Taking center stage at the Kubecon + CloudNativeCon co-located events in San Diego today, IBM Corp. announced two new open-source tools for the Kubernetes ecosystem, as well as updates to two of its existing projects.
The new tools include Kui, which is meant to ease the oftentimes “chunky experience” developers have to deal with when working with hybrid or multicloud application deployments. There’s also Iter8, which is a tool for collecting data and telemetry generated by the open-source software service mesh Istio.
For many years, Linux was the only open source component in the SAP community. Now Red Hat is launching a complete open source platform. Peter M. Faerbinger spoke to Jochen Glaser about this unique solution.
SAP is building the intelligent enterprise. Red Hat stands fully behind this strategy. The upcoming modernization will involve drastic changes. They relate to the migration to Hana and the migration of existing SAP applications, including custom code, to S/4.
Considering the insatiable customer appetite for better and more efficient service, digital transformation is now a bit of an arms race: Companies that resist it risk being left behind by their competitors and customers.
During my long tenure as an IT leader, I’ve found that the biggest challenges in any company change always boils down to people. In today’s world, where the modus operandi is to get things done as quickly as possible, it can be easy to lose sight of the things that will help a project go well.
As outlined before, the NVMe HWMON support is here with Linux 5.5. This allows reading the NVMe solid-state drive temperatures via sysfs/hwmon just as you can normally do with the other hardware monitoring sensors on Linux systems. Up until now you needed the NVMe user-space utilities installed and generally had to run it as root in order to see drive temperatures. Now with Linux 5.5 you don't need to install anything extra and the drive temperatures are reported via sysfs/hwmon for easy integration with various Linux system monitoring programs. I tried it out on a few boxes so far and is working well -- though the Ubuntu Mainline Kernel PPA isn't yet shipping their builds with CONFIG_NVME_HWMON set yet, so be aware if that is normally where you fetch your Git kernel builds.
It seems like the feature would have been wired up long ago, but with the Linux 5.5 kernel guest virtual machines running on Microsoft Hyper-V should be able to successfully hibernate.
Microsoft engineers have wired in the hibernation support to the various Hyper-V kernel drivers for allowing the functionality to successfully work on Linux 5.5. Changes to their storage, video, network, memory balloon, HID, and other driver components were needed for allowing hibernation of Linux VMs on Hyper-V.
A month ago at the Open-Source Summit Europe 2019 in Lyon, France, Intel's Kelly Hammond who serves as the company's Senior Director of System Platform Software talked up their open-source contributions with a particular emphasis on performance. The video from that keynote was recently published for those curious about Intel's open-source work in the name of performance, including Clear Linux.
Kelly talked up their open-source contributions across the board from the Linux kernel to the other areas of the stack but also with their emphasis on performance. As part of that, she also made some interesting remarks on Clear Linux and their automated development model for this performance-optimized rolling-release distribution. She covered how they manage 5,000+ packages yet are largely automated-driven model and carry out more than 100 performance tests per day in validating each release.
I’ve got big news today. Something major landed: full support for the GTK_FRAME_EXTENTS_ protocol, which hugely improves the user experience for running GTK apps that use client-side decoration headerbars! This includes GNOME apps and an increasing number of 3rd-party GTK apps too. In particular, these apps now display window shadows and have proper resize areas without needing to use a thick border.
There is an exciting improvement to the GTK client side decoration handling ahead of the KDE Plasma 5.18 LTS release due out in February.
Some of the KDE improvements ending out November include:
- KDE now better supports GTK applications relying upon client-side decoration headerbars. In particular, GTK_FRAME_EXTENTS protocol support and this should yield more GTK/GNOME applications looking quite well integrated with the KDE desktop.
- The background frame is configurable now for all KDE Plasma widgets.
With KF6, I want to see SPDX license identifiers being introduced into KDE frameworks in order to ease the framework re-use in other projects. This follows the same approach e.g. the Linux Kernel took over the last years.
The problem that the SPDX markers address is the following: When publishing source code under an open source license, each source code file shall explicitly state the license it is released with. The usual way this is done is that a developer copies a license header text from the KDE licensing policies wiki, from another source file, or from somewhere else from the internet and puts it at the top of their newly created source code file. Thus the result is that today we have many slightly different license headers all over our frameworks source files (even if they only differ in formatting). Yet, these small differences make it very hard to introduce automatic checks for the source code licenses in terms of static analysis. This problem becomes even more urgent when one wants to check that a library, which consists of several source files with different licenses, does only contain compatible licenses.
The SPDX headers solve this problem by introducing a standardized language that annotates every source code file with license information in the SPDX syntax. This syntax is rich enough to express all of our existing license information and it can also cover more complicated cases like e.g. dual-licensed source files.
The Skrooge Team announces the release 2.21.0 version of its popular Personal Finances Manager based on KDE Frameworks.
The openSUSE Leap 15.0 operating system release has reached end of life on November 30th, 2019, which was the last day when it received software updates and security patches. openSUSE Leap 15.0 was released 18 months ago, on May 25th, 2018, and it was based on the SUSE Enterprise Linux 15 operating system series. It was the first OpenSuSE Leap release to adopt a new versioning scheme that's in sync with upstream SUSE Enterprise Linux (SLE) releases.
As of November 30th, 2019, openSUSE Leap 15.0 will no longer receive software updates and security patches for its core components or apps. Therefore, users are encouraged upgrade their computers as soon as possible to the latest version, openSUSE Leap 15.1, which will be supported with software updates and security patches until November 2020.
"openSUSE Leap 15.0 will receive no further maintenance or security updates after that date. It is recommended for openSUSE Leap users to upgrade to the current release openSUSE Leap 15.1. The next release, openSUSE Leap 15.2, is planned for May 2020." said Marcus Meissner, SUSE Security and openSUSE Maintenance.
I then discovered that there are a range of SFPs available for G.fast and as the Turris Omnia has an SFP port, this appears to be a compact solution. MVMTel were kind enough to send me a sample of their EFS-02 SFP to evaluate.
I disconnected my existing VDSL modem, turned off the Turris Omnia, inserted the SFP and turned on the Turris Omnia again. When an SFP is inserted, it takes over the existing configuration of the ethernet WAN port where the VDSL modem was connected. In this case, that meant no changes to the configuration were necessary, it was completely plug and play and started working immediately.
Here is my introductory talk at Kamailio World 2018
Here’s my (second) monthly update about the activities I’ve done in Debian this November.
TL;DR: Mostly a bunch of package sponsoring this month. :)
Both the SBCs come with 4GB of LPDDR4 memory and have an ARM Mali-T860 MP4 GPU. They are both an optional 16GB eMMC flash and a microSD card. The new Orange Pi models measure 91 x 56 mm and weigh 48 grams.
Orange Pi 4 has one USB 3.0 port, two USB 2.0 host ports, and one USB 3.0 type C port. But, Orange Pi 4B has two USB 2.0 host ports and only one USB 3.0 type C port. This is because the Orange Pi 4B’s NPU connects to the RK3399 via USB 3.0.
Both have dual MIPI-CSI camera headers and dual LCD/MIPI-DSI connectors. They also have a serial debug interface, a mic, and a 3.5mm audio output jack for headphones. Additionally, they have a 24-pin connector, and a 40-pin GPIO (General-purpose input / output) connector.
Although he would probably rather be outdoors, after an injury Matt Ockendon had a lot more time to ride his Tacx Neo indoor trainer and tinker. He decided he wanted his rig to be able to simulate the grade of hills, but as commercially available units with this capability are quite expensive, he instead devised his own solution dubbed “OpenGradeSIM.”
[...]
With this data in hand, the Nano controls a linear actuator using an L298N-based driver board to raise or lower the bike’s front end. The derived bike angle is sensed via the Nano’s built-in IMU, providing an elegant closed-loop system. Additionally, the incline is shown on a 1.3ââ¬Â³ I2C OLED display that serves as a mini dashboard while Ockendon cycles.
The nonprofit RISC-V Foundation is relocating to Switzerland over concerns about the impact of U.S. trade policies.
Foundation CEO Calista Redmond told Reuters that its members are “concerned about possible geopolitical disruption.” The foundation’s board approved the move unanimously after hearing members around the globe say that they would be “a lot more comfortable… if the incorporation were not in the U.S.,” she added.
RISC-V is a young organization, founded in 2015 and located in Delaware, to set standards for chip architectures that are allowed to use the RISC-V trademark on its products. RISC-V is a reduced instruction set architecture that is open source technology that anyone can use to design, make or sell RISC-V chips and software for electronics.
Mastodon’s quest to federate the Internet continues with the imminent launch of a photo-sharing platform which promises to be more privacy-focussed and to give more power to netizens
Mastodon is not done making headlines. One November 26, the open-source and federated platform announced, via Twitter, that they would be launching Pixelfed, “a fediverse alternative to Instagram and other photo sharing platforms.” Tacked on the end of the tweet is the hashtag #TheFutureIsFederated.
The tweet is a quote-tweet from the Pixelfed The only form of explanation comes in a teaser video. “What is the fediverse? It’s magic. A platform for the people. And we mean everyone. We’ll be arriving soon! Power to the people. Pixelfed.org,” says the video.
Google's history of draconian and arbitrary decisions regarding developer infractions on the Play Store is extensively documented. In this latest episode, the open-source torrent client LibreTorrent has been removed from the Play Store due to "spam," with Google claiming that the app is a low-quality duplicate of several others on the Play Store. The twist this time is that LibreTorrent is actually the original app, and it's the others that are the ad-filled "spam" clones.
The market for programmers is growing faster in Africa than in any other continent. Open-source code is popular, because anyone can see and modify it for their own purposes.
Market forces and changes in subscriber needs and expectations are leading Communications Service Providers (CSPs) to transform their entire service delivery and management infrastructure. At the forefront of this transformation is the modernization of the systems that enable the management of network services, the operations support systems (OSS) and systems for managing the customer and the overall business operations, the business support systems (BSS). Current systems were built for a business paradigm that is increasingly outdated; they are rigid, siloed, rely on extensive human involvement and often require esoteric skills. Modernization of these systems enables CSPs to address requirements for becoming the Digital Service Providers (DSPs) of the future: business agility, elastic scale and capacity, service velocity and the ability to continuously reinvent themselves.
Open source was making headlines prior to 2010, of course, but much of the open source news back then was “free software” vs. “open source” religious wars and lawsuits against Linux. To run open source software, you were still calling IT to provision servers (or using a spare that just happened to be sitting under your desk). The cloud changed all that. Suddenly developers did not need to get a hall pass from IT to run their open source code. Just as open source freed developers from Purchasing/Legal approval, so too did the cloud shake developers free of the friction inherent in hardware.
[...]
Git was not born in in the last decade, but like cloud, it did not really boom until the 2010s.
[...]
Everything? Well, yes, at least for enterprise application development, and not because it is some cool new way to think about virtualisation. As Gordon Haff explains, “pre-Docker/Kubernetes containers were just another partitioning technique.” The real magic started when Docker nailed the developer experience, and from there, he goes on, “things snowballed,” leading to complete reinvention of the CI/CD pipeline and more. A decade ago, no one had heard of Docker and Kubernetes. Last month, more than 13,000 people showed up at KubeCon 2019 to explore this modern application world that Docker helped to create.
"We have built that client base, in part, by competing head-to-head with such juggernauts as Oracle, IBM and MS – and winning. Simply put, Altibase is a viable alternative to mega legacy database," he adds.
"But being just an attractive alternative no longer suffices. To continue our success, we are adapting to two major changes currently taking place in the database market," Paul says.
Developed by Duke’s Learning Innovation and the Office of Information Technology, Kits – now released as an alpha version – evolved from a home-grown group management solution and it was developed outside the LMS. “It brings together the centralized student access points of the LMS with the flexibility and power of an app-based system.”
Currently, eight applications are included on Kits, and three more are expected to arrive this year. Learning analytics are in the roadmap, too. The integration was done via LTI standard or API. In addition, Kits comes with a “custom link” option that allows both instructors and students to add any share-by-link application.
PureDarwin Xmas is a 'complete' operating system featuring a desktop environment and various GUI applications. However, as it is just a developer preview, some features such as networking and hardware support are quite limited.
In this project, the councils are initially aiming to test the hypothesis that an in-house open source system could be developed and to show some of the cross-authority benefits.
Another piece of work is looking at whether an open source componentised IT solution is feasible and scalable.
GDB can now handle multi-threaded symbol loading to yield better performance on today's multi-core systems. This feature is still in development/testing so for now is disabled by default but can be done by setting worker-threads to "unlimited" rather than the default value of 0. The worker-threads tunable controls the number of worker threads that can be used by GDB and is currently used for demangling the names of linker symbols.
ActiveState has published the results of its 2019 Developer Survey with the title "Open Source Runtime Pains". It provides interesting insights into the challenges faced by coders when working with open source runtimes.
"Coder" used here embraces a wide spectrum of IT jobs such as developers, engineers, data scientists, Q&A, etc. Specifically out of the 1250 survey takers, 65.4% were professional developers, 15.3% were hobbyists, 10.2% students with 9.1% being "others".
I recently got a review copy of Statistics, Data Mining, and Machine Learning in Astronomy. I’m sure the book is especially useful to astronomers, but those of us who are not astronomers use it as a survey of data analysis techniques, especially using Python tools, where all the examples happen to come from astronomy. It covers a lot of ground and is pleasant to read.
Python is one of the most popular programming languages in our modern time. With a deep observation, you will find out that the number of Python developers exceeds the number of other developers by a difference of millions. Due to its rapid growth, many online platforms are offering both free and paid Python online courses. If you are lately thinking of learning python or you are someone who wants to extend your skillset of python, you are just in luck.
When the shipment tolerance is exceeded, in the error message we now show the quantities involved so that the user understands the reason for the error and can then adjust them as required.
The asset depreciation per year now uses a fixed year of 365 days. This prevents odd calculations when leap years are involved.
Watched another Corey Schafer video on how to scrape web pages. Thought that would be handy in my image from a web page download project. Corey’s an awesome teacher. The video was fun and it taught me lots.
Then started hacking away at my little project. And then realised that the site has rss feeds. I could just process them instead of scraping a page. Went looking for a quick way to do that. Found the Universal Feed Parser.
Other retailers have experienced negative backlash for when a POS system is hacked and customer data that was stored, is stolen.
Tesla Cybertruck. Lotus Evija. Ford Mustang Mach-E. Mercedes-Benz EQC. Such is the state of the electric car industry that a sexy, slinky, and all-electric GT coupe packing 1100 horsepower and capable of rocketing from 0 to 60 MPH | 96 km/h in less than two seconds built by one of the early innovators of electrification barely causes a blip in the automotive press. That’s too bad, because the all-new Karma SC2 Concept GT coupe deserves much, much better.
IBM has announced Cloud Pak for Security, featuring innovations to connect with any security tool, cloud or on-premise system, without moving data from its original source. The new platform includes open source technology for hunting threats, automation capabilities to help speed response to cyberattacks, and the ability to run in any environment.
According to IBM, Cloud Pak for Security is the first platform to leverage new open source technology pioneered by IBM, which can search and translate security data from a variety of sources, bringing together critical security insights from across a company's multicloud IT environment. The platform is extensible, so that additional tools and applications can be added over time.
Open source software has revolutionized how companies work, but cloud software like AWS has been making it harder for open source software companies to make money. When you can get cloud services based on open source software, there's no need to pay a company for the services around that software. Here are five things to know about open source and the cloud.
The LF AI Foundation has delivered its third software release for its Acumos AI Project, which includes integration with ONAP and O-RAN. The third release, which is called "Clio," includes features that were designed to more easily onboard AI models, as well as design and manage support for pluggable frameworks and enable federation with ONAP and O-RAN.
The LF AI Foundation, which was previously known as LF the Deep Learning Foundation, was launched last year to spur innovation across artificial intelligence, machine learning and deep learning not just in the telecom industry, but across other industries as well.
The LF AI Foundation, the organization building an open AI community to drive open source innovation in artificial intelligence (AI), machine learning (ML) and deep learning (DL), today announced the third software release of the Acumos AI Project, codenamed Clio. Clio is focused on improving the experience with users for "first hand" feature requests like how to easily on board AI models, how to design and manage support for pluggable frameworks, how to more easily handle federation with ONAP and O-RAN, license management, and more.
The OpenChain Project is delighted to announce that Fujitsu, a Platinum Member of the OpenChain Project, is the latest OpenChain 2.0 Conformant company. This activity is a continuation of Fujitsu's long-standing commitment to excellence in open source governance and represents one of the larger OpenChain conformant programs. Fujitsu is the first company in Japan and the eighth globally to achieve OpenChain 2.0 conformance.
The OpenChain Project establishes trust in the open source from which software solutions are built. It accomplishes this by making open source license compliance simpler and more consistent. The OpenChain Specification defines inflection points in business workflows where a compliance process, policy or training should exist to minimize the potential for errors and maximize the efficiency of bringing solutions to market. The companies involved in the OpenChain community number in the hundreds. The OpenChain Specification is being prepared for submission to ISO and evolution from a growing de facto standard into a formal standard.
The move to GitHub will make lives easier for big data specialists in the machine learning sector, and no doubt provide some useful ecosystem links to the Chinese giant.
Alibaba Cloud has made the core codes of its Alink data processing platform open-source to help widen the development opportunities for artificial intelligence and machine learning.
The algorithm platform has been made available on Microsoft-owned GitHub, the world’s largest developer community. The platform offers a broad range of algorithm libraries that support both batch and stream processing, which is critical for machine learning tasks.
Data analysts and software developers can access the codes on GitHub to build their own software, facilitating tasks such as statistics analysis, machine learning, real-time prediction, personalised recommendation and abnormality detection.
Kaspersky has presented analysis of open source Virtual Network Computing (VNC), which uncovered memory corruption vulnerabilities that have existed in a substantial number of projects for a very long time. The exploitation of some detected vulnerabilities could lead to remote code execution affecting the users of VNC systems, which amount to over 600 000 servers accessible from the global network alone, according to shodan.io.
Kaspersky researchers studied some the most popular VNC systems: LibVNC, UltraVNC, TightVNC1.X and TurboVNC.
Although these VNC projects were analyzed previously by other researchers, it turned out not all vulnerabilities were then uncovered and patched. As a result, of the analysis by Kaspersky researchers, 37 CVE records marking various vulnerabilities were created. Vulnerabilities were found not only on the client, but also on the server-side of the system. Some of them can allow remote code execution, which in turn could allow a malicious actor to make arbitrary changes on the attacked systems. On a more positive note, many server-side vulnerabilities could only be exploited after password authentification and some servers do not allow to set up password-free access.
Security researchers revealed memory corruption vulnerabilities in open-source Virtual Network Computing (VNC) systems and warned that the exploitation of these vulnerabilities could lead to remote code execution affecting the users. As per shodan.io, Virtual Network Computing systems amount to more than 600,000 servers accessible from the global network. However, the real number of VNC installations is multi-fold considering that devices are only accessible within local networks.
VNC systems provide remote access to one device from the other, courtesy of a remote frame buffer (RFB) protocol. According to researchers at cybersecurity firm Kaspersky, VNC systems have become some of the most popular desktop sharing tools to date due to their multiple-platform availability and multiple open-source versions. Approximately 32 per cent of industrial network computers have some form of remote administration tools including VNC and they are actively used in automated industrial facilities enabling remote control of systems.
A few OSINT programs I examined specialized in specific aspects of intelligence gathering. For example, Shodan looks at the Internet of Things as well as operational technology devices found in places like power plants and the utilities industry. Metagoofil is optimized to pull hidden metadata from public documents. Simply point it at PDFs, Word files, PowerPoint slides, Excel spreadsheets or almost any document repository, and it will ferret out things like the names of authors and editors who worked on them, even if that information was not specifically disclosed.
Sysdig is the original creator of Falco, which Degioanni described as an open-source Cloud Native Computing Foundation phased anomaly detection system that’s based on collecting high granular data from a running Kubernetes environment.
Password managers are fantastic privacy tools, but they are even better when they are free! In this article, we list the five best free password managers.
What do free goldfish, puppies, and open-source software have in common? When the gifts come home, there’s actually a lot of time and expense that goes into keeping them all alive and thriving.
Criptext is a free encrypted email service for Windows, Linux, macOS, Android and iOS. It has been around for a while, but I thought it may be worth looking into.
[...]
There is something you should know about Criptext. It is not cloud-based like Gmail or Outlook; Criptext emails are not stored on servers permanently, they are only stored on your device using end-to-end encryption. It uses the Signal Protocol for this.
There's significant overlap between the briefs, but also unique elements to each of them. Every such filing serves a purpose, even the one that George Soros funded--as the latter makes, apart from some far-fetched theories and overregulatory ideology, a number of surprisingly reasonable points (like a limited dose of a poisonous substance potentially serving a medical purpose) and may appeal to any ultraliberal(s) on the panel (a political inclination the Ninth Circuit has a reputation for, though President Trump--the most profilic nominator of federal judges in history--has already brought some balance to that bench).
A strong showing by amici curiae was definitely needed here as Qualcomm technically has "the United States [Government]" on its side, though Antitrust AAG Makan "Macomm" Delrahim is simply a former (and presumably future) Qualcomm lawyer shamelessly--and often absurdly--acting against overall U.S. economic and national security interests in this context. That he has gotten away with this for such a long time is all the more astounding considering that his boss, Attorney General William Barr, once testified against Qualcomm and its business practices.
As I just said, each of those many pro-FTC submissions serves a purpose. For an example, the Computer & Communications Industry Association's brief, in addition to the CCIA having some members that are not involved with the three other industry bodies who made such filings, is a pretty good primer on the case (especially together with Professor Jorge Contreras's brief), while the Fair Standard Alliance brief presupposes a certain level of understanding--and ACT | The App Association made a particularly forceful submission that warns against the consequences of an acquittal.
