Linux, it’s a scary word for some and an unknown realm for others. For many, Linux is a way of life, and they’ve been using it for a very long time. Even if you’ve never heard of Linux and are scared to try it, you probably already use it daily. This review of the Dell XPS 13 Developer Edition isn’t for those who are experienced. This review is for the normies.
Linux is widely used on server farms all over the world. Your email, your website host, and even your employer likely use Linux in some form. Even your Android device is a flavor of Linux, so you’re probably using it day in and day out. The Dell XPS 13 Developer Edition brings Linux to the average person’s fingertips with no need to go through installing or configuring ahead of time.
While I have installed and configured many Linux distros on many different laptops over the years, I have to admit having the work done for you is half the battle. I know many Linux lovers will disagree with me, but they’re not thinking with the same head a normal user would. Turn back now Linux purists; this particular Dell XPS 13 Developer Editon review is not for you. If you’re just a normal Windows or Mac user looking for an alternative and wondering what this device is all about, let’s jump into it.
After two months of development, Linus Torvalds has released the latest version of the Linux kernel, saying that “despite the extra week, this was actually a fairly small release overall.”
According to the KernelNewbies page, this release introduces idmapped mounts, which let you “map the user id of a mount to a different one. This makes it possible to share files more easily between multiple users or multiple machines especially in complex scenarios.”
A while back, I posted a blog series on BPF, including some suggestions about setting up a BPF development environment. Much has changed since then in terms of BPF features, so it's worth revisiting how BPF applications are developed now.
The key change - at least for the BPF projects I work on - is that libbpf has become central to BPF application development. Why?
The SYS_BPF syscall is the Swiss Army knife of BPF; it allows you to for example inject a BPF program into the kernel and verify it, create associated maps and attach the program to its target. When these basic tasks were all that was needed, they could be carried out using simple wrappers to the SYS_BPF system call.
However BPF programs do a lot more now and there's a huge amount of interplay between userspace and kernel required to set up a program to run. libbpf solves a bunch of problems for you. I'll try and describe a few of them here.
We are pleased to announce the Yocto Project 3.3 (hardknott-25.0.0) Release is now available for download.
Yocto Project, a system to build embedded Linux distributions, released version 3.3 "Hardknott". In this version all OE-Core recipes build reproducibly regardless of host distro/build location except golang recipes and ruby's docs package. There are many more new features, upgrades, and bug fixes. The release notes have more details.
Intel's code for Linux kernel bus lock detection that works in conjunction with newer Intel CPUs has landed in the Linux kernel.
Last year Intel contributed split lock detection for Linux 5.7+ for finding out when an atomic instruction ends up spanning multiple cache lines. Those split locks can incur significant performance penalties and now that kernel code has been extended to cover bus lock detection too with Linux 5.13+ on recent Intel processors.
It's been several months since the last round of FUTEX2 patches for this system call to address the shortcomings of the current FUTEX system call. FUTEX2, which is designed in part with Wine/Proton in mind for better matching Windows semantics, has now seen a third iteration of the patches.
FUTEX2 aims to better match the behavior of Windows and can wait on multiple futexes, among other improvements over the original system call. It's important for Wine/Proton and ultimately Steam Play for enjoying Windows games on Linux with optimal performance and reliability.
The Linux Kernel Runtime Guard (LKRG) is a Linux kernel security module developed by Openwall for security enthusiasts, Internet-facing production servers and hosting providers that provides additional run-time integrity and security checks for the Linux kernel. The latest version adds support for CONFIG_HAVE_STATIC_CALL on Linux 5.10+ and a fix for a false positive bug on machines with SELinux enabled. make install no longer enables it by default. There is, instead, a message explaining how to enable it using the systemd service file it provides.
Although Linux-kernel RCU gets most of the attention, without rcutorture, RCU would not be what it is today. To see this, note that the old saying “If it ain't tested, it don't work!” is if anything more valid today than it was back then. After all, software has not gotten any simpler, workloads have not become less demanding, and systems have not grown smaller, except in terms of physical size. That said, the decrease in size has been truly impressive. Back when Jack and I invented RCU, the hardware contained in my laptop would have filled no fewer than fifteen standard racks, and that ignores the hardware that simply was not available back then, and also ignores the reliability issues that would have resulted from such an imposing agglomeration of hardware.
While Zink implements OpenGL 4 and is running an increasing number of games with good performance, one of the simple "demos" it hasn't been able to render correctly in recent years has been glxgears. But that milestone is now crossed once again with the latest Mesa code.
Nowadays, NAS is used by everyday families who simply want to share photos and enjoy access to a digital library of entertainment, no matter where they’re at. So whether you’re looking to build your own private network, gather movies, music, and TV shows, or just to take data backup to the next level, NAS might be what you’re looking for.
More than nine months in the works, MusE 4.0 is here with a completely revamped user interface that features a tabbed UI with docks supporting common utility editors like Event List, Marker List, and Mastertrack List, an all new dark theme with lots of icons in vector format, more customizable colors, as well as new toolbars to replace the separate transport window and make it easier to access common operations.
The new release also introduces several new keyboard shortcuts to make your workflow faster if you fancy using your keyboard when creating music, and adds support for listing related keyboard shortcut in menu operations.
Added dark mode Added option to reset new game to defaults Added support for Qt 6 Look up definitions in web browser Improved high scores dialog Refactored code Translation updates: German, Indonesian, Lithuanian, Polish, Romanian, Turkish Word list updates: Brazilian Portuguese, Catalan, Czech, Dutch, English, French, German, Greek, Hebrew, Indonesian, Polish, Portuguese, Russian, Spanish
RAID 1 is a hard disk configuration where the contents from one hard disk are mirrored onto another. This provides the user with some redundancy in case a disk fails. On your Linux system, the two hard drives are represented as a single file system. But in the background, making changes to your files is actually writing the changes to two disks at the same time. You can also add more than two disks to the configuration, as long as you keep the number even. Otherwise, something like RAID 5 will be more suitable.
There are many ways to configure a RAID setup. One of the easiest and most accessible ways is through the mdadm software package, which can be installed and used on any major Linux distribution. This is easier than some other RAID setups, since it doesn't require any special hardware (like a RAID controller) and isn't that hard to configure.
In this guide, we'll go through the step by step instructions to install and setup mdadm on Linux, and create a RAID 1 configuration for two hard disks. Our example scenario will consist of two empty hard disks that are each 10 GB in size. This is in addition to our main hard disk, which is just used for the operating system.
This article will show you how to delete safely a pool in TrueNAS. What is TrueNAS? It is a Network Attached Storage (NAS) software that shares and protects data from modern-day threats like ransomware and malware. So lets start right away. First open the web browser and type your nas ip address, you will enter the dashboard like in the picture bellow...
In this tutorial, we will show you how to watch Netflix on Ubuntu 20.04 LTS. If you want to watch Netflix without any effort, simply use Google Chrome. Google Chrome is the one browser that supports Netflix without any additional requirements. For non-supported browsers, you will need to install additional tools and packages to watch Netflix.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the FFmpeg extra codes to watching Netflix on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Do you want to set up a Windows 10 virtual machine in VMware Workstation 16 on your Linux PC, but find it too complicated and can’t figure it out? If so, this guide is for you! Follow along as we show you how to set up a Windows 10 VM in VMware!
Do you have an Ubuntu VM in VMware Workstation and want to share a folder with it but can’t figure it out? If so, this guide is for you! Follow along as we go over how to access VMware shared folders on Ubuntu!
When you are using the VIM editor on Linux and you would like to exit, you just need to follow the tips below. First press the Esc key in order to access the Normal mode. Now to access the Command-line mode, you can just type in : .
You will then notice a colon (:) that pops up at the bottom of your current screen session.
Ready to unleash the power of remote computing on your Ubuntu machine? Here's how you can easily set up a VNC server.
Accessing a computer via remote desktop is an important part of work-life. Remote desktop programs allow you to access and control other systems that are not physically available to you. Work from home jobs have made remote computing even more relevant by allowing people from distant regions to work remotely using their computers.
This guide shows you have to install a Virtual Network Computing (VNC) Server on Ubuntu 20.04 LTS to make remote computing possible on your system.
Sometimes you might want to block connects to your server by IP address. E.g. when someone tries to attack your system. This can be done in several different ways, e.g. with iptables (firewall) rules or by setting up a reject route.
Homebrew is one of the popular package managers for Mac OS X but can be installed on Linux as well to download and install various packages. Homebrew Cask extends Homebrew with support for quick installation of applications like Google Chrome, VLC, and more.
On Linux, it is known as Linuxbrew. On Ubuntu Linux, we already have an APT package manager with a wide range of applications and other packages to install, then what is the need for Linuxbrew?
So I wanted to test the internal LAN speeds of our wireless bridge, switches, and cables in between – from one end of the network to the other. There is an old iMac running on one side of the bridge and I didn’t want the speed test to slow down due to disk I/O reasons. I wrote a small python based web server which pre-initializes a memory buffer with random data and then sends random chunks inside of it throughout the fake “download” process (jumps around from index to index).
Shellcheck is a piece of free and open source software that gives warnings and suggestions for shell scripts. Using shellcheck, you can find errors earlier than you would otherwise. It's a tool that everyone that scripts should have in their toolbag.
In this week’s Training Tuesday blog, we present a set of free, short training videos that demonstrate the Oracle Linux Virtualization Manager monitoring features introduced in Oracle Enterprise Manager 13.4.
Placing sudo in the shebang line of a shell script runs the entire thing as root. Useful for scripts designed to, e.g. automate system upgrades or package manager wrappers — makes prepending everything with sudo no longer necessary
This can happen for a number of reasons. The Freshclam daemon may not have been enabled, for example. Or you purposely configured your installation not to use the Freshclam daemon but forgot to run Freshclam manually (either from the command line or via ClamTk) during the past seven days to update the database. Or there is a problem with the Freshclam configuration or software installation itself. And so on.
Someone posted about USBView not working, running BionicPup I think, and they installed it from the PPM package manager.
In this tutorial, we will show you how to install Apache Ant on Debian 10. For those of you who didn’t know, Apache Ant is a Java library and command-line tool and it supplies a number of built-in tasks allowing to compile, assemble, test, and run Java applications. Ant can also be used effectively to build non-Java applications, for instance, C or C++ applications. Ant is extremely flexible and does not impose coding conventions or directory layouts on the Java projects which adopt it as a build tool.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Apache Ant on a Debian 10 (Buster).
Terraform is a free and open-source application that can automate and manage your infrastructure. Terraform helps to build services and platforms using declarative language; this means you don’t need to define every step of automation; it can learn by itself. You don’t have to worry about every step of your systems to automation; it can take care of that. If you a newbie on Terraform, it allows you to start from the starch. Terraform supports Ubuntu, Fedora, Arach, Red Hat, and other major Linux distributions. After installing Terraform on your Linux, it can be integrated with AWS, cloud, VM, and other systems.
In this video, we are looking at how to install Brave Beta on Deepin 20.2.
The FreeBSD Release Engineering Team is recently announced the availability of FreeBSD 13.0-RELEASE. This is the first release of the stable/13 branch. FreeBSD 13.0 is shipped with many updated set of features. It supports several architectures including amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64, and riscv64. If you prefer a fresh installation, head over to the FreeBSD 13.0 download page and get a suitable version for your architecture. If you already have older versions, you an directly upgrade FreeBSD 12 to FreeBSD 13. In this step by step guide, let us see how to upgrade to FreeBSD 13 from FreeBSD 12.
ngxtop is a free, open-source, flexible and real-time monitoring tool for Nginx web servers. It can parse the Nginx access log and print the information about request count, requested URI, the number of requests by status code, and much more. It is a simple and easy-to-use tool to monitor the requests coming to an Nginx web server.
In this post, we will show you how to install and use ngxtop monitoring tool on Ubuntu 20.04.
In this episode of Linux Essentials, I'll teach you the basics of the find command. The find command is a powerful command-line tool you can use in order to find just about anything in the filesystem, and with this video, you'll learn all the basics you need in order to start using it.
Apache NetBeans is an integrated development environment (IDE) for Java. It allows applications to be developed from a set of modular software components called modules. NetBeans runs on Windows, macOS, Linux and Solaris. In addition to Java development, it has extensions for other languages like PHP, C, C++, HTML5, and JavaScript. Applications based on NetBeans, including the NetBeans IDE, can be extended by third party developers.
In this article we are going to check out 5 very cool monitoring tools that can be used in the terminal. Some of them you may know , some of them no , please comment if you find them interesting or you can suggest other.
Today we are looking at how to install Funkin' FPS Plus on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
Linux has made significant strides over the last couple of years when it comes to gaming. But has it reached the stage where it can be considered as a viable alternative to Windows? Well, the answer depends on you – what games you play and how you use your OS apart from gaming.
If you are looking for the OS with the most natively supported games, then Windows takes the cake – no argument!
However, it’s more than likely you don’t plan on playing “every” PC game out there! Maybe you have a few favorites! And Linux’s gaming catalog covers almost all the popular titles, so you are extremely likely to find your favorite game compatible on Linux. Also, believe it or not, but some games actually perform better on Linux than Windows – provided you are running on the same hardware.
As such, it’s clearly understandable why the PC gaming community is constantly engaged in a heated debate over Linux vs. Windows gaming – which is better. And so, for this read, we have decided to shed some light on the topic – giving you the pros and cons of both OSes in terms of gaming.
Version 2.11 of GNU dico is available for download. This version fixes several bugs and inconsistencies in the gcide module and the gcider utility. Also, this version drops the support for Python 2.7.
Looks like the next Humble Choice bundle is going to be reasonably good, with Metro Exodus headlining.
Now that there's a Linux port available that performs well, this might perhaps entice a few people into Humble Choice to pick up a good deal. Usually it costs $39.99 on Steam without any discounts, so the Humble Choice for May is a good way to get it which usually costs about $19.99 for the whole set. Humble have also announced that for May's Humble Choice there will be Darksiders Genesis, Hellpoint, and 9 more games so it seems like overall it's going to be quite a good one.
A free and open source game, called Oh My Git!, turns the Git version control system into an interactive game that can be used to help beginners learn more about Git’s features and to help instructors teach Git fundamentals.
You’ve probably seen a movie or TV show where someone from the FBI kicks open a door. That officer is likely wearing SWAT clothing, complete with a riot shield, a nine millimeter, boots, and a helmet.
In Anger Foot, it’s like you’re actually playing the role of that FBI agent. Except you’re an alligator without the armor. Just wearing jeans and all you start off with is your trusty foot.
The Kdenlive team is happy to announce the release of version 21.04 with lots of interface and usability improvements and many bug fixes. This version also comes with new Typewriter and Strobing effects as well as Effect Zones, which give you the ability to apply effects to track and/or timeline regions. There is also new Speech-to-Text feature to automatically transcode audio to text and a Media Browser widget to easily browse and add your source material to your project. The Online Resources has been converted into a widget and buffed with more media providers. Not to mention tons of under the hood polishing in preparation for Qt6 and MLT7.
We would like to thank the contributions of Rafal Lalik (Typewriter effect), Vivek Yadav (Media Browser), Martin Sandsmark (Alpha Strobe effect) and Julius Künzel (Online Resources), and also welcome Julius as a core team member. While the devs were busy hacking the bug squashing team managed to close these past months more than 500 bugs in the tracker.
KDE’s Kdenlive video editor 21.04 was released today with lots of usability improvements and some great new features.
Kdenlive 21.04 introduced new Speech-to-Text feature which automatically transcode audio to text, and it supports for 17 languages and dialects using the official models.
The Plasma Mobile team is happy to present the Plasma Mobile updates for March and April 2021. During the last two months, most of the work has been focused on applications. While we continued to improve existing applications making them more stable and featureful, we also worked on new applications, extending the Plasma Mobile app ecosystem. We also made noticeable improvements to the Plasma Mobile shell.
But, before we get into that, we would like to thank Pine64 for their generous donations for every KDE community device sold, and their support to our project. We would also like to extend our thanks to you, the owners of PinePhone KDE community edition devices: Your purchase helps us so much.
The Plasma Mobile team has announced a number of updates to their user interface and suite of applications for mobile Linux devices. Among other things, there are updates to chat, music, and video apps, new features for the default web browser, and new applications for email, music streaming, and more.
Developers are also working to improve the look, feel, and performance of the Plasma Mobile shell itself, and developing new features including support for multiple pages on the home screen.
Time goes fast, it is eight years ago this week that KaOS started, so this is kind of an April anniversary release.
It has also been eight years that the same initramfs creation tool has been used (Mkinitcpio), but with Dracut being the more widely used and constantly maintained, it is time to move to this new tool for KaOS. For almost two years Mkinitcpio did not have a maintainer and upstream had talks about abandoning this tool. This will be a major change and will require lots of work for the ISO creation, but a start has been made, the linux-next kernel already defaults to Dracut for initramfs creation.
KaOS 2021.04 is here as the first ISO snapshot to switch to Dracut as the default tool for creating the Linux boot image (initramfs), replacing Mkinitcpio, which is no longer supported. This is a major change and requires a lot of work to be fully integrates, but, for now, the linux-next kernel defaults to Dracut for initramfs creation.
Since KaOS focuses on Qt and KDE, the KaOS 2021.04 release ships with the KDE Plasma 5.21.3 desktop environment, which is accompanied by the latest KDE Gear 21.04 and KDE Frameworks 5.81 software suites, all built against the Qt 5.15.2 open-source application framework.
Budgie Desktop users rejoice, a new version of your favorite desktop environment is here and it’s packed with lots of goodies, starting with support for the GNOME 40 stack, which makes Budgie compatible with GNOME 40 apps/components like the GDM (GNOME Display Manager) login screen or a dedicated screensaver.
Budgie Screensaver, a fork of gnome-screensaver, is now used as the default screensaver in the Budgie Desktop 10.5.3 release, not only allowing Budgie to co-exist in an installation environment alongside GNOME Shell and GDM components from the GNOME 40 stack, but also facilitate its ability to lock the session.
In this video, I am going to show an overview of Lubuntu 21.04 and some of the applications pre-installed.
LibreWolf is designed to minimize data collection and telemetry as much as possible. This is achieved through hundreds of privacy/security/performance settings and patches. Intrusive integrated addons including updater, crashreporter, and pocket are removed too. LibreWolf is NOT associated with Mozilla or its products.
I must confess, I was guilty of being reactionary when I first read and wrote about a situation between two IBM employees, one of whom is a Linux kernel maintainer. I reacted because open-source is near and dear to my heart, something I've been passionate about since the late nineties. But my initial reaction was based on only one side of the story, the kernel maintainer's. Since then, I've had a chance to speak with IBM, hear their account of what happened and gain a better understanding of how the company works to support the Linux open-source community.
The new release of Fedora has more under the hood than you might know. It's a technology-packed release, and nearly all of it is coming to a distro near you.
Plus the questions we think the University of Minnesota kernel ban raises, and more.
Candidates may self-nominate. If you nominate someone else, please check with them to ensure that they are willing to be nominated before submitting their name.
The steering bodies are currently selecting interview questions for the candidates.
Nominees submit their questionnaire answers via a private Pagure issue. The Election Wrangler or their backup will publish the interviews to the Community Blog before the start of the voting period. Fedora Podcast episodes will be recorded and published as well.
Please note that the interview is mandatory for all nominees. Nominees not having their interview ready by end of the Interview period (2021-05-19) will be disqualified and removed from the election.
The Fedora Project, a Red Hat, Inc. sponsored and community-driven open source collaboration, today announced the general availability of Fedora Linux 34, the latest version of the fully open source Fedora operating system. Fedora Linux 34 further improves the overall user experience with key updates like GNOME 40, while still providing a foundation for new use cases, like edge computing, with improved support for hardware watchdogs for automated system recovery.
Fedora Workstation 34 is the latest version of our leading-edge operating system and this time there are major improvements heading your way. Best of all, you can download it from the official website. What’s new, I hear you ask!? Well let’s get to it.
The Fedora 34 release is now available. "This release features GNOME 40, the next step in focused, distraction-free computing. GNOME 40 brings improvements to navigation whether you use a trackpad, a keyboard, or a mouse. The app grid and settings have been redesigned to make interaction more intuitive." LWN recently reviewed the Fedora 34 Workstation release.
Fedora Linux 34 is one of the major releases in Fedora’s history and a bold one. The Fedora Project’s emphasis on delivering the latest open source updates with all levels of users in mind, from beginners to experts.
Fedora team announced the Fedora 34 release across workstations, spins, and servers. The latest version on this popular Linux distribution comes with Linux Kernel 5.11 which brings support for the latest hardware across processors, graphics cards, ports, and other devices.
[...]
Btrfs has been the default filesystem for Fedora Workstations since Fedora 33, but the Fedora Project team has done one better in Fedora 34. In this release, the zstd compression is made as default when using Btrfs. This compression will be essential for increasing read and write performance of larger files, with the potential to speed up related workflows.
Fedora 34 has successfully managed to switch over to PipeWire from PulseAudio for its audio needs. Overall, PipeWire is more secure and offers a better audio experience in Fedora 34 than with PulseAudio sound daemon, which was the default in previous Fedora releases.
After the release of the Fedora 34 beta a week ago, Fedora 34 stable release is finally here with exciting changes and improvements.
As expected this release of Fedora arrives with the latest Linux kernel 5.11 along with significant changes such as Gnome 40, PipeWire, availability of a Fedora i3 Spin, and various other changes.
Let’s take a look at the important changes coming to Fedora 34.
[...]
One of the biggest highlights is the arrival of the GNOME 40 desktop. Fedora 34 is one of the few distributions in which you can experience the latest Gnome 40 right now. So, this change is worth noting.
Taking a look at KDE Plasma, Wayland becomes the default display server for KDE Plasma in Fedora 34. Moreover, KDE Plasma Desktop image is available for AArch64 ARM devices as well.
The massive Fedora 34 release is here with cutting-edge technology across modules and packages. And I'm sure you have downloaded/upgraded to Fedora 34 already. Keeping that in mind, we present a list of 10 things to do after installing Fedora 34.
With the announcement from Red Hat that they’re choosing to sunset CentOS and focus on CentOS Stream, many users have been wondering what’s next. The community was able to step in and take over the CentOS legacy in the form of AlmaLinux. Still, this has left many users wondering if AlmaLinux is up to the task. Here we discuss AlmaLinux and CentOS and whether AlmaLinux is up to the challenge of replacing CentOS.
CloudLinux Inc. will start providing multiple support options next month for the AlmaLinux OS -- including regular patches and updates for the Linux kernel and core packages, patch delivery service-level agreements (SLAs), and 24/7 incident support, the company announced today.
AlmaLinux OS is the open-source enterprise-level Linux distribution created as an alternative to CentOS with a committed support lifecycle of a decade per release, that was developed by the team at CloudLinux and now owned and governed by the user community.
Red Hat has announced plans to create a new Linux-based operating system for the automotive industry. With this push, the enterprise-focused open source software company is touting safety and continuous certification as core selling points.
Red Hat, which IBM acquired for $34 billion in 2018, is already well known for its enterprise-grade Linux distribution, which will serve as the basis of its new platform for road vehicles. For the initiative, Red Hat has partnered with Exida, a company that specializes in functional safety and product certification, to provide ongoing certifications spanning a range of applications, from “infotainment to driver operations,” according to a press release.
Red Hat Enterprise Linux (RHEL) 8.4, the latest version of Red Hat’s flagship enterprise offering, embraces edge computing with new edge-focused improvements.
Arpit Joshipura, The Linux Foundation's general manager of networking, once said "edge computing will overtake cloud computing" by 2025. By edge computing, Joshipura meant open compute and storage resources that are five to 20 milliseconds away. That used to be common. They were the computers in our server room. Now, we often rely on cloud computing instead. But, Red Hat, primarily a hybrid-cloud company now, is reminding us that its latest version of Red Hat Enterprise Linux (RHEL) is also great for your local and edge servers.
While Fedora Workstation has been moving along with its Btrfs file-system usage and beginning to make greater use of its functionality, Red Hat does continue investing heavily in Stratis-Storage as their path forward for next-generation Linux storage with Red Hat Enterprise Linux. Today marks the release of Stratis 2.4.
The Stratis 2.4 release finally brings multi-threading to its daemon, support for using Stratis as the root file-system, and encrypted pool handling improvements, among other changes.
Red Hat OpenShift Data Science is a managed cloud service built from a curated set of components from the upstream Open Data Hub project. It aims to provide a stable sandbox in which data scientists can develop, train, and test their machine learning (ML) workloads and then deploy results in a container-ready format. This article summarizes the advantages of using OpenShift Data Science in your machine learning projects.
Red Hat has announced the release of Red Hat Enterprise Linux 8.4, forming the foundation of the company’s new Red Hat Edge Initiative to power the next wave of edge computing.
Red Hat announced the latest release of its enterprise Linux platform, Red Hat Enterprise Linux (RHEL) 8.4, during this week’s virtual Red Hat Summit.
RHEL 8.4 furthers the operating system as a foundation for the open hybrid cloud from the data centre to the edge, adding new Linux container, deployment and management capabilities scaled for the needs of edge computing.
Red Hat's "The State of Enterprise Open Source" research identified 72% of IT leaders expect open source to drive adoption of edge computing over the next two years. The Linux Foundation’s “2021 State of the Edge” report predicts that the Internet of Things (IoT) and edge-related devices will produce around 90 zettabytes of data by 2025.
The modern consumer has taken a much more active role in corporate policy development and direction than in decades past. “Vote with your dollar” campaigns and boycott movements have gone from mosquitoes to hurricanes, forcing dramatic shifts in how investors and corporate executives navigate change and interact with their customers. While social and environmental issues were once considered both opaque and risky, they are now front and center in every conversation about our new digital economy’s future. Though many activist discussions used to be reserved for the camps of Occupy Wall Street, it is clear that a monumental shift has occurred. Impact investing has manifested itself as the logical market response to a rapidly growing cohort of consumers that expect higher ethical standards from the businesses and institutions they support.
After almost two decades of innovation, seemingly for innovation’s sake, the digitally transformed economy so many yearned for seems to be within reach. Activated like a bolt of lightning by the global pandemic, this transformation reaches further into citizens’ daily lives than anyone, save maybe Orwell, could have ever imagined. Whether or not this new digital economy will serve the best interests of humanity will be a question answered by the actions of citizens and corporations alike. It is no longer a debate; we are living through an era of enlightenment many futurists and forward-looking evangelists have spent decades preparing us for. It is essential to take a moment to recognize this prescience, take a step back, and examine how we got here.
There aren’t many people more qualified to help the world understand this historical trajectory than Jim Whitehurst, president of IBM, former CEO of Red Hat, and possibly most influential proponent of open-source computing in history. Whitehurst led Red Hat to become the first $1B open-source software company, seven years before being acquired by IBM in 2019 for $34B the single largest acquisition in IBM’s 110-year history.
Change has always been constant for Red Hat as the Linux and open source powerhouse in the marketplace. Since its founding in 1993 with Red Hat Linux, it has over the years matured as an open source company, then as an even more specialized enterprise Linux and enterprise open source company.
But over the last two years, Red Hat, which was acquired by IBM in 2019, has been morphing again, this time as an open hybrid cloud platform vendor that has found a way to wrap its heritage up with new components in an always changing world of IT.
Tails 4.19, scheduled for June 1, will completely change how to connect to the Tor network from Tails. We would like as many people as possible to test this beta version to be able to fix as many problems as possible before we release 4.19 to all users.
The web team at Canonical run two-week iterations building and maintaining all of Canonical websites and product web interfaces. Here are some of the highlights of our completed work from this iteration.
The Ubuntu in the wild blog post ropes in the latest highlights about Ubuntu and Canonical around the world on a bi-weekly basis. It is a summary of all the things that made us feel proud to be part of this journey. What do you think of it?
Sharp NEC Display Solutions’ RPi CM4 based “MPi4 NEC MediaPlayer” kit turns its large format displays into 4K signage systems and offers features including a watchdog, RTC, GbE, and 2x USB ports.
Sharp NEC Display Solutions Europe has launched an embedded Linux signage computer designed to retrofit its large format display systems with digital signage capability. The MPi4 NEC MediaPlayer is built around the Raspberry Pi Compute Module 4. The system is designed for retail environments, passenger information, and quick service menu boards.
On Kickstarter: a $20 “USB RTC for Raspberry Pi” Real-Time Clock add-on that plugs into a Pi’s USB port with a USB-to-UART/I2C converter to enable accurate timestamps.
A start-up led by Amrit Singh has successfully launched a Real-Time Clock add-on for the Raspberry Pi to record the passing of time and provide timestamps. The $14 USB RTC for Raspberry Pi early birds are gone, but for $20 you can receive the device in May.
The USB RTC for Raspberry Pi is not a HAT, but an add-on board/dongle that plugs into a Raspberry Pi USB port. The USB interface is said to avoid the need for jumper cables, soldering wires, or integrating an external PCB to add an RTC to the Pi.
Intel officially launched the Jasper Lake processors at the beginning of the year. The new family provides an upgrade to the Gemini Lake processors that have been found in low-cost low power mini PC in the last few years.
Kontron’s “TRACe-B104-TR/IV” transport computer has an SEC-Line OpenWrt hypervisor that runs on Intel’s Elkhart Lake with hot-swap SATA, 3x GbE, PoE+, 3x USB, DP, DIO, 3x M.2, and mini-PCIe.
Kontron announced a transport computer designed for a “wide range of demanding rail and bus applications, from onboard gateways and network video recorders to passenger infotainment, Wi-Fi, diagnostic and smart vehicle servers, as well as ticketing systems and UCPe/SDWANs.” The TRACe-B104-TR/IV runs on the quad-core, 1.8GHz/3.0GHz Atom x6425E from Intel’s latest, 10nm Elkhart Lake generation and is the first Elkhart Lake based transport system we have encountered.
Security is one of the core pillars we build upon. The Librem 14 offers the most advanced security feature set so far.
Arduino support for the Raspberry Pi RP2040 chip is available now using the official Arduino Mbed Core. This is obviously very important, and exciting, for the upcoming Arduino Nano RP2040 Connect. But it goes beyond the Arduino device to also bring support to other boards built around the RP2040 chip.
Have you dreamed of combining the two incredible activities putt-putt and Connect Four together into the same game? Well one daring maker set out to do just that. Bithead’s innovative design involves a mini golf surface with seven holes at the end corresponding to the columns. The system can keep track of where each golf ball is with an array of 42 color sensors that are each connected to one of seven I2C multiplexers, all leading to a single Arduino Uno.
The player can select from six distinct levels of AI, all the way from random shots in the dark to Q Learning, which records previous game-winning moves to improve how it plays over time. It can putt by first loading a golf ball into a chamber and then spinning up a pair of high-RPM motors that launch it. For the human player, there is a pair of dispensers on the left that give the correct color of ball.
The company provides supports for Buildroot & Yocto to build a custom Linux image running on the Cortex-A53 core(s) and FreeRTOS for the Cortex-M4 microcontroller. The module will be available until 2029.
The last RISC-V core announced by SiFive was the U8-Series out-of-order RISC-V Core IP that aims to compete against Arm Cortex-A72 Core. But in their latest announcement, the company built upon the 64-bit RISC-V U7-series with the SiFive Intelligence X280 multi-core, Linux capable RISC-V processor adding vector extensions and SiFive Intelligence Extensions, and optimized for AI/ML compute at the edge.
[...]
SiFive further explains that in addition to ML inferencing, the new Intelligence X280 core is also suited for applications requiring high-throughput, single-thread performance while under power constraints citing AR/VR, sensor hubs, IVI systems, IP cameras, digital cameras, and gaming devices as examples.
The first customer integrating the RISC-V core into their design will be Tenstorrent, a company that provides AI training and inference processors. More details may be found on the product page and press release.
Though open source has taken over in enterprise networking over the last several years, open source isn’t a new concept. Open source software spun off of the related, but different, free software movement. Richard Stallman, a programmer at MIT’s artificial intelligence lab said he would create a free alternative to the AT&T-owned Unix operating system in 1983.
Stallman’s alternative was about more than giving away software, it was about giving users the freedom to use, modify, or share the software as they saw fit.
In September 1983, Stallman launched the GNU Project, in 1985 he started work on the GCC system, and by 1989 the project launched the first General Public License — this license gave users freedom but required them to share modified source code. This requirement to share modified source code is what ultimately allowed free software and open source to take off.
By the mid 90s, Linux gained popularity and free software was borderline mainstream. In 1997, the essay “The Cathedral and the Bazaar” was published. The essay compared and contrasted the development of Linux and GCC. The principles introduced in the essay would later be central to the DevOps movement. The essay also brought the concept of free software to a broader audience and swayed software executives into trying free software licenses.
The author of the essay, Eric S. Raymond was pivotal in coining the term open source and the creation of the Open Source Institute. After Netscape released Mozilla’s source code in 1998, Raymond and peers gathered to rebrand free software. Christine Peterson coined the term and Raymond and Bruce Perens started the institute.
Serving as the foundation of the internet in the 90s, open source became widely used in the 2000s. Open source serves as the foundation for Twitter and Kickstarter, in 2006 companies like eBay and Facebook started contributing to open source software data analyst Hadoop, and in 2008 Google moved open source to your pocket with the release of the Android phone.
We have been busy working on our Linux World keynote, and realized just how much we are looking forward to joining you all at SUSECON Digital on May 18-20, for the latest chapter of SUSE’s world-renowned open source festival.
If you have updated Firefox recently, you may have noticed that Take a Screenshot is not in the page actions menu. Don’t fret. The feature is still in Firefox; it has just been moved.
Just as with reviewers, the author is also responsible for making sure the revision is in the appropriate state. As a reminder, ambiguous states happen when the revision needs action from someone, but doesn’t show up in their queue.
As the author, a common way to get into this predicament is failing to re-request review when no changes are submitted. A typical review might start with the revision in Needs Review (in the reviewer’s queue). The reviewer may request some changes and set it to Needs Revision, which is now back in the author’s queue. The author will then fix the problems and re-submit their patch. Importantly, moz-phab (or maybe Phabricator itself?) will automatically set the state back to Needs Review and all is right with the world.
Firefox uses Inter-Process Communication (IPC) to implement privilege separation, which makes it an important cornerstone in our security architecture. A previous blog post focused on fuzzing the C++ side of IPC. This blog post will look at IPC in JavaScript, which is used in various parts of the user interface. First, we will briefly revisit the multi-process architecture and upcoming changes for Project Fission, Firefox’ implementation for Site Isolation. We will then move on to examine two different JavaScript patterns for IPC and explain how to invoke them. Using Firefox’s Developer Tools (DevTools), we will be able to debug the browser itself.
Once equipped with this knowledge, we will revisit a sandbox escape bug that was used in a 0day attack against Coinbase in 2019 and reported as CVE-2019-11708. This 0day-bug has found extensive coverage in blog posts and publicly available exploits. We believe the bug provides a great case study and the underlying techniques will help identify similar issues. Eventually, by finding more sandbox escapes you can help secure hundreds of millions of Firefox users as part of the Firefox Bug Bounty Program.
[...]
In this blog post, we have given an introduction to Firefox IPC using JavaScript and how to debug the child and the parent process using the Content Toolbox and the Browser Toolbox, respectively. Using this setup, you are now able to simulate a fully compromised child process, audit the message passing in source code and analyze the runtime behavior across multiple processes.
If you are already experienced with Fuzzing and want to analyze how high-level concepts from JavaScript get serialized and deserialized to pass the process boundary, please check our previous blog post on Fuzzing the IPC layer of Firefox.
If you are interested in testing and analyzing the source code at scale, you might also want to look into the CodeQL databases that we publish for all Firefox releases.
If you want to know more about how our developers port legacy MessageManager interfaces to JSActors, you can take another look at our JSActors documentation and at how Mike Conley ported the popup blocker in his Joy of Coding live stream Episode 204.
Finally, we at Mozilla are really interested in the bugs you might find with these techniques – bugs like confused-deputy attacks, where the parent process can be tricked into using its privileges in a way the content process should not be able to (e.g. reading/writing arbitrary files on the filesystem) or UXSS-type attacks, as well as bypasses of exploit mitigations. Note that as of April 2021, we are not enforcing full site-isolation. Bugs that allow one to impersonate another site will not yet be eligible for a bounty. Submit your findings through our bug bounty program and follow us at the @attackndefense Twitter account for more updates.
On January 29, LibreOffice 6.4 was officially released after six months of work. Developers at Collabora, CIB, Red Hat, SIL and other companies – along with volunteers – worked on many new features. For instance, a QR Code generator was added to the suite, making it easy to add QR codes (which can be read by mobile devices) to documents.
The second major release of the year is right around the corner. You might have heard a bit of buzz about full site editing around your WordPress circles, so this post will give you some big picture things to know as well as a few wayfinding links for anyone who wants to know more.
[...]
If you extend the functionality of the WordPress CMS for clients, updating to version 5.8 should also be seamless. As always, it’s smart to spot-check custom implementations in a staging environment or fully test when the release candidate is made available. Want to test your products and get everything client-ready? Check out any of the testing options below.
Digital civil society organisations make four demands for a digitally sovereign society to politicians for the 2021 federal election. Among them is the Free Software Foundation Europe, which works to ensure that software developed with public money shall be published under a Free Software licence.
On 1 April 2020, civil society organisations working for an independent digital infrastructure and free access to knowledge called on politicians: Learn from the crisis - strengthen digital civil society! (German) In an open letter, the undersigned organisations also made concrete recommendations for action. However, far too little has happened since then. The past year has made it clear that politics and public administration are overwhelmed with their own digital transformation and are setting priorities in digital policy that do not meet the needs of society. We are far from a digitally sovereign society.
[...]
At the launch event, Julia Reda (former member of the EU Parliament), Henning Tillmann (software developer and co-chair of D64) and Julia Kloiber (co-founder Superrr Lab) will discuss these four demands on 5 May 2021 from 18:00 to 19:30. The panel will be moderated by Katja Jäger (betterplace lab). Afterwards, all participants will have the opportunity to exchange ideas on solutions, measures and calls for action in four thematic rooms. FSFE's Alexander Sander will moderate the room on "Public Money? Public Code!".
CMake is a (meta-)buildsystem that handles finding-dependencies and building-things. It’s been around for many years, and has been in use by the KDE community for 14 years. In that time, CMake itself has changed quite a bit: there’s “legacy CMake”, version 2.8, and “modern CMake” which is roughly everything after version 3.0. But even within the 3.0 series there is a slow shift in language and tooling. This means that for released software, the CMake buildsystem “bitrots”, to some extent. I’ll give some examples revealed by the CMake 3.20 release.
[...]
Up-to-date software with current releases tends to have fewer issues – even when a change unexpectedly introduces build failures, we can count on the Open Source community to contribute fixes. So GNOME evolution-data-server had fixes in upstream git before I even noticed (and I spotted them only after I’d independently writted roughly-the-same-patch).
Ancient MySQL releases, on the other hand, need new patches. This can be a somewhat frustrating rabbit hole of building old stuff for no other purpose than fixing the old stuff you don’t use anyway.
Patches all end up in the FreeBSD ports collection git tree. Search for “CMake 3.20” for the kind of things that needed updating.
This is the continuation of the GStreamer WebKit debugging tricks post series. In the next three posts, I’ll focus on what we can get by doing some little changes to the source code for debugging purposes (known as “instrumenting”), but before, you might want to check the previous posts of the series:
[...]
The gobject-list project, written by Thibault Saunier, is a simple LD_PRELOAD library for tracking the lifetime of GObjects. When loaded into an application, it prints a list of living GObjects on exiting the application (unless the application crashes), and also prints reference count data when it changes. SIGUSR1 or SIGUSR2 can be sent to the application to trigger printing of more information.
With Qt 6.1 soon to be released, it is time to take a look at what the year 2021 has to offer for Qt users. In this post, I’ll go through the Qt framework plans and then talk a bit about tools and other items we are currently developing. As always, there are so many different things in the works that it is not possible to fully explain everything in a single post, but I’ll try to provide a good overview.
With Qt 6.1 being released next month, The Qt Company has published their 2021 road-map outlining some of their plans for the remainder of the calendar year.
As previously noted, with the upcoming Qt 6.1 release there are some libraries now ported to Qt 6 like Qt Virtual Keyboard, Qt Lottie, Qt State Machines, and more. Meanwhile with Qt 6.2 due out this autumn they expect to have many more libraries/add-ons ported from Qt5 to Qt6. Among the libraries expected to be ready for Qt 6.2 are the Bluetooth, Multimedia, Quick Dialogs, Remote Objects, Sensors, SerialBus, SerialPort, WebChannel, WebEngine, WebSockets, WebView, NFS, and others.
For the past two years I’ve worked on a project implementing a universal lightweight Just-in-Time (JIT) compiler known as MIR. The cornerstone of the project is a machine-independent medium-level intermediate representation (MIR).
A big part of the project consists of code that compiles C source code into MIR. Because MIR can be interpreted and just-in-timed, I easily extended this C-to-MIR compiler into a C interpreter and JIT compiler.
I have previously written about other parts of the MIR project (see MIR: A lightweight JIT compiler project, but I never wrote in detail about the C-to-MIR compiler, C interpreter, or JIT. In this article, I would like to correct these omissions.
[...]
Also, I want to extend the C language in the future to mark program points where the C-to-MIR compiler should profile the code and generate speculative and de-optimized code depending on the execution profile. For example, the C code implementing the CRuby virtual machine’s plus bytecode for integers checks the operand types. It also checks that the plus method for integers was not redefined, that there is no overflow, that it doesn’t need to use multi-precision numbers, and so on. All these checks would be the marked program points I am talking about.
It is hard to implement such extensions for GCC or Clang, get approval to include them into GCC or Clang repositories, or support them on the side.
So I decided to write my own C-to-MIR compiler first. It should implement standard C11 without rarely used optional standard features such as variable arrays, complex numbers, and atomic data.
The major implementation goal was simplicity, not compilation speed. This makes studying the code easier for other people and reduces the effort required to maintain it.
Ruby’s IRB is a lovely interactive console. By leveraging a custom .irbrc configuration file, we can make the experience even better.
The .irbrc file is nothing else than a Ruby file that gets evaluated whenever we start the console with irb or rails c. We can place it in a home directory (~/.irbrc) or in the project directory (to scope it per project). But only one of these files will take effect, and the global one has precedence.
Raku riddles have become popular. By chance, I came across a riddle generated by Rakudo — an emergent riddle so to speak.
A returning question I get is: “I see, that you can send alerts from syslog-ng to Slack and Telegram, but do you happen to support XYZ?” Replace XYZ with Discord and countless others. So, last week I showed you how to send alerts to Discord using the http() destination of syslog-ng and introduced you to Apprise, a notification library for Python.
From this blog, you can learn how to make your syslog-ng destination developed in Python more flexible using templates, and how to make it easier to use with using blocks. We use the Apprise notification library again. On the feature side, the Python code is a lot closer to being production ready. It has most features a user would want to use. Still, it is rather just an inspiration, not something production ready, as among others, it is missing error handling and reporting.
As part of the Rust for Linux project, aimed to make it possible to use Rust for Linux driver development, the Android team at Google is working on evaluating the benefits that using Rust would bring.
Rust for Linux was announced by Miguel Ojeda approximately one year ago on LKML, the Linux Kernel Mailing List, as an attempt to bring a second language to Linux kernel development by extending the Linux build system. Specifically, the project seeks to enable the use of Rust to write drivers and other "leaf" kernel modules, but not for the kernel core or the major kernel subsystems.
The rustup working group is happy to announce the release of rustup version 1.24.0. Rustup is the recommended tool to install Rust, a programming language that is empowering everyone to build reliable and efficient software.
[...]
Rustup's component unpacker has been changed to have a smaller memory footprint when unpacking large components. This should permit users of memory-constrained systems such as some Raspberry Pi systems to install newer Rust toolchains which contain particularly large files.
Fedora 34, a feature-packed new release of Red Hat's leading edge Linux distribution, was released today, though the main Java package maintainer has quit, urging "affected maintainers to drop dependencies on Java."
Fedora 34 is used by Red Hat to try out new features that are likely to end up in first CentOS Stream and then Red Hat Enterprise Linux (RHEL), the commercial offering.
[...]
Spoiling the celebrations, Fedora's main Java package maintainer Fabio Valentini said yesterday: "I can no longer in good conscience be the primary maintainer of (most) Java packages in Fedora."
It is worse than that; in a post entitled "The Death of Java (packages)" he said "new versions and even security issues have been piling up for months," that "Java package maintainers from Red Hat have been exceptionally unhelpful, and have not substantially contributed to Java packages in Fedora in years," that the Eclipse Java-based IDE (the packages for which are maintained by someone else) is a "dumpster fire" and that "I see no way for the situation to improve."
Valentini decided to orphan "all Java packages I am the main admin of" adding that "since this is the majority of remaining Java software in Fedora … I expect a decent amount of dependent packages will be affected." His solution is to "urge affected maintainers to drop dependencies on Java, if at all possible."
The diversity of systems and software running business operations has increased to the point where managing all the components can consume most of a data center teams’ energy, taking precious time away from planning and implementing new initiatives that move an agency’s mission forward.
To ease the burden on team bandwidth, data center leaders frequently rely on monitoring software that continually checks for system faults and outages so operations don’t fail. That’s useful for meeting uptime and data protection service level agreements (SLAs). However, it still doesn’t provide real-time monitoring that can ensure systems and software are optimized both individually and holistically. That optimization should cover adjusting applications, hypervisor, servers, networks and storage for peak performance and uptime.
At a remote outpost in the mountainous highlands of Papua New Guinea, a young American psychologist named Paul Ekman arrived with a collection of flash cards and a new theory. It was 1967, and Ekman had heard that the Fore people of Okapa were so isolated from the wider world that they would be his ideal test subjects.
Like Western researchers before him, Ekman had come to Papua New Guinea to extract data from the indigenous community. He was gathering evidence to bolster a controversial hypothesis: that all humans exhibit a small number of universal emotions, or affects, that are innate and the same all over the world. For more than half a century, this claim has remained contentious, disputed among psychologists, anthropologists, and technologists. Nonetheless, it became a seed for a growing market that will be worth an estimated $56 billion by 2024. This is the story of how affect recognition came to be part of the artificial-intelligence industry, and the problems that presents.
Arm published today a set of blog posts outlining more power/performance and feature details of their forthcoming Neoverse N2 and Neoverse V1 platforms.
As announced last September, Arm's Neoverse V1 platform is for delivering the highest performance from any Arm-designed core. The Neoverse V1 while based on the N1 has a "radical redesign of the CPU microarchitecture". The Neoverse V1 platform supports multi-chiplet and multi-socket solutions and can support DDR5/HBM3 memory, PCI Express 5.0, and CXL 2.0 attached memory and coherent accelerators.
Once again the Linux kernel was in the news and not for anything good, but they weren't the cause, the cause was a certain University, the University of Minnesota that allowed for a fairly questionable study to take place of the course of the previous year.
Researchers from the University of Minnesota apologized to the maintainers of Linux Kernel Project on Saturday for intentionally including vulnerabilities in the project's code, which led to the school being banned from contributing to the open-source project in the future.
"While our goal was to improve the security of Linux, we now understand that it was hurtful to the community to make it a subject of our research, and to waste its effort reviewing these patches without its knowledge or permission," assistant professor Kangjie Lu, along with graduate students Qiushi Wu and Aditya Pakki, said in an email.
"We did that because we knew we could not ask the maintainers of Linux for permission, or they would be on the lookout for the hypocrite patches," they added.
If you're just catching up on this story, here's the quick recap: University of Minnesota researchers deliberately submitted patches that would have put the Use-After-Free (UAF) vulnerability into the Linux kernel. When it appeared they were trying once more to put garbage patches into the kernel, Greg Kroah-Hartman, the Linux kernel maintainer for the stable branch, banned UMN developers from submitting to the kernel and pulled existing suspicious UMN patches. The Linux Foundation followed up with a list of requests for the UMN to comply with if they wanted to work with the Linux kernel again. Now, ZDNet has obtained a copy of UMN's response to the Linux community.
Last week, we reported on a Linux Kernel developer banned The University of Minnesota for some ethically questionable research. Since then, UMN issued an apology and started an investigation into how this all happened, but some people are having none of it. This week in the Linux Kernel security saga, Greg Kroah-Hartman announced that the Linux Foundation and its Technical Advisory Board sent a letter to UMN outlining what must be done to regain the trust of the Linux community, and no further discussion will be had.
Earlier this year, three researchers from UMN published a paper that proved that vulnerabilities could be slipped past Linux Kernel maintainers. The team used three easily fixed bugs in the Linux kernel, which all had the trappings of becoming a vulnerability, and submitted them to see if the maintainers detected a problem. Once the maintainers replied to the patch, the UMN researchers explained the bug and gave an actual patch instead of the one originally submitted.
The researchers who got the University of Minnesota (UMN) banned from contributing to the Linux kernel are going to have to do more than apologize for their actions. ZDNet reported that the Linux Foundation’s Technical Advisory board sent a list of demands the university will have to meet before it can seek forgiveness.
A quick recap: UMN researchers contributed intentionally flawed code to the Linux kernel in August 2020 for a paper on these so-called “hypocrite commits” that was published in February. A separate project meant to “automatically identify bugs introduced by other patches” then drew the ire of Greg Kroah-Hartman, the developer who oversees the Linux kernel’s stable release channel last week.
Kroah-Hartman banned the entire UMN system from contributing to the Linux kernel as a result of the research projects. That decision was followed by an apology from the UMN Department of Computer Science and Engineering (CSE), a significant amount of discussion amongst the Linux community, and then a separate apology from the faculty and students who actually conducted the controversial research.
Recently the Linux kernel community was aflame due to efforts by researchers at the University of Minnesota to intentionally torpedo Linux security by submitting faulty patches. While the University's Department of Computer Science apologized, the damage was done, and Linux kernel maintainer Greg Kroah-Hartman banned the University from contributing to the kernel.
However you feel about what these researchers did (Chris Gaun, for example, argued, "A researcher showed how vulnerabilities can EASILY make it through [the] approval process"), this isn't really about Linux, or open source, security. It's always been the case that it's possible to get bad code into good open source projects. Open source software isn't inherently secure. Rather, it's the open source process that is secure, and while that process kicks in during development, it's arguably most potent after vulnerabilities are discovered.
The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced today that Open Source Summit + Embedded Linux Conference 2021, along with Linux Security Summit and OSPOCon, will take place in Seattle, Washington, USA, from September 27 – October 1.
The open source Unikraft project is proud to announce that its paper titled “Unikraft: Fast, Specialized Unikernels the Easy Way” has not only been accepted at Eurosys, one of the top systems conferences in the world, but that it has been bestowed with the prestigious Best Paper Award.
[...]
Unikraft is part of the Xen Project, a hosted project at the Linux Foundation and can be found at www.unikraft.org. We’d be more than grateful if you took Unikraft out for a spin and gave us feedback on what you think. Contributions are, of course, more than welcome!
This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.9.3 and Istio 1.9.4
Security updates have been issued by Debian (gst-libav1.0, gst-plugins-bad1.0, gst-plugins-base1.0, and gst-plugins-ugly1.0), Fedora (kernel, kernel-headers, kernel-tools, and rust), openSUSE (firefox), Oracle (firefox, mariadb:10.3 and mariadb-devel:10.3, thunderbird, and xstream), Red Hat (kernel, kernel-alt, kpatch-patch, nss, and openldap), Scientific Linux (firefox, thunderbird, and xstream), SUSE (firefox), and Ubuntu (file-roller, firefox, and ruby2.7).
“The idea to develop SniperPhish came to me in a period during which the company I previously worked with did many social engineering assessments. Most of the assessment included phishing campaigns, which means creating and hosting phishing websites and crafting email campaigns. The available tools had certain limitations and were not very effective at simultaneously tracking data from the phishing emails and websites,” security consultant Gem George, the tool’s creator, told Help Net Security.
“For example, the client didn’t want us to capture the users’ passwords that were submitted to the phishing website. For each project, we were required to code for tracking data from phishing websites. Additionally, the data captured from this website needed to be mapped to the mail campaign, which was a time-consuming and often resulted in errors.”
The information-disclosure flaw allows KASLR bypass and the discovery of additional, unpatched vulnerabilities in ARM devices.
An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices.
Specifically, the bug (CVE-2020-28588) exists in the /proc/pid/syscall functionality of 32-bit ARM devices running Linux, according to Cisco Talos, which discovered the vulnerability. It arises from an improper conversion of numeric values when reading the file.
The number of patents for inventions related to low-carbon energy technologies around the world grew by an average rate of 3.3% per year in the 2017-19 period, a new joint study published today by the European Patent Office (EPO) and the International Energy Agency (IEA) shows.
The European Patent Office (EPO) has adopted a new environmental policy that outlines its plan to be carbon neutral by 2030. The policy will serve as an agreed framework that outlines the Office's overall strategy and defines measurable objectives. The EPO recognises that as a large employer with sites across Europe, it has a responsibility to contribute to environmental efforts at local and global levels.
People widely describe architecture as a meeting of science and art, says associate professor of art history Peter Christensen at the University of Rochester. But his latest project, still in the early phases of research, aims to look at that characterization in detail. He’s using the measure of patents and patentability in the history of architecture to tease apart the distinctions people have made between technology and art—and to see how architectural “authorship” has functioned.
[...]
“The Architectural Patent” will be Christensen’s third sole-authored book, following on Germany and the Ottoman Railways: Art, Empire, and Infrastructure (Yale University Press, 2017) and “Materialized: German Steel in Global Ecology” (currently in production at Penn State Press).
When the pandemic lifts and he can travel safely again, he plans to visit major European archives, including the European Patent Office in Munich, the National Archives in the UK and the National Archives in Paris, to carry out some of his research.
Christensen is excited that his newest work will take him in a new direction as a scholar. Rather than drilling down into a highly specialized topic, as he did in his first two books, Christensen sees his latest work, with his exploration of authorship as it pertains to architecture, as an opportunity to make a broader—or what he calls a more “horizontal”—contribution to the field of art history.
On April 16, 2021, Unified Patents filed an opposition in the EPO against EP 2627085. The EP ‘085 patent is owned by the Electronics and Telecommunications Research Institute (ETRI) and Korea Advanced Institute of Science and Technology (KAIST). The patent is related to patents that are designated essential to the HEVC Advance patent pool as well as SISVEL’s AV1 patent pool.
Read the entire filing below. Unified is represented by Leythem Wall at HGF Law, and by in-house counsel, Jessica L.A. Marks and Roshan Mansinghani.