocates, stakeholders, and other community members to better understand how the experience meets their needs. While, overall, the user interface has been well received, we continue to gather and use the feedback to enhance the flows.
The +Add item in the left navigation of the Developer Perspective is the entry point for the developers to add an application or service to their OpenShift project. The Add page offers six user flows for adding components from Git, deploying Container Images, adding an item from the Developer Catalog, importing your Dockerfile from a git repo, Importing YAML or adding a Database. Developers can easily create, build and deploy applications in real-time using these user flows.
Whether you are a new or a seasoned Kubernetes user, or you’re just considering working with Kubernetes, you have probably started exploring the technology and how best to integrate virtual machines with the Kubernetes engine. But which solution fits your needs? Is there a way to leverage both the isolation virtual machines provide and the orchestration platform of the Kubernetes engine? With Red Hat OpenShift, you can do both.
OpenShift 4.3 offers the ability to run both container-based workloads and virtual machines side by side as workloads on a Kubernetes cluster. Installing the Container-native virtualization operator on OpenShift will allow you to create, run, and manage VMs, as well as provide templates to quickly create the same VM multiple times.
There have been renewed discussions about aggression, violence and suicide messages in Debian recently.
Since the Debian Project Leader Chris Lamb started denouncing volunteers in 2018, some volunteers have been receiving extraordinarily abusive messages. Some of those messages refer to suicide or encourage volunteers to kill themselves. H
When I started doing things with Debian in 1997, it was prompted by a visit from another Debian Developer. His generosity with his time, skill and advice have left an impression on me to this day about what it means to be a Debian Developer.
Virtual Moreland was just starting out with a $100,000 grant to get us moving. Some second-hand servers had been donated to run web sites and mail systems, thin clients to build a training lab. I had been using Slackware Linux for a number of years and anticipated using it for Virtual Moreland.
Fortunately, I was introduced to another local Debian Developer who pointed out the benefits of the Debian packaging system over Slackware. He brought the latest Debian archive to me on his hard disk so I could get a local mirror up and running more quickly. When I introduce people to Debian today, I hope I can be equally helpful to them.
That was before Debian had a constitution and before SPI, Inc, a US organisation which has kept many Developers off the books, had seized a Debian trademark. It was before Debian had decided to experiment with a Code of Conduct.
Today, after more than 20 years, Debian still means much the same thing for me: technical excellence. Giving back to the community. Following the principles laid out in the Debian Social Contract.
Yet being on the Debian keyring has become a poisoned chalice. After the events of 2018, it is clear that people are both added to the keyring and removed for reasons that are related to politics and control.
To put it another way, rogue elements of Debian want to flex their muscles and have the power of an employer, without paying us.
The winning option was to support systemd, but to explore other alternatives. By contrast, officially supporting multiple init systems was the first to be dropped in the multiple rounds of Debian’s complicated Condorcet voting system, no doubt because it would seriously complicate packaging many applications.
Clearly systemd has reached a level of acceptance that would have been unimaginable when it was first introduced eight or nine years ago. In fact, probably no other application had been so reviled since Mono, the Linux version of Microsoft’s .NET Framework. Critics claimed systemd’s centralized controls violate the Unix philosophy of using one small program for a single, limited purpose. Since systemd was developed by Red Hat, others viewed systemd as part of a ploy to dominate the Linux desktop.
On the technical side, many considered systemd as an unnecessary overlay of existing functions. Systemd was also condemned as making the entire system easier to crash, and acting on different assumptions from the rest of the system. Others praised elements of systemd like the systemctl command while objecting to the binary logging system. The wide-ranging debate was often venomous, and the venom often spilled over into personal attacks on Lennart Poettering and Kay Sievers, systemd’s original developers, who sometimes responded in kind.
Today, systemd is regarded differently. Arguments about the true Unix philosophy have proved moot, and the worst case scenarios have not materialized. Probably, too, the fact that most distributions use aliases to integrate systemd keeps non-administers unaware of its omnipresence.
In proposing the winning option, former Debian Project Leader Martin Michlmayr argued foremost that, “Cross-distribution standards and cooperation are important factors in the choice of core Debian technologies. It is important to recognize that the Linux ecosystem has widely adopted systemd and that the level of integration of systemd technologies in Linux systems will increase with time.” For Michlmayr, the technical benefits of supporting multiple init systems do not justify the efforts required.
In January 2020, I have worked on the Debian LTS project for 20 hours (of 20 hours planned).
Due to a reduced need of developers in Freexian's ELTS project for Debian wheezy, I have moved my activity completely over to the LTS project (and also took the amount of assigned hours with me).
I was assigned 20 hours of work by Freexian's Debian LTS initiative and worked all 20 hours this month.
I rebased the Debian package of Linux onto 3.16.80 and send out a request for testing.
I prepared and, after review, released Linux 3.16.81. I then rebased the Debian package onto that and sent out another request for testing. Finally, I uploaded the package and issued DLA 2068-1.
Ubuntu 19.04 was released on 18th April, 2019. Since it was not a long term support (LTS) release, it was supported only for nine months.
Completing its release cycle, Ubuntu 19.04 reached end of life on 23rd January, 2020.
Ubuntu 19.04 brought a few visual and performance improvements and paved the way for a sleek and aesthetically pleasant Ubuntu look.
Canonical released today a new Linux kernel live patch (rebootless) for all of its long-term supported (LTS) Ubuntu releases to address various security vulnerabilities already patched last week through regular kernel updates.
Probably the most important vulnerability addressed by the new kernel live patch for Ubuntu Linux is CVE-2019-14615, a flaw affecting certain Intel graphics processors. This could allow a local attacker to expose sensitive information.
The new kernel live patch addresses several heap-based buffer overflow vulnerabilities discovered in Linux kernel’s Marvell WiFi-Ex driver (CVE-2019-14895 and CVE-2019-14901) and Marvell Libertas WLAN driver (CVE-2019-14896 and CVE-2019-14897). These flaws could allow physically proximate attackers to cause a system crash or execute arbitrary code.
When a user buys a certified PC that is pre-installed with Ubuntu, they get peace of mind in knowing Canonical has performed thousands of rigorous tests to ensure all subsystems (WiFi, Bluetooth, etc) just work. This is the case for a range of Dell workstations and proves incredibly popular among developers. A lot of the high-end workstations Dell offers are designed specifically with developers in mind. In those cases, the benefits of pre-installed Ubuntu expand. Ubuntu is the number one operating system for AI development, most popular AI tools and frameworks are built on Ubuntu themselves. But more on that in another blog.
Welcome to the Ubuntu Weekly Newsletter, Issue 616 for the week of January 26 – February 1, 2020. The full version of this issue is available here.
Raspberry Pi 4 Model B 4 was launched last June with a new Broadcom BCM2711 SoC featuring an upgraded Videocore VI GPU supporting OpenGL ES 3.0 graphics API.
Raspberry Pi designer the Raspberry Pi Foundation is working on delivering a new open-source Vulkan driver, a graphics application programming interface (API) that could mean higher-quality and faster graphics for the tiny computer.
Vulkan support is now common among Android smartphones and has long been backed by Samsung to improve graphics and games on Galaxy devices, and is supported by gaming heavyweights like Valve on SteamOS.
On Kickstarter: a “Sania Box Embedded Computer Kit” for STEM education developed by 13-year old Sania Jain that combines a Raspberry Pi 4 with a kid-friendly, sensor-equipped add-on board and Python coding lessons.
Despite continual efforts by the Raspberry Pi Foundation to remind us, it’s easy to forget that the ubiquitous Raspberry Pi was launched as a STEM education project. We have not attempted to keep up with all the Raspberry Pi kits designed for kids computing education, but the Sania Box Embedded Computer Kit stands out on two counts: It’s based on the latest Raspberry Pi 4 Model B and was developed by a 13-year old girl named Sania Jain.
Boardcon’s “Idea3288” runs Android 7.1.2 on a quad -A17 Rockchip RK3288 via a “CM3288” module with 2GB LPDDR3 and 8GB eMMC. The SBC offers GbE with PoE, WiFi/BT, M.2, mini-PCIe, and display I/O including a 4K ready HDMI port.
Boardcon announced the 135 x 90mm Idea3288 as a smaller Rockchip RK3288 SBC alternative to its earlier, 175 x 118mm EM3288. Like Boardcon’s recent, i.MX8M Mini based EM-IMX8M-MINI SBC, the earlier EM3328 was a sandwich-style board, with a MINI3288 compute module housing the RK3288 SoC. On the other hand, the new Idea3288 is more like a monolithic SBC, in that it solders down a separately accessible, castellated-edge CM3288 module. Boardcon’s RK3399-based Idea3399 SBC is similar in that it uses a castellated CM3399 module.
Pine64 unveiled a smaller, cheaper ($35 and up) “HardRock64” variant of its RK3399-based RockPro64 SBC that omits the PCIe and USB Type-C. There’s also a SoEdge module in the works with a dual -A35 RK1808 equipped with a 3-TOPS NPU.
At last year’s FOSDEM 2020 event, Pine64 announced an ambitious roadmap of open-spec hardware products it hoped to ship in 2019. Some of those products never materialized, so this year the company decided to limit its announcements to products it feels confident will ship by Q2.
If you thought we didn’t have enough Rockchip RK3399 SBCs already, Pine64 is working on a smaller and cheaper version of the RockPro64 single board computer with HardROCK64 SBC...
Interested in using hardware security keys to log into online services more securely? Well, now you can make your own from scratch, thanks to an open-source project that Google announced last week.
Google has released an open-source implementation called OpenSK. It’s a piece of firmware that you can install on a USB dongle of your own, turning it into a usable FIDO or U2F key.
FIDO is a standard for secure online access via a browser that goes beyond passwords. There are three modern flavours of it: Universal Second Factor (U2F), Universal Authentication Factor (UAF), and FIDO2.
UAF handles biometric authentication, while U2F lets people authenticate themselves using hardware keys that you can plug into a USB port or tap on a reader. That works as an extra layer on top of your regular password.
FIDO2 does away with passwords altogether while using a hardware key by using an authentication protocol called WebAuthn. This uses the digital token on your security key to log straight into a compatible online service.
Well, I’ve got some positive news!
Pine64 were at the FOSDEM event this past weekend (February 1-2) and, amongst their growing crop of hardware, Pine64 boards, PineBook laptops, and PineTime dev kits, etc, were hard shell cases for the PinePhone!
They were even in professional looking packaging, too!
Awesomely (if you were there; frustratingly if you weren’t) Pine64 were giving these PinePhone cases away to Brave Heart edition owners who were there, in person, at the event with their phone (or presumably an order number, as the phone has only just begun shipping).
In what appears to be part of its ongoing campaign to “take back control” of its computing activities, CERN, the Geneva, Switzerland-based European Organisation for Nuclear Research, has announced that it is dumping Facebook Workplace and replacing it with open source alternatives.
This followed its announcement last year that it was moving away from Microsoft commercial software to open source as part of its ambitious Microsoft Alternatives project (MAlt).
At the time, CERN, which operates the Large Hadron particle collider and is perhaps best known for its discovery in 2012 of the Higgs Boson “God particle”, emphasised that the MAlt project extended beyond Microsoft to all other commercial software including such as Skype for Business in order to “minimise CERN’s exposure to the risks of unsustainable commercial conditions”.
In a statement issued last week, Kate Kahle who heads the Editorial Content and Development Sections in the CERN communications group and Dr Tim Smith who leads the Collaboration and Information Services group in the CERN IT department, made it clear that CERN regarded the introduction of new account plans for Facebook Workplace users as one of those unsustainable commercial conditions.
So as already implied I attended FOSDEM 2020, my second FOSDEM. The weather was nicer than last year and I was better prepared for trying to manage the conference, although a helpful analogy I heard this weekend was to think of it more like a festival than a conference: You go for one or two headliners and everything else is a bonus.
The business reason to be there was to attend (and help out the on-the-day running of) the Free Java dev room. We had the same room as last year, and just like last time, there were queues out the doors right from the first talk. The quality of the talks was very high. Of note was the presence of Microsoft, both with Nikola Grcevski's interesting talk about selectively stack-allocating some objects to reduce GC time and their contribution towards the Free Java dinner that evening.
As :chutten outlined in the first TWiG blog post we're currently prototyping Glean on Desktop. After a couple rounds of review, some adjustements and some learnings from doing Rust on mozilla-central, we were ready to land the first working prototype code earlier this year (Bug 1591564).
Unfortunately the patch set was backed out nearly immediately 1 for 2 failures. The first one was a "leak" (we missed cleaning up memory in a way to satisfy the rigorous Firefox test suite, that was fixed in another patch). The second one was a build failure on a Windows platform.
[...]
Both approaches are short-term fixes for getting Glean into Firefox and it's clear that this issue might easily come up in some form soon again for either us or another team. It's also a major hassle for lots of people outside of Mozilla, for example people working on embedded Rust frequently run into problems with no_std libraries suddenly linking in libstd again.
Initially I also planned to figure out a way forward for Cargo and come up with a fix for it, but as it turns out: Someone is already doing that!
The Document Foundation has released LibreOffice 6.4 with new features and performance optimizations, especially when opening and saving spreadsheets and presentations, and also compatibility with DOCX, XLSX and PPTX files.
The new version includes a QR code generator, which is said to make it easy to add QR codes – that can be read by mobile devices – to documents. Also, Hyperlink context menus have been unified throughout the suite, and now provide the following menu entries: Open Hyperlink, Edit Hyperlink, Copy Hyperlink Location and Remove Hyperlink.
The new Automatic Redaction feature lets your hide classified or sensitive data in a document based on text or regular expression matches. Besides, the help system provides faster and more precise search results, while many help pages have localized screenshots for a better user experience.
Our post-FOSDEM hackfest is underway!
GNU C library version 2.31 now available
The GNU C library version 2.31 is now available and it supports a feature test macro ‘_ISOC2X_SOURCE’ to enable features from the draft ISO C2X standard.
It also contains ‘<math.h>’ functions that round results to a narrower type and now have corresponding type-generic macros in ‘<tgmath.h>’.
Additional details on these new features and more are available here.
This is a preposterous table I just made up after reading Wikipedia's History of Programming Languages. I was trying to figure out which programming language or environment this article might be refering to. The article talks about some of the Canadian federal government's computer systems "falling apart" because they are "60 years" old. Everyone cried "COBOL" but I figured there might be other culprits.
I wrote a little git tool that helps in an environment where PRs are merged using squash merges, but you still want to deal with feature branches properly.
Since the project’s creation about 14 years ago, libvirt has grown enormously. In that time there has been a lot of code refactoring, but these were always fairly evolutionary changes; there has been little revolutionary change of the overall system architecture or some core technical decisions made early on. This blog post is one of a series examining recent technical decisions that can be considered more revolutionary to libvirt. This was the topic of a talk given at KVM Forum 2019 in Lyon.
Historical usage
In common with many projects which have been around for a similar time frame, libvirt has accumulated a variety of different programming languages and document formats, for a variety of tasks.
The main library is written in C, but around that there is the autotools build system which adds shell, make, autoconf, automake, libtool, m4, and other utilities like sed, awk, etc. Then there are many helper scripts used for code generation or testing which are variously written in shell, perl or python. For documentation, there are man pages written in POD, web docs written in HTML5 with an XSL templating system, and then some docs written in XML which generate HTML, and some docs generated from source code comments. Finally there are domain specific languages such as XDR for the RPC system.
There are a couple of issues with the situation libvirt finds itself in. The large number of different languages and formats places a broad knowledge burden on new contributors to the project. Some of the current choices are now fairly obscure & declining in popularity, thus not well known by potential project contributors. For example, Markdown and reStructuredText (RST) are more commonly known than Perl’s POD format. Developers are more likely to be competent in Python than in Perl. Some of the languages libvirt uses are simply too hard to deal with, for example it is a struggle to find anyone who can explain m4 or enjoys using it when writing configure scripts for autoconf.
Ultimately the issues all combine to have a couple of negative effects on the project. They drive away potential new contributors due to their relative obscurity. They reduce the efficiency of existing contributors due to their poor suitability for the tasks they are applied to.
The start of year 2020 didn't go well as planned. First my Dad was hospitalised and I had to make emergency travel plan to visit India. Luckily he is out of danger and back home. During this whole drama, the Perl Weekly Challenge got less of my attention. Thankfully I had loads of support messages throughout. Some offered to chip in so that I can focus on my Dad's health. I even missed my turn of editing Perl Weekly newsletter. It never happened ever since I joined the team of editors. Thanks to the chief edit, Gabor Szabo, I survived.
Another casualty of the January 2020, I missed submitting one Pull Request on everage in the month. I only submitted 22 Pull Requests. I have done this non-stop since October 2017. Sufferings didn't stop there, I couldn't get the monthly report published on the 1st Feb as per the tradition. It got delayed by 2 days.
This week we welcome Alessia Marcolini (@viperale) as our PyDev of the Week! Alessia is a Python blogger and speaker. You can check out some of her work over on Medium. You can also see some of her coding skills on Github. Let’s spend a few moments getting to know her better!
Can you tell us a little about yourself (hobbies, education, etc):
Hello everybody, my name is Alessia and I’m 21. I come from a little town near Verona, a beautiful city in the north of Italy.
I’ve been living in Trento (Italy) for 2 years and a half now. I moved here to attend university: I’m currently enrolled in the third year of a Bachelor’s degree in Computer Science.
In 2017 I started working part time as a Junior Research Assistant in the Bruno Kessler Foundation, too. FBK is a research foundation based in Trento, working on Science, Technology, and Social Sciences. I’m part of the MPBA unit which focuses on novel applications of Deep Learning from complex data: e.g. Precision Medicine, Imaging and Portable Spectroscopy in industry processes, Nowcasting on time-spatial data. I’m currently working on deep learning frameworks to integrate multiple medical imaging modalities and different clinical data to get more precise prognostic/diagnostic functions.
When not coding, I love dancing and listening to music. I have also been part of a hip hop crew until 2017.
We are pleased to announce the release of CubicWeb 3.27. Many thanks to all the contributors of this release!
Main changes in this release are listed below. Please note this release drops python2 support.
In accordance with our security release policy, the Django team is issuing Django 3.0.3, Django 2.2.10 and Django 1.11.28. These releases address the security issue detailed below. We encourage all users of Django to upgrade as soon as possible.
Once upon a time I wrote a bit about testing, specifically how I was organizing and testing my open-source Django apps. It’s been a while since that post, though, and the calendar has even flipped over to a new penultimate digit in the year number, so it’s worth revisiting to go over what’s changed in how I do things and what’s stayed the same. And since I do maintain a couple things that aren’t Django-related, I’d like to talk about how I test them, too.
But before I dive in, a reminder: this is a place where I publish my opinions. They’re based on my personal taste and they work for me. If something else works for you, stick with it, and if you prefer something else, that’s OK! Beyond basic stuff like “you should probably have some tests”, there aren’t really a lot of objectively right answers here.
And now with that disclaimer out of the way, here’s how I’m testing in 2020.
Flask is a very popular web application framework that leaves almost all design and architecture decisions up to the developer. In this tutorial, you’ll learn how a Flask Blueprint, or Blueprint for short, can help you structure your Flask application by grouping its functionality into reusable components.
At Mergify, we generate a pretty large amount of logs. Every time an event is received from GitHub for a particular pull request, our engine computes a new state for it. Doing so, it logs some informational statements about what it's doing — and any error that might happen.
This information is precious to us. Without proper logging, it'd be utterly impossible for us to debug any issue. As we needed to store and index our logs somewhere, we picked Datadog as our log storage provider.
Datadog offers real-time indexing of our logs. The ability to search our records that fast is compelling as we're able to retrieve log about a GitHub repository or a pull request with a single click.
Apache Camel K should be as lightweight as possible. Therefore, the Camel K project provides standalone Java files to describe a Camel integration. The downside to this practice is that existing IDEs cannot provide complete support out of the box.
[...]
As a result, there is no intuitive configuration. However, Red Hat’s Tooling for Apache Camel K offers a new possibility.
With Tooling for Apache Camel K version 0.11.0, Java language support is now included, and there are only two requirements. First, you need to have the word “camel” in the Java file’s content. Most of the time, this requirement is satisfied by the import package, itself. Second, you must have no project in the workspace. If there are projects, we expect that the classic Maven/Gradle build provides the Java language support. However, these requirements should not be a problem in most cases.
Chef Automate provides DevOps teams a dashboard for complete operational visibility across large-scale or mission-critical infrastructure. This comprehensive visibility allows developers, operators, and security engineers to collaborate on delivering application and infrastructure changes at the speed of business. Chef Automate provides real-time data across the estate with intelligent access controls, ensuring the right team has the right access.
Microsoft Teams went down this morning for nearly three hours after Microsoft forgot to renew a critical security certificate. Users of Microsoft’s Slack competitor were met with error messages attempting to sign into the service on Monday morning, with the app noting it had failed to establish an HTTPS connection to Microsoft’s servers.
Microsoft confirmed the Teams service was down just after 9AM ET today, and then later revealed the source of the issue. “We’ve determined that an authentication certificate has expired causing users to have issues using the service,” explains Microsoft’s outage notification. Microsoft then started rolling the fix out at 11:20AM ET, and by 12PM ET the service was restored for most affected users. Microsoft confirmed the fix was successfully deployed at 4:27PM ET.
This was an embarrassing mistake for Microsoft to make for its flagship “Office hub” software, especially as the company started its own TV commercials for Teams recently. It’s also surprising to see Microsoft forget to renew a key certificate for Teams, especially when the company develops software like System Center Operations Manager to monitor for things like certificate expiration.
Sudo is an important utility within macOS and other Unix-based systems, including Linux, with it typically used to run administrative commands with the security privileges of a superuser or "root." It is a well-used element of system maintenance and configuration via the Terminal, and has the potential to cause havoc if misused.
Found by Apple security employee Joe Vennix, the vulnerability in sudo is a privilege escalation vulnerability, one that has been given the tracking code CVE-2019-18634. At its core, the vulnerability can allow a user that doesn't typically have permissions to perform tasks that require administrative access to do just that.
For versions of sudo before 1.8.26, The Hacker News reports a stack-based buffer overflow issue is present, requiring the "pwfeedback" option to be enabled within the sudoers configuration file. The feature provides users with an asterisk when they input a password into Terminal.
Joe Vennix of Apple security has found another significant vulnerability in sudo utility that under a specific configuration could allow low privileged users or malicious programs to execute arbitrary commands with administrative ('root') privileges on Linux or macOS systems.
Sudo is one of the most important, powerful, and commonly used utilities that comes as a core command pre-installed on macOS and almost every UNIX or Linux-based operating system.
Sudo has been designed to let users run apps or commands with the privileges of a different user without switching environments.
Security updates have been issued by Arch Linux (opensmtpd), Debian (firefox-esr, libidn2, libjackson-json-java, prosody-modules, qemu, qtbase-opensource-src, spamassassin, and sudo), Fedora (e2fsprogs, java-1.8.0-openjdk, mingw-openjpeg2, openjpeg2, samba, sox, upx, webkit2gtk3, and xar), Red Hat (git), Scientific Linux (git), Slackware (sudo), SUSE (ceph and rmt-server), and Ubuntu (sudo).
Popular Linux distros, as usual, have seen a number of security advisories and updates this month. As of October 31, Ubuntu has issued the following fifty-five security advisories since last month’s roundup. Some of these advisories address a large number of vulnerabilities in one advisory. In some cases, there are multiple advisories for the same vulnerabilities. Other commercial Linux vendors issued a similar number of updates.
Over 40 groups have sent a letter to the Privacy and Civil Liberties Oversight Board asking the agency to recommend that the executive branch put a moratorium on facial recognition. What are your thoughts on this initiative?
A number of advocacy groups are pressuring the Privacy and Civil Liberties Oversight Board -- an independent government agency that advises the presidential administration on privacy matters -- to recommend that the federal government suspend use of facial recognition while accuracy and privacy issues are addressed.
Forty groups led by the Electronic Privacy Information Center signed a letter on Monday that called for the agency to stop government use of facial recognition ?pending further review,? citing a recent New York Times report on a massive facial recognition database as one reason why the PCLOB should recommend the suspension to the Secretary of Homeland Security and President Trump. The report found that more than 600 law enforcement agencies across the U.S. were using a database of social media photos built by Clearview AI, a little-known startup.
Later this month, a journalist will appear at a London court hearing in which he faces being extradited to the United States to spend the rest of his life in prison. The 18 charges against him are the direct result of his having revealed a host of secrets, many of them related to the US prosecution of wars in Iraq and Afghanistan.
They included the “collateral murder” video which showed a US helicopter crew shooting 18 people in Baghdad in 2007, including two Reuters war correspondents, Namir Noor-Eldeen and Saeed Chmagh. Among the files were thousands of military dispatches and diplomatic cables that enabled people in scores of countries to perceive the relationships between their governments and the US. They also showed the way in which American diplomats sought to gather personal information about two UN secretary generals.
Unsurprisingly, the revelations were gratefully published and broadcast by newspapers and media outlets across the world. “Scoop” is far too mundane a term to describe the staggering range of disclosures. By any journalistic standard, it was a breathtaking piece of reporting, which earned the journalist more than a dozen awards.
China-based in-house counsel at foreign companies in the pharmaceutical and consumer goods sectors, as well as academics, range from being cautiously optimistic to extremely hopeful about the phase one agreement of the US-China trade deal.
The USPTO is a couple of years into its Access to Prior Art Initiative, which in its first phase was designed to create for the examining corps a single list of references combining those cited in an application (by applicant and examiner) and references from the immediate U.S. parent applications (cited by applicant and examiner, but not third parties). In the first phase, if an application met criteria for inclusion (among other things, only certain Art Units were included), the Office would notify the practitioner that the prior art was automatically imported, reducing the burden o cite that art. The project was intended to then expand to include foreign counterpart and PCT applications.
Oh, inventorship and AI. As much as Crispr has been preoccupying the IP agendas of IP conferences the last couple of years, inventorship and AI looks to be taking its place. The IPKat has also been a fan of the topic (see Kat posts here). For the AmeriKat's part, she thinks that, for the time-being, AI inventorship is (for the most part) a non-event, but not everyone agrees. Indeed some issue warnings about not recognizing the role of AI in inventorship.
[...]
Aja Haung was the DeepMind team member who placed stones on the Go board for AlphaGo in its victory over Lee Sedol. However, it is unreasonable to suggest that Haung was the creative mind behind Move 37 because at no point did he exercise choice. Move 37 would have occurred irrespective of whether it was Haung or this author placing the stones.
Mouse models on the other hand still require scientists to exercise choice either when selecting the antigenic challenge or in determining which antibody therapeutics may be suitable for use in humans. The scientist in making these choices must rely on their experience and intelligence, which is why the scientist rather than the mouse is the named inventor. A useful antibody therapeutic would not exist irrespective of whether a scientist skilled in the art or this author were conducting the experiment.
I have used AlphaGo as an example because the human operator is an automaton but mouse models do pose an interesting problem; namely making a choice based on a menu of limited options does not appear particularly inventive. Is there a difference between a mouse model and an artificially intelligent system that still requires the human operator to exercise choice?
Today, the Federal Circuit heard oral argument in this case involving the $0.10 per page fee for downloading documents from PACER. The basic argument here is that “PACER fees must be limited to PACER costs.”
[...]
The appeal here is interlocutory based upon the certified question of whether the statute authorizes the US Courts “to charge more in PACER fees than is necessary to recoup the total marginal cost of providing access to records through PACER?” In its briefing, the U.S. Government also argues that the case as a whole lacks jurisdiction under the Little Tucker Act. A large number of amicus briefs were also filed supporting the petition and arguing that this is a very important issue involving transparency and access to the court system.
The case involves CFL Tech’s U.S. Patent No. 6,172,464 that was previously held unenforceable (back when owned by Ole Nilssen). However, the unenforceability decision came before the law of unenforceability changed in Therasense, Inc. v. Becton, Dickinson & Co., 649 F.3d 1276 (Fed. Cir. 2011) (en banc). Therasense made it harder to find patent unenforceable. Thus, if re-judged under the revised law, the ‘464 patent might actually be enforceable.
Change of Law: Unenforceability of the patent has been fully litigated and decided and issue preclusion would normally apply. The certified question on appeal is whether the change-of-law exception to issue preclusion applies in this case – citing primarily Dow Chemical Co. v. Nova Chemicals Corp., 803 F.3d 620 (Fed. Cir. 2015) (finding that the Supreme Court’s decision in Nautilus was an “intervening change in law”).
The CFL Tech district court applied the change-of-law doctrine under Dow and thus found no issue preclusion. However, the district court also noted the case of Morgan v. Dep’t of Energy, 424 F.3d 1271 (Fed. Cir. 2005). In Morgan, the Federal Circuit limited the change-of-law doctrine in cases involving “clarifying” interpretations. Uncertain in its opinion, the district court then certified the question for discretionary interlocutory appeal.
If any company knows how to get rid of a billion-dollar patent-infringement verdict, it’s Apple Inc.
Apple pledged to appeal Wednesday’s $1.1 billion verdict won by California Institute of Technology, in which it was told to pay $838 million and its chip supplier Broadcom Inc. was hit with $270 million in royalties by a federal jury in Los Angeles. Apple is counting on its past history challenging such verdicts to mean good odds for the future.
In the past decade, the iPhone maker has evaded a $533 million verdict over controlling digital content, a $506 million judgment over microprocessor technology and a $625.5 million verdict for a way to display documents. In cases Apple hasn’t won, the company keeps fighting -- it’s been embroiled in a decade-long fight to avoid paying as much as $1 billion over secure communications to VirnetX Holding Corp.
Based on improper claim construction, the U.S. Court of Appeals for the Federal Circuit has reversed a decision by the Patent Trial and Appeal Board declaring a patent system that monitors and controls remote devices as unpatentable. In reversing the Board’s decision that the patent is unpatentable for anticipation and obviousness in light of prior art, the Federal Circuit concluded that the Board erred in its construction of the claim term “scalable address.” The Federal Circuit construed the language consistently with the protocol described in the specification (SIPCO, LLC v. Emerson Electric Co., December 20, 2019, Moore, K.).
Daedalus accuses DJI of infringing three patents as it starts to assert against lengthy list of unlicensed companies
