Bonum Certa Men Certa

Links 28/10/2019: Linux 5.4 RC5, DXVK 1.4.4, Latte Dock 0.9.4



  • GNU/Linux

    • 5 alternative desktop panels to try out on Linux

      Sick of the default panel on your Linux desktop environment? Wishing you had a better panel with more features? If so, we’ve got you covered! Here are 5 alternative desktop panels to try out on Linux!

    • 4 best wallpaper downloaders for Linux

      Finding a suitable wallpaper for your Linux desktop can be challenging. There are just so many choices! If you’re sick of digging through Google images, and other wallpaper websites for that perfect picture, check out our list of the 4 best wallpaper downloaders for Linux!

    • Building trust in the Linux community

      Roughly 20 years ago, while I was taking classes on Windows 2000 Server, I started acquiring parts of older machines that were slated for disposal and managed to piece together at least one fully working system with a monitor, keyboard, and mouse. The home computer at the time was running Windows 98 or ME, I can’t recall, but I didn’t have any OS to put on this older system. Somehow, I stumbled across Mandrake Linux and loaded it up. It all seemed to work okay from what I could tell, so I put an ad in the local newspaper classifieds to see if anyone needed a computer for free. I got exactly one response to that ad. I packed up the computer and took it to their house. I found out it was a family with a special needs son and they wanted to get him learning on the computer. I set it up on the little table they wanted to use as a desk, they thanked me, and I left. I sure hope it was helpful for them. At the time, all I really knew of Linux was that I could have a fully working system without having to go to a store to buy a disk.

      Since that point, I would consider myself a Linux hobbyist and enthusiast. I am a distro hopper, always trying out different distros and desktop environments, never making any one of them truly home. I’ve always had my heartstrings pulled between Ubuntu-based systems and Fedora. For some reason, I really like apt and DEB, but always loved getting faster updates from Fedora. I’ve always appreciated the way open source projects are open to the community for feedback and extra dev support, and how the code is freely available for anyone to use, reuse, and review.

    • 6 signs you might be a Linux user

      Regardless of your experience, if you're a Linux user, you undoubtedly have a passion for open source. Whether you express that on a daily basis through Creative Commons artwork or code or you sublimate it and just get your work done in a liberating (and liberated) environment, you're living in and building upon open source. It's because of you that there's an open source community, and the community is richer for having you as a member.

      There are lots of things I haven't mentioned. What else betrays you as a Linux user? Let us know in the comments!

    • Server

      • The Substrate To Bind Datacenter Switching And Routing

        The appliance model, where the hardware and software were tightly controlled by a single vendor, held sway in the datacenter for decades. But that top-to-bottom stack been peeling apart, oddly enough because it was never established on the PC, but particularly as Linux emerged as an open, cross platform operating system that was eager embraced on servers, first by the HPC community and then by the hyperscalers and the cloud builders.

        Even with Unix servers, which were open in terms of supporting common APIs and providing a modicum of cross-platform compatibility, the operating system and related software stack was generally made by the same company that designed the processors and the hardware system that used them. Linux and Windows Server, which jumped form the desktop to the datacenter after decades of hard pushing and platform buildout by Microsoft, provided portability and superior price/performance for many (but not all) workloads, and this finally broke the server software free of the server hardware.

      • Ma Bell, Not Google, Creates The Real Open Source Borg

        True to its name, Google’s famous Borg cluster controller has absorbed a lot of different ideas about how to manage server clusters and the applications that run atop them at the search engine and now cloud computing giant. And while the Kubernetes container controller that Google open sourced in June 2014 was certainly inspired by Borg, Kubernetes was really more of a kernel than it was a complete system, and the way you know that is that it took a long time to get Kubernetes to be truly usable in the enterprise.

        Oddly enough, Airship, a mashup of Kubernetes, the OpenStack cloud controller with bare metal extensions, and a slew of other open source projects spearheaded by AT&T – yes, the same Ma Bell that created the C compiler and then the Unix operating system back in 1969, starting the open source and Unix revolutions – has surprisingly and, at least to some, quietly created a complete software stack that arguably rivals Borg and its extensions inside of Google.

      • Containers, and why the future is open source

        Software containerisation is unlikely to be at the top of the list of considerations for the average storage administrator. First and foremost, storage professionals are going to be concerned with every enterprise’s most pressing problem: managing the “explosive” volume of data within the constraints of their limited IT budget.

        However, there are compelling reasons why storage professionals should be thinking about containerisation as its rapid adoption will impact the road map of your existing storage providers and drive changes to your own organisation’s data storage strategy.

        Let’s take a moment to get a basic understanding of what containerisation is all about, look a little deeper at those implications to your storage strategy and also discuss how open-source software-defined storage can help you with your data storage challenges.

        [...]

        Against this backdrop of the ever-growing communities of open-source developers, the limited development capability of isolated, commercially operated silos has little chance of long-term success. This is why it is clear – the future is open source.

      • 14 DevOps Tools Applications & Examples You Should Know
      • IBM

        • [Older] Red Hat Collaborates with Vodafone Idea to Build Network as a Platform

          Red Hat, Inc., the world's leading provider of open source solutions, today announced that Vodafone Idea Limited (VIL), India’s leading telecom service provider, is leveraging Red Hat OpenStack Platform, Red Hat Ceph Storage, Red Hat Ansible Automation Platform and Red Hat Enterprise Linux to transform its distributed network data centers to open standards, open interfaces based ‘Universal Cloud’. These will be also extended to serve third party workloads.

        • Wanted: A Real ROI Study For Midrange Platforms

          There is no shortage of IBM i shops that are sitting on back releases of the operating system and related systems software, or older Power Systems iron, or both. Sometimes, it takes a little convincing to get upper management to listen about how IT operations could be improved and extended if the company would only make some investments in upgrading the hardware and systems software. Sometimes it takes a lot of convincing, particularly when many small and medium businesses are run by their owners and in a certain sense any money that would be allocated for an upgrade is their own.

          But in other cases, the very idea of being on the IBM i platform has become suspect, particularly with the rise of public clouds, which by and large are designed to run Linux and Windows Server workloads on virtualized X86 servers with clever networking stitching it together to storage that keeps the system fed. So sometimes, even before you can make the case for investing in the IBM i platform, you have to make the case for why the company should not be investing in some other, supposedly more modern platform.

          That is why IBM has commissioned the consultants at IDC to put together all of the arguments about getting modern with hardware and systems software in a new whitepaper entitled, For Many Businesses, It’s Time to Upgrade Their Best-Kept Secret: IBM i. You can go to the IBM i portion of Big Blue’s site, which seems allergic to talking about systems even though this is where, one way or another, IBM gets its money. The IBM i area on IBM’s site is at this link, and you have to be pretty tenacious to find it from the homepage, and we give that to you just in case IBM moves the IDC whitepaper around someday. The direct link to the whitepaper is here.

        • Microbenchmarks for AI applications using Red Hat OpenShift on PSI in project Thoth

          Project Thoth is an artificial intelligence (AI) R&D Red Hat research project as part of the Office of the CTO and the AI Center of Excellence (CoE). This project aims to build a knowledge graph and a recommendation system for application stacks based on the collected knowledge, such as machine learning (ML) applications that rely on popular open source ML frameworks and libraries (TensorFlow, PyTorch, MXNet, etc.). In this article, we examine the potential of project Thoth’s infrastructure running in Red Hat Openshift and explore how it can collect performance observations.

          Several types of observations are gathered from various domains (like build time, run time and performance, and application binary interfaces (ABI)). These observations are collected through the Thoth system and enrich the knowledge graph automatically. The knowledge graph is then used to learn from the observations. Project Thoth architecture requires multi-namespace deployment in an OpenShift environment, which is run on PnT DevOps Shared Infrastructure (PSI), a shared multi-tenant OpenShift cluster.

    • Audiocasts/Shows

      • Linux Action News 129

        GNOME decides to fight, Ubuntu’s desktop director steps down, GitLab backs off their telemetry plans, and we’ve got the data on Google’s Project Treble.

        Plus, the latest Firefox has a new dashboard, and it looks like Disney+ won’t work on Linux.

      • Open Source Security Podcast: Episode 167 - Security is terrible because digital literacy is terrible

        Josh and Kurt talk about the horrid state of digital literacy in the US. We start out talking about broken Phillips Hue light bulbs, then discuss research from Pew on the digital literacy of Americans. We may have accidentally discovered a use for all the cookie warnings every web site has.

      • IRL (podcast): “The Weird Kids at the Big Tech Party” from ZigZag

        Season 4 of ZigZag is about examining the current culture of business and work, figuring out what needs to change, and experimenting with new ways to do it. Sign up for their newsletter and subscribe to the podcast for free wherever you get your podcasts.

      • OggCamp 2019 Panel | Jupiter Extras 26

        Joe hosts the panel at OggCamp 2019 with guests Dr Laura Cowen, Josh Lowe, Caroline Keep, and Dan Lynch.

        Special Guests: Caroline Keep, Dan Lynch, Dr Laura Cowen, and Josh Lowe.

      • GNU World Order 13x44

        Listener feedback, including some neat **rename** and Bash tips.

    • Kernel Space

      • Kernel prepatch 5.4-rc5

        The 5.4-rc5 kernel prepatch is out for testing.

      • Linux 5.4-rc5
        So usually by this time, I wish things were calming down. We've had a
        few fairly small rc's so far in the 5.4 series, and sadly rc5 isn't
        shrinking from that smaller baseline.
        
        

        So unlike the previous rc's that were on the smaller side compared to recent releases, 5.4-rc5 is a bit _bigger_ than the rc5's of the last few releases. It's not huge, by any means, and partly exactly because previous rc's were small, I'm going to treat it as just some pent-up work going in, and I'm not worried.

        So things still seem pretty normal, and none of the patches look all that scary to me.

        I'm still on the road, with OSS EU starting tomorrow, but apart from a few long flights I should be fairly normally responsive and my travels shouldn't be impacting the upcoming week. Particularly since I hope that we'll at least start seeing a proper calming down period for rc6.

        Anyway, shortlog is appended below for people who want to scan the details. It's all very normal, with about half of the patch being drivers (sound, pinctrl, regulator, gpu, cpufreq, usb..), with the rest being arch updates, filesystem updates, misc core stuff and documentation.

        So we have a bit more fixes than normal during this stage, but nothing looks very strange, and the diffstat looks _mostly_ flat (with the cpufrequency power-QoS and io_uring changes looking a bit bigger) which is my sign for "small changes all over".

        Go test,

        Linus
      • Linux 5.4-rc5 Released As The "Kleptomaniac Octopus"
      • Huawei Laptops Seeing Support Improvements With Linux 5.5 Kernel

        The Huawei driver is promoted as part of this to being a "platform" driver now rather than just a WMI driver since it now handles much more than just hotkeys support. The Huawei driver code continues to be worked on within linux-platform-drivers-x86.git.

        Stay tuned for more details on Linux 5.5 as the cycle kicks off in November. The Linux 5.5 stable release won't happen until early 2020 but well in time for the likes of Fedora 32 and Ubuntu 20.04 LTS.

      • FSCRYPT Inline Encryption Readied Ahead Of Linux 5.5 Kernel For EXT4 + F2FS

        Fscrypt as the file-system encryption framework used by the likes of EXT4 and F2FS for offering native encryption capabilities continues being improved upon, especially by the likes of Google that are making use of it for Android devices.

        Being revved up for possible inclusion in the upcoming Linux 5.5 kernel merge window is the ability to support "inline encryption" with fscrypt. The work by Google's Satya Tangirala and Eric Biggers is summed up as "the block layer handles the decryption/encryption as part of the bio, instead of the filesystem doing the crypto itself via Linux's crypto API. This model is needed in order to take advantage of the inline encryption hardware present on most modern mobile SoCs."

      • Intel Linux Driver Patches Revived For Useful Per-Process Load Statistics

        Just over one year ago were proposed changes to improve the insight into per-client load activity for Intel graphics under Linux. The changes would indicate how busy each Intel graphics engine (render, blitter, video, etc) was on a per-client basis and other metrics similar to what users have to look at when it comes to analyzing CPU activity. Those patches were never followed up on or merged but have been revived this past week.

        As a result of some Intel Linux customers, those patches for being able to report the per-client engine state have now been revived. The patches have been re-based to the state of the current Intel i915 DRM kernel driver and expose the per-client per-engine state via sysfs.

    • Benchmarks

      • EPYC 7642/7742 vs. Xeon Platinun 8280 Performance With Intel-Recommended Benchmarksw

        Here are the latest numbers in our ongoing AMD EPYC 7002 "Rome" series benchmarking. This time around for some curiosity over the weekend is a look at the EPYC 7642 and EPYC 7742 up against the Xeon Platinum 8280 all in 2P configurations while running benchmarks publicly recommended by Intel in one of their whitepapers. Even going by Intel-recommended tests, the EPYC 7642/7742 deliver significantly better performance and cost savings over the comparable Xeon Platinum 8280.

        One of my weekend "hobbies" is always scouring whitepapers, scientific papers, and GitHub (among other sources) looking for interesting and new benchmarks/workloads to incorporate into the Phoronix Test Suite / OpenBenchmarking.org. After all, there are 384 different official benchmarks part of our open-source benchmarking framework and from there 1,404 different versions of those benchmarks from the past 11+ years of developing the Phoronix Test Suite for open-source and fully-automated benchmarking.

      • dav1d 0.5.1 Boosts AV1 Video Decode For Older CPUs by 40~50%

        While marketed as a point release, the dav1d 0.5.1 "Asiatic Cheetah" release is quite significant for those needing to perform AV1 video decoding on older processors.

        With the dav1d 0.5.1 release there is around a 50% speed-up for those using the open-source software on SSE2 CPUs. Meanwhile for older Arm CPUs with ARMv7, there is around a 41% speed-up. There are also "minor" speed improvements for other architectures / instruction sets. Dav1d is already quite well optimized for modern CPUs with AVX and the like, so it's nice to see SSE2 and ARMv7 getting some attention.

    • Applications

      • Proprietary

        • Microsoft Pentagon Win Changes Cloud Game But Will Face Protests

          In the past year, Azure has racked up some large deals from Kroger Co. to AT&T Inc., but a customer as big, demanding and secretive as the Pentagon will go a long way toward cementing Azure’s reputation as a serious contender.

          Amazon, which won a lucrative cloud contract with the Central Intelligence Agency in 2013, was seen to have the upper hand in the competition. But politics entered the picture. Trump has long been at odds with Amazon’s Chief Executive Officer Jeff Bezos. The world’s richest man also owns the Washington Post, which Trump claims has treated him unfairly in its coverage.

        • I'm not Boeing anywhere near that: Coder whizz heads off jumbo-sized maintenance snafu

          We're back again with Who, Me?, The Register's Monday morning crowdsourced tale of reader misdeeds and close calls.

          Today's confession from "Pete" will tighten the sphincters of those who flew on Boeing's finest back when 1990 rolled around.

          Pete was something of a multimedia whizz at a time when Windows 3.0 was a thing, sound cards were unusual and CD-ROMs even more so. He was fresh off an award-winning stint coding up the multimedia add-on for a well-known UK publication.

          It was early days for the technology, and Pete had cleverly coded things so audio would play from the mixed-mode CD if users lacked a sound card, but the indexing software leaked memory like a sieve under Windows 3.0. The vendor ended up having to send their lead programmer over to Blighty to sort out the issues but Pete persevered "and my CD-ROM launched successfully on Mac and Windows".

    • Instructionals/Technical

    • Wine or Emulation

      • D3D11 and D3D10 to Vulkan layer DXVK version 1.4.4 is out

        One missed from the weekend, developer Philip Rebohle released a fresh update to the Vulkan layer DXVK with version 1.4.4.

        A small and sweet maintenance release we have here with a couple of optimizations. The memory footprint of small and frequently updated buffers was reduced, there's some minor optimizations for "Stream Output and Append/Consume buffers (used e.g. by Unity Engine)", a bug fixed from DXVK 1.4.3 that caused some invalid state cache entries being generated, some Vulkan validation errors with geometry shaders were fixed and some "potential read-after-write hazards involving vertex and index buffers" were also solved.

      • DXVK 1.4.4 With Vulkan Usage Fixes, Optimizations & A Few Game Specific Fixes

        Philip Rebohle has released his latest weekly update to DXVK for accelerating Direct3D 10/11 games using Vulkan as a big boost for Steam Play (Proton) and Wine.

        DXVK 1.4.4 has a regression fix for 1.4.3 that could lead to invalid Vulkan API usage, Vulkan validation error fixes, potential read-after-write hazards resolved, optimizations for Stream Output and Append/Consume buffers, and reduced memory footprint for small and frequently updated buffers.

    • Games

      • Trade your wares across a much bigger map in a huge update to Merchant of the Skies

        Perhaps a little travelling, trading and resource gathering is what you need on this fine Monday morning? The sweet trading sim Merchant of the Skies just got a lot bigger.

        Not such a simple game any more, since this update makes the main campaign map two times bigger and if you play the Sandbox mode it can be seven times bigger than before! That's a whole lot of extra places to explore. There's also the addition of random events and resource collection points that might appear, making the travelling system a little more interesting too.

      • Indie horror game Walls Closing In now has Linux support

        Need something to scare you silly this Halloween? The indie survival horror Walls Closing In has Linux support.

        Walls Closing In follows the story of Grace Bailey as she attempts to escape the clutches of a crazed maniac quickly becoming known as 'The Butcher of Northbury Grove'. It's a difficult game, one that's supposed to scare you and test your survival skills. The odds are against you, it has level-based permanent death and items are randomized on each run so you need to search the environment for helpful tools to survive.

        It's pretty dark and gross in places too definitely one to play with the lights off, sound up and kids in bed.

      • Auto-battling god game 'Godhood' gets a makeover with the Create Your Own Religion update

        Abbey Games continue expanding their auto-battling god game Godhood with another big update being recently released. The Create Your Own Religion update includes some big changes to the core game experience, with a new tech-tree, religious customization options, a visual overhaul and more.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • [Krita] Interview with Haris Mujkic

          Back in 2010 while learning game development and programming, I was looking for a free tool for 2D graphics. After some research, I settled with GIMP.

          Krita has the most important feature for any digital artist out there. Freedom of choice. Almost every important aspect of the UI, brushes or workflow is customizable. It’s literally like my own physical studio where I can put things where they belong because it suits me. Missing something? Write a plugin.

          Also, the previously mentioned Wrap Around Mode is incredibly useful and time-saving.

        • Looking in or looking out?

          In my previous blog post, I mentioned that being part of the wider Free Software community can be a drag on a project.

          In this post, I want to put that in perspective. Elaborate a bit, if you will.

          For someone like me who wrote his first GPL’ed application in 1993 (it was a uucp mail and usenet client written in –gasp!– Visual Basic), I’ve spent countless hours pleasantly occupied contemplating the where and which of Free Software. I am part of the KDE community, the Libre Graphics community, the Free Software community. Inside our communities, we’ve got engrossing discussions about licensing, diverting flamewars about business models, scintillating technical developments, awesome foes to smite, forks to be praised or lambasted. There are conferences to be visited, or be perorated at, sprints to organize and organizations to join.

          In short, you can develop Free Software within the Free Software community while all the while looking in. This is important for Free Software. That is bad for Free Software. If I make this effort, or take this initiative, or mentor this student, Free Software will improve.

          And that’s fun, and gives one the satisfied feeling of making the world a better, freer place. And I care about software freedom, really I do!

          It does take a lot of time, though, and that time — is that really spent making the world better for the people who use my software? Is all that caring about the ins and outs of the Free Software community the best use of my time, when I’m working on an end-user application? And does it give me the right kind of insight in what I should be doing?

          That’s what I meant when I wrote that I was kind of agreeing with Ton that being part of the Free Software community could be a drag on Krita becoming successful.

          If I’m spending my time on GNOME vs KDE, Flatpak vs Snap vs AppImage, deb vs RPM, then I’m only worrying about technical details that don’t mean a thing for someone who wants to paint a comic. That makes it at worst a waste of my time, or at best a hobby that is only tangentially related to Krita and its users.

          If I’m looking inside the community, and not out of it, facing the people who will actually be using my software, I probably won’t be making the right kind of software.

        • Latte bug fix release v0.9.4

          Latte Dock v0.9.4 has been released containing important fixes and improvements!

        • Packaging updates in FreeBSD

          We’re in the process of packaging poppler 0.82, which (as usual) leads to some breakage in consumers of that package – things like editors/calligra – so there will be more updates soon-ish. I think I independently re-created a patch for LibreOffice to fix the build already (turns out there was a patch in Gerrit already).

      • GNOME Desktop/GTK

        • GNOME Foundation steps up its open source patent defense

          Patent lawsuits against open source projects are reportedly on the rise. The question is why. Yes, open source has never been more pervasive or popular, but at least some of the patent suits don't make much sense.

          Take, for example, Rothschild Patent Imaging (RPI) LLC's lawsuit against the GNOME Foundation. It's unclear what substantial value Rothschild hopes to gain by the action. When Rothschild Connected Devices Innovations, LLC sued Garmin (eventually dropping the suit), it targeted a cash-rich corporation. Here RPI is going after an open source foundation--GNOME reported just over $1 million in income in 2018 (up from around $250,000 in 2017). According to the GNOME Foundation, RPI offered to settle for a "high five figure amount," but the GNOME Foundation is fighting, not flinching.

          [...]

          RPI, in other words, doesn't appear to have a particular axe to grind against open source. It's not a SCO that sued IBM for $1 billion way back when, then hiked that number to $3 billion (and sprayed pay-or-be-sued letters across every known user of Linux). This is not to suggest that RPI's actions won't have an impact on open source. They could have a very negative impact on open source, generally, and Shotwell users, particularly, as GNOME Foundation executive director Neil McGovern told me.

        • Welcome to the October 2019 Friends of GNOME Update!

          Molly de Blanc and Sri Ramkrishna were at All Things Open this past month. They both gave talks, ran a booth, and met lots of great people who were excited to learn about GNOME. They ran out of stickers. Neil McGovern and Rosanna Yuen attended GNOME.Asia Summit, both delivering keynotes! While he was in Indonesia, Neil also delivered a keynote at openSUSE.Asia Summit. Board member Carlos Soriano spoke at GitLab Commit about how GNOME uses GitLab.

    • Distributions

      • Reviews

        • Review: Xubuntu 19.10

          feel I do not get to say this often enough: this distribution is boring in the best possible way. Even with new, experimental filesystem support and a complete shift in the libraries used to power the Xfce desktop, Xubuntu is beautifully stable, fast, and easy to navigate. The distribution shipped with defaults I found pleasant, the desktop was responsive, all of my hardware was detected, and even with ZFS enabled (with multiple features turned on) the distribution still used less memory than Ubuntu or Fedora Workstation on the same hardware.

          Perhaps what I appreciated most about Xubuntu was that it did not distract me or get in the way at all. I did not see a notification or a pop-up or welcome screen during my trial. The distribution just installed and got out of my way so I could start working. And to further facilitate that, Xubuntu ships with a great collection of open source applications. There are enough to get most tasks accomplished without cluttering the menu. It's a fine line to walk and Xubuntu does it well.

          I have some mixed feelings about Snap packages being enabled by default and seamlessly integrated with GNOME Software. For people who like to use Snaps and want quick access to them, this is great. If you prefer to use classic Deb packages over Snaps then the new approach may cause you to accidentally download the larger, portable package. I am fairly neutral on Snap, but I do prefer to install the smaller Deb package if it is available and GNOME Software does not seem to give preference to one over the other.

          On the whole I am impressed with Xubuntu 19.10. I found myself wishing this was an LTS release as I would like to put this version on several computers, particular those of family members who run Linux on laptops. Xubuntu is providing a great balance between new features, stability, performance, and options and I highly recommend it for almost any desktop scenario.

      • New Releases

        • Rescatux 0.72-beta2 released

          This is another beta version of Rescatux. The last Rescatux beta was released on October 2019. That’s about two weeks ago.

          This new version puts Gparted back into the iso and updates to Rescapp 0.54b2 which features two important usability updates: An status label will show if an options is ready to start, running or finished. And a new messages box will show every step the option is performing highlighting the most important ones in bold. No more flickering of fast status messages pop-ups as it happened in earlier versions.

          Additionally the user is driven first to click into the options to read their manuals and to read the manuals carefully before clicking the Run! button.

        • LibreELEC (Leia) 9.2 Beta 2

          LibreELEC 9.2 Beta 2 (Leia) has arrived based upon Kodi v18.4, the 9.2 Beta 2 release contains many changes and refinements to user experience and a complete overhaul of the underlying OS core to improve stability and extend hardware support. If no serious bugs appear that the final version of LibreELEC 9.2 should be available with the release of Kodi 18.5 in approximately 2 weeks.

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • Movember 2019

          Here at SUSE, we’re a charitable bunch. I know that a few of my colleagues have grown moustaches in years gone by, and our CEO Melissa is very supportive of charity work and volunteering in general. This is my first year trying to build a team of Hairy Green Chameleons, trying to recruit men and women across the business to get involved. Whether that’s by growing a moustache, or committing to getting active with a target of completing 60km of activity over the month, to represent the 60 men that die from suicide each hour around the world. We’ve already had some very generous donations, but I hope that if you’ve read this far, you might find it in your heart to make a donation as well. If you’re a UK tax payer, then don’t forget to click the “reclaim Gift Aid on my donation” box to allow the nice folks at Movember to claim back the tax that you’ve already paid on your donation – giving them extra money at no cost to you!

      • Fedora Family

        • Fedora Modularity: What’s the Problem?

          Much has been said about Fedora Modularity over the past couple weeks. Much of it has been constructive; some of it the expected resistance to change that all large features encounter. Some, however, is the result of our not having painted a good picture of the problems that Modularity aims to solve. Numerous suggestions have been made on the Fedora Development mailing list that sound good on the surface but that ultimately fail to address some important use-cases. This blog post will attempt to enumerate these cases in detail so as to serve as a common reference point for the ongoing discussions.

          Please note as well that these are goals. There are numerous places where the implementation of Modularity at the time of this writing is not yet fully adherent to them.

      • Canonical/Ubuntu Family

        • Learn about our differentiated approach to IoT digital transformation at IoTSWC.

          Canonical will be present at the 2019 IoT Solutions World Congress (IOTSWC) in Barcelona from Tuesday 29th October at booth GV/P2/0/B/224. We are convening to the flagship IoT event, alongside more than 350 leading suppliers of IoT, artificial intelligence and blockchain solutions.

          Businesses attending IOTSWC are investing to transform their core activities with emerging digital innovations. Canonical’s mission is to empower innovators – big and small – around the world. To this end, we have developed a uniquely differentiated approach to IoT digital transformation, our goals being to accelerate delivery and boost return on investment.

          The key pillars of our differentiated approach to IoT are open-source software, cloud-native technologies, and platform ecosystems. Our IoT solutions are open source, which drives software quality thanks to community feedback, but also reduces development costs and time to market. What’s more, we are introducing cloud-native technologies like containers, Kubernetes, DevOps, and continuous delivery to the realm of IoT. Finally, we foster platform ecosystems with app stores for any IoT device. App stores enable the development of new business models and feature enhancements through applications.

        • Ubuntu Blog: Standardising software to quickly deliver a smart city platform for millions

          New York has the highest population density of any city in the United States with over 27,000 people per square mile. The average New Yorker has a commute of 40 minutes, 14 more than the national average. There are over 200 languages spoken in the city. These statistics alone illustrate the challenge of communicating to the 8.5m residents of New York to convey the latest transport, weather or security information.

          The increased use of technology in urban infrastructure and rise of smart cities is helping to improve communications to resident New Yorkers and cities all over the world. Intersection, a US based company, specialise in using digital technology integrated into the physical world with deployments across the US and UK. Notable products include Link which launched in 2016 in New York City and now serves over 8 million Wifi users. The product was also launched in 25 cities throughout the UK, as well as Philadelphia and Newark to provide free Wifi, device charging, maps, calls and real time information such as weather and transit information.

          Being visible to millions of people 24/7, Intersection demand a reliable infrastructure on which to build their smart city platform. David Mitchell, of Intersection, explains the breadth of use from retail to emergency services and the challenges of introducing new technology to a variable city environment.

          “It’s a combination of needing a platform that’s nimble but also at the scale we are running at, having to run a lot of different products while needing to make them look as consistent as possible,” David comments.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Running your business with free open source software

        Open source software can provide free options for small businesses that don’t have the budget for expensive enterprise proprietary applications.

        Choosing to use open-source software for your business allows you to keep costs down and stay on the cutting edge while working with software that is almost always more transparent and often more secure than proprietary alternatives.

        Many, if not most, desktop PCs or laptops in South Africa you come across will be running Microsoft OS and proprietary applications, with a few in a distant second followed by Apple MacOS.

        Linux and other wholly open source operating systems have only a tiny market share, and it’s understandable. The vast majority of companies simply aren’t prepared to make office workers use an open source OS and most office workers aren’t prepared to use them, which at most times is caused by a lack of understanding or fear of how open source works.

        But imagine if there was a global community of software design experts who were independently building and improving digital tools that you could use for free. Tools that could help you render a service to your customer and be able to communicate with them.

      • Qt releases the technical preview of WebAssembly based QML open source design viewer

        Two days ago, the Qt team released the technical preview of an open source QML design viewer based on the Qt for WebAssembly. This design viewer will enable the QML application to be run on web browsers like Chrome, Safari, FireFox and Edge. The Qt for WebAssembly is a platform plugin which allows the user to build Qt applications with web page integrations.

        For running a custom QML application, a user will have to define the main QML file and the import paths with a .qmlproject file. The project folder then has to be compressed as a ZIP file and uploaded to the design viewer. Users can also generate a resource file out of their project and upload the package.

      • Workshop on ‘Research Methodology & Open Source Softwares’ concludes at JU

        The one week workshop on “Research Methodology and Open Source Softwares”, concluded here in the Department of Computer Science & IT, University of Jammu. In valedictory function of the workshop, which was organized in collaboration with HRD Centre, University of Jammu, Prof. Rajnikant, Director, Directorate of Distance Education, was the chief guest. In his address, he emphasized that Research is multidisciplinary arena and explained how different disciplines can come together at one platform for discussing different innovations in their own fields.

        [...]

        The last three days of workshop were mainly focused on open source softwares and SPSS where Dr Rajeev, R R Program Head, e-governance and development, ICFOSS (International Centre for Free and Open Source Software), Trivandrum and Dr Sunil Kumar, Department of Commerce, University of Jammu, were the key resource persons.

      • Why Students Participate in Summer of Code

        Google Summer of Code is widely seen as beneficial both to the participating students and to the open source organizations. Now researchers have looked into what motivates students to participate and do they continue to contribute in the long term?

        [...]

        To do this they devised two questionnaires - one for participating students, the other for mentors. They sent out 1,000 survey invitations to students who had participated in GSoC between 2010-2015 (in which approximately 7,000 students participated) received completed questionnaires from 116. A smaller number of mentors, 730, were invited on the grounds that a considerable number of mentors participate in more than one edition of the program - but an even smaller proportion (7.3%) responded giving a sample size of 53. All but four of the students in the sample were male and so were all the mentors. The predominant age for first participation was between 21-25 years old (63), followed by 18-20 years old (45), whereas the majority of the mentors were over 30 (42).

      • Embracing the possibilities of an open source future

        Does your software company have an open source strategy or is protecting the proprietary crown jewels still the order of the day?

        If you answered ‘yes’ to the latter then you’re in a minority, internationally at least. According to recent research from The New Stack and The Linux Foundation, 53% of software companies globally have an open source program or plans to implement one.

        Vendors who don’t get on board may find they’re missing valuable opportunities to expand their market share and add value for customers.

      • Open Source Software for the Intelligent Edge

        Open source software and the development community that it spawned and the open standards movement that evolved along with the soft-ware aren’t the same. Open standards often are a requirement for doing business; open source, in turn, is a choice made by users.

        Everything from the common lightbulbs we screw into the common sockets made by companies worldwide to the common connectors used for electrical and electronic devices and more sophisticated network components are all based on a series of open standards defined by a standards body and conformed to and adopted by those products’ manufacturers. Additionally, we have seen the emergence of industrial standards that focus on certain industries and common products and supply chains such as the automotive or electronics industries that have defined tire sizes and the layout of printed circuit boards, respectively. There are also de facto standards that come about primarily by a very large market presence that literally defines the market space. Microsoft Windows would be an example of this.

      • TensorFlow gets native support for PowerVR GPUs via optimised open-source SYCL libraries

        Imagination Technologies announces that developers working with TensorFlow will be able to target PowerVR GPUs directly thanks to newly optimised open source SYCL neural network libraries. The first release will be available in November 2019.

        The SYCL version of TensorFlow supports a very large number of AI operations (see Graph 1) and is easily user-customisable, meaning that developers using the latest neural networks, or researching their own AI technologies, can run those networks out-of-the-box with high performance on PowerVR. Because TensorFlow SYCL support is both open source and open standards-based, it’s an ideal solution for developers who want to accelerate the latest AI technologies on low-power devices.

      • The Navajo Nation is getting addresses, thanks to an open-source mapping program used in urban India

        His team eventually developed the Plus Code grid that can locate any point with precision independently of street names. Codes aren’t randomly generated when they’re identified for structures, but are already assigned to the entire surface of the globe.

        [..]

        The project was going well in the places it was designed to be most useful, including being used to deliver medical services in refugee camps in Somalia. So it came as a shock a few years ago when Rinckes presented at a California conference and was approached by several members of the Navajo Nation.

      • FTTX Council punts open-source architecture for network development

        With the increasing growth of data and the Internet of Things (IoT), there is a need to review the potential use of open-source architecture in the design and building of fibre networks, says FTTX Council president Andile Ngcaba. The open-source community has “changed the classic information technology” environment: modern businesses are being built on open source, while modern telcos are going to be built on open source. For the industry to grow, and enter the Zetabytes-of-data era, there is a need to consider how open source is leveraged moving forward. “The open-source community is coming into our industry, and we need to welcome that. We need to embrace this. We need to make sure that we [start] using open-source architecture in the way we design our networks, in the way we build our networks and in the way we build the future,” he says.

      • [Old] In military services, new push from the top toward open systems architectures

        A rare, joint memo from three military service secretaries directs acquisition officials to build open architectures into all new programs.

      • Opening Up to Open Source

         Today, open source and the enterprise are more interconnected than ever before, sharing valuable projects, time, and resources.

      • Open Preservation Foundation Joins Open Source Initiative

        The Open Source Initiative€® (OSI), the global non-profit formed to educate about and advocate for the benefits of open source software, development, and communities, is proud to announce the affiliate membership of the Open Preservation Foundation (OPF). Enabling shared solutions for effective and efficient digital preservation, the OPF leads a collaborative effort to create, maintain and develop the reference set of sustainable, open source digital preservation tools and supporting resources.

        Founded in 2010 as the Open Planets Foundation to sustain the results of EU-funded R&D, OPF currently stewards the leading portfolio of open source digital preservation software and enables the development of best practice through webinars, interest groups, community events, and training. Open Preservation Foundation's vision is open sustainable digital preservation.

        "The OPF joined the OSI because we share a commitment to raising awareness and advocating for open source software," said Martin Wrigley, Executive Director of the OPF. "We maintain a set of open source file format validation tools and look forward to exchanging ideas with new communities and sharing our experience in digital preservation."

      • Linux Foundation

        • Open Source Summit Europe, 28th, October, Lyon
        • Evolving open source in telecommunications for vRAN/5G

          Secondly, contribution cannot end solely around products that Wind River develops. We believe it is critical to contribute market-wide in open source and open community projects that are important to service providers. As an example, Wind River is active in the Cloud Native Computing Foundation (CNCF) for container and container orchestration based products. It, has joined the O-RAN Alliance and contributed Yocto Project based Linux to the alliance, and is investigating StarlingX contributions.

      • SaaS/Back End/Databases

        • OpenStack Train Adds Updates to Keep Open Source Cloud on Track

          After nine years of releases, OpenStack executives claim the open source cloud effort is still on track, with the latest release loaded with features.

        • Tidelift and NumFOCUS partner to support essential community-led open source data science and scientific computing projects

          NumFOCUS, a nonprofit supporting better science through open code, and Tidelift today announced a partnership to support open source libraries critical to the Python data science and scientific computing ecosystem. NumPy, SciPy, and pandas—sponsored projects within NumFOCUS—are now part of the Tidelift Subscription. Working in collaboration with NumFOCUS, Tidelift financially supports the work of project maintainers to provide ongoing security updates, maintenance and code improvements, licensing verification and indemnification, and more to enterprise engineering and data science teams via a managed open source subscription from Tidelif

      • Productivity Software/LibreOffice/Calligra

        • Not LibreOffice too? Beloved open-source suite latest to fall victim to the curse of Catalina

          Users who download and attempt to run LibreOffice on the new macOS Catalina are presented with two options – "Move to bin" or "Cancel".

          In the face of being told that the developer cannot be verified, savvy users will know that there must be more options – and there are. If you cancel the dialog, you can head to Security and Privacy in Preferences, where there is an option alongside the blocked application to "Open anyway". Then you get another warning message, but this time with an option to take your chances and Open. The good news is that you only need to do this once, but it is a considerable annoyance.

          Apple reminded developers earlier this month that apps must be notarized to run on Catalina. "In June, we announced that all Mac software distributed outside the Mac App Store must be notarized by Apple in order to run by default on macOS Catalina. Make sure to test all versions of your software on the macOS Catalina GM seed and submit it to Apple to be notarized."

          [...]

          LibreOffice is not the only open-source project to suffer at the hands of Catalina. The GIMP image-editing application also has problems, giving permission errors when trying to access files in locations such as Desktop and Documents. What should happen is that macOS prompts you for permission, but this dialog is not being triggered. A workaround is to run GIMP from the Terminal, visiting any required folders from the command line before launching the application. The thread referenced above has more details.

      • CMS

        • Mattermost – Highly Secure, Scalable, Open-Source Team Collaboration

          According to CEO Ian Tien, Mattermost was designed “by developers for developers.”

          While that might strike anxiety into the hearts of a lot of today’s UI designers, the app is incredibly easy to use and customize.

          This much-loved tool has proved to be a popular choice for engineering teams around the world, as well as groups like Uber, the Department of Defense, and a host of leading game brands.

        • Ghost 3.0 Advances Headless Open Source Content Management System

          Ghost takes on WordPress with new release that goes all in on the JAMstack.

          The open source Ghost content management hit a major milestone on Oct. 22, with its 3.0 release.

          There are no shortage of open source CMS options for enterprise to choose from, including WordPress, Drupal and Joomla, but those are all built on a more traditional stack that requires a database, PHP and a web server. Ghost takes a different, arguably, more modern approach that is know as a 'headless CMS' that is based on the Node.js JavaScript framework.

          With a headless CMS, the backend content repository is separated from the front end, providing developers and publishers with more choice and options for the front-end. Among the many claims made by Ghost is that the headless approach it takes enables it to be over 19 times faster than its rival WordPress.

        • SD Times Open-Source Project of the Week: Ghost

          The open-source blogging CMS with a modern intuitive editor and built-in SEO features just reached version 3.0. Ghost 3.0 integrates publishing<>subscriptions, which allows anyone to build a recurring revenue subscription business. The tool is managed by the not-for-profit Ghost Foundation.

          The developers of Ghost explained they embrace the JAMstack movement, which prefers to generate a static site and then bolster it with dynamic features, instead of making a dynamic app from the ground up.

        • Ghost CMS adds open-source subscription and membership options

          Paid memberships and subscriptions have become the popular business model these days in the media industry, with publishers believing quite rightly that a closer connection to readers leads to a deeper customer relationship and ultimately more sustainable revenue.

          That’s certainly true at big media companies (hello Extra Crunch) and there are also a spate of startups like Substack and Pico building out models for smaller publishers. But what if you want to build your own stack with an open-source foundation?

        • Ghost 3.0, an open-source headless Node.js CMS, released with JAMStack integration, GitHub Actions, and more!

          Yesterday, the team behind Ghost, an open-source headless Node.js CMS, announced its major version, Ghost 3.0. The new version represents “a total of more than 15,000 commits across almost 300 releases”

          Ghost is now used by the likes of Apple, DuckDuckGo, OpenAI, The Stanford Review, Mozilla, Cloudflare, Digital Ocean, and many, others. “To date, Ghost has made $5,000,000 in customer revenue whilst maintaining complete independence and giving away 0% of the business,” the official website highlights.

      • Education

        • Learning management system switches slow down

          Open-source learning platforms, such as Moodle, have “not done a good enough job keeping up with institutional demand,” said Hill. Moodle does, however, retain the largest installed base worldwide. “In the North American context, open source is just not as valuable as it was in the late 2000s,” said Hill. “If an open-source solution is the best way to solve a problem, institutions will use it. But just being open source is no longer enough.”

      • Pseudo-Open Source (Openwashing)

      • Funding

      • FSF/FSFE/GNU/SFLC

        • GNUnet 0.11.7 released

          We are pleased to announce the release of GNUnet 0.11.7.

          This is a bugfix release for 0.11.6, fixing a lot of minor bugs, improving stability and code quality. Further, win32 support was removed for reasons you may read below. In this release, we again improved the webpage in general and updated our documentation. As always: In terms of usability, users should be aware that there are still a large number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny (about 200 peers) and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.11.7 release is still only suitable for early adopters with some reasonable pain tolerance.

        • Guix Profiles in Practice

          Guix provides a very useful feature that may be quite foreign to newcomers: profiles. They are a way to group package installations together and all users on a same system are free to use as many profiles as they want.

          Whether you're a developer or not, you may find that multiple profiles bring you great power and flexibility. While they shift the paradigm somewhat compared to traditional package managers, they are very convenient to use once you've understood how to set them up.

          If you are familiar with Python's virtualenv, you can think of a profile as a kind of universal virtualenv that can hold any kind of software whatsoever, not just Python software. Furthermore, profiles are self-sufficient: they capture all the runtime dependencies which guarantees that all programs within a profile will always work at any point in time.

      • Licensing/Legal

        • Ethical Open Source: Is The World Ready? [Ed: Can we please stop feeding known trolls who are trying to destroy Software Freedom with so-called 'ethical' licences?]

          Most users of OSS have been content to rely upon OSS licenses (many less restrictive than the GPL), that are approved and maintained for the ‘good of the community’ by the Open Source Initiative (OSI), a California-based public benefit company that sees itself as the steward of the cause. OSI is the creator (and proponent) of the Open Source Definition, a detailed document that sets out the central tenants of certain OSS philosophy —including requirements of free distribution, distribution of source code, integrity of the author’s source code, code not specific to a product, license to be technology-neutral, etc. —governing which OSS licenses can be labeled with the open-source certification mark, the OSI “seal of approval.”

          However, the open source status quo is increasingly being challenged by a number of developers who are unsatisfied with the current state of ethics in open source. These individuals advocate a more activist approach to ethics by creating new OSS licenses that contain deliberate moral clauses that most certainly contravene the current Open Source Definition. Three such licenses will be briefly discussed, followed by analysis as to likely next steps.

      • Openness/Sharing/Collaboration

        • Open Hardware/Modding

          • 'Pwnagotchi' Is the Open Source Handheld That Eats Wi-Fi Handshakes

            Ever wondered what would manifest if you mixed 1990s nostalgia with a clever name and some futuristic hacking tech?

            The answer is the Pwnagotchi: a DIY, open source gadget for hacking Wi-Fi that gets smarter the more networks it gets exposed to using machine learning. It also has an adorable interface that reflects different "moods" depending on what it's doing, and echoes the Tamagotchi digital pets of the 90s. The idea is for its user to take it around the city and "feed" it with Wi-Fi handshakes, the process that allows phones or laptops to communicate with other wireless devices like a router or a smart TV.

            In theory, these handshakes can then be cracked to reveal the Wi-Fi network’s password, which would be useful if the Pwnagotchi user wanted to hack into the Wi-Fi network at a later time.

            [...]

            To run the software, all you need is a Raspberry Pi Zero W, a microSD card with at least 8 GB of storage, and an external battery. If you want to see the Pwnagotchi’s cute black and white emoji face, you’ll also need a 2-inch e-paper display, according to the project’s official page. That amounts to a $60 investment, give or take, at the time of publication.

          • ARM responds to open source challenge, allowing user-defined instructions

            It is not just the network hardware and software that are opening up, sometimes painfully, after years of proprietary systems. Even at chip level, there are pressures to open up the architectures, with open source initiatives targeting processors (as with RISC-V) and even modems. This is prompting response from the semiconductor giants as they go through their own process of adapting to a cloud and 5G world. Intel has started to work closely with some open initiatives and to drive its interfaces as standards in areas like chiplets. Xilinx has announced an open software development platform to make its FPGAs more deployable and interoperable with other vendors’ components.

          • Alibaba Open-Sources Its MCU to Boost AI Research

            An MCU (Micro Controller Unit, aka microcontroller) is a chip-scale computer that integrates a CPU, RAM, ROM, timer, counter, and various I/O interfaces into a single chip. As a core component of embedded devices, MCUs are widely used in communications, consumer electronics, automotive electronics, and industrial control, and are the most in-demand chip type on the market.

            Most IoT (Internet of things) devices need to be equipped with next-generation MCU chips to perform complex tasks such as sensing, communication, information processing, calculation, and release of control commands. AI capabilities and cloud access capabilities are the most significant differences between next-generation MCU chips and traditional MCU chips.

      • Programming/Development

        • Deploying with Docker and uWSGI

          While I am not going to say that I am expert with Docker by any means. This is just an analysis and example on how I plan on deploying uWSGI containers within Docker containers. I highly recommend reading my previous article from today for some additional context on my thoughts behind docker. With that said, let's get started.

        • Paolo Amoroso: How to Use Kivy on Repl.it

          I made the Kivy Python cross-platform GUI framework work in a GFX REPL on Repl.it. Repl.it is a multi-language cloud IDE with good support for Python.

          To use Kivy on Repl.it, just create a Pygame REPL, which is among the Kivy dependencies, and install Kivy with the package manager or by adding kivy to requirements.txt. Starting such a REPL in a new session takes a while to download and build the required libraries, at least several minutes. So be patient.

        • Python and Docker development

          Now, Docker isn't with it's security flaws as I recently found out. Basically, if a hacker gains access to an account which is part of the docker group on Linux, they can easily gain full root access to that system. Some may argue however, that once a hacker does get in, it is normally best to completely wipe that machine and reinstall from scratch, as there is no telling what the hacker may have done, or exploited. However, it is still best to have proper barriers in place to prevent an unauthorized person from gaining root in the first place. This way, you can still recover whatever data is on that machine with at least some certainty that it has not been tampered with. You will of course want to scrub said data and perhaps compare it to a recent backup to confirm it can be imported into the newly created machine. Basically, any user in the docker group on Linux has full access to the docker daemon to manage the images and containers. With this ability, you easily use a bind volume to map the entire root file system into the docker container, which will actually then give you full read/write access to the entire system. A hacker can then proceed to change the root password, modify various system files, and generally cause damage which could have otherwise been avoided if docker wasn't exposed. When I normally configure a Linux server, I do not install sudo, or any packages which otherwise could be abused to gain root. However, I am soon planning on using Docker on my current cloud servers as a partial experiment, and partially because I do not have enough time to upgrade my software from an aging Debian server. However, I will not be placing any user in the docker group, and instead using the stellar SaltStack, and their docker states to configure the containers on the cloud server. This provides a nice isolation between user and system processes.

        • Debugging TensorFlow coverage

          It started with a coverage.py issue: Coverage not working for TensorFlow Model call function. A line in the code is executing, but coverage.py marks it as unexecuted. How could that be?

          TensorFlow was completely new to me. I knew it had some unusual execution semantics, but I didn’t know what it involved. What could it be doing that would interfere with coverage measurement? Once I had instructions to reproduce the issue, I could see that it was true: a line that clearly printed output during the test run was marked as unexecuted.

        • Python Add Two List Elements

          This tutorial covers the following topic – Python Add Two list Elements. It describes four unique ways to add the list items in Python. For example – using a for loop to iterate the lists, add corresponding elements, and store their sum at the same index in a new list. Some of the other methods you can use are using map() and zip() methods.

          All of these procedures use built-in functions in Python. However, while using the map(), you’ll require the add() method, and zip() will need to be used with the sum() function. Both these routines are defined in the operator module, so you would have to import it in your program. After finishing up this post, you can assess which of these ways is more suitable for your scenario.

        • Under the Hood: Python Comparison Breakdown

          I love this question because there are a few different concepts colliding, but fusionmuck still has a clear question - "Why does Python do this when I expect it to do that?"

          When I saw the question, I thought I understood at least part of what was going on. I needed to run some checks to be sure though, and this is fun stuff to play with. So let's do it together!

        • Python Zip

          This tutorial covers the following topic – Python Zip. It describes the syntax of the zip() function in Python. Also, it explains how the zip works and how to use it with the help of examples.

          The zip() function allows a variable number of arguments (0 or more), but all iterables. The data types like Python list, string, tuple, dictionary, set, etc. are all of the iterable types.

        • PyDev of the Week: David Fischer

          This week we welcome David Fischer (@djfische) as our PyDev of the Week! David is an organizer of the San Diego Python user’s group. He also works for Read the Docs.

  • Leftovers

    • Science

      • Too soon? Decorating for the holidays earlier makes you happier, science says

        It’s never too early for Christmas, according to experts.

        People who put up their Christmas decorations early may be happier than the rest of us — it’s science.

        “In a world full of stress and anxiety, people like to associate to things that make them happy, and Christmas decorations evoke those strong feelings of the childhood,” psychoanalyst Steve McKeown told Unilad.

        Amy Morin, author of “13 Things Mentally Strong People Don’t Do,” agreed that it’s all about nostalgia.

    • Security (Confidentiality/Integrity/Availabilitiy)

      • Avast Online Security and Avast Secure Browser are spying on you

        Are you one of the allegedly 400 million users of Avast antivirus products? Then I have bad news for you: you are likely being spied upon. The culprit is the Avast Online Security extension that these products urge you to install in your browser for maximum protection.

        But even if you didn’t install Avast Online Security yourself, it doesn’t mean that you aren’t affected. This isn’t obvious but Avast Secure Browser has Avast Online Security installed by default. It is hidden from the extension listing and cannot be uninstalled by regular means, its functionality apparently considered an integral part of the browser. Avast products promote this browser heavily, and it will also be used automatically in “Banking Mode.” Given that Avast bought AVG a few years ago, there is also a mostly identical AVG Secure Browser with the built-in AVG Online Security extension.

      • VisibleV8: Stealthy open source tool for monitoring JavaScript in the wild

        The tool, called VisibleV8, runs in the Chrome browser and is designed to detect malicious programs that are capable of evading existing malware detection systems.

        “When you go to most websites, your browser starts running the site’s JavaScript programs pretty much immediately – and you have little or no idea of what that JavaScript is doing,” says Alexandros Kapravelos, co-author of a paper on VisibleV8 and an assistant professor of computer science at NC State.

        “Previous state-of-the-art malware detection systems rely on making changes to JavaScript code in order to see how the code is being executed. But this approach is easily detected, allowing malware programs to alter their behavior in order to avoid being identified as malicious.

      • Browser tool aims to help researchers ID malicious websites, code

        Researchers have developed an open-source tool that allows users to track and record the behavior of JavaScript programs without alerting the websites that run those programs. The tool, called VisibleV8, runs in the Chrome browser and is designed to detect malicious programs that are capable of evading existing malware detection systems.

      • Snuffleupagus: Open source security tool hardens PHP sites against cyber-attacks

        PHP is the most popular programming language for web applications. But PHP websites are also among the most targeted by hackers and account for many security incidents.

        Snuffleupagus, an open source security module, aims to raise the costs of attacking PHP websites.

        Developed by web hosting company NBS System, Snuffleupagus acts as an added layer of defense for PHP applications, intercepting malicious requests that exploit vulnerabilities in the underlying PHP code.

      • October is Cyber Security Awareness Month. Developers Are Some of Our Best Guardians. [Ed: FUD-based marketing tactics “Awareness Month” for Sonatype]
      • What Heartbleed Taught the Tech World [Ed: It taught us that proxies of Microsoft Corporation can go on about bugs for 5 years, using them to make a stigma about FOSS and to distract from NSA collusion/collaboration of Microsoft that actually caused damage, e.g. WannaCry]
      • IPFire is available on Hetzner Cloud

        The setup process is a little bit complicated, but I have spent a lot of time to document the installation process and how to set up the cloud environment correctly to have your servers secured by IPFire.

    • Defence/Aggression

      • Trump's Glorification of ISIS Leader's Gory Death Panned by Critics

        "Trump relishes describing ghastly violence."

      • Now and Then

        [A]fter the final destruction of the Nazi tyranny, they hope to see established a peace. . . which will afford assurance that all the men in all the lands may live out their lives in freedom from fear and want.—Atlantic Charter issued August 14, 1941€ 

      • Amber Guyger Case Shows How Far America Has to Go When It Comes to Justice for Innocent Black Victims

        Botham Jean, a 26-year-old Black man, was killed in his apartment on September 6, 2018. Amber Guyger, a white police officer then with the Dallas Police Department, entered Jean's apartment, allegedly mistaking it as her own and mistaking Jean as an assailant.

      • A Lotta Crap

        Announcing the death of ISIS leader Abu Bakr al-Baghdadi, our valiant, humble leader displayed his usual gravitas: He ghoulishly bragged al-Baghdadi "died like a dog," repeatedly thanked Russia but didn't tell Congress, posted a staged photo - he was golfing at the time - of watching the raid "like a movie," and declined to note both that his Syria withdrawal endangered...

      • Witness: When the Law is Unjust in Tanzania

        Bob Chacha Wangwe, 28, speaks slowly and steadily. The calmness in his voice does not reflect the absurdities he’s been up against the past few years. Wangwe has been arrested, erroneously convicted of publishing false information, and fined 5 million Tanzanian shillings (US$2,185) – more than most people in Tanzania earn in a year.

      • Escaped Congolese Warlord Inspires New Attacks

        Congolese authorities should promptly return Gédéon to a secure prison.

      • Did US Officials Manipulate Trump Into Sending Back Troops From Iraq to Syria “For the Oil”?

        NBC reports that a US convoy of light armored vehicles carrying special operations forces€ has been sighted heading from Iraq into northeast Syria and then south to the oil-rich Deir al-Zor province, with attack helicopters hovering above. You have to wonder if the Kurds pelted them with rotten vegetables again as they passed through Hasaka. | By Juan Cole

      • Trump Pours More Misery On Iranians He’s Claiming To Support

        The Trump administration has sounded the death knell for humanitarian trade with Iran. By designating Iran a jurisdiction of primary money laundering concern and imposing additional restrictions on foreign banks maintaining accounts for Iranian financial institutions, the United States Department of the Treasury has imposed a prohibitive bar for parties seeking to facilitate

      • Islamic State Leader Dead After U.S. Raid in Syria, Trump Says

        Abu Bakr al-Baghdadi€ , the shadowy leader of the€ Islamic State group€ who presided over its€ global jihad€ and became arguably the world’s most wanted man, was killed in a U.S. military raid in Syria, President Donald Trump said Sunday. He provided graphic details of al-Baghdadi’s final moments as American forces pursued and cornered him and his children in a tunnel.

      • Why the US has nuclear weapons in Turkey — and may try to put the bombs away

        Unintentionally, Trump’s efforts to provide reassurance may have made this challenge more difficult. The presence of B-61s in the five countries is an open secret, confirmed by independent observers. But it has nonetheless been NATO policy not to acknowledge the deployments, giving local politicians and the U.S. a shield from parliamentary and public oversight.

        By publicly confirming that the weapons were in Turkey, Trump has raised the political stakes should he try to remove them, and made it more difficult for the United States and Turkey to strike a quiet deal to that effect.

      • Baghdadi is Dead, But ISIS Remains Emboldened Since Trump’s Drawdown

        “Trump rejected [intelligence community] assessments and spilled classified intelligence, cut off our military operations at its knees with unplanned decisions like Syria, repeatedly treated Iraq with indifference, and appeared ready to throw out the relationship with the SDF only a few weeks ago,” said Stroul.

      • Kerry Washington fears for kids' safety due to 'police violence'
    • Environment

      • Energy

        • California Governor Declares State of Emergency as 200,000 Flee Fires

          California’s governor declared a statewide emergency with nearly 200,000 people ordered to flee their homes because of wildfires fueled by historic winds, while millions were without electricity after the largest utility cut power in some areas as a precaution to prevent other fires.

    • Finance

      • 'What Is the Fed Not Telling Us?': Fears of Economic Instability After Central Bank Intervention Spikes

        "A financial system that requires over $100B of liquidity injections every day, temporary, permanent or otherwise, has major issues."

      • Why the WeWork Disaster Is A Good Thing

        The WeWork saga may finally be coming to a close, with founder Adam Neumann receving a repored $1.7 Billion package to leave the company, which is being sold to Softbank at a valuation of $8 Billion. Only a few short weeks ago, WeWork was primed to go public at a valuation of $47 Billion. What a difference a month makes.

        But Neumann isn’t the only player in the WeWork saga. Many of the company’s 12,000 employees are now holding essentially worthless stock options. Options seemed to be sure bets when the company was scheduled to be worth $110 per share. With the plunge of company value, the options are now “underwater” and will need to be repriced or become worthless. In a Wall Street Journal article about the company, new CEO Sebastian J. Gunningham has said: “We’re working on it.” Not promising.

    • AstroTurf/Lobbying/Politics

    • Privacy/Surveillance

      • How Aldous Huxley prophesied the Big Data nightmare

        In the Wallace interview Huxley spoke of threats to democracy, with an eye on the present and the future. Rather than focus on political and social inequalities, he pointed the finger at technologies we use willingly every day—especially those that have the potential to distract us, like television. “We mustn’t be caught by surprise by our own advancing technology,” he said.

        Huxley emphasized that to remain in power one must obtain the “consent of the ruled.” And to get such consent, he said, requires “new techniques of propaganda” that have the ability to bypass the “rational side of man and appeal to his subconscious and his deeper emotions, and his physiology even, … making him actually love his slavery.” Today our ability to make rational choices, including political ones, is more compromised than ever. Most of us believe that tech companies aggregating hundreds of data points about us everyday do it to provide us with traditional, “personalized” advertising. Many of us are okay with that, and don’t mind our data being collected to sell us products like soap or cars, or to recommend new music, movies, and TV shows. Fewer of us are aware that companies use our data to sell us political agendas and politicians, often by spreading propaganda and disinformation, intentionally misleading material tailored to exploit our vulnerabilities and foibles. We never consented to having our democracies taken over by the same process that entices us to purchase one brand (Starbucks, let’s say) over another (Dunkin’ Donuts).

      • How Lebanon's 'WhatsApp tax' unleashed a flood of anger

        The protests were nominally sparked by a new proposed tax on [Internet] calls through services such as WhatsApp, which many Lebanese rely on because regular phone calls and texts are prohibitively expensive. It was one of many austerity measures proposed to address financial problems.

        But frustration had already been building for years in Lebanon over widespread corruption, gridlock in government, and the country’s crumbling infrastructure. The WhatsApp tax was simply the last straw.

      • Dismembering Big Tech

        A break-up of today’s tech titans—Google, Amazon, Facebook and Apple—could also unlock vast value, say some with an eye on the industry. If the most radical plan, proposed by Elizabeth Warren, a leading Democratic contender for America’s presidency, were fully implemented, by some calculations the parts spun off alone could be worth over $2trn—roughly half the value of the four complete firms today.

      • Publicly available information: Risks, benefits, and ‘why there needs to be a change’

        A non-attribution tool is something that obfuscates your identity, keeping other parties from tracking your activities or whereabouts online. That kind of tracking usually happens through browser software, and is usually fairly benign. Your browser collects cookies from everywhere you’ve been; those cookies are aggregated and sold to third parties who usually use it to target advertising. That’s why, after searching for a particular item, you are more likely to see advertisement for that or similar items in the near future.

        But because those cookies are also tied with some identifying information, like IP addresses, it can be dangerous in certain circumstances. For example, web searches for hotels, restaurants and venues could potentially reveal in advance the locations or schedules of highly ranked government officials. It can also hint at the true identities of undercover law enforcement.

        That’s why, in June, the DoD released directive 311518 on the use of PAI.

      • Web of Documents

        These days, the WWW is mostly a Web of Applications. An application is a broader concept: it can display text or images, but also lets you interact not just with itself, but with the world at large. And that’s all well and good, as long as you consciously intend these interactions to happen.

        A document is safe. A book is safe: it will not explode in your hands, it will not magically alter its contents tomorrow, and if it happens to be illegal to possess, it will not call the authorities to denounce you. You can implicitly trust a document by virtue of it being one. An application, not so much.

      • Indigenous elder on Sidewalk Labs's Toronto consultation: "like being given blankets and gun powder and whisky to trade for our participation"

        Now, as the plan struggles with court challenges, it is spinning for its life, and one of the oft-repeated claims it makes to justify its existence is that the company conducted deep consultation with indigenous leaders as part of Canada's ongoing (and totally inadequate) truth and reconciliation with the country's First Nations.

        But Duke Redbird and Calvin Brook, two of the indigenous leaders who took part in that consultation, have published an open letter to Waterfront Toronto's board of directors, accusing Sidewalk Labs of discarding all their input to the new city's plans, while touting the consultation as evidence of the company's goodwill and sincerity.

        Redbird and Brook describe the consultation with phrases like "hollow and tokenistic," and remind us that the indigenous consultation came up with 14 recommendations for Sidewalk Labs, and that the company has taken up exactly zero of these in its 1500 page, four-volume master plan for the city.

      • At Mark Zuckerberg’s Congressional Testimony, Lawmakers AOC, Maxine Waters, Rashida Tlaib, and Kate Porter Schooled the Facebook Founder

        Porter then said, “According to one report I have — and this is straight out of an episode of Black Mirror — these workers get nine — nine — minutes of supervised wellness time per day. That means nine minutes to cry in the stairwell while someone watches them.” Porter then asked Zuckerberg if he would spend an hour a day for the next year doing the content moderation work she was asking about with a similar level of benefits.

        “I’m not sure that it would best serve our community for me to spend that much time,” Zuckerberg said before Porter cut him off to ask, “Are you saying you’re not qualified to be a content monitor?” Zuckerberg said that wasn’t what he was saying, to which Porter responded, “So then you’re saying you’re not willing to do it.”

    • Civil Rights/Policing

      • Whistle while you work

        The results were striking. Workers made 13% more sales in weeks when they were happy than when they were unhappy. This was not because they were working longer hours; in happy weeks, they made more calls per hour and were more efficient at converting those calls into sales. The tricky part, however, is determining the direction of causation. Workers may be happier when they are selling more because they anticipate a bigger bonus, or because successful sales pitches are less stressful to make than unsuccessful ones.

        The academics tried an ingenious way to get round this causation problem by examining a very British issue—the weather. Workers turned out to be less happy on days when the weather in their local area was bad and this unhappiness converted into lower sales. Since they were making national calls, not local ones, it is unlikely that customer unhappiness with the weather was driving the sales numbers. So it was worker mood driving sales, not the other way round.

    • Monopolies

      • Patents and Software Patents

        • Intel antitrust lawsuit takes aim at Softbank-owned Fortress Investment's patent aggregation, obfuscation, and litigation tactics

          Antitrust analysis generally starts with market definition. There must be a market in which someone has a dominant position and acts abusively.

          Intel isn't saying that investments in patent licensing firms or large-scale acquisitions of patents by patent assertion entities would always be illegal, or that trollish litigation tactics raise competition concerns. The first couple of pages of the complaint discuss the policy implications of patent assertion entities (PAEs) at a generic level, but the specific case is about certain structural and behavioral characteristics of Fortress's industrial-scale patent acquisition and assertion business model.

          Citing to what network technology company Sonus Network alleged in a case against one of Fortress's numerous shell companies, Inventergy, the complaint quotes that particular entity's CEO as telling Sonus that "Fortress[,] does not settle" in litigation and, in the absence of a license deal palatable to Fortress, Sonus would face "an IP bloodbath." The flowery language of that threat does not per se constitute an antitrust violation, and the complaint doesn't say or suggest so. It merely serves to illustrate how little Fortress's business model has to do with innovation and to what extent the business model is simply to create, and capitalize on, a patent reign of terror. Case in point, a particularly well-known Fortress entity, Uniloc, previously caught my attention because it shows up in the RPX Daily Litigation Alert very often as they've brought dozens of lawsuits against Apple and Google, as well as other defendants.

          Fortress apparently sets up and shuts down patent assertion entities at an unusually high frequency. They transfer patents between them, sometimes as a result of subsidiaries being unable to meet their payment obligations to the holding company. Similarly, they just dismiss complaints in one venue to refile somewhere else. And when patent claims are found invalid, they sometimes come up with many dozens of amended claims that allegedly don't have any more merit (as they just add some meaningless terms to the claim language), but enable them to keep suing forever.

          [...]

          This problem is undoubtedly a whole lot bigger and more severe--and, therefore, more harmful to industry and consumers--than conventional "patent trolling." It will be interesting to see what else comes to light in the course of this litigation. Finally, here's the complaint:

        • Italy: an update on post grant limitations and infringement

          First, by decision no. 21402 of 14 August 2019, the Italian Supreme Court has eventually clarified that post-grant limitation shall be treated has producing effects ex-tunc. This may seem to be an obvious conclusion, considering that the case concerned the Italian designation of a European patent and that Article 69(2) EPC clearly states that “the European patent as granted or as amended in opposition, limitation or revocation proceedings shall determine retroactively the protection conferred by the application, in so far as such protection is not thereby extended”. However, such a confirmation by the Supreme Court is indeed useful, in light of the fact that certain past court decisions had in fact created some confusion on the temporal effects of post-grant limitation, by reference to the language of Article 56 (1) of the Italian Industrial Property Code (IPC) which (by implementing the provision of Article 105-ter(3) EPC), establishes that “the decision” which limits the patent becomes effective on the day of the decision’s publication. In other words, the Supreme Court finally caused the cessation of any discussion on a potential divergence between the provisions of Article 69(2) EPC, on the one hand, and of Article 56(1) IPC (and Article 105-ter(3) EPC) on the other, by clarifying that it is the “decision” to become effective upon publication, whereas the effects of limitation shall be retroactive.

        • Sigma-Aldrich Tries Again

          Any party who has ever come before the U.S. Patent and Trademark Office's Patent Trial and Appeal Board (PTAB) quickly realizes the extent to which the Board enforces procedural niceties. This tendency sometimes leads to logically incongruous results; for example, in its St. Regis Mohawk Tribe v. Mylan decision, the Board cited as sufficient grounds for denying the Tribe's motion to dismiss on sovereign immunity grounds, that there was no precedent for that decision (while conceding that it was a case of first impression). But that basis for denying the motion was consistent with the Board rule (37 C.F.R. ۤ 41.121(b)) that the proponent of a motion bears the burden of establishing its right to the relief requested.

          [...]

          It took the Office about five weeks to render its decision on the Petition; if the Office considers Sigma's arguments on the merits, it is likely to take somewhat longer for Sigma to get a decision. In the meantime, the current interference between University of California et al. and The Broad Institute and its friends had continued apace (see "CRISPR Interference Parties Propose Motions"; "PTAB Redeclares CRISPR Interference and Grants Leave for Some (But Not All) of Parties' Proposed Motions"; "CRISPR Interference: Motion Practice; Broad Institute Takes Its Turn in Interference Motion Practice"; and "University of California/Berkeley et al. Authorized to File Motion Opposed to Broad Substantive Motion No. 1"). Sigma may have lost its moment, but it is not hindered by the Board's prior decision that there is no interference-in-fact with California's claims (or The Broad's) and, eventually, may have the opportunity to challenge claims from either or both parties to priority for CRISPR technology.

        • Patent Trolls and the Market for Acquisition

          Frivolous patent-infringement claims increase the cost of innovation for small businesses and thus force them to exit via premature and/or discounted acquisitions. This study investigates the effect of abusive patent-infringement claims by patent trolls on acquisitions of small firms. I exploit the staggered adoption of anti-patent troll laws in 35 states as a quasi-natural experiment and find that the adoption of state laws that hamper the activities of patent trolls has two effects. First, the acquisition rate of small businesses by large firms declines after these laws are passed. Second, the anti-troll laws increase the cost of acquisition for large firms. I find that the market reflects the increased cost of acquisition following the passage of anti-troll laws as reflected in the lower acquisition announcement returns. Using a sample of subsidiary acquisitions, I disentangle alternative explanations of local economic shocks, industry-wide changes and merger waves. Overall, the findings suggest that the state laws increase the value of small innovative firms.

        • Amazon’s New ‘Utility Patent Neutral Evaluation’ Process Stops Bogus IP

          The current system allows baseless patent infringement claims to flourish, since Amazon requires the affected seller to work directly contact the patent owner and work through the issues between themselves. In the meantime, the product in question is removed from Amazon’s site.

      • Trademarks

        • AG Kokott provides insights on distinctive character of geographical collective trade marks and their interplay with GIs

          On 17 July 2014, the Commission received the official application for the registration of the names ‘Χαλλουμι’ (Halloumi)/‘Hellim’ as a Protected Designation of Origin (PDO) under the Quality Regulation (EU) No 1151/2012. The procedure for establishing a PDO has not yet been concluded. Cyprus and other bodies, such as the Foundation for the protection of the Traditional Cheese of Cyprus named Halloumi (hereinafter, the Foundation), not having yet obtained the PDO have tried to prevent the use of the designation Halloumi registering it as a trade mark.

          In the context of the opposition against the registration of the colour figurative mark BBQLOUMI, the European Union Intellectual Property office (EUIPO) and the General Court (GC) have held that the HALLOUMI trademark has a low distinctive character. Hence the opposition was rejected both before the EUIPO and the GC.

          [...]

          According to the AG, it is more difficult to answer to the question whether the distinctive character of geographical marks should also be assessed according to general criteria.

          She recalled the DARJEELING case (C‑673/15 P to C‑676/15 P (DARJEELING being the name of a city and a district in India and a well-known black tea which is grown there) as the most important judgment concerning geographical collective marks so far. Even if the AG considered that the Foundation’s claim regarding the geographical collective mark would be inadmissible, she analysesd the substance of Article 66(2) of the Regulation:

          The AG described the provision as being a “foreign body” in trade mark law because the regulation intends to keep descriptive terms free. Morevoer recalled that the consumer considers descriptive terms as a description of the characteristics of the products and not as the indication of its origin while geographical indication may be perceived as indication of geographic origin or a descriptions related to a particular place.

      • Copyrights



Recent Techrights' Posts

Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
 
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024
A Strong and Positive Closing for the Year's Last Week
In a lot of ways this year was a good one for Free software
Feels Too Warm for Christmas
Christmas is here, no snow in sight
Links 23/12/2024: 'Negative Time' and US Arms Taiwan Again
Links for the day
Links 23/12/2024: The Book of Uncommon Beings, Squirrels, and Slop Ruining Workplaces
Links for the day
Links 23/12/2024: North Korean Death Toll in Russia at ~1,100, Oligarch Who Illegally Migrated/Stayed (Musk) Shuts Down US Government
Links for the day
The World's 'Richest Country' Chooses GNU/Linux
This has gone on for quite some time
Richard Stallman on Love
Richard Stallman's personal website includes a section that lists three essays on the subject of love
Apple's LLM Slop Told Us Luigi Mangione Had Shot Himself, BetaNews Used LLMs to Talk About a Dead Linus Torvalds
They can blame it on some bot
Microsoft, Give Me LLM Slop About "Linux" and "Santa", I Need Some Fake Article...
BetaNews is basically an LLM slop site
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 22, 2024
IRC logs for Sunday, December 22, 2024