Bonum Certa Men Certa

Links 3/10/2019: Krita 4.2.7 Released and KCSAN



  • GNU/Linux

    • Chuwi GBox Pro Mini PC Review for Linux Users

      Chuwi is a computer manufacturer based in China. They are known for making good-looking but inexpensive devices. A few years back, some resellers used to rebrand Chuwi computers and sell them under their own brand name. Chuwi is now trying to expand its own brand visibility by selling Chuwi systems to a global audience.

      Chuwi contacted It’s FOSS and offered us the GBox Pro device to review for Linux users. Just because they offered something for free, it doesn’t mean we are going to favor them unnecessarily. I used the sample GBox Pro device with Linux and I am sharing my experience with this device. It’s up to you to make a decision about purchasing this gadget.

    • What You Need To Know About Linux

      The first acquaintance with Linux is not always successful. Beginners are scared away by the fact that this operating system has thousands of modifications.

      Therefore, it is confusing and inconvenient to use. There is a lot of information available online about both the advantages and disadvantages of Linux. On thematic forums and in communities, supporters and opponents of this OS are continually fighting among themselves. We will try to be impartial and tell you about the most essential facts, dot the i's and find out what is true and what is false.

    • Server

      • IBM

        • Achieving network wirespeed in an open standard manner: introducing vDPA

          In the past few posts we have discussed the existing virtio-networking architecture both the kernel based (vhost-net/virtio-net and the userspace/DPDK based (vhost-user/virtio-pmd). Now we'll turn our attention to emerging virtio-networking architectures aiming at providing wirespeed performance to VMs.

          In this post we will be covering the building blocks for providing the desired data plane and control plane in order to achieve wire speed performance. We will cover the SR-IOV technology and how it currently addresses this problem. We will then describe virtio-networking approaches for addressing this challenge including virtio full HW offloading and vDPA (virtual data path acceleration) with an emphasize on the benefits vDPA brings. We will conclude by comparing the previous virtio-networking architectures and the ones presented here.

        • Red Hat expands coverage of CVE fixes

          At Red Hat, addressing customers' security risk is of paramount importance. That’s why, after listening to our customers carefully, we have decided to expand the scope of coverage for Common Vulnerabilities and Exposures (CVE) remediation. By expanding the scope, we hope to reduce the risk profile of our customers, maintain greater stability of their enterprise deployments and lessen the time to resolution of internal security audits.

        • What’s new in RHEL 8 file systems and storage

          There’s a bunch of interesting storage technology in Red Hat Enterprise Linux 8- including XFS reflink, enhancements to the Boom boot manager, Stratis file management (tech preview), and broader use cases for File System Direct Access to Persistent Memory Devices (FS-DAX). We’ll touch on all of them here, but let’s start with something even more important: Why in a cloud-dominated world we need to make it easier to consume advanced storage features. This includes working to improve access to existing features, and also guides design principles on emerging capabilities.

          We need infrastructure that moves at the pace of software. Application developers in the cloud era work "above the line," using APIs that hide complexity. Cloud administrators work "below the line" to streamline infrastructure. Below the line has to become largely invisible to the software developer, and it’s increasingly an area where on-premises infrastructure is being asked to emulate public cloud.

    • Audiocasts/Shows

      • FLOSS Weekly 549: PostgreSQL

        PostgreSQL, also known as Postgres, is a free and open-source relational database management system emphasizing extensibility and technical standards compliance. It is designed to handle a range of workloads, from single machines to data warehouses or Web services with many concurrent users.

      • The TrueNAS Library | BSD Now 318

        DragonFlyBSD vs. FreeBSD vs. Linux benchmark on Ryzen 7, JFK Presidential Library chooses TrueNAS for digital archives, FreeBSD 12.1-beta is available, cool but obscure X11 tools, vBSDcon trip report, Project Trident 12-U7 is available, a couple new Unix artifacts, and more.

      • 10/02/2019 | Linux Headlines

        Nextcloud goes pro, the self-proclaimed "Steam replacement" reaches version 1, and Microsoft drops some far-out future tech.

        Plus Linux app throttling is in the works for Chrome OS.

      • LHS Episode #305: Morning Mink

        Welcome to Episode 305 of Linux in the Ham Shack. In this episode, the hosts discuss the Amazon being invasive (no, really!), amateur radio in France, Australia and space, artificial intelligence multi-SDR boards and much more. Thank you for listening and we hope you have a great week.

      • The Linux Link Tech Show Episode 828

        ubuntu 19.10, 3d printing, streaming, good stuff

      • Android-x86 + First steps into the cloud | Choose Linux 19

        We have three different approaches to using the cloud, so we discuss various ways to expand your Linux knowledge beyond the desktop.

        Plus Distrohoppers delivers a mobile-like experience that splits opinion.

    • Kernel Space

      • Monitoring the internal kernel ABI

        As part of the Distribution Kernels microconference at Linux Plumbers Conference 2019, Matthias Männich described how the Android project monitors changes to the internal kernel ABI. As Android kernels evolve, typically by adding features and bug fixes from more recent kernel versions, the project wants to ensure that the ABI remains the same so that out-of-tree modules will still function. While the talk was somewhat Android-specific, the techniques and tools used could be applied to other distributions with similar needs (e.g. enterprise distributions).

        Männich is on the Google Android kernel team, but is relatively new to the kernel; his background is in build systems and the like. He stressed that he is not talking about the user-space ABI of the kernel, but the ABI and API that the kernel exposes to modules. The idea is to have a stable ABI over the life of an Android kernel. He knows that other distributions have been doing this "for ages", but the Android kernel and build system are different so it made sense to look at other approaches to this problem.

      • System-call wrappers for glibc

        The GNU C Library has long had a reputation for being hostile to the addition of wrappers for new Linux system calls; that has resulted in many system calls being unsupported by the library for years. That situation is changing, though. During the Toolchain microconference at the 2019 Linux Plumbers Conference, Maciej Rozycki talked about glibc's new attitude toward system-call wrappers, but also served notice that there is still significant work to do for the addition of any new system call. Rozycki, who put together the talk with Dmitry Levin, is not the person doing most of this work. He was, instead, "delivering a message from Florian Weimer", who was unable to attend the event.

        For those who might appreciate a bit of background: applications running in user space do not call directly into the kernel; instead, they will call a wrapper function that knows how to invoke the system call of interest. If nothing else, the wrapper will place the system-call arguments in the right locations and do whatever is necessary to invoke a trap into kernel mode. In some cases, the interface implemented by the wrapper can be significantly different from what the kernel provides.

      • Many uses for Core scheduling

        Some new kernel features are welcomed by the kernel development community, while others are a rather harder sell. It is fair to say that core scheduling, which makes CPU scheduling harder by placing constraints on which processes may run simultaneously in a core, is of the latter variety. Core scheduling was the topic of (at least) three different sessions at the 2019 Linux Plumbers Conference. One of the most interesting outcomes, perhaps, is that there are use cases for this feature beyond protection from side-channel attacks.

      • 5.4 Merge window, part 1

        As of this writing, 9,632 non-merge changesets have been merged for the 5.4 kernel. This merge window is thus off to a strong start. There has been a wide range of changes merged across the kernel tree, including vast numbers of cleanups and fixes.

      • Graphics Stack

        • ASTC Texture Compression License Turns Out To Be Restrictive Outside Of Khronos APIs

          The lossy ASTC texture compression algorithm has been widely adopted in recent years with it being official extensions to both OpenGL and OpenGL ES. While it may not be as messy as the S3TC patent situation of the past, it turns out Arm's license on Adaptive Scalable Texture Compression actually is quite restrictive outside of the context of Khronos' APIs.

        • RADV Vulkan Driver Picks Up Several GFX10/Navi Fixes, Including To Address Random Hangs

          If you are a user of AMD Radeon RX 5700 "Navi" graphics and don't mind riding Mesa Git, the latest 19.3-devel code as of yesterday has several more GFX10 fixes/improvements.

          Perhaps most notable is this possible fix with random hangs no longer happening on Navi GPUs. But Valve's Samuel Pitoiset isn't too sure if the code in question fixed the issue, just that random hangs no longer happen now with RADV on these newest Radeon graphics cards.

        • AMDGPU Submits LRU Bulk Moves Support As A Linux 5.4 "Fix" For Better Performance

          While initially queued as a work-in-progress feature for Linux 5.5, AMD has now submitted a batch of "fixes" to the current Linux 5.4 cycle that include enabling of the LRU bulk moves performance-boosting functionality.

          Just last week that revert / enabling of LRU bulk moves for AMDGPU was queued in the 5.5 "WIP" branch while on Wednesday it was mailed in as part of the "fixes" targeting the current Linux 5.4 cycle now past its merge window. LRU bulk moves can yield some measurable performance wins for multiple types of workloads but was disabled previously over bugs that were corrected back in Linux 5.0 but then seemingly lost track of with the feature only coming up for re-enabling as of this summer.

        • Igalia Is Working On "mediump" Support For Mesa To Help With OpenGL ES Performance

          Igalia is working on supporting OpenGL ES' GLSL marking of variables as "mediump" when the precision involving those variables can be lowered to half-float 16-bit registers. That in turn can help with performance when honoring that precision marking, which to date Mesa has ignored.

          It turns out Igalia has been working on that Mediump support for Mesa's OpenGL ES with a focus on the Freedreno Gallium3D driver. Interestingly, it's under contract for Google -- they sure are ramping up their work on this open-source Qualcomm Adreno driver. Besides employing developers like Freedreno founder Rob Clark and former Broadcom VC4/V3D developer Eric Anholt, they are also contracting Igalia as part of the Freedreno effort.

    • Applications

      • The best Linux apps for your Chromebook

        Linux application support on Chromebooks is pretty great. Even though the feature is primarily aimed at developers, like those who want to get Android Studio running on a Pixelbook, there are plenty of apps that can benefit normal users. We already have a guide about installing Linux apps on Chrome OS, but if you're not sure which apps to try out, we have a few suggestions here.

        This isn't a simple compilation of the best Linux apps, because plenty of those exist already. Instead, the goal here is to recommend solutions for tasks that cannot be adequately filled by web or Android apps. For example, serious photo editing isn't really possible through the web, and options on the Play Store are limited, but Gimp is perfect for it.

        This guide assumes you have already set up the Linux container on Chrome OS. If you haven't, follow the instructions here.

      • Asciinema – Record Terminal Sessions And Share Them On The Web

        I already know about recording the Terminal activities using “script” command in Unix-like systems. Today, I found out yet another similar utility named “asciinema” which is used to record Terminal sessions. Forget about the heavy screen-recording tools and/or apps. Asciinema is a fast, light-weight and open source Terminal recording tool. Unlike “script” command, Asciinema not just records our Terminal activities, but also helps us to share them on the web if necessary. You can share the recordings by copying its URL and sending it to a friend or posting it on a social network. It supports Linux, Mac OS X and *BSD.

      • Samba and GnuTLS

        More or less since the beginning of Samba, it implemented the cryptography it needed to talk to Windows on its own. One reason is that Windows didn’t follow the standards or used ciphers nobody else really used. This is changing right now!

        GnuTLS already was a used by Samba if available and it is a requirement if you build the Samba AD with MIT Kerberos already. So to get out of the crypto business we decided to use GnuTLS as our crypto library.

        With Samba 4.11 we did the first step using GnuTLS and required GnuTLS 3.2. With Samba 4.12 the requirement will be at least GnuTLS 3.4.7. The reason is that we require AEAD for AES-CCM and AES-GCM and 3.4.7 is already the requirement if building Samba AD with MIT Kerberos. This allowed us also to delete a lot of code!

      • Samba 4.12 Bringing Much Faster Encryption Performance With GnuTLS

        Samba 4.11 was just released a few weeks back with big scalability improvements, but looking ahead to Samba 4.12 will be some big performance improvements for those leveraging encryption.

        Samba 4.12 for SMB3 file transfers with encryption will be an order of 4~6 times faster than current performance levels! This is coming as Samba is beginning to properly leverage GnuTLS rather than historically implementing its own crypto methods.

      • Cockpit Project: Cockpit 204

        Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 204.

      • Instructionals/Technical

      • Games

        • The Eternal Castle: Remastered is now available on Linux

          The Eternal Castle is a remaster of an old classic, except it kind of isn't. The story is a little peculiar but the game does look quite fantastic and it's available now on Linux.

          In regards to the brand new Linux version, the developer sent out a Twitter post early this morning to note that a Linux version is now up thanks to the help of Linux game porter Ryan "Icculus" Gordon.

        • Open-ended village life sim 'Village Monsters' now has a release date and demo available

          While I've no doubt plenty will compare it to the likes of Stardew Valley, Village Monsters takes a rather different take on the village life sim.

          Written about a couple of times here on GamingOnLinux, as it certainly sounds intriguing. The world of Village Monsters takes place in a computer game, a world that has been long-forgotten. What happens to all the characters when they're done with? Well, that's for you to find out.

        • The combat-focused simple turn-based RPG 'Dark Bestiary' is up on Steam

          If you're a big fan of turn-based combat, looting and creating a character from tons of varied skills then Dark Bestiary is a game you might find quite interesting.

        • FOSS game engine Godot Engine just gained a new Platinum sponsor

          The excellent free and open source game engine Godot Engine just announced that Heroic Labs are now supporting their development as a Platinum level sponsor.

          Going by the Patreon campaign for Godot Engine, that means Heroic Labs are handing over at least $1,500 monthly to help development which is awesome. It's an interesting matchup too, as Heroic Labs are the developers of the open source Nakama (GitHub) a "real-time, competitive, social back-end that helps game developers create compelling multiplayer experiences" according to Heroic and they're now working on getting it working with Godot Engine as well.

        • HEROIC LABS SUPPORTS GODOT DEVELOPMENT



          We are happy to announce that Heroic Labs is now supporting Godot's development as Platinum sponsor! For this occasion, we asked Heroic Labs co-founder Mo Firouz to write some words about the company, why they choose to support Godot and their plans to integrate Nakama with our engine.

          Imagine a world where all music had been written for piano.

          In a piano-only world, we’d never have the guitar solo from Comfortably Numb, or the drum loop from Straight Outta Compton, and the Flight of the Bumblebee would lose its frantic energy.

          Pianos are wonderful but the world’s richer for all the many ways that we can make music.

          At Heroic Labs, we see games development in a similar way. The rich variety of tooling available to games developers has delivered an explosion of creativity over the past decade.

        • Commodore 64 on the Internet | IRC

          The Commodore 64 was my first computer and as such, now holds a special place in my heart and probably forever more, or at least until I lose my mind completely. In all the years I had a C64, I never visited a BBS as I didn’t get that bit of tech until I got my Commodore Amiga 600. Due to the wonders of the Internet, and a global effort to keep these old machines relevant from guys like The 8-Bit Guy, Perifractic Retro Recipes, Retro Man Cave, Dan Wood, LGR and so many others, I was inspired to take the time to make my Commodore 64 more than just a stroll down vintage lane for me. I have seen others make use of it for writing and developing new games and such for it but how could I incorporate it into my life was the question. That answer, IRC, it must do IRC.

          [...]

          I am impressed that I am able to do this much with an unmodified Commodore 64. I am quite impressed that with 64 KiB of RAM, it is still a productive and usable tool. It is quite single purpose but absolutely useful.

          I want to note that the web browser does work in this Contiki OS but not with HTTPS so that is out. It does make requests as you would expect and I think I just may revisit the rest of this on another blathering at some point in time.

          Future plans, I really want to be able to telnet into a Linux machine with the Commodore 64, I have some other hardware and software I want to try out with this machine to see what other greatness can become of it.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Krita 4.2.7 Released

          Today, we’re releasing the sixth bug fix release of Krita 4.2. As discussed in our development update, we intend to release a few more monthly 4.2 bug fix releases before releasing Krita 4.3. There are a lot of bug fixes!

          And to celebrate the release, we have a new video by Ramon Miranda which comes with a very nice present: a free new bundle of six sketching brush presets!

        • Fall Season

          Autumn is upon us (this means in the Netherlands: it has started raining, but for me: coffee and pumpkin pie).

          Qt 5.13 has landed in FreeBSD, but this is now generating a bunch of bug reports, so I’m holding off upgrading my own desktop until some of those have been sorted out (by Tobias or myself, probably in VMs). Other parts of the stack are pretty much up-to-date.

          I see there’s been a kube 0.8 release – the mail thingy, not the container thingy. We don’t package that for FreeBSD, and a 30-seconds attempt at doing so hits a “need some under-specified dependencies”. I get the urge to submit some merge requests for the CMake files and documentation (as always, constrained by time to actually write the patches).

      • GNOME Desktop/GTK

        • GUADEC 2019 | Part 1: Passing the Baton

          This year, GUADEC was held in Thessaloniki, Greece from August 23rd – 28th. I had a great time at the conference and took some time to travel after, so I was able to see some of Northern Greece, in addition to hanging out with some of the best people I know while at GUADEC.

          Since thereâ€Ã¢â€žÂ¢s a lot of talk about, Iâ€Ã¢â€žÂ¢ll be doing two separate posts, one about the Board meeting (in this post), and one about the conference itself (next post).

    • Distributions

      • Screenshots/Screencasts

      • Fedora Family

        • Flatpak 1.5 Released With Version Pinning, Self-Updates In Portals

          Flatpak 1.5 is the newest pre-release for this Linux app sandboxing and distribution tech.

        • Fedora projects for Hacktoberfest

          It’s October! That means its time for the annual Hacktoberfest presented by DigitalOcean and DEV. Hacktoberfest is a month-long event that encourages contributions to open source software projects. Participants who register and submit at least four pull requests to GitHub-hosted repositories during the month of October will receive a free t-shirt.

          In a recent Fedora Magazine article, I listed some areas where would-be contributors could get started contributing to Fedora. In this article, I highlight some specific projects that provide an opportunity to help Fedora while you participate in Hacktoberfest.

          [...]

          The projects above are only a small sample focused on software used to build Fedora. Many Fedora packages have upstreams hosted on GitHub—too many to list here. The best place to start is with a project that’s important to you. Any contributions you make help improve the entire open source ecosystem. If you’re looking for something in particular, the Join Special Interest Group can help. Happy hacking!

      • Debian Family

        • Debian Edu FAI

          Over the past month I worked on re-scripting the installation process of a Debian Edu system (minimal installation profile and workstation installation profile for now) by utilizing FAI [1].

          My goal on this is to get the Debian Edu FAI config space into Debian bulleye (as package: debian-edu-fai) and provide an easy setup method for the FAI installation server on an existing Debian Edu site.

        • Mike Gabriel: My Work on Debian LTS/ELTS (September 2019)

          In September 2019, I have worked on the Debian LTS project for 11 hours (of 12 hours planned) and on the Debian ELTS project for another 2 hours (of 12 hours planned) as a paid contributor. I have given back the 10 ELTS hours, but will keep the 1 LTS hour and move it over to October. As I will be gone on family vacation during two weeks of Octobre I have reduced my workload for the coming months accordingly (10 hours LTS, 5 hours ELTS).

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Sharing vs. free vs. public: The real definition of open source

        When you hear the term open source, do you think this is synonymous with terms such as shareware, freeware, or public domain? If so, you are not alone. Many people, both within and without the technology industry, think of these terms as one and the same. This article illustrates how these terms are different and how open source is a transformative licensing and development model. Perhaps the best way to explore the differences will be to share my experience with software provided under one of the above models.

      • Events

        • Hola Barcelona! – SUSE @ TechEd – All You Need to Know

          Hola! SUSE will be exhibiting at TechEd Barcelona 2019. As it was always a great event in the past I am already looking forward to be in Barcelona again. This year we have a great set of video based demos about new features and capabilities available on our booth. Lee Martin and Fabian Herschel (myself) will also present the features also during our lecture. Reserve the date! Our lecture will take place at Wednesday, October 8th from 9:15-10:15 am in room L11. Get a great overview of all you need to know in our session which has the number CAA139. All you need to know – find us in the SAP TechEd Barcelona session catalog.

      • Databases

        • Better guidance for database developers

          At the inaugural Databases microconference at the 2019 Linux Plumbers Conference (LPC), two developers who work on rather different database systems had similar complaints about developing for Linux. Richard Hipp, creator of the SQLite database, and Andres Freund from the PostgreSQL project both lamented the lack of definitive documentation on how to best use the kernel's I/O interfaces, especially for corner cases. Both of the sessions, along with others in the microconference, pointed to a strong need for more interaction between user-space and kernel developers.

        • Using PostgreSQL as a cache?

          In the article on his blog Peter asks "How much faster is Redis at storing a blob of JSON compared to PostgreSQL?". Answer: 14x slower.

          Seems about right. Usually Redis is about 4x faster for a simple query like that compared to using PostgreSQL as a cache in my experience. It's why so many people use Redis as a cache. But I'd suggest PostgreSQL is good enough to act as a cache for many people.

          Django is pretty slow at fetching from PostgreSQL compared to other python options, so this could explain part of the 14x VS 4x difference.

          [...]

          Of course you should probably just cache the views at the CDN/web proxy level, or even at the Django view or template level. So you probably won't even hit the Django app most times.

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice monthly recap: September 2019

          Here’s our summary of updates, events and activities in the LibreOffice project in the last four weeks – click the links to learn more!

          The biggest event in September was the LibreOffice Conference 2019 which took place in Almeria, Spain. Over 100 people from across the globe met up to discuss current developments in LibreOffice, make plans for the future, and have fun.

      • FSF/FSFE/GNU/SFLC

        • WHY RICHARD STALLMAN BECAME FAMOUS/THINGS WE MISS WHILE PUNISHING RICHARD STALLMAN

          All these happened when one person shared a link from news site The Verge about the testimony of one of CIA agent Epstein victims and asked opinion in MIT mailing list. The news article says the woman was directed by Epstein to have sex with MIT professor Marvin Minsky

          Stallman took the news at face value. and replied his assumptions. Another person who a mechanical engineer and a not a professional journalist saw these comments and became very upset. She wrote a blog post and in that she twisted, lied about Stallman’s comment and asked to Remove Stallman…. A hate campaign started against Stallman as usual. People started to write about things about him from birth, real, imaginations and lies.

          Online media took this further. They further lied and twisted Stallman’s comment. Main stream media which was looking for distraction caught this and made big issue. (why? If media is honest they should expose all the detailed working of the CIA agent who suicided. There are people think that he was killed.)

          Attack on Stallman

          This is not the first time Stallman is attacked. The moment he started Free Software movement it started. So its not new to him and he dont care about those.

          But this time the tone was different. The is a social sympathy tone was present as background towards those girls trafficked by CIA. But as usual, like white terrorism, people dont say it openly. So they say some billionaire with some extra ordinary sex tastes trafficked under aged girls as per US law. So there is this huge sympathy for these girls and the distraction US deep state needed caused a firestorm. That need a pray. Stallman with strong commitment to Software Freedom that made him lot of enemies, with strong criticism towards capitalistic market system and with very successful alternative became a good pray. Thats what happened.

          Again he never said anything wrong. All accusation in the press are lies.

        • Submit a session proposal for LibrePlanet 2020 conference: Free the Future by Nov. 20

          The Free Software Foundation (FSF) invites activists, hackers, law professionals, artists, students, developers, young people, policymakers, tinkerers, newcomers to free software, and anyone looking for technology that aligns with their ideals, to submit a proposal for a session at our twelfth annual social justice and technology LibrePlanet conference. Potential talks should examine free software through the lens of this year's theme, and can focus on software development, copyleft, community, or other related issues.

          Submissions to the call for sessions are being accepted through Wednesday, November 20, 2019 at 12:00pm Eastern Standard time (17:00 UTC).

          Over the last decade, LibrePlanet has blossomed from a small gathering of FSF members into a vibrant multi-day event that attracts a broad audience of anyone interested in the values of software freedom. LibrePlanet 2019 had almost a thousand people participate around the world, both online and in-person, for workshops and talks centered around the theme of "Trailblazing Free Software." To stay up to date about everything LibrePlanet 2020, visit https://www.libreplanet.org/2020.

      • Programming/Development

        • Using the Python zip() Function for Parallel Iteration

          Python’s zip() function creates an iterator that will aggregate elements from two or more iterables. You can use the resulting iterator to quickly and consistently solve common programming problems, like creating dictionaries. In this tutorial, you’ll discover the logic behind the Python zip() function and how you can use it to solve real-world problems.

        • 7 Excellent Free Books to Learn Forth

          Forth is an imperative stack-based programming language, and a member of the class of extensible interactive languages. It was created by Charles Moore in 1970 to control telescopes in observatories using small computers. Because of its roots, Forth stresses efficiency, compactness, flexible and efficient hardware/software interaction.

          Forth has a number of properties that contrast it from many other programming languages. In particular, Forth has no inherent keywords and is extensible. It is both a low level and high level language. It has the interesting property of being able to compile itself into a new compiler, debug itself and to experiment in real time as the system is built. Forth is an extremely flexible language, with high portability, compact source and object code, and a language that is easy to learn, program and debug. It has an incremental compiler, an interpreter and a very fast edit-compile-test cycle. Forth uses a stack to pass data between words, and it uses the raw memory for more permanent storage. It also lets coders write their own control structures.

          Forth has often being deployed in embedded systems due to the compactness of object code. Forth is also used in boot loaders such as Open Firmware (developed by Sun Microsystems) as well as scientific fields such as astronomy, mathematics, oceanography and electrical engineering.

        • Writing Comments in Bash Scripts

          When writing Bash scripts, it is always a good practice to make your code clean and easily understandable. Organizing your code in blocks, indenting, giving variables and functions descriptive names are several ways to do this. Another way to improve the readability of your code is by using comments. A comment is a human-readable explanation or annotation that is written in the shell script. Adding comments to your Bash scripts will save you a lot of time and effort when you look at your code in the future.

        • 13 Python Natural Language Processing Tools

          Natural language processing (NLP) is an exciting field of computer science, artificial intelligence, and computational linguistics concerned with the interactions between computers and human (natural) languages. It includes word and sentence tokenization, text classification and sentiment analysis, spelling correction, information extraction, parsing, meaning extraction, and question answering.

          In our formative years, we master the basics of spoken and written language. However, the vast majority of us do not progress past some basic processing rules when we learn how to handle text in our applications. Yet unstructured software comprises the majority of the data we see. NLP is the technology for dealing with our all-pervasive product: human language, as it appears in social media, emails, web pages, tweets, product descriptions, newspaper stories, and scientific articles, in thousands of languages and variants.

        • Calculating Rayleigh Reflectance using Py6S

          A user of Py6S recently contacted me to ask if it was possible to get an output of Rayleigh reflectance from Py6S. Unfortunately this email wasn’t sent to the Py6s Google Group, so I thought I’d write a blog post explaining how to do this, and showing a few outputs (reminder: please post Py6S questions there rather than emailing me directly, then people with questions in the future can find the answers there rather than asking again).

          So, first of all, what is Rayleigh reflectance? Well, it’s the reflectance (as measured at the top-of-atmosphere) that is caused by Rayleigh scattering in the atmosphere. This is the wavelength-dependent scattering of light by gas molecules in the atmosphere – and it is an inescapable effect of light passing through the atmosphere.

          So, on to how to calculate it in Py6S. Unfortunately the underlying 6S model doesn’t provide Rayleigh reflectance as an output, so we have to do a bit more work to calculate it.

  • Leftovers

    • Security (Confidentiality/Integrity/Availability)

      • Ransomware Attacks Leave U.S. Hospitals Turning Away Patients [iophk: Windows kills]

        A ransomware attack, reported on Tuesday, impacts the DCH Health System, a regional hospital and medical complex located in Alabama, and left three satellite hospitals turning away patients. A separate attack disclosed on Monday impacted several regional hospitals in Victoria, Australia. There is no indication that the ransomware attacks are connected.

      • 5 Disruptive Trends Transforming Cybersecurity

        With momentum increasingly growing for technology like infrastructure-as-code and software-defined networking, we're starting look down the horizon toward a world of software-defined everything. This transformation is definitely longer-term than those previously mentioned, but it stands to pose the most disruptions — and positive opportunities — for security down the road.

        Infrastructure and networks are increasingly becoming programmable applications themselves, and the hyperconverged world will centralize data control planes and could potentially concentrate risk in certain areas. That means security teams need to understand new architectures to build suitable security boundaries — and be ready for big changes in how networks are architected and workloads are managed. We see glimmers of this already with growing movements like zero trust and microsegmentation, which dovetail well into a software-defined reality.

        You could also see a new world of software-defined security open up opportunity for greater security automation baked into the infrastructure. One recent study shows that some 56% of organizations today are poised to explore software-defined perimeter technology within the next 18 months.

      • Managing passwords using ed and gpg2

        Years ago, I have read a blog post about managing your passwords using ed and gpg, unfortunately, I can not remember the author. Two years ago, I decided to give it a try because the few tools I tried were too obscure, required databases, were too complicated to use.

        The principle is easy: - run /bin/ed (without rlwrap) - use r !gpg2 to load protected file - use W !gpg2 to save file

        Why ed? Because it does not save any temporary file.

        I use two different methods, depending I want to get a password or if I want to add/change a password.

      • Securing Linux Systems in a New Vulnerable World

        Open source Linux software has gained favor among IoT system developers for a variety of reasons. Mostly, it is readily available through binary versions prepackaged with embedded hardware and an ever-growing set of community-driven frameworks that are built for Linux. It also offers some practical benefits for IoT applications, notably support for the interoperability that IoT devices often require. Moreover, the cloud systems that run IoT solutions are increasingly built on open source, Linux-based operating systems.

        In today’s interconnected world, securing Linux-based systems and devices has become one of the most pressing challenges facing developers and device manufacturers. Gone are the days of “fire and forget” device deployment.

      • Following Buggy AMD RdRand, The Linux Kernel Will Begin Sanity Checking Randomness At Boot Time

        The Linux kernel will begin doing a basic sanity check of x86_64 CPUs with the RdRand instruction to see if it's at least returning "random looking" data otherwise warn the user at boot time. This stems from a recent issue where AMD's RdRand behavior with some hardware (particularly, buggy motherboards) could have borked RdRand issues.

      • Google Is Uncovering Hundreds Of Race Conditions Within The Linux Kernel

        One of the contributions Google is working on for the upstream Linux kernel is a new "sanitizer". Over the years Google has worked on AddressSanitizer for finding memory corruption bugs, UndefinedBehaviorSanitizer for undefined behavior within code, and other sanitizers. The Linux kernel has been exposed to this as well as other open-source projects while their newest sanitizer is KCSAN and focused as a Kernel Concurrency Sanitizer.

      • Kernel Concurrency Sanitizer (KCSAN)
        We would like to share a new data-race detector for the Linux kernel:
        Kernel Concurrency Sanitizer (KCSAN) --
        https://github.com/google/ktsan/wiki/KCSAN  (Details:
        https://github.com/google/ktsan/blob/kcsan/Documentation/dev-tools/kcsan.rst)
        
        

        To those of you who we mentioned at LPC that we're working on a watchpoint-based KTSAN inspired by DataCollider [1], this is it (we renamed it to KCSAN to avoid confusion with KTSAN). [1] http://usenix.org/legacy/events/osdi10/tech/full_papers/Erickson.pdf

        In the coming weeks we're planning to: * Set up a syzkaller instance. * Share the dashboard so that you can see the races that are found. * Attempt to send fixes for some races upstream (if you find that the kcsan-with-fixes branch contains an important fix, please feel free to point it out and we'll prioritize that).

        There are a few open questions: * The big one: most of the reported races are due to unmarked accesses; prioritization or pruning of races to focus initial efforts to fix races might be required. Comments on how best to proceed are welcome. We're aware that these are issues that have recently received attention in the context of the LKMM (https://lwn.net/Articles/793253/). * How/when to upstream KCSAN?

        Feel free to test and send feedback.

        Thanks, -- Marco
    • Defence/Aggression

      • Twitter executive for Middle East is British Army 'psyops' soldier

        The senior Twitter executive with editorial responsibility for the Middle East is also a part-time officer in the British Army’s psychological warfare unit, Middle East Eye has established.

        Gordon MacMillan, who joined the social media company's UK office six years ago, has for several years also served with the 77th Brigade, a unit formed in 2015 in order to develop “non-lethal” ways of waging war.

        The 77th Brigade uses social media platforms such as Twitter, Instagram and Facebook, as well as podcasts, data analysis and audience research to wage what the head of the UK military, General Nick Carter, describes as “information warfare”.

        Carter says the 77th Brigade is giving the British military “the capability to compete in the war of narratives at the tactical level”; to shape perceptions of conflict. Some soldiers who have served with the unit say they have been engaged in operations intended to change the behaviour of target audiences.

        What exactly MacMillan is doing with the unit is difficult to determine, however: he has declined to answer any questions about his role, as has Twitter and the UK’s Ministry of Defence (MoD).

        Twitter would say only that “we actively encourage all our employees to pursue external interests”, while the MoD said that the 77th Brigade had no relationship with Twitter, other than using it for communication.

    • Transparency/Investigative Reporting

      • Julian Assange held in 'sordid' solitary confinement for up to 23 hours a day, says father

        Wikileaks founder Julian Assange is being kept in solitary confinement for up to 23 hours a day, despite being due for release earlier in September, says his father.

        John Shipton described the treatment of his son, who is currently imprisoned in London's top security prison Belmarsh, as “sordid and hysterical”.

        In an interview with the Press Association, Mr Shipton said it was “extraordinary” that his son was being held in such harsh prison conditions, adding that his health was deteriorating.

        “The only people who are breaking the law are the UK Government and the Crown Prosecution Service,” he said.

    • Environment

      • 'The Most Horrible Drought in Memory'

        The situation has become critical across all of southern Africa because the subcontinent is located in a largely arid or semi-arid zone that is particularly vulnerable. Malawi, Zambia, Namibia, Zimbabwe, Botswana and South Africa are all feeling the effects of climate change with increasing severity -- the heatwaves are bigger, there's less precipitation and droughts last longer.

    • AstroTurf/Lobbying/Politics

      • Demand Justice Targets Democratic Sen. Chris Coons For Voting in Favor of Trump Judicial Nominees

        "We plan to invest in Delaware a lot more heavily in the coming months, assuming Chris Coons continues voting for Trump judges."

      • Israel Begins Netanyahu’s Pre-Indictment Corruption Hearing

        Israeli Prime Minister Benjamin Netanyahu’s long-awaited pre-indictment hearing on corruption charges began Wednesday in Jerusalem, as a jittery political world eagerly sought clarity on his legal standing amid the stalemate that followed the country’s second inconclusive election of the year.

      • Democrats: Trump Incites Violence Against Whistleblower

        Accusing President Donald Trump of “an incitement to violence,” House Democratic leaders bluntly warned Trump and his administration Wednesday not to intimidate potential witnesses in their impeachment inquiry. They said they were readying a subpoena demanding documents related to the president’s dealings with Ukraine...

      • No Good Reasons to Avoid Impeaching Trump

        The impeachment inquiry aimed at Donald Trump has elicited a near-palpable sigh of relief among many Americans deeply anxious about the damage he has done to the presidency and country. Each new poll suggests rising support among the electorate to terminate Trump’s presidency. Given how Trump has devastated constitutional protections, human rights and ethical boundaries over the past two and a half years, causing untold damage to the nation, impeachment ought to be welcome news across the political spectrum. But many on both the right and the left are calling the process into question—for different reasons, of course.

      • Corporate Journalists Push Tax Attack on Medicare for All

        Most people really like the idea of Medicare for All. So it will take a concerted effort to persuade them they actually don’t like it—and corporate media are more than happy to pitch in.

      • The Phony Liberalism of Bill Maher

        Bill Maher rose from being an “edgy,” opinionated comedian to becoming one of the most influential and recognizable faces in our media. His political talk show, Real Time With Bill Maher, has been on HBO since 2003, spanning 17 seasons with over 500 episodes to date. Real Time continues to be one of the most popular shows on cable TV, drawing in more than 4 million viewers per episode, according to a new New York Times interview (9/30/19), which frames him as a straight-shooting satirist on an “antihypocrisy crusade,” with Maher presenting himself as the voice of liberals across the country fed up with PC culture. Certainly, he has a legion of dedicated, primarily Democrat-voting Baby Boomer and Generation X fans, who take seriously his every pronouncement.

      • Official: Lobbyist who steered $50K gravel study should refund state for its cost

        A Michigan Department of Transportation study on state gravel supplies was so tainted by influence from the Michigan Aggregates Association that the industry lobbyist should pay the state a refund, a state official said in response to a blistering audit.

      • 'Are you talking to me?' Trump's anger on impeachment erupts

        But Niinisto, who appeared bewildered in the Oval Office hours earlier during a previous Trump tirade, found his footing at the news conference. He seemed to send a subtle message when he remarked how he had spent part of his time in Washington prior to his White House meeting by visiting a couple of museums.

        "You have here a great democracy. Keep it going on," he told the president.

    • Privacy/Surveillance

      • Tokyo 2020 Olympics using facial recognition system from NEC, Intel

        The Tokyo 2020 organization didn't say how long it would keep personal data, but said it'll comply with the Personal Information Protection Law. "All personal data is managed and used appropriately during the games and securely deleted afterwards under strict conditions," the organizers said. "Tokyo 2020 collects facial photos of each accredited person, with their consent, when their accreditation card is issued -- similar to the accreditation process at past games."

        It won't be a wholesale replacement for the old ways: Accredited personnel at the Olympics will still have to wear traditional ID lanyards, Intel and NEC said. But the facial recognition system will be required: if someone loses their lanyard or tries to get access with one that's stolen, the facial recognition system will block them, NEC said.

      • Presenting a webinar: Privacy and anonymity: Requisites for individuals' security online

        I was invited by the Mexican Chapter of the Internet Society (ISOC MX) to present a webinar session addressing the topics that motivated the project I have been involved for the past two years — And presenting some results, what we are doing, where we are heading.

    • Freedom of Information/Freedom of the Press

      • 'Come with us': A year after Jamal Khashoggi's killing, Saudi Arabian crackdown persists

        A United Nations report concluded that there was "credible evidence" that Crown Prince Mohammed bin Salman, Saudi Arabia's de facto ruler who enjoys a close relationship with the Trump administration, masterminded the killing. The CIA concluded that the crown prince ordered the execution or at least bears some responsibility for the Saudi operatives who carried out the assassination. The crown prince denied in an interview with "60 Minutes" that he ordered the killing.

      • The Finnish president was all of us at Trump’s latest unhinged press conference [iophk: Tweets in place of actual sources :(]

        That sort of blatant lying would be major news coming from the mouth of any other president, but it’s par for the course with Trump. But what was abnormal even for him was how upset he became with Jeff Mason of Reuters when Mason tried to follow up and get him to answer a question he dodged. Mason had asked, “What do you, or what did you want President Zelensky to do with regard to Joe and Hunter Biden?”

        “Are you talking to me?” Trump snapped back, as Mason pressed him for an answer. But none was forthcoming.

    • Civil Rights/Policing

    • Monopolies

      • Warren v. Zuckerberg
      • Patents and Software Patents

        • Stuart Langridge: 2×58: Fat For Purpose

          [00:30:50] Gnome are being sued over a software patent (“a method that involves capturing a bunch of images, filtering them based on a topic, theme or individual, and wirelessly transmitting the filtered images to another device”) which Shotwell allegedly violates

      • Copyrights

        • Congratulations to Our 157 June CC Certificate Graduates!

          Graduates from these classes included 67 educators and 90 librarians. Together, they joined the Certificate alumni community of 442 remarkable people making extraordinary changes in every region of the world. From translating Certificate content in multiple languages, to hosting workshops to developing entire graduate-level courses, CC Certificate alumni bring a new level of advocacy to open education and open access.



Recent Techrights' Posts

"Many Applications Labelled as "Cybersecurity" and Given a Veneer of Legitimacy Are Really "Weaponised" and Abusive Code"
New from Dr. Andy Farnell
Security Advisory: Debian falls for social engineering hacks
Reprinted with permission from Daniel Pocock
The High Cost of Making Scepticism of Proprietary Voting Machines a "Trump" and "Conspiracy Theory" Territory
Time to get back to paper? Or read an old paper?
 
Donald Trump as Censor in Chief Can Now Leverage Censorship Companies and Fake Protection Disguised as 'Security'
Centralised CAs were trouble all along
Technology: rights or responsibilities? - Part VI
By Dr. Andy Farnell
A Death of a News Industry
A theme we explored thrice today
Deciphering Centralised CAs and Why Their Demise Should be a Goal
Encryption in transmission is good; but who controls the key exchange and certification/authentication/validation?
Links 08/11/2024: Strikes, Recessions, and Slowdowns
Links for the day
[Teaster] [Meme] New Ways of Wrecking (NWoW)
The EPO
Gateway for News and Blogs
In the long run, this site and its sister site (less overlap between them now) should hopefully become a popular destination for people who look for information, not chaff
Going Even Faster
We hope the site will be faster soon
Psychopaths Who Reaffirm Our Work's Value
Psychopaths and sociopaths lack empathy, so they're willing to go very far and stoop as low as they deem necessary
[Meme] How Low Can You Go at the European Patent Office?
Not just in terms of patent quality
More Cuts/End to Benefits for EPO Workers (Europe's Working Conditions Incompatible With the European Patent Convention)
"The Office is now reviving it but plans to introduce new cuts on benefits"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 07, 2024
IRC logs for Thursday, November 07, 2024
Gemini Links 08/11/2024: US Election, RetroChallenge 2024, and More
Links for the day
[Meme] Questioning Proprietary Software? Not OK...
A disaster long in the making
Links 07/11/2024: HTTP/3, Health Research, and Punditry
Links for the day
Gemini Links 07/11/2024: On Writing Publicly and Record Player Table
Links for the day
Open Source Security Foundation (OpenSSF) Hosted SOSS as Microsoft Propaganda Platform With Microsoft Front Group OSI
They essentially promote what they're attacking under false pretences [...] OSI is deeply corrupt. It's more toxic than arsenic.
Anti-Linux FUD, Now in LLM Form, Thanks to Brittany Day
They attack Linux with chatbots
[Meme] When You Discredit People Who Discredit Secret Code
proprietary systems with hundreds of millions of transistors (and hundreds of millions of lines of code)
Links 07/11/2024: Online Manipulation in Social Control Media, Election Deniers, and More
Links for the day
Gemini Links 07/11/2024: emacs-guix and File Hoarding
Links for the day
[Meme] Election Day at the European Patent Office
Less than 60 minutes left to cast your vote
Staff Union of the European Patent Office (SUEPO) Election Ending Today
In one hour
[Meme] When the Patent Office Does Illegal Things and Staff Speaks Out
many leaks received today
Today We Got an Early Birthday Gift
Exciting times
[Meme] Going Too Far to the Left Can Breed Militant Ideology
Some people can never be appeased because they prefer not to be appeased
Apple's Debt Has Skyrocketed While Gimmicks Like Vision Pro Failed
In Apple's case, the debt is almost double the "Cash on Hand", which isn't even cash
FSF Expressed No Preference Regarding Presidential Candidates (Its Founder Did)
Because he is a principled person, he does not prioritise loyalty to customers or employers (money)
A President Trump is Excellent News to Microsoft
His racist policies gave lots of contracts to Microsoft
Who Next on the Linux Foundation's 'Kill List'?
Remember that only about 2% of the "Linux" Foundation's budget goes to Linux
Links 07/11/2024: Facebook Scams, Journalists on Strike
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 06, 2024
IRC logs for Wednesday, November 06, 2024
Microsoft-Connected Publishers Want Us to Think That Linux is Some Sort of a Virus and a "Backdoor"
"The problem is with windows and the attack vector is via Windows"
We've Made it to 18! Here's to Another 18!
Going on for another 18 years means until some time at the end of 2042
Links 07/11/2024: Political Angst and Laptop Issues
Links for the day
Even LKML Subjected to Slop/SPAM by Guardian Digital, Inc (linuxsecurity.com)
They're really awful
Links 06/11/2024: BPF in RFC 9669, More Facebook Fines for Privacy Abuses
Links for the day
Gemini Links 06/11/2024: Political Shock and Hermaic Encouragement
Links for the day
Planet Debian Allows Politics (But It Depends on Your Opinions and Debian's Big Sponsors)
Planet Debian is OK with politics... as long as all your political opinions are the "correct" ones and you add cute animals
What Makes RMS Such an Attractive Target ('Discreditisation' Campaigns)
Don't be so easily fooled
The Biggest OEMs or Vendors of GNU/Linux Stopped Competing With Microsoft (Which Pays Them to Promote Windows, Too)
Where are the competition authorities (or regulators for that matter)?
Let's Encrypt Falls to a New Low of Only 0.6% of Gemini Capsules Known to Lupa
In Gemini Protocol, certificates for encryption are required, but centralised Certificate Authorities (CAs) aren't needed
Computer-Generator Crap Flooding the Web, the Latest Example About "Linux"
Here's today's example
Links 06/11/2024: Election Disinformation and Legal Actions
Links for the day
Gemini Links 06/11/2024: Stargazing and Death on Hallowe'en
Links for the day
Would You Trust a Liar?
Why lie about the authorship?
Mass Layoffs at Mozilla Announced During US Elections
Maybe nobody will notice?
[Meme] Announcing "Results" Before Everyone Even "Played"
There is a "tech" angle to otherwise political news
US Polls Close in One Minute (Social Control Media Does Not Care, Will Not Wait)
US election results will be known in about 2 days
Concentration and Centralisation Versus Aggregation or Syndication
KDE has a history of burying old sites
Social Control Media, Even Hours Before Polls Have Closed
Has social control media controlled by CPC (TikTok) and the Trumpmobile guy (Musk's "X") done enough to convince people not to even vote (based on presumptive "results", presented a long time before all polls have closed)?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 05, 2024
IRC logs for Tuesday, November 05, 2024
Wayland Pains in Community-Led Distros of GNU/Linux
Few people and companies use Wayland; there's hardly any technical or practical reason to choose it
IBM Still Conflating Microsoft With 'Security'
As a meme
Sanctions Cause Fragmentation in Software
some Chinese Linux developers are already subjected to restrictions similar to Russians'
Web Failing With Slop, Even in 'Linux' Sites (LLM Spam)
Add SEO prompting to the mix and the Web becomes a pool of slop, not knowledge
[Meme] State of the World Wide Web and Online Journalism
Technically a failure (DRM) and cannot even get basic things right
Trump's signature policy, building a wall, copied from Irish-Australian student politician
Reprinted with permission from Daniel Pocock
Linus Torvalds' self-deprecating LKML CoC mail linked to Hitler's first writing: Gemlich letter
Reprinted with permission from Daniel Pocock
[Meme] Turning 18 in One Day
just one more day