In 2019, we introduced an industry-first platform called the IBM Cloud for Financial Services to help financial institutions host mission-critical workloads with confidence while adhering to stringent security and compliance regulations. Today marks an exciting milestone for IBM. The IBM Cloud for Financial Services, now supporting Red Hat OpenShift and other cloud-native services, is generally available and backed by EY, Tata Consultancy Services, and a growing ecosystem of more than 90 independent software vendors (ISVs) and software-as-a-service (SaaS) providers.
[...]
For ISVs, onboarding solutions to the IBM Cloud for Financial Services offers a highly-secure environment to transact. WorkFusion, an automation software provider powered by artificial intelligence (AI) and advanced analytics, is adopting the IBM Cloud for Financial Services to help ensure its tools support the highest regulatory and compliance standards.
After completing a series of onboarding workshops to assess product architecture, security posture, remediation plans, and other mission-critical initiatives, WorkFusion onboarded its application and intends to migrate client workloads to the IBM Cloud for Financial Services. By beginning this process, our partner can help its clients automate operations to help upskill employees and unlock growth while adhering to the disclosure, approval, and audit requirements necessary for the financial industry. The cloud framework offers controls, operations guidance, risk management, and a common set of security criteria to guide them and our other ecosystem partners on their path to validation. This path to validation offers a clear roadmap to help financial institutions onboard efficiently and is designed to reduce the cost of client acquisition due to the decrease in third- and fourth-party risk, and cost reduction around acquisition can be a vital piece in accelerating growth in a highly-regulated environment.
SUSE chief technology officer for enterprise cloud products Rob Knight believes Kubernetes technology is such a big deal that it could be considered “the next Linux”.
Speaking to Daniel Robus on the TechCentral podcast (watch or listen to it below), Knight provides an informative dive into the world of containerisation and mass digitisation, and the management thereof.
Equinix announced that Tinkerbell, an open source bare metal provisioning platform that the company released last year, has accumulated new features since being placed in the Cloud Native Computing Foundation (CNCF) Sandbox program.
The microservices platform is designed to help companies transform their physical edge network hardware into programmable infrastructure, the company said. It has been generally available in open source form since May 2020, but Tinkerbell was placed in the CNCF Sandbox in November 2020.
As a CNCF project sponsored by Equinix, Tinkerbell has also gained ecosystem adoption among cloud native digital leaders for its ability to empower developers to deploy and manage infrastructure across private, hybrid and edge environments.
After a decade long fight, no one feels like a winner.
Plus, the tail of an embarrassing switch gone wrong, and our thoughts on Oracle vs. Google finally coming to an end.
Without OBS I would not be able to make videos like this and native OBS support is finally coming to Wayland, while running Wayland wasn't a big deal Wayland doesn't have a capture API so it's been a pretty useless program until fairly recently.
Our listeners are FANTASTIC! We mentioned in our episode related to hardware designed to run Linux that neither of us has had any experience with the Pinebook Pro. We ask for feedback from any listeners who have used the Pinebook Pro. So they wrote reviews. Here they are. Thanks to Tim and Stacey for all the work they put into these reviews.
John Mertic of the Linux Foundation joins Doc Searls and Aaron Newcomb of FLOSS Weekly. The Linux Foundation only gets bigger, more interesting and more important for the FLOSS world. There's nobody better to talk to about all of it than Mertic, Director of Program Management for this "foundation of foundations." In a conversation that ranges both deep and wide, and is packed with interesting details regarding the Open Mainframe Project, Linux Foundation and even COBOL developers.
I'm announcing the release of the 5.11.12 kernel.
All users of the 5.11 kernel series must upgrade.
The updated 5.11.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.11.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
thanks,
greg k-h
At the end of March the release candidate phase began for the upcoming OpenZFS 2.1 open-source ZFS file-system on Linux and FreeBSD systems. The second release candidate is now available for this noteworthy OpenZFS update.
Headlining OpenZFS 2.1 is distributed spare RAID (dRAID) functionality. OpenZFS 2.1 is also introducing a new "compatibility" property for Zpool feature sets, a zpool_influxdb command was added, and a variety of other changes.
Queued up within Bluetooth-Next as of yesterday and in advance of the upcoming Linux 5.13 merge window is a VirtIO transport driver. This "virtio_bt" driver allows for Bluetooth HCI transport over VirtIO. This VirtIO addition was led by Intel engineers.
Most notable with AMDVLK 2021.Q2.1 is now officially supporting the Navi 12 SKU. Navi 12 so far is just found with the Radeon Pro 5600M for the Apple MacBook Pro 16 as well as the AMD Radeon Pro V520. But now these months later, Navi 12 support has finally worked its way into AMDVLK. Given the timing it does make us wonder if AMD is potentially set to introduce new Navi 12 SKUs soon. There was the recently-reported VCN-less, seemingly crypto/mining focused Navi 12 GPU device ID added to the kernel. Perhaps this AMDVLK support is coming for that for Vulkan compute workloads? Time will tell, but in any case the Navi 12 support is finally added to the open-source AMDVLK driver for Linux.
Lavapipe with Mesa 21.1-devel is now advertising Vulkan 1.1 rather than Vulkan 1.0. But the big caveat is this CPU-based Vulkan driver is not yet a fully conformant Vulkan implementation. Lavapipe is still missing some bits needed to completely pass Vulkan 1.0 conformance tests. But what has changed is Lavapipe now supporting the delta to get to Vulkan 1.1, per the note by David Airlie.
The lavapipe vulkan software rasterizer in Mesa is now reporting Vulkan 1.1 support.
It passes all CTS tests for those new features in 1.1 but it stills fails all the same 1.0 tests so isn't that close to conformant. (lines/point rendering are the main areas of issue).
Hi list,
It's that time again, Mesa 21.0.2 is now available for general consumption. This release is the culmination of two weeks of hard work from the community. There's lots of good fixes here for basically everything in the tree from the compilers, to radv, utils, r600, intel, lavapipe, egl, aco, st/mesa, and panfrost.
Cheers, Dylan
Mesa 21.0.2 is out today as the latest bi-weekly point release to the Mesa3D open-source Vulkan/OpenGL drivers.
Accumulating for Mesa 21.0.2 is the usual random smothering of fixes but with no area dominating the change-log this time around. Mesa 21.0.2 has just a few fixes for the likes of the Radeon and Intel drivers but nothing too exciting there. The other changes include several Lavapipe Vulkan CPU driver fixes, disabling of sparse buffers on GFX7/GFX8 for RadeonSi, Mesa state tracker fixes, and a few EGL fixes too.
The great thing about tomorrow is that it never comes.
Let’s talk about sparse buffers.
What is a sparse buffer? A sparse buffer is a buffer that is not required to be contiguously or fully backed. This means that a buffer larger than the GPU’s available memory can be created, and only some parts of it are utilized at any given time. Because of the non-resident nature of the backing memory, they can never be mapped, instead needing to go through a staging buffer for any host read/write.
In a gallium-based driver, provided that an effective implementation for staging buffers exists, sparse buffer implementation goes almost exclusively through the pipe_context::resource_commit hook, which manages residency of a sparse resource’s backing memory, passing a range to change residency for and an on/off switch.
In the open-source world there can even be much fragmentation and multiple implementations around something as central as parsing of EDID blobs for monitor (display) information and that's only been made worse by the growing number of Wayland compositors.
Currently there is no de facto EDID parsing library for Linux but many different choices and most Wayland compositors rolling their own. The Extended Display Identification Data (EDID) is exposed by the kernel to user-space for offering various metadata around the display. This offers much more information in the standardized structure than what the kernel otherwise normally exposes to user-space and is becoming more important for advanced features like high dynamic range (HDR) and advanced color features that are relevant to compositors and other user-space software. (Heck even to reliably query the monitor(s) model string under Linux for the Phoronix Test Suite for years has meant just parsing the EDID information via sysfs.)
Sway 1.6 is official today as the newest version of this i3-inspired Wayland compositor.
Sway 1.6 ships with more than 200 changes from 69 contributors, providing a number of new features as well as many bug fixes.
Here is a look at the AVX / AVX2 / AVX-512 performance on the Intel Core i9 11900K "Rocket Lake" when building a set of relevant open-source benchmarks limited to AVX, AVX2, and AVX-512 caps each time while also monitoring the CPU package power consumption during the tests for looking at the performance-per-Watt in providing some fresh reference metrics over AVX-512 on Linux with the latest Intel "Rocket Lake" processors.
Password managers for Linux help a lot in protecting your passwords and create strong passwords. The reason why I don’t use built-in password managers is because I do not want to stick with one browser. Your web browser play an important role in your online security and privacy. Whereas most of the web browsers are either based on Firefox or Chromium.
I prefer web browsers that provide the same security with additional protection for my privacy. I use Brave web browser, a privacy-focused web browser.
Using a third-party password manager allowed me to easily transfer from Chrome to Brave. The password manager I use is LastPass. It keeps track of my vault health, provide basics features free of cost such as unlimited passwords.
The other password manager that I have used for a long time is KeePassXC. It is a free, open-source password manager but it lacks an official client for Android and iPhone.
Automated package update gating can tremendously increase the quality of a Linux distribution. (Gated packages are only accepted into a distribution when tests pass.)
Two and a half years ago, we started to gate the Fedora cockpit package on our browser integration tests. We have continued to increase the number of tests ever since.
I’m especially happy gating is now in Fedora, as I had worked on testing in Ubuntu and Debian many years ago. (Adoption is a bit slower in Fedora, as it does not do reverse dependency gating yet.)
XScreenSaver, initially released by Jamie Zawinski in 1992, is one of the oldest pieces of free software still around. The Linux kernel is just one year older. The latest version has better scaling for higher screen resolutions, even better security, user-configurable color schemes for the unlock dialog box and a special fix for the Rasperry Pi and other systems without gamma control.
[...]
XScreenSaver is a screensaver that works well with Xfce, LXQt, IceWM, Openbox, Fluxbox and many other X window managers as well. It offers a really long list of screensavers you can use as an alternative to the dull "lock-screens" offered by many of the "modern" alternatives. There is a reason why the xfce4 screensaver looks so utterly dull and boring: The developer argued that screensavers shouldn't do anything beyond locking the screen because it wastes GPU cycles and electricity when we asked a while back.
XScreenSaver allows you to lock your screen with a plain black no-fuzz no-effects lockscreen if that is what you want. You can, alternatively, pick and choose between a very long list of screensavers with all kinds of entertaining effects and animations. You can use just one screensaver you like, or randomize a few you like (Some Random Savers), or choose Random Screen Saver to cycle between all the screensavers XScreenSaver has to offer.
The new ejabberd 21.04 release includes many bugfixes and a few improvements. This release includes minor improvements to fully support Erlang/OTP 24 and Rebar3. At the same time, it maintains support back to the old Erlang/OTP 19.3 and Rebar2.
I have a lot of different hats and roles in the curl project. One of them is “release manager” and in this post I’ve tried to write down pretty much all the steps I do to prepare and ship a curl release at the end of every release cycle in the project.
I’ve handled every curl release so far. All 198 of them. While the process certainly wasn’t this formal or extensive in the beginning, we’ve established a set of steps that have worked fine for us, that have been mostly unchanged for maybe ten years by now.
Configuring encryption between Kubernetes pods with Istio and mTLS.
If you have requested a single host from beaker, the following one liner will tell the hostname for it.
Today we are looking at how to install Mine-imator on a Chromebook with Crossover 20. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
In an environment with many encrypted disks, unlocking them all is a difficult task. Network bound disk encryption (NBDE) helps automate the process of unlocking Stratis volumes. This is a critical requirement in large environments. Stratis version 2.1 added support for encryption, which was introduced in the article “Getting started with Stratis encryption.” Stratis version 2.3 recently introduced support for Network Bound Disk Encryption (NBDE) when using encrypted Stratis pools, which is the topic of this article.
[...]
One of the main challenges of encrypting storage is having a secure method to unlock the storage again after a system reboot. In large environments, typing in the encryption passphrase manually doesn’t scale well. NBDE addresses this and allows for encrypted storage to be unlocked in an automated manner.
At a high level, NBDE requires a Tang server in the environment. Client systems (using Clevis Pin) can automatically decrypt storage as long as they can establish a network connection to the Tang server. If there is no network connectivity to the Tang server, the storage would have to be decrypted manually.
The idea behind this is that the Tang server would only be available on an internal network, thus if the encrypted device is lost or stolen, it would no longer have access to the internal network to connect to the Tang server, therefore would not be automatically decrypted.
For more information on Tang and Clevis, see the man pages (man tang, man clevis) , the Tang GitHub page, and the Clevis GitHub page.
This tutorial will be showing you how to install SuiteCRM on Ubuntu 20.04 with Apache or Nginx web server. SuiteCRM is a free open-source customer relationship management software solution that provides a 360-degree view of your customers and business. It’s a fork of the popular SugarCRM software because SugarCRM stopped releasing its open-source community edition in 2014.
Mahara is a free and open-source electronic portfolio management system written in PHP. It is a web-based application mainly used in academic institutions to provide a platform to share their knowledge. It helps you to create a digital classroom and organize a student’s progress. You can also create a blog, build a resume, file repository, and a competency framework using Mahara. Compared to other Learning Management Systems, Mahara is distributed and user-focused.
In this tutorial, we will show you how to install Mahara on Ubuntu 20.04 server.
In this video, I am going to show how to install deepin 20.2.
Erlang is a general-purpose programming language and runtime environment maintained by Ericsson OTP product unit. It is used to build scalable real-time systems for high availability. It has built-in support for concurrency, distribution, and fault tolerance. Generally, it is used in telecoms, banking, e-commerce, computer telephony and instant messaging.
In this tutorial, I will show you how to install Erlang on Debian 10.
In this tutorial, we will show you how to install Wireguard on Debian 10. For those of you who didn’t know, WireGuard is an open-source, free, modern, and fast VPN server with state-of-the-art cryptography. It is quicker and simpler as compared to IPSec and OpenVPN. It is cross-platform and can run almost anywhere, including Linux, Windows, Android, and macOS.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Wireguard VPN on a Debian 10 (Buster).
If you want to use the command line terminal tool vboxmanage to create, deleted, list, start or stop VirtualBox Virtual Machines, here is the tutorial to follow…
VirtualBox is open-source software available to install on all popular operating systems. It also supports Linux and in systems like Ubuntu, Manjaro, and more you can install it directly from the official repository. Although Virtualbox comes with a graphical user interface to control created virtual machines, still, if you want, can use its vboxmanage tool in the command terminal to manage VMs.
Here we will let you know how to use the VboxManage command tool to start, stop and list VirtualBox virtual machines on Linux, Windows, or macOS.
On Linux, it's common to create shell scripts to automate repetitive tasks. Similarly, on FreeDOS, the open source implementation of old DOS operating systems, you can create a batch file containing several FreeDOS commands. Then you can run your batch file to execute each command in order.
You create a batch file by using an ASCII text editor, such as the FreeDOS Edit application. Once you create a batch file, you save it with a file name and the extension .bat. The file name should be unique. If you use a FreeDOS command name as your own file name, the FreeDOS command probably will execute instead of your batch file.
Virtually all internal and external FreeDOS commands can be used in a batch file. When you create a batch file, you are essentially writing a program. FreeDOS batch files may not have the power of a structured programming language, but they can be very handy for quick but repetitive tasks.
Whenever you're working with a group of programmers on a project, whether small or large, handling changes between multiple Git branches can become difficult. Sometimes, instead of combining an entire Git branch into a different one, you want to select and move a couple of specific commits. This procedure is known as "cherry-picking."
This article will cover the what, why, and how of cherry-picking.
What is Chatons? Chatons (French: kitten) is a France-originated collection of free online services which have commitment in Free Software and Privacy initiated by infamous France organization Framasoft. The services available are video calls, file sharing, collaborative editing, and link shortening. Together, it can be a real good alternative / replacement to Google services. However, at the moment it presented mostly in French so most people didn't know about it yet. It is the purpose of this article, to introduce Chatons to you all computer users in English language. This article starts with the practices, then examples, and ends with a short explanation. Let's start!
DevilutionX is a source port of the classic Diablo game with support for the Diablo: Hellfire extension pack that lets you play Diablo on a vast array of modern hardware, including hardware running GNU/Linux. Fans of this game from the late 1990s can enjoy a long list of game-play related improvements, performance improvements and other improvements in the latest DevilutionX release. The original game, or a shareware version, is required to use DevilutionX. Going with the shareware version will likely result in a huge disappointment.
Diablo is a role-palying video game that was released by Blizzard Entertainment in January 1997. An expansion pack for it called Diablo: Hellfire was released later that year. Diablo was originally just for Microsoft Windows. PlayStation and macOS versions become available in 1998. There wasn't any GNU/Linux release.
DevilutionX aims to make playing the classic Diablo and Hellfire on modern systems a breeze, with a full public domain coded reimplementation and a big new 1.2 version is out now.
Once again, a community of coders doing amazing work out in the open keeping a classic game very much alive and well. For us, having proper Linux support is great too since DevilutionX offers a great many enhancements to make running such a classic less of a hassle.
Version 4.0 is a major upgrade to the Warzone 2100 strategy game originally released by Pumpkin Studios in 1999. The latest version can render graphics using Vulkan, DirectX (for Windows), Metal (for macOS) and OpenGL. The Qt dependencies have been dropped thanks to a new built-in JavaScript engine, there's new soundtracks, higher resolution textures and a lot more.
Warzone 2100, real-time tactics hybrid computer game, released version 4.0.0 a few days ago with tons of changes.
Probably one of the coolest looking and sounding games I've seen in a long time, UNBEATABLE seems like it has everything going for it and it successfully funded on Kickstarter in only a few hours.
Describing it seems a little difficult. It combines exploration and adventure where you do activities for NPCs to build up a set-list of music tracks, with the other side being a frantic two-button rhythm combat game with a lot of visual variety. It's not particularly surprising it's done so well, it does look amazing. Against the $55,000 initial goal on their Kickstarter they're already on over $62,000 and they have another month of funding ahead.
[...]
The developer has confirmed Linux support, mentioning clearly they're focused on "PC / Mac / Linux" (with PC meaning Windows). Additionally, they've created a special side-story named "UNBEATABLE [white label]" that will come to Linux as well but for Windows initially.
Interested in slightly weird and quirky comedy adventures? Dude, Where Is My Beer? is now available for Linux. Jump into the "confusing world of unnecessary craft beers and snobby hipsters".
The game is obviously poking fun at how massively varied the alcohol industry has become over time, especially when it comes to Ale and Beer with so many new flavours and companies appearing all the time. Not that I am complaining, I do like a good tasty Ale myself.
"Can you find a normal beer in a world of conspicuously flavoured craft beer, and solve the mystery of the elusive, missing pilsner, using nostalgic interface from the golden age of adventure games? Talk to West Coast IPA and American Black Ale drinking hipsters and solve beer related puzzles at different stages of drunkenness; explore locations like a sports bar, a microbrewery, a dive bar and a rock bar in the city of Oslo, in your quest of finding a pilsner."
Done in a similar amusing way to The Procession to Calvary (different developer), the upcoming point and click adventure The Frogs puts you into Renaissance art based on a play from Aristophanes.
Planned for release late 2021 from developer Michael Wells, you will "Survive awful puns, break all the fourth walls you run across, and challenge the boundaries of morality as you deal with immortality". Sounds exactly like the kind of adventure I want to go on.
[...]
You can follow The Frogs on Steam with a demo available right now.
The first reason—that it is simply a window manager—is probably the top thing to point out. Like i3, there are no graphical bells and whistles applied by default. You can certainly customize it to your heart's content, but you will be putting in all the work to make it look like you want. That's part of its appeal to me.
There’s a free and open source tool called GNOME Tweaks that lets you customize a number of settings for desktop and laptop computers using the GNOME desktop environment.
Now developer Martijn Braam is bringing that idea to mobile devices. The new postmarketOS Tweaks tool is inspired by GNOME Tweaks, but as the name suggests it’s designed for phones and other devices running the postmarketOS Linux distribution.
MXLinux. Have you heard of it? If you're an ardent supporter of Linux on the desktop, you probably have. Otherwise, chances are pretty slim you've never heard tell of this particular Linux distribution--there's a reason for that. MXLinux isn't Ubuntu, Mint or even Fedora (in a pinch). MXLinux doesn't have the brand recognition the other popular takes on the Linux distributions.
It doesn't have the cache of widespread familiarity. Then why is it the most downloaded Linux distribution on Distrowatch?
A bit of a sidebar: I realize that Distrowatch isn't the bellwether of Linux popularity. For those of us who've been around the Linux block for a few decades, it's an important indicator. When I see that MXLinux has the No. 1 download spot (over Manjaro, Linux Mint, Pop!_OS and Ubuntu), I take notice.
When you bootup EasyOS, on the desktop there is an icon labelled "dunfell", clicking which will launch the entire Dunfell 2.6.2 desktop in a container. The key combination ALT-F6 flips back to the main desktop. Other puppies can also be run in a container.
A problem we have had right from the start, is wallpaper corruption in the container. It is ROX-Filer that manages the desktop wallpaper and icons, and the instance of ROX that runs in the container is not completely isolated from the ROX on the main desktop. I have not been able to understand exactly what the cause of the problem is, but a "sleep 4" after starting JWM and before running ROX results in OK wallpaper -- but not always, it seems some PCs require longer sleep.
Today marks ten years since the release of the very first version of elementary OS. Our 0.1 release, codenamed “Jupiter”, came with the bold tagline, “It’s gonna be huge”. A decade later, elementary OS is made up of over 130 open source git repositories, has its own FreeDesktop.org-recognized desktop environment, comes with more than a dozen first party apps and a unique app store with nearly 200 native third-party apps, has been translated to more than 20 languages, and most recently comes pre-installed on several desktops and laptops.
In this video, we are looking at Lubuntu 21.04 Beta.
Today we are looking at Lubuntu 21.04 Beta. It comes with Linux Kernel 5.11, LXQt 0.16, and uses about 500-600MB of ram when idling. Enjoy!
The Fedora Team announced that they will be celebrating the upcoming final release of Fedora Linux 34 with a virtual Release Party. It will be held on the April 31st and May 1st.
Fedora 34 will brings a massive set of changes across desktop, server, and other spins. It will be shipped this build with GNOME 40, which is one of the major highlights of the release. In addition, a new tiling window manager i3 spin is introduced for the first time.
For this release, the Fedora Team announced that they will have the opportunity to celebrate virtually. This event will have a series of short sessions surrounding features in Fedora 34 and what’s happening in the Fedora community. There will also have a series of fun social sessions and activities, including a pub quiz and pictionary.
Here we leak the next evidence of Paul Tagliamonte's backstabbing while he was working for a White House team in the Pentagon. Notice the email is sent at 8:53am on a Friday morning, it appears to be sent during office hours.
Please consider the strict legal obligations for US Federal employees. In particular, Government employees are required to uphold the constitution and be impartial when dealing with the public. Violating these rules may lead to criminal consequences.
Tagliamonte's email is not a "first hand account"
Three other developers, Steffen Möller, Miriam Ruiz and Ansgar Burchardt had expressed concern about the social media mob attacking Appelbaum. Tagliamonte's reply cancels their concerns without giving any good reasons.
[...]
Questions need to be asked at the highest level about why Paul R. Tagliamonte was pushing the criminal accusations against a US citizen. Senior staff pictured with Tagliamonte may need to be called before Congress to explain whether they had any knowledge of these plots and whether the shaming of security researchers like Appelbaum and Julian Assange is part of an ongoing program.
This quick tutorial explains the steps to view saved WiFi password in Ubuntu and Other Linux.
We continued to ship Librem 5s throughout March all according to plan and also continue to hunt down CPUs. As we get more hardware confirmed we will contact the next group of Librem 5 backers with their shipping estimate and at the moment our pipeline is full well into May.
We’ve previously covered three variants of LilyGo T-Watch-2020 smartwatch based on ESP32 WiFi & Bluetooth SoC with TTGO T-Watch-2020 (V1) launched about a year ago, following by T-Watch-2020 V3 with a microphone for voice control, and T-Watch-2020 V2 with GPS.
The company has recently launched a new rounded smartwatch based on ESP32-PICO-D4 SiP with a twist as they did not design it themselves and instead partnered with “Paul’s 3D Things” for the Open-Smartwatch, and just handle manufacturing and production.
Sebastian Dehne decided to build a custom electric vehicle (EV) charging station for his Nissan Leaf from scratch, as what he calls “a real full stack project.” He notes that creating your own gives you total control over the system, and it’s both fun and cheaper than purchasing a ready-made device.
The aptly named DehneEVSE is based on an Arduino Nano 33 IoT for control and current/voltage sensing, and connects via WiFi to a server that handles charging logic. UI consists of a web app that uses WebSockets to listen for real-time updates and display power consumption for all three phases. Aside from the stats, the app enables Dehne to turn charging on/off or to a low-cost setting, which regulates charge depending on the price of energy at a particular time.
With over 170 creative projects sent in from around the world, choosing just 10 winners for the Arduino Day Community Challenge was almost impossible.
Hopefully you were with us on Arduino Day, and saw the winning projects being unveiled during the live stream. But we also wanted to send out another big congratulations to the inventive Arduino lovers who won.
So let’s take another look at the 10 projects that won a big box of Arduino goodies for their creative contraptions.
These days, smartphones are in just about everyone’s pocket. We use them for entertainment, sending messages, storing notes, taking photos, transferring money and even making the odd phone call. Our phones have become essential appendages to life. If you’ve ever physically lost your phone, you know that sinking, desperate feeling of checking all your pockets and bags and fearing… can someone see my stuff? Get ready because there’s another way to lose your phone without it ever leaving your pocket, and it’s called SIM swapping.
In early April, it was reported that there had been a Facebook data leak, raising alarms among Facebook account holders. Half a billion Facebook accounts were impacted. The dataset is from 2019, so it had been out there, but not widely circulated. Over the weekend, the data started popping up on popular hacking forums for free. The interesting story is where the data likely came from, what can be done with it, and what you can do to protect yourself.
A few weeks ago, it came the time for us to publish the first version of Glean.js in npm. (Yes, it has been published. Go take a look). In order to publish a package on npm, it is important to define the package entry points in the project’s package.json file. The entry point is the path to the file that should be loaded when users import a package through import Package from "package-name" or const Package = require("package-name").
My knowledge in this area went as far as “Hm, I think that main field in the package.json is where we define the entry point, right?”. Yes, I was right about that, but it turns out that was not enough for Glean.js.
[...]
Our users can finally import our package in Javascript and Typescript and they have well defined entry points to choose from depending on the platform they are building for.
If they are building for Node.js though, they still might encounter issues. The default module system used by Node.js is commonjs. This is the one where we import packages by using the const Package = require("package") syntax and export modules by using the module.exports = Package syntax.
Newer versions of Node, also support the ECMAScript module system , also known as ESM. This is the offical Javascript module system and is the one where we import packages by using the import Package from "package" syntax and export modules by using the export default Package syntax.
Packages can provide different builds using each module system. In the exports field, Node.js allows packages to define different export paths to be imported depending on the module system a user is relying on. This feature is called “conditional exports”.
In our 10th episode of the Software Freedom Podcast we talk with Elisa Lindinger from superrr lab. Together we discuss problems faced by Free Software projects and how to tackle them. In a broader frame we discover what would be needed for a more sustainable digital infrastructure and talk about the work Elisa does for this aim.
[...]
Together, we discuss how a sustainable digital civil society can look like and what is still needed for this aim to be reached. This episode provides knowledge and insights for all of you who want to support Free Software and create a long-lasting digital society.
A few weeks ago, I interviewed my friend Katherine Maher on leading a non-profit under some of the biggest challenges an org can face: accusations of assault by leadership, and a growing gap between mission and reality on the ground.
14 new GNU releases in the last month (as of March 25, 2021): bison-3.7.6 denemo-2.5.0 emacs-27.2 gama-2.01 gama-2.14 help2man-1.48.2 intlfonts-1.4.2 mes-0.23 mit-scheme-11.2 nano-5.6.1 nettle-3.7.2 parallel-20210322 poke-1.1 zile-2.6.1
License License License! Sometimes it feels like licensing is the only thing anyone ever talks about in FOSS. Despite its popularity as a topic of conversation, relatively few FOSS participants have a good understanding of what licenses are and even fewer know how to apply them correctly to a FOSS project. In just the few minutes needed to read this article you, too, can become one of the few, the proud, the license literate.
IBM has announced a COBOL compiler for Linux on x86.
News of the offering appeared in an announcement that states: "IBM COBOL for Linux on x86 1.1 brings IBM's COBOL compilation technologies and capabilities to the Linux on x86 environment," and describes it as "the latest addition to the IBM COBOL compiler family, which includes Enterprise COBOL for z/OS and COBOL for AIX."
COBOL – the common business-oriented language – has its roots in the 1950s and is synonymous with the mainframe age and difficulties paying down technical debt accrued since a bygone era of computing.
So why is IBM – which is today obsessed with hybrid clouds – bothering to offer a COBOL compiler for Linux on x86?
Because IBM thinks you may want your COBOL apps in a hybrid cloud, albeit the kind of hybrid IBM fancies, which can mean a mix of z/OS, AIX, mainframes, POWER systems and actual public clouds.
I recently discovered SDF’s PiDP-8. You can access it over SSH and watch the blinkenlights over its twitch stream. It runs TSS/8, a time-sharing operating system written in 1967 by Adrian van de Goor while a grad student here at CMU. I’ve been having fun tinkering with it, and I just wrote my first BASIC program1 since high school. It plots the graph of some user-specified univariate function. I don’t claim that it’s elegant or well-engineered, but it works!
Today, we’ll talk about ways to throttle your signal/slots connections — in other words, how to activate a slot less often than the emission rate of the signal it’s connected to. The usual reason why you may want something like this is performance. Invoking a slot at a high frequency may be too expensive for your application, so you need to rate-limit the slot’s activation.
Scikit-learn is one of the most popular machine leaning libraries for Python. It provides many unsupervised and supervised learning algorithms that make machine leaning simpler.
Next week, we will be holding more vision doc writing sessions. We are now going to expand the scope to go beyond “status quo” stories and cover “shiny future” stories as well. Keep your eyes peeled for a post on the Rust blog and further updates!
Correctness of code in the Android platform is a top priority for the security, stability, and quality of each Android release. Memory safety bugs in C and C++ continue to be the most-difficult-to-address source of incorrectness. We invest a great deal of effort and resources into detecting, fixing, and mitigating this class of bugs, and these efforts are effective in preventing a large number of bugs from making it into Android releases. Yet in spite of these efforts, memory safety bugs continue to be a top contributor of stability issues, and consistently represent ~70% of Android’s high severity security vulnerabilities.
Not only is the Linux kernel moving to allow Rust code to be optionally used within the kernel, but Google is now allowing Rust code to be used for system programming work on Android's low-level operating system components too.
Google announced on Tuesday by way of their security blog that they are now allowing Rust to be used for Android platform system code. Rust will be allowed in the Android Open-Source Project for "developing the OS itself" given its emphasis on memory-safety and security.
Java is one of the most popular programming languages in the world. It has been among the top three languages used over the past two decades. Java powers millions of applications across many verticals and platforms. Linux is widely deployed in data centers, edge networks, and the cloud.
Today we announced that Quarkus is now available for all Red Hat Enterprise Linux (RHEL) customers. If you are running RHEL, you can easily use the Red Hat build of Quarkus in your Java applications. If you are developing applications on a Kubernetes platform like Red Hat OpenShift, you can also use the Red Hat build of Quarkus as of November 2020.
What is Quarkus, and how can you develop and deploy it on Red Hat Enterprise Linux? Read on to learn more.
As we round out the first quarter of 2021, we wanted to share the latest updates to the Red Hat Runtimes portfolio. As always, our team is working hard to bring customers the latest best-in-class innovations and updates to help make developers’ jobs a bit easier. Let’s get right to it.
A LinkedIn phishing campaign is the newest threat.
Hackers [soc] Hit LinkedIn
It seems like nothing is off limits anymore.
Google is now paying developers more money to work on securing their Linux kernels this year. The gesture may well be the start of the company’s bid to enforce a tighter grip on open source.
Google’s action comes on the heels of rising threats to Linux that unfolded in the last year, as hackers pivot to new strategies like writing malware strains in the Go programming language.
The spread rate of malware is staggering. Infected code incidents made a 500 percent spike in the last year. That represents a 2,000 percent increase since 2017, according to Google.
This spike is no doubt because Go allows hackers to be versatile and target Windows, Mac, and Linux from the same codebase. Adding to this, 2020 alone saw a 40 percent increase in Linux-related malware families.
We can speculate all we want on the number of factors driving this shift, such as accelerated cloud adoption. But there is no denying the existence of a significant marketplace gap.
Capsule8 is a firm that specializes in securing Linux-based production environments. It’s chief scientist, vice president of product strategy Brandon Edwards, does not expect this trend in Linux vulnerabilities to die down.
Security updates have been issued by openSUSE (chromium), Oracle (flatpak and kernel), Red Hat (virt:8.3 and virt-devel:8.3), and SUSE (gssproxy and xen).
In our monthly reports, we try to outline the most important things that have happened in the reproducible builds community. If you are interested in contributing to the project, though, please visit our Contribute page on our website.
F-Droid is a large repository of open source applications for the Google Android platform. This month, Felix C. Stegerman announced apksigcopier, a new tool for copying signatures for .apk files from a signed .apk file to an unsigned one which is necessary in order to verify reproducibly of F-Droid components. Felix filed an Intent to Package (ITP) bug in Debian to include it in that distribution as well (#986179).
On 9th March, the Linux Foundation announced the sigstore project, which is a centralised service that allows developers to cryptographically sign and store signatures for release artifacts. sigstore attempts to help developers who don’t wish to manage their own signing keypairs.
Counsel who secured huge awards for their clients in cases including Carnegie Mellon v Marvell set out their strategies for securing big patent payouts
The Federal Circuit’s new decision in Apple Inc. v. Qualcomm Inc. (Fed. Cir. 2021) offers an interesting standing puzzle.
After some heated litigation, Apple licensed 20,000+ Qualcomm patents as part of a six-year covenant-not-to-sue which resulted in the litigation being dismissed with prejudice. Meanwhile, the parallel inter partes reexaminations (IPRs) moved forward with regard to two particular Qualcom patents within the package of 20,000+.
Although the PTAB granted Apple’s IPR petitions, the Board eventually sided with Qualcomm — holding that Apple had not proven that the claims were invalid. Apple then appealed to the Federal Circuit. The PTAB does not worry about Article III standing — because the PTAB is not an Article III court. However, standing comes into play once the case moves from the administrative agency into the appellate court.
In MedImmune, Inc. v. Genentech, Inc., 529 U.S. 118 (2007), the Supreme Court held that a patent licensee has standing to challenge a patent’s validity even without stopping the royalty payments. Here, Apple argued that it likewise has standing. The problem, according to the court, is that cancelling of the two Qualcomm patents would not actually impact Apple’s obligations under the license. This contrasts with MedImmune where an invalidity finding would dramatically impact the royalty owed.
The average pendency time for Chinese invention patent applications was about 22.2 months in 2019, and was reduced to 20 months in 2020.
The legality of holding oral proceedings without the consent of all parties has been formally questioned with an interlocutory decision from an Appeal Board dated 12 March 2021 (Appeal number T1807/15-3.5.02) referring the following question to the Enlarged Board of Appeal:
“Is the conduct of oral proceedings in the form of a videoconference compatible with the right to oral proceedings as enshrined in Article 116(1) EPC if not all the parties to the proceedings have given their consent to the conduct of oral proceedings in the form of a videoconference?”
In the interim, a different Board of Appeal have published a new decision ruling that oral proceedings by video conference are allowable, even where one party objects.
The written decision for Appeal number T2320/16, published 24 March 2021, relates to a decision taken by a Board of Appeal during oral proceedings dated 4 February 2021. Accordingly, this decision predates the above referral to the Enlarged Board of Appeal. Consequently, the referral has had no impact on the outcome of this decision and is not considered in detail in the published written decision.
The Patent Index 2020 announced by the European Patent Office revealed that the number of international patent applications filed with it had decreased year-on-year by 0.7% to 180,250, second only to the record high number filed in 2019.
Japan’s applications to the EPO dropped by 1.1% from the previous year to 21,841, ranking third behind the United States and Germany. Its filings accounted for 12.1% of the total.
The Barcelona Court of Appeal (Section 15) overturned a first instance decision, making an interesting finding on the application of the “problem-solution approach”: if the revocation claimant submits that its choice of closest prior art only differs from the claimed invention in one (or more) specific feature(s), but the court finds that further differences exist in respect of other features, the court may automatically reject the obviousness objection without applying the second and third steps of the problem-solution approach. In addition, the Court of Appeals expresses skepticism regarding expert opinions aimed at the rebuttal of another opinion, where the expert did not undertake a direct inspection of the allegedly infringing products.